diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 7f52673206..ad0f539b8a 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -659,7 +659,7 @@ Changelog * Remove legacy (non-next) breadcrumbs no longer used, remove `ModelAdmin` usage of breadcrumbs completely (Paarth Agarwal) * Replace human-readable-date hover pattern with accessible tooltip variant across all of admin (Bernd de Ridder) * Added `WAGTAILADMIN_USER_PASSWORD_RESET_FORM` setting for overriding the admin password reset form (Michael Karamuth) - * Prefetch workflow states in edit page view to to avoid queries in other parts of the view/templates that need it (Tidiane Dia) + * Prefetch workflow states in edit page view to avoid queries in other parts of the view/templates that need it (Tidiane Dia) * Remove the edit link from edit bird in previews to avoid confusion (Sævar Öfjörð Magnússon) * Introduce new template fragment and block level enclosure tags for easier template composition (Thibaud Colas) * Add a `classnames` template tag to easily build up classes from variables provided to a template (Paarth Agarwal) @@ -2149,7 +2149,7 @@ Changelog * Added hooks `before_create_user`, `after_create_user`, `before_delete_user`, `after_delete_user`, `before_edit_user`, `after_edit_user` (Jon Carmack) * Added `exclude_fields_in_copy` property to Page to define fields that should not be included on page copy (LB (Ben Johnston)) * Improved error message on incorrect `{% image %}` tag syntax (LB (Ben Johnston)) - * Optimized preview data storage (Bertrand Bordage) + * Optimised preview data storage (Bertrand Bordage) * Added `render_landing_page` method to `AbstractForm` to be easily overridden and pass `form_submission` to landing page context (Stein Strindhaug) * Added `heading` kwarg to `InlinePanel` to allow heading to be set independently of button label (Adrian Turjak) * The value type returned from a `StructBlock` can now be customised (LB (Ben Johnston)) @@ -2408,7 +2408,7 @@ Changelog * Added `form_fields_exclude` property to ModelAdmin views (Matheus Bratfisch) * User creation / edit form now enforces password validators set in `AUTH_PASSWORD_VALIDATORS` (Bertrand Bordage) * Added support for showing `non_field_errors` when validation fails in the page editor (Matt Westcott) - * Added `WAGTAILADMIN_RECENT_EDITS_LIMIT` setting to to define the number of your most recent edits on the dashboard (Maarten Kling) + * Added `WAGTAILADMIN_RECENT_EDITS_LIMIT` setting to define the number of your most recent edits on the dashboard (Maarten Kling) * Creating / editing users through the Wagtail admin no longer modifies the `is_staff` flag (Matt Westcott) * Added link to the full Elasticsearch setup documentation from the Performance page (Matt Westcott) * Tag input fields now accept spaces in tags by default, and can be overridden with the `TAG_SPACES_ALLOWED` setting (Kees Hink, Alex Gleason) diff --git a/README.md b/README.md index 3c3c571b78..6bb0a3de75 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ Wagtail is an open source content management system built on Django, with a stro - Complete control over front-end design and structure - Scales to millions of pages and thousands of editors - Fast out of the box, cache-friendly when you need it -- Content API for 'headless' sites with de-coupled front-end +- Content API for 'headless' sites with decoupled front-end - Runs on a Raspberry Pi or a multi-datacenter cloud platform - StreamField encourages flexible content without compromising structure - Powerful, integrated search, using Elasticsearch or PostgreSQL @@ -97,7 +97,7 @@ For topics and discussions that do not fit Stack Overflow's question and answer [![Join slack community](.github/join-slack-community.png)](https://github.com/wagtail/wagtail/wiki/Slack) -Our [Github discussion boards](https://github.com/wagtail/wagtail/discussions) are open for sharing ideas and plans for the Wagtail project. +Our [GitHub discussion boards](https://github.com/wagtail/wagtail/discussions) are open for sharing ideas and plans for the Wagtail project. We maintain a curated list of third party packages, articles and other resources at [Awesome Wagtail](https://github.com/springload/awesome-wagtail). @@ -107,7 +107,7 @@ Wagtail is sponsored by [Torchbox](https://torchbox.com/). If you need help impl ### 🔐 Security -We take the security of Wagtail, and related packages we maintain, seriously. If you have found a security issue with any of our projects please email us at [security@wagtail.org](mailto:security@wagtail.org) so we can work together to find and patch the issue. We appreciate responsible disclosure with any security related issues, so please contact us first before creating a Github issue. +We take the security of Wagtail, and related packages we maintain, seriously. If you have found a security issue with any of our projects please email us at [security@wagtail.org](mailto:security@wagtail.org) so we can work together to find and patch the issue. We appreciate responsible disclosure with any security related issues, so please contact us first before creating a GitHub issue. If you want to send an encrypted email (optional), the public key ID for security@wagtail.org is 0xbed227b4daf93ff9, and this public key is available from most commonly-used keyservers. diff --git a/client/src/components/Sidebar/Sidebar.tsx b/client/src/components/Sidebar/Sidebar.tsx index 6d11e0828d..de5b51bff4 100644 --- a/client/src/components/Sidebar/Sidebar.tsx +++ b/client/src/components/Sidebar/Sidebar.tsx @@ -87,7 +87,7 @@ export const Sidebar: React.FunctionComponent = ({ // Whether or not to display the menu with slim layout. const slim = collapsed && !isMobile; - // 'expandingOrCollapsing' is set to true whilst the the menu is transitioning between slim and expanded layouts + // 'expandingOrCollapsing' is set to true whilst the menu is transitioning between slim and expanded layouts const [expandingOrCollapsing, setExpandingOrCollapsing] = React.useState(false); diff --git a/client/src/components/Sidebar/modules/MainMenu.tsx b/client/src/components/Sidebar/modules/MainMenu.tsx index 10c4205614..d9f38540f9 100644 --- a/client/src/components/Sidebar/modules/MainMenu.tsx +++ b/client/src/components/Sidebar/modules/MainMenu.tsx @@ -165,7 +165,7 @@ export const Menu: React.FunctionComponent = ({ // They are created by concatenating the name fields of all the menu/sub-menu items leading to the relevant one. // For example, the "Users" item in the "Settings" sub-menu would have the path 'settings.users' // - navigationPath references the current sub-menu that the user currently has open - // - activePath references the menu item for the the page the user is currently on + // - activePath references the menu item for the page the user is currently on const [state, dispatch] = React.useReducer(menuReducer, { navigationPath: '', activePath: '', diff --git a/client/src/controllers/ProgressController.test.js b/client/src/controllers/ProgressController.test.js index 93b4ad8769..78f33ae7c4 100644 --- a/client/src/controllers/ProgressController.test.js +++ b/client/src/controllers/ProgressController.test.js @@ -84,7 +84,7 @@ describe('ProgressController', () => { expect(setTimeout).toHaveBeenLastCalledWith(expect.any(Function), 4_000); }); - it('should change the the text of the button and sets disabled attribute on click', async () => { + it('should change the text of the button and sets disabled attribute on click', async () => { const button = document.querySelector('.button-longrunning'); const label = document.querySelector('#em-el'); expect(mockSubmit).not.toHaveBeenCalled(); diff --git a/client/src/includes/initStimulus.ts b/client/src/includes/initStimulus.ts index 617c480584..c00fad6515 100644 --- a/client/src/includes/initStimulus.ts +++ b/client/src/includes/initStimulus.ts @@ -60,7 +60,7 @@ class WagtailApplication extends Application { * Initialises the Wagtail Stimulus application and dispatches and registers * custom event behaviour. * - * Loads the the supplied core controller definitions into the application. + * Loads the supplied core controller definitions into the application. * Turns on debug mode if in local development (for now). */ export const initStimulus = ({ diff --git a/docs/README.md b/docs/README.md index 9e384bbb8f..de9329db8e 100644 --- a/docs/README.md +++ b/docs/README.md @@ -1,6 +1,6 @@ # Wagtail docs -These are Sphinx docs, automatically built at [https://docs.wagtail.org](https://docs.wagtail.org) when the `main` branch is committed to Github. To build them locally, install Wagtail's development requirements (in the root Wagtail directory): +These are Sphinx docs, automatically built at [https://docs.wagtail.org](https://docs.wagtail.org) when the `main` branch is committed to GitHub. To build them locally, install Wagtail's development requirements (in the root Wagtail directory): pip install -e .[testing,docs] diff --git a/docs/advanced_topics/api/v2/configuration.md b/docs/advanced_topics/api/v2/configuration.md index 5370574a4b..1cdac3c632 100644 --- a/docs/advanced_topics/api/v2/configuration.md +++ b/docs/advanced_topics/api/v2/configuration.md @@ -282,7 +282,7 @@ For cases where the source image set may contain SVGs, the `ImageRenditionField` This is used in two places, when generating absolute URLs to document files and invalidating the cache. -Generating URLs to documents will fall back the the current request's hostname +Generating URLs to documents will fall back the current request's hostname if this is not set. Cache invalidation cannot do this, however, so this setting must be set when using this module alongside the `wagtailfrontendcache` module. diff --git a/docs/advanced_topics/api/v2/usage.md b/docs/advanced_topics/api/v2/usage.md index 79d0de3cf7..d46a252b7c 100644 --- a/docs/advanced_topics/api/v2/usage.md +++ b/docs/advanced_topics/api/v2/usage.md @@ -326,7 +326,7 @@ way down to the site's root page. For example, when combined with the `type` filter it can be used to find the particular `blog.BlogIndexPage` a `blog.BlogPage` belongs -to. By itself, it can be used to to construct a breadcrumb trail from +to. By itself, it can be used to construct a breadcrumb trail from the current page back to the site's root page. The `?descendant_of` filter takes the id of a page and filter the list diff --git a/docs/advanced_topics/i18n.md b/docs/advanced_topics/i18n.md index f567364546..d5d7936c1e 100644 --- a/docs/advanced_topics/i18n.md +++ b/docs/advanced_topics/i18n.md @@ -662,11 +662,11 @@ we also created a translation package called `wagtail-localize`. This supports translating pages within Wagtail, using PO files, machine translation, and external integration with translation services. -Github: [https://github.com/wagtail/wagtail-localize](https://github.com/wagtail/wagtail-localize) +GitHub: [https://github.com/wagtail/wagtail-localize](https://github.com/wagtail/wagtail-localize) ## Alternative internationalisation plugins -Before official multi-language support was added into Wagtail, site implementors +Before official multi-language support was added into Wagtail, site implementers had to use external plugins. These have not been replaced by Wagtail's own implementation as they use slightly different approaches, one of them might fit your use case better: diff --git a/docs/advanced_topics/multi_site_multi_instance_multi_tenancy.md b/docs/advanced_topics/multi_site_multi_instance_multi_tenancy.md index 19efb8a955..afe17edbd1 100644 --- a/docs/advanced_topics/multi_site_multi_instance_multi_tenancy.md +++ b/docs/advanced_topics/multi_site_multi_instance_multi_tenancy.md @@ -20,7 +20,7 @@ Wagtail also comes with [site settings](site_settings). _Site settings_ are 'sin Model objects can be linked to a site by placing a foreign key field on the model pointing to the site object. A request object can be used to look up the current site. This way, content belonging to a specific site can be served. -User, groups, and permissions can be configured in such a way that content creators can only manage the pages, images, and documents of a specific site. Wagtail can have multiple _site objects_ and multiple _page trees_. Permissions can be linked to a specific page tree or a subsection thereof. Collections are used to categorize images and documents. A collection can be restricted to users who are in a specific group. +User, groups, and permissions can be configured in such a way that content creators can only manage the pages, images, and documents of a specific site. Wagtail can have multiple _site objects_ and multiple _page trees_. Permissions can be linked to a specific page tree or a subsection thereof. Collections are used to categorise images and documents. A collection can be restricted to users who are in a specific group. Some projects require content editors to have permissions on specific sites and restrict access to other sites. Splitting _all_ content per site and guaranteeing that no content 'leaks' is difficult to realize in a multi-site project. If you require full separation of content, then multi-instance might be a better fit... diff --git a/docs/contributing/committing.md b/docs/contributing/committing.md index 57316ca71b..4452e279d1 100644 --- a/docs/contributing/committing.md +++ b/docs/contributing/committing.md @@ -9,8 +9,8 @@ If additional code changes are made after the review, it is OK to commit them without further review if they are uncontroversial and small enough that there is minimal chance of introducing new bugs. -Most code contributions will be in the form of pull requests from Github. -Pull requests should not be merged from Github, apart from small documentation fixes, +Most code contributions will be in the form of pull requests from GitHub. +Pull requests should not be merged from GitHub, apart from small documentation fixes, which can be merged with the 'Squash and merge' option. Instead, the code should be checked out by a committer locally, the changes examined and rebased, the `CHANGELOG.txt` and release notes updated, @@ -95,7 +95,7 @@ they should be added to the `CONTRIBUTORS.rst` list. Contributors are added in chronological order, with new contributors added to the bottom of the list. Use their preferred name. -You can usually find the name of a contributor on their Github profile. +You can usually find the name of a contributor on their GitHub profile. If in doubt, or if their name is not on their profile, ask them how they want to be named. If the changes to be merged are small enough to be a single commit, diff --git a/docs/contributing/first_contribution_guide.md b/docs/contributing/first_contribution_guide.md index d3448c7eb7..564377713e 100644 --- a/docs/contributing/first_contribution_guide.md +++ b/docs/contributing/first_contribution_guide.md @@ -170,7 +170,7 @@ If it's just a documentation request, you may refine this comment to explain whe Before writing any code, take a moment to get your `git` hat on. When you clone the project locally, you will be checked out at the `main` branch. This branch is not suitable for you to make your changes on. It is meant to be the branch that tracks the core development of the project. -Instead, take a moment to create a [new branch](https://www.atlassian.com/git/tutorials/using-branches). You can use the command line or install one of the many great git GUI tools. Don't listen to anyone that says you're not doing it right unless you use the command line. Reduce the things you need to learn today and focus on the `git` command line interface later. If you have a Mac, I recommend [Fork](https://git-fork.com/), otherwise, the [Github GUI](https://desktop.github.com/) is good enough. +Instead, take a moment to create a [new branch](https://www.atlassian.com/git/tutorials/using-branches). You can use the command line or install one of the many great git GUI tools. Don't listen to anyone that says you're not doing it right unless you use the command line. Reduce the things you need to learn today and focus on the `git` command line interface later. If you have a Mac, I recommend [Fork](https://git-fork.com/), otherwise, the [GitHub GUI](https://desktop.github.com/) is good enough. This new branch name should have some context as to what you are fixing and if possible the issue number being fixed. For example `git checkout -b 'feature/1234-add-unit-tests-for-inline-panel'`. This branch name uses `/` to represent a folder and also has the issue number `1234`, finally, it uses `lower-kebab-case` with a short description of the issue. @@ -337,7 +337,7 @@ Be sure to always read the issue in full and review all links, sometimes there m While Gitpod is great for some small scale Pull Requests, it will not be a suitable tool for complex contributions and it's best to take the time to set up a fully functional development environment so you can manage branches and ongoing commits to one branch. -Here are some links for using GitPod with the Wagtail packages: +Here are some links for using Gitpod with the Wagtail packages: - [Bakerydemo Gitpod instructions](https://github.com/wagtail/bakerydemo#setup-with-gitpod) - [Wagtail Gitpod – Wagtail development setup in one click](https://wagtail.org/blog/gitpod/) diff --git a/docs/contributing/index.md b/docs/contributing/index.md index a76d28d639..5d0858a345 100644 --- a/docs/contributing/index.md +++ b/docs/contributing/index.md @@ -45,7 +45,7 @@ We welcome contributions to all aspects of Wagtail. If you would like to improve ### Non-code contributions -- Star the [wagtail](https://github.com/wagtail/wagtail) project on Github +- Star the [wagtail](https://github.com/wagtail/wagtail) project on GitHub - Support others with answers to questions on the [Wagtail StackOverflow topic](https://stackoverflow.com/questions/tagged/wagtail) or in Slack `#support`. - Write a review of [Wagtail on G2](https://www.g2.com/products/wagtail/reviews). - Provide some thoughtful feedback on the [Wagtail discussions](https://github.com/wagtail/wagtail/discussions). diff --git a/docs/contributing/issue_tracking.md b/docs/contributing/issue_tracking.md index c3800bce3c..2cf2829b58 100644 --- a/docs/contributing/issue_tracking.md +++ b/docs/contributing/issue_tracking.md @@ -1,10 +1,10 @@ # Issue tracking -We welcome bug reports, feature requests and pull requests through Wagtail's [Github issue tracker](https://github.com/wagtail/wagtail/issues). +We welcome bug reports, feature requests and pull requests through Wagtail's [GitHub issue tracker](https://github.com/wagtail/wagtail/issues). ## Issues -An issue must always correspond to a specific action with a well-defined completion state: fixing a bug, adding a new feature, updating documentation, or cleaning up code. Open-ended issues where the end result is not immediately clear ("come up with a way of doing translations" or "Add more features to rich text fields.") are better suited to [Github discussions](https://github.com/wagtail/wagtail/discussions), so that there can be feedback on clear way to progress the issue and identify when it has been completed through separate issues created from the discussion. +An issue must always correspond to a specific action with a well-defined completion state: fixing a bug, adding a new feature, updating documentation, or cleaning up code. Open-ended issues where the end result is not immediately clear ("come up with a way of doing translations" or "Add more features to rich text fields.") are better suited to [GitHub discussions](https://github.com/wagtail/wagtail/discussions), so that there can be feedback on clear way to progress the issue and identify when it has been completed through separate issues created from the discussion. Do not use issues for support queries or other questions ("How do I do X?" - although "Implement a way of doing X" or "Document how to do X" could well be valid issues). These questions should be asked on [Stack Overflow](https://stackoverflow.com/questions/tagged/wagtail) instead. For discussions that do not fit Stack Overflow's question-and-answer format, see the other [Wagtail community support options](https://github.com/wagtail/wagtail#community-support). diff --git a/docs/reference/contrib/redirects.md b/docs/reference/contrib/redirects.md index 21b1b710e4..3a2384c538 100644 --- a/docs/reference/contrib/redirects.md +++ b/docs/reference/contrib/redirects.md @@ -79,7 +79,7 @@ Options: | **permanent** | If the redirects imported should be **permanent** (True) or not (False). It's True by default. | | **from** | The column index you want to use as redirect from value. | | **to** | The column index you want to use as redirect to value. | -| **dry_run** | Lets you run a import without doing any changes. | +| **dry_run** | Lets you run an import without doing any changes. | | **ask** | Lets you inspect and approve each redirect before it is created. | ## The `Redirect` class diff --git a/docs/reference/contrib/table_block.md b/docs/reference/contrib/table_block.md index 8716599722..bda7028905 100644 --- a/docs/reference/contrib/table_block.md +++ b/docs/reference/contrib/table_block.md @@ -92,12 +92,12 @@ Every key in the `table_options` dictionary maps to a [handsontable](https://han - [minSpareRows](https://handsontable.com/docs/6.2.2/Options.html#minSpareRows) - The number of rows to append to the end of an empty grid. The default setting is 0. - [startRows](https://handsontable.com/docs/6.2.2/Options.html#startRows) - The default number of rows for a new table. - [startCols](https://handsontable.com/docs/6.2.2/Options.html#startCols) - The default number of columns for new tables. -- [colHeaders](https://handsontable.com/docs/6.2.2/Options.html#colHeaders) - Can be set to `True` or `False`. This setting designates if new tables should be created with column headers. **Note:** this only sets the behaviour for newly created tables. Page editors can override this by checking the the “Column header” checkbox in the table editor in the Wagtail admin. +- [colHeaders](https://handsontable.com/docs/6.2.2/Options.html#colHeaders) - Can be set to `True` or `False`. This setting designates if new tables should be created with column headers. **Note:** this only sets the behaviour for newly created tables. Page editors can override this by checking the “Column header” checkbox in the table editor in the Wagtail admin. - [rowHeaders](https://handsontable.com/docs/6.2.2/Options.html#rowHeaders) - Operates the same as `colHeaders` to designate if new tables should be created with the first column as a row header. Just like `colHeaders` this option can be overridden by the page editor in the Wagtail admin. - [contextMenu](https://handsontable.com/docs/6.2.2/Options.html#contextMenu) - Enables or disables the Handsontable right-click menu. By default this is set to `True`. Alternatively you can provide a list or a dictionary with [specific options](https://handsontable.com/docs/6.2.2/demo-context-menu.html#page-specific). - [editor](https://handsontable.com/docs/6.2.2/Options.html#editor) - Defines the editor used for table cells. The default setting is text. - [stretchH](https://handsontable.com/docs/6.2.2/Options.html#stretchH) - Sets the default horizontal resizing of tables. Options include, 'none', 'last', and 'all'. By default TableBlock uses 'all' for the even resizing of columns. -- [height](https://handsontable.com/docs/6.2.2/Options.html#height) - The default height of the grid. By default TableBlock sets the height to `108` for the optimal appearance of new tables in the editor. This is optimized for tables with `startRows` set to `3`. If you change the number of `startRows` in the configuration, you might need to change the `height` setting to improve the default appearance in the editor. +- [height](https://handsontable.com/docs/6.2.2/Options.html#height) - The default height of the grid. By default TableBlock sets the height to `108` for the optimal appearance of new tables in the editor. This is optimised for tables with `startRows` set to `3`. If you change the number of `startRows` in the configuration, you might need to change the `height` setting to improve the default appearance in the editor. - [language](https://handsontable.com/docs/6.2.2/Options.html#language) - The default language setting. By default TableBlock tries to get the language from `django.utils.translation.get_language`. If needed, this setting can be overridden here. - [renderer](https://handsontable.com/docs/6.2.2/Options.html#renderer) - The default setting Handsontable uses to render the content of table cells. - [autoColumnSize](https://handsontable.com/docs/6.2.2/Options.html#autoColumnSize) - Enables or disables the `autoColumnSize` plugin. The TableBlock default setting is `False`. diff --git a/docs/reference/streamfield/blocks.md b/docs/reference/streamfield/blocks.md index 4ac5b03db7..23ac29d536 100644 --- a/docs/reference/streamfield/blocks.md +++ b/docs/reference/streamfield/blocks.md @@ -46,7 +46,7 @@ All block definitions accept the following optional keyword arguments: - `template` - The path to a Django template that will be used to render this block on the front end. See [Template rendering](streamfield_template_rendering) - `group` - - The group used to categorize this block. Any blocks with the same group name will be shown together in the editor interface with the group name as a heading. + - The group used to categorise this block. Any blocks with the same group name will be shown together in the editor interface with the group name as a heading. ## Field block types diff --git a/docs/releases/1.10.rst b/docs/releases/1.10.rst index e326bf38e4..cd22a27353 100644 --- a/docs/releases/1.10.rst +++ b/docs/releases/1.10.rst @@ -65,7 +65,7 @@ Other features * Added ``form_fields_exclude`` property to ModelAdmin views (Matheus Bratfisch) * User creation / edit form now enforces password validators set in ``AUTH_PASSWORD_VALIDATORS`` (Bertrand Bordage) * Added support for displaying ``non_field_errors`` when validation fails in the page editor (Matt Westcott) -* Added ``WAGTAILADMIN_RECENT_EDITS_LIMIT`` setting to to define the number of your most recent edits on the dashboard (Maarten Kling) +* Added ``WAGTAILADMIN_RECENT_EDITS_LIMIT`` setting to define the number of your most recent edits on the dashboard (Maarten Kling) * Added link to the full Elasticsearch setup documentation from the Performance page (Matt Westcott) * Tag input fields now accept spaces in tags by default, and can be overridden with the ``TAG_SPACES_ALLOWED`` setting (Kees Hink, Alex Gleason) * Page chooser widgets now display the required page type where relevant (Christine Ho) diff --git a/docs/releases/2.0.rst b/docs/releases/2.0.rst index 09578626fa..3ff93f54d5 100644 --- a/docs/releases/2.0.rst +++ b/docs/releases/2.0.rst @@ -52,7 +52,7 @@ Other features * Added hooks ``before_create_user``, ``after_create_user``, ``before_delete_user``, ``after_delete_user``, ``before_edit_user``, ``after_edit_user`` (Jon Carmack) * Added ``exclude_fields_in_copy`` property to Page to define fields that should not be included on page copy (LB (Ben Johnston)) * Improved error message on incorrect ``{% image %}`` tag syntax (LB (Ben Johnston)) -* Optimized preview data storage (Bertrand Bordage) +* Optimised preview data storage (Bertrand Bordage) * Added ``render_landing_page`` method to ``AbstractForm`` to be easily overridden and pass ``form_submission`` to landing page context (Stein Strindhaug) * Added ``heading`` kwarg to ``InlinePanel`` to allow heading to be set independently of button label (Adrian Turjak) * The value type returned from a ``StructBlock`` can now be customised. See :ref:`custom_value_class_for_structblock` (LB (Ben Johnston)) diff --git a/docs/releases/2.11.8.rst b/docs/releases/2.11.8.rst index b3387bf4d7..9f745d662a 100644 --- a/docs/releases/2.11.8.rst +++ b/docs/releases/2.11.8.rst @@ -17,6 +17,6 @@ CVE-2021-32681: Improper escaping of HTML ('Cross-site Scripting') in Wagtail St This release addresses a cross-site scripting (XSS) vulnerability in StreamField. When the ``{% include_block %}`` template tag is used to output the value of a plain-text StreamField block (``CharBlock``, ``TextBlock`` or a similar user-defined block derived from ``FieldBlock``), and that block does not specify a template for rendering, the tag output is not properly escaped as HTML. This could allow users to insert arbitrary HTML or scripting. This vulnerability is only exploitable by users with the ability to author StreamField content (i.e. users with 'editor' access to the Wagtail admin). -Site implementors who wish to retain the existing behaviour of allowing editors to insert HTML content in these blocks (and are willing to accept the risk of untrusted editors inserting arbitrary code) may disable the escaping by surrounding the relevant ``{% include_block %}`` tag in ``{% autoescape off %}...{% endautoescape %}``. +Site implementers who wish to retain the existing behaviour of allowing editors to insert HTML content in these blocks (and are willing to accept the risk of untrusted editors inserting arbitrary code) may disable the escaping by surrounding the relevant ``{% include_block %}`` tag in ``{% autoescape off %}...{% endautoescape %}``. Many thanks to Karen Tracey for reporting this issue. For further details, please see `the CVE-2021-32681 security advisory `_. diff --git a/docs/releases/2.12.5.rst b/docs/releases/2.12.5.rst index 64b30f5f25..7f6ee76464 100644 --- a/docs/releases/2.12.5.rst +++ b/docs/releases/2.12.5.rst @@ -17,6 +17,6 @@ CVE-2021-32681: Improper escaping of HTML ('Cross-site Scripting') in Wagtail St This release addresses a cross-site scripting (XSS) vulnerability in StreamField. When the ``{% include_block %}`` template tag is used to output the value of a plain-text StreamField block (``CharBlock``, ``TextBlock`` or a similar user-defined block derived from ``FieldBlock``), and that block does not specify a template for rendering, the tag output is not properly escaped as HTML. This could allow users to insert arbitrary HTML or scripting. This vulnerability is only exploitable by users with the ability to author StreamField content (i.e. users with 'editor' access to the Wagtail admin). -Site implementors who wish to retain the existing behaviour of allowing editors to insert HTML content in these blocks (and are willing to accept the risk of untrusted editors inserting arbitrary code) may disable the escaping by surrounding the relevant ``{% include_block %}`` tag in ``{% autoescape off %}...{% endautoescape %}``. +Site implementers who wish to retain the existing behaviour of allowing editors to insert HTML content in these blocks (and are willing to accept the risk of untrusted editors inserting arbitrary code) may disable the escaping by surrounding the relevant ``{% include_block %}`` tag in ``{% autoescape off %}...{% endautoescape %}``. Many thanks to Karen Tracey for reporting this issue. For further details, please see `the CVE-2021-32681 security advisory `_. diff --git a/docs/releases/2.13.2.rst b/docs/releases/2.13.2.rst index adcce0df5e..fee845b335 100644 --- a/docs/releases/2.13.2.rst +++ b/docs/releases/2.13.2.rst @@ -17,6 +17,6 @@ CVE-2021-32681: Improper escaping of HTML ('Cross-site Scripting') in Wagtail St This release addresses a cross-site scripting (XSS) vulnerability in StreamField. When the ``{% include_block %}`` template tag is used to output the value of a plain-text StreamField block (``CharBlock``, ``TextBlock`` or a similar user-defined block derived from ``FieldBlock``), and that block does not specify a template for rendering, the tag output is not properly escaped as HTML. This could allow users to insert arbitrary HTML or scripting. This vulnerability is only exploitable by users with the ability to author StreamField content (i.e. users with 'editor' access to the Wagtail admin). -Site implementors who wish to retain the existing behaviour of allowing editors to insert HTML content in these blocks (and are willing to accept the risk of untrusted editors inserting arbitrary code) may disable the escaping by surrounding the relevant ``{% include_block %}`` tag in ``{% autoescape off %}...{% endautoescape %}``. +Site implementers who wish to retain the existing behaviour of allowing editors to insert HTML content in these blocks (and are willing to accept the risk of untrusted editors inserting arbitrary code) may disable the escaping by surrounding the relevant ``{% include_block %}`` tag in ``{% autoescape off %}...{% endautoescape %}``. Many thanks to Karen Tracey for reporting this issue. For further details, please see `the CVE-2021-32681 security advisory `_. diff --git a/docs/releases/4.0.md b/docs/releases/4.0.md index af43e68a7b..0b0f17ab95 100644 --- a/docs/releases/4.0.md +++ b/docs/releases/4.0.md @@ -172,7 +172,7 @@ There are also many improvements to the documentation both under the hood and in * Deprecate the usage and documentation of the `wagtail.contrib.modeladmin.menus.SubMenu` class, provide a warning if used directing developers to use `wagtail.admin.menu.Menu` instead (Matt Westcott) * Replace human-readable-date hover pattern with accessible tooltip variant across all of admin (Bernd de Ridder) * Added `WAGTAILADMIN_USER_PASSWORD_RESET_FORM` setting for overriding the admin password reset form (Michael Karamuth) - * Prefetch workflow states in edit page view to to avoid queries in other parts of the view/templates that need it (Tidiane Dia) + * Prefetch workflow states in edit page view to avoid queries in other parts of the view/templates that need it (Tidiane Dia) * Remove the edit link from edit bird in previews to avoid confusion (Sævar Öfjörð Magnússon) * Introduce new template fragment and block level enclosure tags for easier template composition (Thibaud Colas) * Add a `classnames` template tag to easily build up classes from variables provided to a template (Paarth Agarwal) diff --git a/docs/releases/5.0.md b/docs/releases/5.0.md index 03ddce385d..1d7afe42d8 100644 --- a/docs/releases/5.0.md +++ b/docs/releases/5.0.md @@ -353,7 +353,7 @@ If you need to hook into this behaviour, the new approach will now correctly dis To adjust the target field (the one to be updated), you cam modify `"data-w-sync-target-value"`, the default being `"body:not(.page-is-live) [data-edit-form] #id_slug"` (find the field with id `id_slug` when the page is not live). -To adjust what triggers the initial check (to see if the fields should be in sync), or the trigger to to the sync, you can use the Stimulus `data-action` attributes. +To adjust what triggers the initial check (to see if the fields should be in sync), or the trigger the sync, you can use the Stimulus `data-action` attributes. ```html