Skip to content

chore: bump wagtail from 7.0.7 to 7.4.1#326

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/uv/dev/wagtail-7.4.1
Open

chore: bump wagtail from 7.0.7 to 7.4.1#326
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/uv/dev/wagtail-7.4.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 27, 2026

Bumps wagtail from 7.0.7 to 7.4.1.

Release notes

Sourced from wagtail's releases.

7.4.1

  • Fix: Reinstate missing file jquery.fileupload-validate.js (Rob Brackett)

7.4 LTS

  • Add is_deferred_validation flag to support skipping custom validation when saving drafts (Daniel Kirkham)
  • Update project template Dockerfile to build dependencies in a separate stage (Brylie Oxley, Akshat Gupta)
  • Add include_root parameter to admin pages API endpoint (Divyansh Mishra)
  • Add support for Flourish oEmbeds (Garrett Coakley)
  • Add support for Heyzine oEmbeds (Baptiste Darthenay)
  • Allow specifying creation_form_class on ChooserViewSet as a dotted path string (K Adithya)
  • Various user experience improvements to autosave and concurrent editing notifications (Sage Abdullah)
  • Allow validation of required StreamField blocks to be deferred on saving drafts (Sage Abdullah)
  • Add WAGTAILDOCS_MAX_UPLOAD_SIZE setting for specifying maximum document file size (Om Harsh)
  • Set the project template WAGTAILDOCS_MAX_UPLOAD_SIZE to 10MB (Thibaud Colas)
  • Optimize combining of querysets in site history report (Alex Bridge)
  • Add more informative error for format-* operations on SVG images (Ankit Kumar)
  • Store preview data in new FormState model to improve compatibility with cookie-based sessions (Sage Abdullah)
  • Change StreamBlock options so groups are shown in declaration order of their blocks (Darshan Kerkar)
  • Add WAGTAILADMIN_PAGE_SEARCH_FILTER_BY_PERMISSIONS setting to disable permission filtering on page searches (Matt Westcott)
  • Use choice label when displaying choice fields in SnippetViewSet/ModelViewSet's list_display (Srishti Jaiswal)
  • Add new content check empty-meta-description to validate meta description tags are not empty (Thibaud Colas)
  • Add extractMetrics method to PreviewController to retrieve content metrics from the preview panel (Thibaud Colas)
  • Refine hover / focus styles for title field’s comment button (Srishti Jaiswal)
  • Preserve "Collapse all" button state when switching between editor tabs (Raghad Dahi)
  • Upgrade modelsearch to 1.3 (Matt Westcott)
  • Implement checker error highlights within the preview panel (Thibaud Colas)
  • Add routablefullpageurl template tag (Pravin Kamble)
  • Add support for customizing page explorer views per page type using PageViewSet (Sage Abdullah)
  • Enhance page content type usage view with custom listings and ability to create new pages (Sage Abdullah)
  • Fix: CVE-2026-44197: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
  • Fix: CVE-2026-44198: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
  • Fix: CVE-2026-44199: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
  • Fix: CVE-2026-44200: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
  • Fix: CVE-2026-44201: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
  • Fix: Handle nested inline models when displaying object usage information (Sage Abdullah, Kacper Walęga, Tian Jie Wong)
  • Fix: Avoid duplicate get_object() DB query in API detail view (Siddheshwar Kadam)
  • Fix: Ensure ImageBlock alt text populates on choosing a new image after unchecking decorative state (Pratham Jaiswal)
  • Fix: Set verbose_name_plural for Query model in search promotions app (Saptami)
  • Fix: Truncate overly long task names in workflow admin view (Gaurav Takhi)
  • Fix: Hide "Add child page" button when no child pages can be created as per max_count or max_count_per_parent (Lasse Schmieding)
  • Fix: Prevent multiple child pages with max_count_per_parent being moved under one parent (James Biggs)
  • Fix: Use POST instead of DELETE in Cloudflare Frontend Cache Backend (Tom Usher)
  • Fix: Handle null values for title, author name or provider name in OEmbed responses (Baptiste Darthenay)
  • Fix: Preserve original data types from ChoiceBlock choices in block values (Devarshi Mani Tripathi)
  • Fix: Fix translation sync logic for django-treebeard 5.0.2 (Matt Westcott)
  • Fix: Correctly HTML-escape page title in approval/rejection notification emails (Matt Westcott)
  • Fix: Correctly HTML-escape URL in photo type oembeds (Thibaud Colas)
  • Fix: Ensure user with appropriate permissions can cancel a workflow task (Dan Braghis)
  • Fix: Ensure "submit to workflow" menu item uses the workflow name when creating pages (Sage Abdullah)
  • Fix: Better align page descriptions in add subpage views (Tibor Leupold)

... (truncated)

Changelog

Sourced from wagtail's changelog.

