Workflow

Djangorestframework

Latest version: v3.15.2

Safety actively analyzes 692687 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 11

2.4.8

Not secure
**Date**: 18 August 2015

* Repackage 2.4.7 without pyc files.

2.4.7

Not secure
**Date**: [18 August 2015](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.7+Release%22+)

* Upgrade guardian support to 1.3

2.4.6

Not secure

2.4.5

Not secure
**Date**: 24 March 2015

* **Security fix**: Escape tab switching cookie name in browsable API. [Backported from 3.1.1](http://www.django-rest-framework.org/topics/release-notes/#311).

2.4.4

Not secure
**Date**: [3rd November 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.4+Release%22+).

* **Security fix**: Escape URLs when replacing `format=` query parameter, as used in dropdown on `GET` button in browsable API to allow explicit selection of JSON vs HTML output.
* Maintain ordering of URLs in API root view for `DefaultRouter`.
* Fix `follow=True` in `APIRequestFactory`
* Resolve issue with invalid `read_only=True`, `required=True` fields being automatically generated by `ModelSerializer` in some cases.
* Resolve issue with `OPTIONS` requests returning incorrect information for views using `get_serializer_class` to dynamically determine serializer based on request method.

2.4.3

Not secure
**Date**: [19th September 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.3+Release%22+).

* Support translatable view docstrings being displayed in the browsable API.
* Support [encoded `filename*`][rfc-6266] in raw file uploads with `FileUploadParser`.
* Allow routers to support viewsets that don't include any list routes or that don't include any detail routes.
* Don't render an empty login control in browsable API if `login` view is not included.
* CSRF exemption performed in `.as_view()` to prevent accidental omission if overriding `.dispatch()`.
* Login on browsable API now displays validation errors.
* Bugfix: Fix migration in `authtoken` application.
* Bugfix: Allow selection of integer keys in nested choices.
* Bugfix: Return `None` instead of `'None'` in `CharField` with `allow_none=True`.
* Bugfix: Ensure custom model fields map to equivelent serializer fields more reliably.
* Bugfix: `DjangoFilterBackend` no longer quietly changes queryset ordering.

Page 1 of 11

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.