Wagtail

~~~~~~~~~~~~~~~~~~

* Maintenance: Additionally update Pillow dependency to allow use of versions with security fixes (Dan Braghis)

~~~~~~~~~~~~~~~~~~

* Maintenance: Relax Willow dependency to allow use of current Pillow versions with security fixes (Dan Braghis)

~~~~~~~~~~~~~~~~~~

* Fix: Rectify previous fix for TableBlock becoming uneditable after save (Sage Abdullah)
* Fix: Ensure that copying page correctly picks up the latest revision (Matt Westcott)
* Fix: Adjust collection field alignment in multi-upload forms (LB (Ben) Johnston)
* Fix: Prevent lowercase conversions of IndexView column headers (Virag Jain)
* Docs: Update documentation for `log_action` parameter on `RevisionMixin.save_revision` (Christer Jensen)

~~~~~~~~~~~~~~~~~~

* Fix: Prevent TableBlock from becoming uneditable after save (Sage Abdullah)

~~~~~~~~~~~~~~~~~~

* Fix: CVE-2023-28836 - Stored XSS attack via ModelAdmin views (Thibaud Colas)
* Fix: CVE-2023-28837 - Denial-of-service via memory exhaustion when uploading large files (Jake Howard)
* Fix: Fix radio and checkbox elements shrinking when using a long label (Sage Abdullah)
* Fix: Fix select elements expanding beyond their container when using a long option label (Sage Abdullah)
* Fix: Fix timezone handling of `TemplateResponse`s for users with a custom timezone (Stefan Hammer, Sage Abdullah)
* Fix: Ensure TableBlock initialization correctly runs after load and its width is aligned with the parent panel (Dan Braghis)
* Fix: Ensure that the JavaScript media files are loaded by default in Snippet index listings for date fields (Sage Abdullah)
* Fix: Fix server-side caching of the icons sprite (Thibaud Colas)
* Fix: Always show Add buttons, guide lines, Move up/down, Duplicate, Delete; in StreamField and Inline Panel (Thibaud Colas)
* Fix: Ensure datetimepicker widget overlay shows over modals & drop-downs (LB (Ben) Johnston)
* Maintenance: Render large image renditions to disk (Jake Howard)

~~~~~~~~~~~~~~~~~~

* Fix: Add right-to-left (RTL) support for the following form components: Switch, Minimap, live preview (Thibaud Colas)
* Fix: Improve right-to-left (RTL) positioning for the following components: Page explorer, Sidebar sub-menu, rich text tooltips, rich text toolbar trigger, editor section headers (Thibaud Colas)
* Fix: Ensure links within help blocks meet color contrast guidelines for accessibility (Theresa Okoro)
* Fix: Support creating `StructValue` copies (Tidiane Dia)
* Fix: Fix "Edit this page" missing from userbar (Satvik Vashisht)
* Fix: Prevent audit log report from failing on missing models (Andy Chosak)
* Fix: Add missing log information for `wagtail.schedule.cancel` (Stefan Hammer)
* Fix: Fix timezone activation leaking into subsequent requests in `require_admin_access()` (Stefan Hammer)
* Fix: Prevent matches from unrelated models from leaking into SQLite FTS searches (Matt Westcott)
* Docs: Clarify `ClusterableModel` requirements for using relations with `RevisionMixin`-enabled models (Sage Abdullah)
* Maintenance: Update Algolia DocSearch to use new application and correct versioning setup (Thibaud Colas)