Tags: maykinmedia/open-api-framework
Tags
**New features** * Add Django CSP with configurable settings * Add SECURE_HSTS_SECONDS and CSRF_COOKIE_HTTPONLY settings .. warning:: SECURE_HSTS_SECONDS has been added with a default of 31536000 seconds, ensure that before upgrading to this version of open-api-framework, your entire application is served over HTTPS, otherwise this setting can break parts of your application (see https://docs.djangoproject.com/en/4.2/ref/middleware/#http-strict-transport-security) **Bugfixes/QOL** * Fix rendering for envvar defaults (previously quotes were escaped) * Move ``CACHE_DEFAULT``, ``CACHE_AXES``, ``EMAIL_HOST`` envvars to Required group (because they are required for Docker) * Add CI job to check if all envvars are either documented or excluded from documentation
Minor release to tweak some settings and add minor functionality **New features** * Add password to ``AXES_SENSITIVE_PARAMETERS`` * Use stricter ``django-axes`` settings * ``AXES_FAILURE_LIMIT`` changed from ``10`` to ``5`` * ``AXES_COOLOFF_TIME`` changed from ``1`` to ``5`` minutes * Make more ``log-outgoing-requests`` settings configurable * ``LOG_OUTGOING_REQUESTS_EMIT_BODY`` (default ``True``) * ``LOG_OUTGOING_REQUESTS_DB_SAVE_BODY`` (default ``True``) * Add base template to display current version in admin **Bugfixes** * Remove FIXTURE_DIRS setting and add root level app to INSTALLED_APPS **Other** * Move documentation to readthedocs
PreviousNext