7.4.1 (19.05.2026)


 * Fix: Reinstate missing file `jquery.fileupload-validate.js` (Rob Brackett)

7.4 LTS (05.05.2026)

  • Add is_deferred_validation flag to support skipping custom validation when saving drafts (Daniel Kirkham)
  • Update project template Dockerfile to build dependencies in a separate stage (Brylie Oxley, Akshat Gupta)
  • Add include_root parameter to admin pages API endpoint (Divyansh Mishra)
  • Add support for Flourish oEmbeds (Garrett Coakley)
  • Add support for Heyzine oEmbeds (Baptiste Darthenay)
  • Allow specifying creation_form_class on ChooserViewSet as a dotted path string (K Adithya)
  • Various user experience improvements to autosave and concurrent editing notifications (Sage Abdullah)
  • Allow validation of required StreamField blocks to be deferred on saving drafts (Sage Abdullah)
  • Add WAGTAILDOCS_MAX_UPLOAD_SIZE setting for specifying maximum document file size (Om Harsh)
  • Set the project template WAGTAILDOCS_MAX_UPLOAD_SIZE to 10MB (Thibaud Colas)
  • Optimize combining of querysets in site history report (Alex Bridge)
  • Add more informative error for format-* operations on SVG images (Ankit Kumar)
  • Store preview data in new FormState model to improve compatibility with cookie-based sessions (Sage Abdullah)
  • Change StreamBlock options so groups are shown in declaration order of their blocks (Darshan Kerkar)
  • Add WAGTAILADMIN_PAGE_SEARCH_FILTER_BY_PERMISSIONS setting to disable permission filtering on page searches (Matt Westcott)
  • Use choice label when displaying choice fields in SnippetViewSet/ModelViewSet's list_display (Srishti Jaiswal)
  • Add new content check empty-meta-description to validate meta description tags are not empty (Thibaud Colas)
  • Add extractMetrics method to PreviewController to retrieve content metrics from the preview panel (Thibaud Colas)
  • Refine hover / focus styles for title field’s comment button (Srishti Jaiswal)
  • Preserve "Collapse all" button state when switching between editor tabs (Raghad Dahi)
  • Upgrade modelsearch to 1.3 (Matt Westcott)
  • Implement checker error highlights within the preview panel (Thibaud Colas)
  • Add routablefullpageurl template tag (Pravin Kamble)
  • Add support for customizing page explorer views per page type using PageViewSet (Sage Abdullah)
  • Enhance page content type usage view with custom listings and ability to create new pages (Sage Abdullah)
  • Fix: CVE-2026-44197: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
  • Fix: CVE-2026-44198: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
  • Fix: CVE-2026-44199: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
  • Fix: CVE-2026-44200: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
  • Fix: CVE-2026-44201: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
  • Fix: Handle nested inline models when displaying object usage information (Sage Abdullah, Kacper Walęga, Tian Jie Wong)
  • Fix: Avoid duplicate get_object() DB query in API detail view (Siddheshwar Kadam)
  • Fix: Ensure ImageBlock alt text populates on choosing a new image after unchecking decorative state (Pratham Jaiswal)
  • Fix: Set verbose_name_plural for Query model in search promotions app (Saptami)
  • Fix: Truncate overly long task names in workflow admin view (Gaurav Takhi)
  • Fix: Hide "Add child page" button when no child pages can be created as per max_count or max_count_per_parent (Lasse Schmieding)
  • Fix: Prevent multiple child pages with max_count_per_parent being moved under one parent (James Biggs)
  • Fix: Use POST instead of DELETE in Cloudflare Frontend Cache Backend (Tom Usher)
  • Fix: Handle null values for title, author name or provider name in OEmbed responses (Baptiste Darthenay)
  • Fix: Preserve original data types from ChoiceBlock choices in block values (Devarshi Mani Tripathi)
  • Fix: Fix translation sync logic for django-treebeard 5.0.2 (Matt Westcott)

... (truncated)

Commits
  • 95b020d Fetch new translation files from Transifex
  • 224616d Version bump to 7.4.1
  • 94931cd Release note for #14230
  • e67919e Move file validation script to shared location
  • b85bcc0 Add client tests for Image & Document upload
  • 06237c5 Fill in CVE identifiers
  • 48a7d42 Fetch new translations from Transifex
  • 3bcddf2 ruff format
  • e182e3e Version bump to 7.4 final
  • d504b23 Release notes for security fixes in 7.4
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
wagtail [>= 7.1.dev0, < 7.2]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore: bump wagtail from 7.0.7 to 7.4.1
7f3f837 
Bumps [wagtail](https://github.com/wagtail/wagtail) from 7.0.7 to 7.4.1.
- [Release notes](https://github.com/wagtail/wagtail/releases)
- [Changelog](https://github.com/wagtail/wagtail/blob/main/CHANGELOG.txt)
- [Commits](wagtail/wagtail@v7.0.7...v7.4.1)

---
updated-dependencies:
- dependency-name: wagtail
  dependency-version: 7.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 27, 2026
@dependabot dependabot Bot mentioned this pull request May 27, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants