What’s Changed
- Remove wildcard ALLOWED_HOSTS default to prevent password reset poisoning (#345) @milesmcc (thanks BishopFox!)
- Fix stored XSS in urldisplay and iconify template filters (#344) @milesmcc (thanks BishopFox!)
- add: cache control (#337) @tetuaoro
- fix: django-allauth dependency install (temporary) (#326) @joshuaprince
- escape dollarsigns for docker in .env (#311) @StarkZarn
- Bump cryptography from 42.0.0 to 42.0.4 (#313) @dependabot
- Bump urllib3 from 1.26.12 to 1.26.18 (#293) @dependabot
- Bump aiohttp from 3.8.5 to 3.9.2 (#309) @dependabot
- Bump cryptography from 41.0.4 to 42.0.0 (#310) @dependabot
- Bump django from 4.1.10 to 4.1.13 (#298) @dependabot
- Add basic zh_TW Traditional Chinese locale (#290) @PeterDaveHello
- Add tests for DashboardApiView and ApiTokenRequiredMixin (#230) @sumit4613
- Remove additional clean up steps in Dockerfile (#283) @PeterDaveHello
- Update docker build & push to use latest versions as well as push to GHCR.IO (#286) @kashalls
- Bump cryptography from 41.0.3 to 41.0.4 (#288) @dependabot
- chore(
celery): add option for master_name that goes here (#287) @kashalls - Bump certifi from 2022.12.7 to 2023.7.22 (#280) @dependabot
- Bump aiohttp from 3.8.1 to 3.8.5 (#281) @dependabot
- Bump cryptography from 41.0.0 to 41.0.3 (#282) @dependabot
- Bump word-wrap from 1.2.3 to 1.2.4 (#273) @dependabot
- Optimized Dockerfile to reduce uncompressed image size (#276) @jarylc
- Update Browser Icons to include DDG Mobile (#278) @radeeyate