Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump djangorestframework from 3.0.0 to 3.9.1 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Apr 12, 2020

Bumps djangorestframework from 3.0.0 to 3.9.1.

Release notes

Sourced from djangorestframework's releases.

Version 3.9.1

Change Notes: https://www.django-rest-framework.org/community/release-notes/#39x-series

Verision 3.9.0

Release announcement: https://www.django-rest-framework.org/community/3.9-announcement/

Change Notes: https://www.django-rest-framework.org/community/release-notes/#39x-series

Version 3.8.2

Point release for 3.8.x series

  • Fix read_only + default unique_together validation. #5922
  • authtoken.views import coreapi from rest_framework.compat, not directly. #5921
  • Docs: Add missing argument 'detail' to Route #5920

Version 3.8.1

  • Use old url_name behavior in route decorators #5915

    For list_route and detail_route maintain the old behavior of url_name, basing it on the url_path instead of the function name.

Version 3.8

  • Release Announcement

  • 3.8.0 Milestone

  • Breaking Change: Alter read_only plus default behaviour. #5886

    read_only fields will now always be excluded from writable fields.

    Previously read_only fields with a default value would use the default for create and update operations.

    In order to maintain the old behaviour you may need to pass the value of read_only fields when calling save() in the view:

      def perform_create(self, serializer):
          serializer.save(owner=self.request.user)
    

    Alternatively you may override save() or create() or update() on the serialiser as appropriate.

  • Correct allow_null behaviour when required=False #5888

    Without an explicit default, allow_null implies a default of null for outgoing serialisation. Previously such fields were being skipped when read-only or otherwise not required.

    Possible backwards compatibility break if you were relying on such fields being excluded from the outgoing representation. In order to restore the old behaviour you can override data to exclude the field when None.

... (truncated)
Commits
  • 453196e Version 3.9.1 (#6405)
  • 4bb9a3c Fix XSS caused by disabled autoescaping in the default DRF Browsable API view...
  • e3bd4b9 Fix #1811: take limit_choices_to into account with FK (#6371)
  • 9c408b2 Remove reference to deprecated drf-openapi package (#6398)
  • e0ae975 Fix a badly formatted title in docs (#6089)
  • c052a86 compat: (py2) urlparse = urllib.parse (py3) (#6262)
  • a49d744 Fix OpenAPI links (#6382)
  • 0860ef9 Update quickstart to Django 2.0 routing syntax (#6385)
  • 587058e Allow run_validators() to handle non-dict types. (#6365)
  • 0cf18c4 Use Default Version in URLPathVersioning if 'version' Didn't Specified by Cli...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants