From ac659ecfa17d82a2a16e603e15ec5a7ec34a8fe0 Mon Sep 17 00:00:00 2001 From: Joel Lefkowitz Date: Tue, 15 Oct 2024 17:43:06 +0100 Subject: [PATCH 01/10] Remove twine-check and ignore some flake8 errors (#895) * Remove twine-check and ignore some flake8 errors * Add flake8 ignore tags to tox sections * Bump twine version --- docs/conf.py | 1 - requirements/publish.txt | 2 +- tox.ini | 3 +-- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index 9e1259a0..43cc3545 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -82,7 +82,6 @@ # html_theme = 'default' html_theme = "sphinx_rtd_theme" -html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the diff --git a/requirements/publish.txt b/requirements/publish.txt index ade35d85..4aeaa83e 100644 --- a/requirements/publish.txt +++ b/requirements/publish.txt @@ -1,3 +1,3 @@ setuptools-scm==7.0.5 -twine==4.0.1 +twine>=5.0.0 wheel>=0.37.0 diff --git a/tox.ini b/tox.ini index 60b0dee8..22dbda24 100644 --- a/tox.ini +++ b/tox.ini @@ -65,7 +65,6 @@ commands = deps = -r requirements/docs.txt commands = - twine check .tox/dist/* sphinx-build -WnEa -b html docs docs/_build/html [pytest] @@ -76,7 +75,7 @@ addopts = --ignore=node_modules [flake8] max-line-length = 120 exclude = **/migrations/* -ignore = F405,W504,I001,I005 +ignore = E721,F405,I001,I005,W504 [isort] skip = .eggs,.tox,docs,env,venv,node_modules,.git From c277003d7f7315e466b481f07bf33f382af5fe33 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Tue, 15 Oct 2024 19:09:53 +0200 Subject: [PATCH 02/10] Keep GitHub Actions up to date with GitHub's Dependabot (#892) Fixes software supply chain safety warnings like at the bottom right of https://github.com/axnsan12/drf-yasg/actions/runs/11318069639 * [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) * [Configuration options for the dependabot.yml file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem) Co-authored-by: Joel Lefkowitz --- .github/dependabot.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..be006de9 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,13 @@ +# Keep GitHub Actions up to date with GitHub's Dependabot... +# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot +# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + groups: + github-actions: + patterns: + - "*" # Group all Actions updates into a single larger pull request + schedule: + interval: weekly From 858e7a28a11b18ec1d929ec7fc8d93b8aadb3257 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Tue, 15 Oct 2024 19:36:13 +0200 Subject: [PATCH 03/10] GitHub Actions: review: strategy: fail-fast: false (#893) https://docs.github.com/en/enterprise-cloud@latest/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast Co-authored-by: Joel Lefkowitz --- .github/workflows/review.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml index 58fb45ec..fe831382 100644 --- a/.github/workflows/review.yml +++ b/.github/workflows/review.yml @@ -7,6 +7,7 @@ jobs: name: Run linters and tests runs-on: "ubuntu-20.04" strategy: + fail-fast: false matrix: python: ["3.6", "3.7", "3.8", "3.9", "3.10", "3.11"] From a8110a91ada5e40c21447a7009248d69b46416b5 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Tue, 15 Oct 2024 19:43:43 +0200 Subject: [PATCH 04/10] README.rst: pip install --upgrade (#894) `pip` currently has six `--u*` options so in code that will be read by others, let's use the most self-documenting form of the command. % `pip install --help | grep "\-\-u"` ``` . Use --upgrade to replace existing --user Install to the Python user install directory for -U, --upgrade Upgrade all specified packages to the newest --upgrade-strategy --use-pep517 Use PEP 517 for building source distributions --use-feature Enable new functionality, that may be backward --use-deprecated Enable deprecated functionality, that will be ``` Co-authored-by: Joel Lefkowitz --- README.