github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Release 0.64, with a warning against arbitrary SQL with SpatiaLite

Browse source 
Refs #1409, #1771, #1979

Refs https://github.com/simonw/datasette.io/issues/132
This commit is contained in:
Simon Willison 2023-01-09 08:37:07 -08:00
commit 0084daa50a
3 changed files with 35 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
docs/changelog.rst
View file

@ -4,6 +4,17 @@
Changelog
=========
.. _v0_64:
0.64 (2023-01-09)
-----------------
- Datasette now **strongly recommends against allowing arbitrary SQL queries if you are using SpatiaLite**. SpatiaLite includes SQL functions that could cause the Datasette server to crash. See :ref:`spatialite` for more details.
- New :ref:`setting_default_allow_sql` setting, providing an easier way to disable all arbitrary SQL execution by end users: ``datasette --setting default_allow_sql off``. See also :ref:`authentication_permissions_execute_sql`. (:issue:`1409`)
- `Building a location to time zone API with SpatiaLite <https://datasette.io/tutorials/spatialite>`__ is a new Datasette tutorial showing how to safely use SpatiaLite to create a location to time zone API.
- New documentation about :ref:`how to debug problems loading SQLite extensions <installation_extensions>`. The error message shown when an extension cannot be loaded has also been improved. (:issue:`1979`)
- Fixed an accessibility issue: the ``<select>`` elements in the table filter form now show an outline when they are currently focused. (:issue:`1771`)
.. _v0_63_3:
0.63.3 (2022-12-17)