Tags: erseco/cookiecutter-django
Tags
Merge pull request cookiecutter#1776 from pydanny/pyup-update-pytest-… …3.7.3-to-3.7.4 Update pytest to 3.7.4
Update django to 2.0.8 (cookiecutter#1734) This PR updates [django](https://pypi.org/project/django) from **2.0.7** to **2.0.8**. <details> <summary>Changelog</summary> ### 2.0.8 ``` ========================== *August 1, 2018* Django 2.0.8 fixes a security issue and several bugs in 2.0.7. CVE-2018-14574: Open redirect possibility in ``CommonMiddleware`` ================================================================= If the :class:`~django.middleware.common.CommonMiddleware` and the :setting:`APPEND_SLASH` setting are both enabled, and if the project has a URL pattern that accepts any path ending in a slash (many content management systems have such a pattern), then a request to a maliciously crafted URL of that site could lead to a redirect to another site, enabling phishing and other attacks. ``CommonMiddleware`` now escapes leading slashes to prevent redirects to other domains. Bugfixes ======== * Fixed a regression in Django 2.0.7 that broke the ``regex`` lookup on MariaDB (even though MariaDB isn&cookiecutter#39;t officially supported) (:ticket:`29544`). * Fixed a regression where ``django.template.Template`` crashed if the ``template_string`` argument is lazy (:ticket:`29617`). ========================== ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/django - Changelog: https://pyup.io/changelogs/django/ - Homepage: https://www.djangoproject.com/ </details>
Merge pull request cookiecutter#1515 from browniebroke/post-django-2.… …0-update Update README, Changelog and setup.py after Django 2.0 upgrade
PreviousNext