You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You MUST use this template when reporting issues. Please make sure you follow the checklist and fill in all of the information sections below.
All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.
Checklist
Put an x in the bracket when you have completed each task, like this: [x]
This issue is not about installing previous versions of django-smart-selects older than 1.2.8. I understand that previous versions are insecure and will not receive any support whatsoever.
I have verified that that issue exists against the master branch of django-smart-selects.
I have searched for similar issues in both open and closed tickets and cannot find a duplicate.
I have debugged the issue to the smart_selects app.
I have reduced the issue to the simplest possible case.
I have included all relevant sections of models.py, forms.py, and views.py with problems.
Create a Django 5 project using django-smart-selects installed from PyPi.
Try to run the project.
Actual behavior
The latest version of django-smart-selects package which is available on PyPi is 1.6.0. This version is not compatible with Django 5.0, while the latest available on GitHub (1.7.1) is.
LookupError: setuptools-scm was unable to detect version for /usr/local/src/django-smart-selects.
#0 21.63 Make sure you're either building from a fully intact git repository or PyPI tarballs. Most other sources (such as GitHub's tarballs, a git checkout without the .git folder) don't contain the necessary metadata and will not work.
Please publish to github 🙏
Any help is appreciated, by the way, if it the repository is not published...
p.s. installing another package in the same manner does work, In toml file: python-docx = { git = "https://github.com/takis/python-docx.git", branch = "master" }
You MUST use this template when reporting issues. Please make sure you follow the checklist and fill in all of the information sections below.
All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.
Checklist
Put an
x
in the bracket when you have completed each task, like this:[x]
master
branch of django-smart-selects.smart_selects
app.models.py
,forms.py
, andviews.py
with problems.Steps to reproduce
django-smart-selects
installed from PyPi.Actual behavior
The latest version of
django-smart-selects
package which is available on PyPi is 1.6.0. This version is not compatible with Django 5.0, while the latest available on GitHub (1.7.1) is.In the repository Actions I saw that the following step fails:
https://github.com/jazzband/django-smart-selects/actions/runs/8273216022/job/22636552189#step:7:16
This step could be solved by using the help provided by the following StackOverflow answer:
https://stackoverflow.com/questions/70435286/resource-not-accessible-by-integration-on-github-post-repos-owner-repo-ac
Expected behavior
Installing the package from PyPi should install the latest version.
The text was updated successfully, but these errors were encountered: