version 0.6.28 final (20-February-2013): * General: * Require Django 1.3.7 as a minimum. This is the latest security release of Django. For more information, see https://www.djangoproject.com/weblog/2013/feb/19/security/ * djblets.datagrid: * Fixed a possible XSS exploit in datagrids. Patch by Alexander Artemenko. * Failures during rendering the datagrid now results in a traceback. * djblets.util.fields: * CounterField was failing to use the initializers for brand new instances of a model, defaulting to None instead. Patch by Raja Venkataraman. verrsion 0.6.27 final (24-November-2012): * djblets.gravatars: * The gravatar URL used for HTTPS connections now uses https://secure.gravatar.com and not https://www.gravatar.com. * djblets.webapi: * The allowed_mimetypes list in WebAPIResource is no longer getting polluted with every WebAPIResource's allowed item and list mimetypes.