Tendenci

Latest version: v15.1

Safety actively analyzes 638430 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 15 of 22

11.4.2

Not secure
* Avoided duplicated base url in og:image tags.
* Refactored RemoveNullByteMiddleware.
* Fixed a typo in profiles/meta.html.
* Stripped control chars from staff feeds to avoid the UnserializableContentError.
* Replaced UnicodeWriter with the builtin csv for group members, users and memberships export to avoid Null chars being included in exported files.
* Fixed a JavaScript error on dashboard when member info is not available.

11.4.1

Not secure
* Updated membership delete to ensure member number is cleaned up from profile and user is removed from associated membership group.
* Fixed invalid date/time error on jobs add/edit at admin backend
* Filtered out expired and not activated jobs from public jobs list.
* Included comments field on event registrants export.

11.4

Not secure
* Upgrade jQuery from 2.1.1 to 3.4.1 (latest)
***Important*: Back up your site first before running tendenci update! Any third party jQuery plugins you use that are not compatible with the latest version of jQuery will potentially break your site.**
* Resolve the issue about django-admin-bootstrapped not compatible with Django 1.11
* Added none option to image_class_list for tinymce editor
* Added a setting to control whether or not to create user on form submission (default false)
**Note that: ** Even if this setting is set to false, a new user will still be created if payment is involved or "Subscribe to Group" functionality is selected. To make your site GDPR compliant, you can add a new checkbox field to your form to obtain user's consent.
* Other small fixes

11.3.1

Not secure
* Added education field to the staff module
* Added department and position dropdowns to staff search
* Removed Facebook like button
* Removed Google+ url from anywhere
* Blocked files with a comma or two consecutive dots in it
* Specified stripe api version
* Fixed fullpage plugin for newsletter edit

11.3

Not secure
* Set app info for stripe
* Added fullpage plugin to WYSIWYG editor for newsletters

11.2.12

Not secure
* SECURITY: striped null byte to avoid null byte injection attack
* Fixed "masonry is not a function" js error for photos
* Resolved issue not being able to delete users who posted on forum
* Prevented tickets from being cascade deleted with user deletion
* Allowed to specify both name and display name separated by a colon in the choices field
* Allowed to set back to the default field type for membership app fields
* Added make payment to financial section of tendenci top menu
* Commented files that are listed underneath content on event view
* Added pagination to videos list for performance reason
* Updated django version to 1.11.23

Page 15 of 22

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.