Comments (11)
stevejalim
commented on July 28, 2024
8
Hello all - i've just spun up https://pypi.org/project/django-csp/3.8rc0/
If you can spare a little time to test-drive it in your project(s), that would be very much appreciated.
Functionally, there's nothing new on top of 3.7; it's just been housekeeping - see https://github.com/mozilla/django-csp/blob/main/CHANGES
cc @tim-schilling @asottile-sentry @robhudson (as people who might also be interested in this RC, but who are not subscribed)
from django-csp.
stevejalim
commented on July 28, 2024
2
3.8rc0 seems fine on www.mozilla.org and support.mozilla.org so I think we can ship it as 3.8.
If anyone following this thread has tried it out and has spotted problems, please let us know by Monday 26 Feb - thanks!
from django-csp.
mlec1
commented on July 28, 2024
1
Is there any update about a new release ?
from django-csp.
stevejalim
commented on July 28, 2024
1
I've recently been given write access and will be making time to do a new release. I suspect that'll be as early as I can in 2024 I'm afraid
from django-csp.
stevejalim
commented on July 28, 2024
1
OK, starting to get things moving again: #204
from django-csp.
oioki
commented on July 28, 2024
1
Hey @stevejalim
We use django-csp in https://github.com/getsentry/sentry/
Just in case, I tried 3.8rc1 on local dev environment, and it worked fine. Excited about the upcoming release. 🙂
from django-csp.
mlec1
commented on July 28, 2024
1
I use it also in 3 different projects. No issue on local dev either, it is working fine for the version 3.8rc1. Thank you for your work @stevejalim
from django-csp.
pulse-mind
commented on July 28, 2024
Hello,
This project looks nice but looks dead :/.
Is there someone that can create release ?
from django-csp.
pulse-mind
commented on July 28, 2024
Thank you for your answer and thank you for your job on this project !
from django-csp.
stevejalim
commented on July 28, 2024
Just released 3.8rc1 with a minor packaging change (switch to pyproject.toml).
No regressions were noted in 3.8rc0, so unless the packaging change causes people pain, we can get this out to formal release v soon.
(If the release process seems slow, it's because I'm juggling a lot and don't want to rush it, naturally.)
On that note, if you're following this ticket, please can you spare 5 mins to try a quick pip/poetry/uv/whatever install of 3.8rc1 and report back if there are any rough corners - thanks y'all! 🙇
from django-csp.
stevejalim
commented on July 28, 2024
Version 3.8 is now on PyPI 🎉
Thanks to everyone who contributed to it - https://github.com/mozilla/django-csp/releases/tag/3.8
https://pypi.org/project/django-csp/
from django-csp.
Related Issues (20)
- nonce, request.csp_nonce and {% script %} all fail to render a nonce HOT 8
- Documentation needs to be updated to mention INSTALLED_APPS HOT 4
- Decorators depending on request method types HOT 3
- broken admin filters HOT 3
- Modify CSP based on database? HOT 1
- `CSP_INCLUDE_NONCE_IN` not working? HOT 4
- State of project HOT 9
- Unrecognized Content Security Policy directive 'worker-src' in Safari Browser HOT 2
- Building the wheel doesn't work HOT 4
- Backwards compatible method of adding 'strict-dynamic' as suffix HOT 1
- Don't include nonces in default-src when CSP_INCLUDE_NONCE_IN is unset / an empty list HOT 3
- Allow direct editing of build policy output HOT 1
- Documentation for context processor HOT 5
- Deprecated Features HOT 5
- interested in adding typing (mypy) support? HOT 4
- Support clearing/unsetting directives via decorator HOT 7
- Support different sets of rules for paths like /admin HOT 8
- Move project to pyproject.toml HOT 1
- Create csp.extensions.NoncedStyle extension HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-csp.