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.rst b/README.rst index 226c8b98..a324e709 100644 --- a/README.rst +++ b/README.rst @@ -102,14 +102,14 @@ The preferred installation method is directly from pypi: .. code:: console - pip install -U drf-yasg + pip install --upgrade drf-yasg Additionally, if you want to use the built-in validation mechanisms (see `4. Validation`_), you need to install some extra requirements: .. code:: console - pip install -U drf-yasg[validation] + pip install --upgrade drf-yasg[validation] .. _readme-quickstart: @@ -297,7 +297,7 @@ You can use the specification outputted by this library together with $ docker run --rm -v ${PWD}:/local swaggerapi/swagger-codegen-cli generate -i /local/tests/reference.yaml -l javascript -o /local/.codegen/js -See the github page linked above for more details. +See the GitHub page linked above for more details. .. _readme-testproj: @@ -313,8 +313,8 @@ For additional usage examples, you can take a look at the test project in the `` $ virtualenv venv $ source venv/bin/activate (venv) $ cd testproj - (venv) $ python -m pip install -U pip setuptools - (venv) $ pip install -U -r requirements.txt + (venv) $ python -m pip install --upgrade pip setuptools + (venv) $ pip install --upgrade -r requirements.txt (venv) $ python manage.py migrate (venv) $ python manage.py runserver (venv) $ firefox localhost:8000/swagger/ From 2ee3935009e62b9325a8c19cc7e80e41aa6003f0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 18:51:38 +0100 Subject: [PATCH 05/10] Bump the github-actions group with 2 updates (#896) Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/checkout` from 2 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v4) Updates `actions/setup-python` from 3 to 5 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v3...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Joel Lefkowitz --- .github/workflows/publish.yml | 4 ++-- .github/workflows/review.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 61251419..324a5096 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -11,14 +11,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the source code - uses: actions/checkout@v2 + uses: actions/checkout@v4 # This is the version of python used to package the code. The unit # tests will have run against python 3.6, 3.7 etc ensuring # compatibility with those runtimes. # https://github.com/axnsan12/drf-yasg/pull/741#discussion_r713297594 - name: Set the python version - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 with: python-version: 3.8 diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml index fe831382..baab3e39 100644 --- a/.github/workflows/review.yml +++ b/.github/workflows/review.yml @@ -13,10 +13,10 @@ jobs: steps: - name: Checkout the source code - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set the python version - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python }} From 828f53b5a6f1d32f89dedbfe3167ed669c633499 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Wed, 16 Oct 2024 18:07:08 +0200 Subject: [PATCH 06/10] Review: Add Python 3.11 and 3.12 to the testing (#891) * Review: Test on the current versions of CPython https://devguide.python.org/versions/ * Publish using Python 3.11 --- .github/actions/install/action.yml | 6 +++--- .github/workflows/publish.yml | 4 ++-- .github/workflows/review.yml | 10 +++++----- README.rst | 4 ++-- docs/conf.py | 11 +++++++++-- pyproject.toml | 2 +- src/drf_yasg/__init__.py | 14 +++++++++----- src/drf_yasg/inspectors/field.py | 8 ++++++-- tox.ini | 10 +++++++--- 9 files changed, 44 insertions(+), 25 deletions(-) diff --git a/.github/actions/install/action.yml b/.github/actions/install/action.yml index 36326de8..c47b0907 100644 --- a/.github/actions/install/action.yml +++ b/.github/actions/install/action.yml @@ -10,15 +10,15 @@ runs: using: composite steps: - name: Checkout the source code - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set the python version - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 with: python-version: ${{ inputs.python-version }} - name: Set up pip package caching - uses: actions/cache@v2 + uses: actions/cache@v4 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 324a5096..9662bd2a 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -20,12 +20,12 @@ jobs: - name: Set the python version uses: actions/setup-python@v5 with: - python-version: 3.8 + python-version: 3.11 - name: Install dependencies uses: ./.github/actions/install with: - python-version: 3.8 + python-version: 3.11 - name: Install builders for publishing run: pip install -r requirements/publish.txt diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml index baab3e39..4efe1949 100644 --- a/.github/workflows/review.yml +++ b/.github/workflows/review.yml @@ -9,7 +9,7 @@ jobs: strategy: fail-fast: false matrix: - python: ["3.6", "3.7", "3.8", "3.9", "3.10", "3.11"] + python: ["3.6", "3.7", "3.8", "3.9", "3.10", "3.11", "3.12"] steps: - name: Checkout the source code @@ -26,23 +26,23 @@ jobs: python-version: ${{ matrix.python }} - name: Run tests - + # Python 3.6 tests have been removed since swagger-spec-validator no longer supports it. # A successful workflow run for Python 3.6 is required by the GitHub branch protection rules. if: ${{ matrix.python != 3.6 }} - + env: PYTHON_VERSION: ${{ matrix.python }} run: tox -e $(tox -l | grep py${PYTHON_VERSION//.} | paste -sd "," -) - name: Report coverage - if: ${{ matrix.python == 3.9 }} + if: ${{ matrix.python != 3.6 }} run: | pip install coverage coverage report - name: Check for incompatibilities with publishing to PyPi - if: ${{ matrix.python == 3.8 }} + if: ${{ matrix.python == 3.11 }} run: | pip install -r requirements/publish.txt python setup.py sdist diff --git a/README.rst b/README.rst index a324e709..5638808d 100644 --- a/README.rst +++ b/README.rst @@ -12,8 +12,8 @@ Generate **real** Swagger/OpenAPI 2.0 specifications from a Django Rest Framewor Compatible with - **Django Rest Framework**: 3.10, 3.11, 3.12, 3.13, 3.14 -- **Django**: 2.2, 3.0, 3.1, 3.2, 4.0, 4.1 -- **Python**: 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 +- **Django**: 2.2, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2 +- **Python**: 3.6, 3.7, 3.8, 3.9, 3.10, 3.11, 3.12 Only the latest patch version of each ``major.minor`` series of Python, Django and Django REST Framework is supported. diff --git a/docs/conf.py b/docs/conf.py index 43cc3545..83487358 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -12,7 +12,11 @@ from docutils import nodes, utils from docutils.parsers.rst import roles from docutils.parsers.rst.roles import set_classes -from pkg_resources import get_distribution + +try: + from importlib import metadata +except ImportError: # Python < 3.8 + from pkg_resources import get_distribution # -- General configuration ------------------------------------------------ @@ -47,7 +51,10 @@ # built documents. # The full version, including alpha/beta/rc tags. -release = get_distribution('drf_yasg').version +try: + release = metadata.version('drf_yasg') +except NameError: # Python < 3.8 + release = get_distribution('drf_yasg').version if 'noscm' in release: raise AssertionError('Invalid package version string: %s. \n' 'The documentation must be built with drf_yasg installed from a distribution package, ' diff --git a/pyproject.toml b/pyproject.toml index 4b48be08..81fdad32 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,3 +1,3 @@ [build-system] -requires = ["setuptools >= 40.6.3", "wheel", "setuptools-scm >= 3.0.3"] +requires = ["setuptools >= 68.0.0", "wheel", "setuptools-scm >= 3.0.3"] build-backend = "setuptools.build_meta" diff --git a/src/drf_yasg/__init__.py b/src/drf_yasg/__init__.py index 21c6d57e..0f8df57a 100644 --- a/src/drf_yasg/__init__.py +++ b/src/drf_yasg/__init__.py @@ -1,11 +1,15 @@ # coding=utf-8 -from pkg_resources import DistributionNotFound, get_distribution __author__ = """Cristi V.""" __email__ = 'cristi@cvjd.me' try: - __version__ = get_distribution(__name__).version -except