Django-debug-toolbar

------------------

* Fix erroneous ``ContentNotRenderedError`` raised by the redirects panel.

----------------

This version is compatible with Django 2.0 and requires Django 1.8 or
later.

Bug fixes
~~~~~~~~~

* The profiling panel now escapes reported data resulting in valid HTML.
* Many minor cleanups and bug fixes.

----------------

This version is compatible with Django 1.11 and requires Django 1.8 or
later.

**Backwards incompatible changes**
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

* ``debug_toolbar.middleware.show_toolbar`` (the default value of setting
``SHOW_TOOLBAR_CALLBACK``) no longer returns ``False`` for AJAX requests.
This is to allow reusing the ``SHOW_TOOLBAR_CALLBACK`` function to verify
access to panel views requested via AJAX. Projects defining a custom
``SHOW_TOOLBAR_CALLBACK`` should remove checks for AJAX requests in order to
continue to allow access to these panels.

Features
~~~~~~~~

* New decorator ``debug_toolbar.decorators.require_show_toolbar`` prevents
unauthorized access to decorated views by checking ``SHOW_TOOLBAR_CALLBACK``
every request. Unauthorized access results in a 404.
* The ``SKIP_TEMPLATE_PREFIXES`` setting allows skipping templates in
the templates panel. Template-based form widgets' templates are
skipped by default to avoid panel sizes going into hundreds of
megabytes of HTML.

Bug fixes
~~~~~~~~~

* All views are now decorated with
``debug_toolbar.decorators.require_show_toolbar`` preventing unauthorized
access.
* The templates panel now reuses contexts' pretty printed version which
makes the debug toolbar usable again with Django 1.11's template-based
forms rendering.
* Long SQL statements are now forcibly wrapped to fit on the screen.

----------------

Bug fixes
~~~~~~~~~

* Recursive template extension is now understood.
* Deprecation warnings were fixed.
* The SQL panel uses HMAC instead of simple hashes to verify that SQL
statements have not been changed. Also, the handling of bytes and text
for hashing has been hardened. Also, a bug with Python's division
handling has been fixed for improved Python 3 support.
* An error with django-jinja has been fixed.
* A few CSS classes have been prefixed with ``djdt-`` to avoid
conflicting class names.

----------------

The debug toolbar was adopted by Jazzband.

Removed features
~~~~~~~~~~~~~~~~

* Support for automatic setup has been removed as it was frequently
problematic. Installation now requires explicit setup. The
``DEBUG_TOOLBAR_PATCH_SETTINGS`` setting has also been removed as it is now
unused. See the :doc:`installation documentation <installation>` for details.

Bug fixes
~~~~~~~~~

* The ``DebugToolbarMiddleware`` now also supports Django 1.10's ``MIDDLEWARE``
setting.

----------------

This version is compatible with Django 1.10 and requires Django 1.8 or later.

Support for Python 3.2 is dropped.

Bug fixes
~~~~~~~~~

* Restore compatibility with sqlparse ≥ 0.2.0.
* Add compatibility with Bootstrap 4, Pure CSS, MDL, etc.
* Improve compatibility with RequireJS / AMD.
* Improve the UI slightly.
* Fix invalid (X)HTML.