Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: django-commons/django-debug-toolbar
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: django-commons/django-debug-toolbar
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.2.x
Choose a head ref
  • 1 commit
  • 22 files changed
  • 1 contributor

Commits on Apr 14, 2021

  1. Merge pull request from GHSA-pghf-347x-c2gj 

    * Changes required to support v2.2.x branch

Style corrections for tox.

Remove djmaster from tox requirements.

Switch to Github actions and latest toolbar tox/settings approach.

Skip tests that are invalid for old versions.

* Fix CVE-2021-30459 by creating signature from all data fields.

Backport of 1c6ba3c1302bf545f8356dcd26255ab7db1ec408

Create a signature based on all fields in the form and attach
to validate that the data being sent back is what the server
generated initially.

Change the hashing algorithm to SHA256

Force the values to a string for signing.

Remove hashing mechanism from forms.

Support sha1 algorithm for django < 3.1

* Bump to version 2.2.1
    @tim-schilling
    tim-schilling authored Apr 14, 2021
    Configuration menu
    Copy the full SHA
    5e6750b View commit details
    Browse the repository at this point in the history
Loading