DistributionNotFound: # pragma: no cover - # package is not installed - pass + from importlib.metadata import version + __version__ = version(__name__) +except ImportError: # Python < 3.8 + try: + from pkg_resources import DistributionNotFound, get_distribution + __version__ = get_distribution(__name__).version + except DistributionNotFound: # pragma: no cover + # package is not installed + pass diff --git a/src/drf_yasg/inspectors/field.py b/src/drf_yasg/inspectors/field.py index 9b767a8e..4d456fbf 100644 --- a/src/drf_yasg/inspectors/field.py +++ b/src/drf_yasg/inspectors/field.py @@ -8,7 +8,6 @@ from decimal import Decimal from inspect import signature as inspect_signature -import pkg_resources import typing from django.core import validators from django.db import models @@ -23,7 +22,12 @@ decimal_as_float, field_value_to_representation, filter_none, get_serializer_class, get_serializer_ref_name ) -drf_version = pkg_resources.get_distribution("djangorestframework").version +try: + from importlib import metadata + drf_version = metadata.version("djangorestframework") +except ImportError: # Python < 3.8 + import pkg_resources + drf_version = pkg_resources.get_distribution("djangorestframework").version logger = logging.getLogger(__name__) diff --git a/tox.ini b/tox.ini index 22dbda24..4243327a 100644 --- a/tox.ini +++ b/tox.ini @@ -7,10 +7,14 @@ isolated_build_env = .package envlist = py{37,38,39}-django{22,30}-drf{310,311,312}, py{37,38,39}-django{31,32}-drf{311,312}, - py{39,310}-django{40,41}-drf{313,314} - py311-django{40,41,42}-drf314 + py{39,310}-django{40,41}-drf{313,314}, + # py311-django{40,41,42,50,51}-drf314, + py311-django{40,41,42}-drf314, + # py312-django{42,50,51}-drf314, + py312-django{42}-drf314, + # py313-django{51}-drf314, py38-{lint, docs}, - py310-djmaster + # py313-djmaster skip_missing_interpreters = true From 637cf97fb0fd47a8cc3aea8fd7bbfae9c18243b1 Mon Sep 17 00:00:00 2001 From: Joel Lefkowitz Date: Thu, 17 Oct 2024 12:55:02 +0100 Subject: [PATCH 07/10] Merge release branches (#897) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add sample code to handle Base64 fields in drf-extra-fields project * Fix format for .rst * Update answer to the easier version as suggested in https://github.com/Hipo/drf-extra-fields/issues/66#issuecomment-626755554 * update readme.rst `permission_classes` expects tuple but list was provided * url from DEFAULT_API_URL now works fix a bug: url from swagger_settings.DEFAULT_API_URL is not working * Check for allow_null attribute * Add utf-8 support for generated formats * Added `many` support to example code. * serialize pytz object as a string * simplify if condition * handle errors rendering with TemplateHTMLRenderer This change fixes an `OPTIONS` request to the API page which will return a successful response, but the `TemplateHTMLRender` will not be prepared to render it since there is no template name provided in either the view or response [1]. [1]: https://github.com/encode/django-rest-framework/blob/f0a5b958a134e8cd94e3ef3263e8fa623ac9b82f/rest_framework/renderers.py#L178-L189 * Allow specifying response as a reference * [readme] Fix missing re_path import * fix map source mapping * Remove universal wheel, python 2 is unsupported * Inline allow_unicode parameter * Update changelog * Update changelog typos * Add cspell * Fix old spelling errors * Add ref_name to UserSerializer after removing suffix typo * Set permission classes to a tuple * Update chagnelog * Add prepublish twine check * Fix action version syntax * Fix indentation in README.rst code blocks * Add twine to publish dependencies * Specify toxenv explicitly * Specify all tox targets * Add py prefix to toxenvs * Update changelog * Update changelog * Declare Django 3.2 support in README, classifiers This commit will make sure that `Django :: 3.2` will show up in the classifiers list on PyPI: https://pypi.org/project/drf-yasg/ (The magic happens because we parse the README to get supported Django): https://github.com/DavidCain/drf-yasg/blob/ee29412d3cdb311/setup.py#L36 3.2 support should already exist ================================ A closed pull request, https://github.com/axnsan12/drf-yasg/pull/735, noted support for Django 3.2 in both `tox.ini`, and the README. That PR was closed in favor of https://github.com/axnsan12/drf-yasg/pull/741, which edited `tox.ini` and switched to GitHub Actions. https://github.com/axnsan12/drf-yasg/pull/735#issuecomment-924298555 This project has been testing on Django 3.2 for a long time (about a year). I think we can declare it supported it the README! * Fix `pip install` command for contributors on zsh On `zsh` (a popular shell, and the default for macOS), install fails: $ pip install -U -e .[validation] zsh: no matches found: .[validation] Quote the arguments so that `bash` or `zsh` will succeed. * Dont use NullBooleanField if drf version >= 3.14.0 * Swap back BooleanField and NullBooleanField * Update changelog * Update README to use path instead of re_path in example * Run tests with latest dependencies - Django 4.0 & 4.1 - DRF 3.13 & 3.14 - Python 3.10 * Add python 3.10 in GH actions matrix * Fix RecursiveField * Change github actions runner from ubuntu-latest to ubuntu-20.04 * Change github actions runner from ubuntu-latest to ubuntu-20.04 * Remove python 3.6 tests since swagger-spec-validator no longer supports it * Use a string literal for python versions such as "3.10" * Add python 3.10 compatibility to README.md * Update changelog * Fix: Provide enums support for schema. * Fix: Tests for Python 3.11. * Refactoring: Removed old version code. * Fix: Linting is now working. * Fix: Provide usage of Enums as dict keys. * Fix: Docs build with latest sphinx versions. * keep path parameters in their given order * Fix: Action build docs with latest tox version. * Fix: Update python version for dj-master branch. Django master branch bumped minimal python version to Python 3.10. In latest version was added check for uniq basename. * Feature: Migrate to PyYAML for yaml generator. (#845) * Feature: Migrate to PyYAML for yaml generator. Closes #833 * Chore: Update swagger ui and redoc dependencies. * Fix: Remove required coreapi dependency. (#854) * Feature: Migrate to PyYAML for yaml generator. Closes #833 * Chore: Update swagger ui and redoc dependencies. * Fix: Remove required coreapi dependency. * Update Changelog * Feature: Add ``drf_yasg.inspectors.query.DrfAPICompatInspector``. (#857) * Feature: Provide to override default renderers via settings. * Feature: Enable tests for django 4.2. * Docs: Add information how to override ``DEFAULT_SPEC_RENDERERS``. * Feature: Add ``drf_yasg.inspectors.query.DrfAPICompatInspector``. This inspector should be main and replace ``CoreAPICompatInspector`` in the future. * [fix] Fixed map source mapping (#859) * Tests: Improve test coverage 95.91% -> 98.30%. (#862) * Update Changelog * Add python3.6 to the actions matrix but exclude it from tests * Allow swagger to use custom CSRF settings and read the CSRF cookie (#660) * Update README.rst to fix import error (#889) --------- Co-authored-by: Terry Co-authored-by: Sumit Singh Co-authored-by: Core-Chan Co-authored-by: Krista Mae Rectra Co-authored-by: mmurashov Co-authored-by: Christoph Beckmann Co-authored-by: MilanPecov Co-authored-by: Terence D. Honles Co-authored-by: Cristi Vîjdea Co-authored-by: Max Vorobev Co-authored-by: Damien Ramelet Co-authored-by: Petr Dlouhý Co-authored-by: gopackgo90 Co-authored-by: David Cain Co-authored-by: Amir Andohkosh <4315615+amir-bio@users.noreply.github.com> Co-authored-by: Nikolaos Michas Co-authored-by: Ignacio Orlandini Co-authored-by: Sergey Klyuykov Co-authored-by: Joel Lefkowitz Co-authored-by: Gagan Deep Co-authored-by: Ummer Farooq <69794127+pvfarooq@users.noreply.github.com> --- .github/workflows/publish.yml | 4 ---- src/drf_yasg/app_settings.py | 2 ++ src/drf_yasg/renderers.py | 3 +++ src/drf_yasg/static/drf-yasg/swagger-ui-init.js | 17 ++++++++++++++++- 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9662bd2a..73d59679 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -13,10 +13,6 @@ jobs: - name: Checkout the source code uses: actions/checkout@v4 - # This is the version of python used to package the code. The unit - # tests will have run against python 3.6, 3.7 etc ensuring - # compatibility with those runtimes. - # https://github.com/axnsan12/drf-yasg/pull/741#discussion_r713297594 - name: Set the python version uses: actions/setup-python@v5 with: diff --git a/src/drf_yasg/app_settings.py b/src/drf_yasg/app_settings.py index dd14fdc8..565a12f5 100644 --- a/src/drf_yasg/app_settings.py +++ b/src/drf_yasg/app_settings.py @@ -41,6 +41,8 @@ 'DEFAULT_API_URL': None, 'USE_SESSION_AUTH': True, + 'CSRF_COOKIE_NAME': settings.CSRF_COOKIE_NAME, + 'CSRF_HEADER_NAME': settings.CSRF_HEADER_NAME, 'SECURITY_DEFINITIONS': { 'Basic': { 'type': 'basic' diff --git a/src/drf_yasg/renderers.py b/src/drf_yasg/renderers.py index 7d79aaf6..cf32cdf7 100644 --- a/src/drf_yasg/renderers.py +++ b/src/drf_yasg/renderers.py @@ -153,6 +153,9 @@ def get_swagger_ui_settings(self): 'refetchWithAuth': swagger_settings.REFETCH_SCHEMA_WITH_AUTH, 'refetchOnLogout': swagger_settings.REFETCH_SCHEMA_ON_LOGOUT, 'fetchSchemaWithQuery': swagger_settings.FETCH_SCHEMA_WITH_QUERY, + 'csrfCookie': swagger_settings.CSRF_COOKIE_NAME, + # remove HTTP_ and convert underscores to dashes + 'csrfHeader': swagger_settings.CSRF_HEADER_NAME[5:].replace('_', '-'), } data = filter_none(data) diff --git a/src/drf_yasg/static/drf-yasg/swagger-ui-init.js b/src/drf_yasg/static/drf-yasg/swagger-ui-init.js index 9606a3be..4ef2fd51 100644 --- a/src/drf_yasg/static/drf-yasg/swagger-ui-init.js +++ b/src/drf_yasg/static/drf-yasg/swagger-ui-init.js @@ -36,11 +36,26 @@ var swaggerUiConfig = { ], layout: "StandaloneLayout", filter: true, + csrfCookie: 'csrftoken', + csrfHeader: 'X-CSRFToken', requestInterceptor: function (request) { var headers = request.headers || {}; var csrftoken = document.querySelector("[name=csrfmiddlewaretoken]"); if (csrftoken) { - headers["X-CSRFToken"] = csrftoken.value; + csrftoken = csrftoken.value; + } else { + var cookies = document.cookie.split(/;\s+/); + var name = swaggerUiConfig.csrfCookie; + for (var i = 0; i < cookies.length; i++) { + if (cookies[i].indexOf(name) === 0) { + csrftoken = cookies[i].slice(cookies[i].indexOf('=') + 1); + break; + } + } + } + + if (csrftoken) { + headers[swaggerUiConfig.csrfHeader] = csrftoken; } return request; From 82a1fcb553395a7bd8beab9197fa5a5f9193a61b Mon Sep 17 00:00:00 2001 From: Joel Lefkowitz Date: Thu, 17 Oct 2024 13:59:15 +0100 Subject: [PATCH 08/10] Add gitter to README (#898) --- README.rst | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/README.rst b/README.rst index 5638808d..d2338585 100644 --- a/README.rst +++ b/README.rst @@ -5,7 +5,7 @@ drf-yasg - Yet another Swagger generator ######################################## -|actions| |nbsp| |codecov| |nbsp| |rtd-badge| |nbsp| |pypi-version| +|actions| |nbsp| |codecov| |nbsp| |rtd-badge| |nbsp| |pypi-version| |nbsp| |gitter| Generate **real** Swagger/OpenAPI 2.0 specifications from a Django Rest Framework API. @@ -24,14 +24,14 @@ through a deprecation cycle of a few minor releases. Resources: -* **Source**: https://github.com/axnsan12/drf-yasg/ -* **Documentation**: https://drf-yasg.readthedocs.io/ -* **Changelog**: https://drf-yasg.readthedocs.io/en/stable/changelog.html -* **Live demo**: https://drf-yasg-demo.herokuapp.com/ +* `Sources `_ +* `Documentation `_ +* `Changelog `_ +* `Live demo `_ +* `Discussion `_ |heroku-button| - **************** OpenAPI 3.0 note **************** @@ -336,7 +336,7 @@ djangorestframework-recursive Integration with `djangorestframework-recursive `_ is provided out of the box - if you have ``djangorestframework-recursive`` installed. -.. |actions| image:: https://img.shields.io/github/workflow/status/axnsan12/drf-yasg/Review +.. |actions| image:: https://img.shields.io/github/actions/workflow/status/axnsan12/drf-yasg/review.yml?branch=master :target: https://github.com/axnsan12/drf-yasg/actions :alt: GitHub Workflow Status @@ -348,6 +348,10 @@ provided out of the box - if you have ``djangorestframework-recursive`` installe :target: https://pypi.org/project/drf-yasg/ :alt: PyPI +.. |gitter| image:: https://badges.gitter.im/drf-yasg.svg + :target: https://app.gitter.im/#/room/#drf-yasg:gitter.im + :alt: Gitter + .. |rtd-badge| image:: https://img.shields.io/readthedocs/drf-yasg.svg :target: https://drf-yasg.readthedocs.io/ :alt: ReadTheDocs From 433b43e7ffbc89cba34eb8fc792f3494e4d77a9d Mon Sep 17 00:00:00 2001 From: Joel Lefkowitz Date: Thu, 17 Oct 2024 14:29:45 +0100 Subject: [PATCH 09/10] Changelog 1.21.8 (#901) * Update changelog.rst --- docs/changelog.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/changelog.rst b/docs/changelog.rst index b05e9614..061c9545 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -2,6 +2,13 @@ Changelog ######### +********** +**1.21.8** +********** + +**ADDED:** Python 3.11 and 3.12 support (:pr:`891`) +**FIXED:** Fix pkg_resources version lookups for Python 3.9+ (:pr:`891`) + ********** **1.21.7** ********** From 52017154ce3cc8f5f6e92ab08ccf7de2bfe5c6f1 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Thu, 17 Oct 2024 18:28:52 +0200 Subject: [PATCH 10/10] Add Django v5.0 and 5.1 to the testing (#902) --- testproj/testproj/settings/base.py | 1 - testproj/testproj/settings/heroku.py | 9 ++++++++- testproj/testproj/urls.py | 2 +- tox.ini | 11 +++++------ 4 files changed, 14 insertions(+), 9 deletions(-) diff --git a/testproj/testproj/settings/base.py b/testproj/testproj/settings/base.py index 4e874014..110f9d0f 100644 --- a/testproj/testproj/settings/base.py +++ b/testproj/testproj/settings/base.py @@ -158,7 +158,6 @@ LANGUAGE_CODE = 'en-us' TIME_ZONE = 'UTC' USE_I18N = True -USE_L10N = True USE_TZ = True # Static files (CSS, JavaScript, Images) diff --git a/testproj/testproj/settings/heroku.py b/testproj/testproj/settings/heroku.py index 98c6b478..ccdcb342 100644 --- a/testproj/testproj/settings/heroku.py +++ b/testproj/testproj/settings/heroku.py @@ -19,7 +19,14 @@ # Simplified static file serving. # https://warehouse.python.org/project/whitenoise/ -STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage' +STORAGES = { + "default": { + "BACKEND": "django.core.files.storage.FileSystemStorage", + }, + "staticfiles": { + "BACKEND": 'whitenoise.storage.CompressedManifestStaticFilesStorage', + }, +} MIDDLEWARE.insert(0, 'whitenoise.middleware.WhiteNoiseMiddleware') # Database diff --git a/testproj/testproj/urls.py b/testproj/testproj/urls.py index 23f45dd7..f7844162 100644 --- a/testproj/testproj/urls.py +++ b/testproj/testproj/urls.py @@ -36,7 +36,7 @@ def plain_view(request): def root_redirect(request): - user_agent_string = request.META.get('HTTP_USER_AGENT', '') + user_agent_string = request.headers.get('user-agent', '') user_agent = user_agents.parse(user_agent_string) if user_agent.is_mobile: diff --git a/tox.ini b/tox.ini index 4243327a..3d088b96 100644 --- a/tox.ini +++ b/tox.ini @@ -8,13 +8,11 @@ envlist = py{37,38,39}-django{22,30}-drf{310,311,312}, py{37,38,39}-django{31,32}-drf{311,312}, py{39,310}-django{40,41}-drf{313,314}, - # py311-django{40,41,42,50,51}-drf314, - py311-django{40,41,42}-drf314, - # py312-django{42,50,51}-drf314, - py312-django{42}-drf314, - # py313-django{51}-drf314, + py311-django{40,41,42,50,51}-drf315, + py312-django{42,50,51}-drf315, + py313-django{51}-drf315, py38-{lint, docs}, - # py313-djmaster + # py313-djmaster # ModuleNotFoundError: No module named 'psycopg' skip_missing_interpreters = true @@ -40,6 +38,7 @@ deps = drf312: djangorestframework>=3.12,<3.13 drf313: djangorestframework>=3.13,<3.14 drf314: djangorestframework>=3.14,<3.15 + drf315: djangorestframework>=3.15,<3.16 typing: typing>=3.6.6