openSUSE-SU-2025:0008-1

Описание

This update for python-django-ckeditor fixes the following issues:

• Update to 6.7.2

  • Deprecated the package.
  • Added a new ckeditor/fixups.js script which disables the version check again (if something slips through by accident) and which disables the behavior where CKEditor 4 would automatically attach itself to unrelated HTML elements with a contenteditable attribute (see CKEDITOR.disableAutoInline in the CKEditor 4 docs).

• CVE-2024-24815: Fixed bypass of Advanced Content Filtering mechanism (boo#1219720)

• update to 6.7.1:

  • Add Python 3.12, Django 5.0
  • Silence the CKEditor version check/nag but include a system check warning

• update to 6.7.0:

  • Dark mode fixes.
  • Added support for Pillow 10.

• update to 6.6.1:

  • Required a newer version of django-js-asset which actually works with Django 4.1.
  • CKEditor 4.21.0
  • Fixed the CKEditor styles when used with the dark Django admin theme.

• update to 6.5.1:

  • Avoided calling static() if CKEDITOR_BASEPATH is defined.
  • Fixed ./manage.py generateckeditorthumbnails to work again after the image uploader backend rework.
  • CKEditor 4.19.1
  • Stopped calling static() during application startup.
  • Added Django 4.1
  • Changed the context for the widget to deviate less from Django. Removed a
  • few template variables which are not used in the bundled
  • ckeditor/widget.html template. This only affects you if you are using a
  • customized widget or widget template.
  • Dropped support for Python < 3.8, Django < 3.2.
  • Added a pre-commit configuration.
  • Added a GitHub action for running tests.
  • Made selenium tests require opt in using a SELENIUM=firefox or SELENIUM=chromium environment variable.
  • Made it possible to override the CKEditor template in the widget class.
  • Changed CKEDITOR_IMAGE_BACKEND to require dotted module paths (the old identifiers are still supported for now).