Prepare for 4.0b2 release

.pre-commit-config.yaml

@@ -14,14 +14,22 @@ repos:
       - id: end-of-file-fixer
       - id: trailing-whitespace
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.5.0
+    rev: v0.6.4
     hooks:
       # Run the linter
       - id: ruff
         args: [--fix, --exit-non-zero-on-fix]
       # Run the formatter
       - id: ruff-format
   - repo: https://github.com/tox-dev/pyproject-fmt
-    rev: 2.1.3
+    rev: 2.2.3
     hooks:
       - id: pyproject-fmt
+  - repo: https://github.com/adamchainz/blacken-docs
+    rev: 1.18.0
+    hooks:
+      - id: blacken-docs
+        additional_dependencies:
+        - black==24.4.2
+        files: 'docs/.*\.rst$'
+        args: ["--rst-literal-block"]

CHANGES.md

@@ -3,8 +3,17 @@ CHANGES
 
 Unreleased
 ==========
+
+4.0b2
+=====
 - Add type hints. ([#228](https://github.com/mozilla/django-csp/pull/228))
 - Expand ruff configuration and move into pyproject.toml [[#234](https://github.com/mozilla/django-csp/pull/234)]
+- Documentation fixes by jamesbeith and jcari-dev
+- Simplify middleware logic ([#226](https://github.com/mozilla/django-csp/pull/226))
+- Report percentage of 100% should always send CSP report ([#236](https://github.com/mozilla/django-csp/pull/236))
+- Changes to make `CSPMiddleware` easier to subclass ([#237](https://github.com/mozilla/django-csp/pull/237))
+- Change `REPORT_PERCENTAGE` to allow floats (e.g. for values < 1%) ([#242](https://github.com/mozilla/django-csp/pull/242))
+- Add Django 5.1 support ([#243](https://github.com/mozilla/django-csp/pull/243))
 
 4.0b1
 =====

docs/decorators.rst

@@ -53,7 +53,7 @@ settings. If there is no setting, the value passed to the decorator will be used
 .. note::
 
    To quote the CSP spec: "There's no inheritance; ... the default list is not used for that
-   resource type" if it is set. E.g., the following will not allow images from 'self'::
+   resource type" if it is set. E.g., the following will not allow images from 'self':
 
     default-src 'self'; img-src imgsrv.com
 

docs/migration-guide.rst

@@ -213,6 +213,7 @@ An existing custom middleware, such as this:
 
     from csp.middleware import CSPMiddleware, PolicyParts
 
+
     class ACustomMiddleware(CSPMiddleware):
 
         def build_policy(self, request: HttpRequest, response: HttpResponseBase) -> str:
@@ -231,7 +232,7 @@ An existing custom middleware, such as this:
             replace = getattr(response, "_csp_replace_ro", {})
             nonce = getattr(request, "_csp_nonce", None)
 
-            # ... do custom CSP report only policy logic ...
+            # ... do custom CSP report-only policy logic ...
 
             return build_policy(config=config, update=update, replace=replace, nonce=nonce)
 
@@ -246,13 +247,18 @@ can be replaced with this:
 
     class ACustomMiddleware(CSPMiddleware):
 
-        def get_policy_parts(self, request: HttpRequest, response: HttpResponseBase, report_only: bool = False) -> PolicyParts:
+        def get_policy_parts(
+            self,
+            request: HttpRequest,
+            response: HttpResponseBase,
+            report_only: bool = False,
+        ) -> PolicyParts:
             policy_parts = super().get_policy_parts(request, response, report_only)
 
             if report_only:
-                # ... do custom CSP report only policy logic ...
+                ...  # do custom CSP report-only policy logic
             else:
-                # ... do custom CSP policy logic ...
+                ...  # do custom CSP policy logic
 
             return policy_parts
 

pyproject.toml

@@ -6,7 +6,7 @@ requires = [
 
 [project]
 name = "django-csp"
-version = "4.0b1"
+version = "4.0b2"
 description = "Django Content Security Policy support."
 readme = "README.rst"
 license = { text = "BSD" }