diff options
| author | Natalia <124304+nessita@users.noreply.github.com> | 2026-04-07 22:51:40 -0300 |
|---|---|---|
| committer | Jacob Walls <jacobtylerwalls@gmail.com> | 2026-04-08 12:11:53 -0400 |
| commit | 9b57d211b297a666b2eff341321002577db4b09e (patch) | |
| tree | b515bcdb9cec603ee8d9a90ffad29e18a3cf9b32 | |
| parent | c734e22a10d43903d7c221a54fd8b9393f3639b3 (diff) | |
[checklists] Migrated .rst blogpost templates to .md.
18 files changed, 200 insertions, 176 deletions
diff --git a/checklists/migrations/0002_alter_securityissue_blogdescription_and_more.py b/checklists/migrations/0002_alter_securityissue_blogdescription_and_more.py new file mode 100644 index 00000000..14ebcd01 --- /dev/null +++ b/checklists/migrations/0002_alter_securityissue_blogdescription_and_more.py @@ -0,0 +1,37 @@ +# Generated by Django 6.0.3 on 2026-04-07 21:12 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("checklists", "0001_initial"), + ] + + operations = [ + migrations.AlterField( + model_name="securityissue", + name="blogdescription", + field=models.TextField( + blank=True, + help_text="Markdown format. Single `backticks` for inline code.", + verbose_name="Blog description", + ), + ), + migrations.AlterField( + model_name="securityissue", + name="description", + field=models.TextField( + help_text="Written in present tense.\n\nUsed in CVE metadata. Single `backticks` for inline code.\n\n==> Do not include versions, these will be prepended automatically. <==\n\nCVE documented format suggestions:\n\n<pre>\n •[VULNTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] allows\n [ATTACKER] to [IMPACT] via [VECTOR].\n\n •[COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows\n [ATTACKER] to [IMPACT] via [VECTOR]\n</pre>\n\nExamples:\n<pre>\n The password hasher in contrib/auth/hashers.py allows remote attackers to\n enumerate users via a timing attack involving login requests.\n\n The `intcomma` template filter is subject to a potential denial-of-service\n attack when used with very long strings.\n\n The `django.contrib.auth.forms.UsernameField` is subject to a potential\n denial-of-service attack via certain inputs with a very large number of\n Unicode characters (because the NFKC normalization is slow on Windows).\n</pre>\n" + ), + ), + migrations.AlterField( + model_name="securityissue", + name="summary", + field=models.CharField( + help_text="Markdown format. Single `backticks` for inline code. For the rst security archive entry, backticks are doubled automatically.", + max_length=1024, + ), + ), + ] diff --git a/checklists/models.py b/checklists/models.py index 27d7ec47..176bbc9a 100644 --- a/checklists/models.py +++ b/checklists/models.py @@ -99,7 +99,7 @@ CVSS_PROVIDER_URGENCY_CHOICES = [ # U DESCRIPTION_HELP_TEXT = """Written in present tense. -Use SINGLE `backticks` for code-like words. +Used in CVE metadata. Single `backticks` for inline code. ==> Do not include versions, these will be prepended automatically. <== @@ -182,7 +182,7 @@ class ReleaseChecklist(models.Model): @cached_property def blogpost_template(self): - return f"checklists/release_{self.status_reversed}_blogpost.rst" + return f"checklists/release_{self.status_reversed}_blogpost.md" @cached_property def blogpost_title(self): @@ -342,7 +342,7 @@ class BugFixRelease(ReleaseChecklist): @cached_property def blogpost_template(self): - return "checklists/release_bugfix_blogpost.rst" + return "checklists/release_bugfix_blogpost.md" @cached_property def blogpost_title(self): @@ -380,7 +380,7 @@ class SecurityRelease(ReleaseChecklist): @cached_property def blogpost_template(self): - return "checklists/release_security_blogpost.rst" + return "checklists/release_security_blogpost.md" @cached_property def blogpost_title(self): @@ -530,12 +530,18 @@ class SecurityIssue(models.Model): choices=[(i, i.capitalize()) for i in ("low", "moderate", "high")], default="moderate", ) - summary = models.CharField(max_length=1024, help_text="Single backticks here.") + summary = models.CharField( + max_length=1024, + help_text=( + "Markdown format. Single `backticks` for inline code. For the rst " + "security archive entry, backticks are doubled automatically." + ), + ) description = models.TextField(help_text=DESCRIPTION_HELP_TEXT) blogdescription = models.TextField( blank=True, verbose_name="Blog description", - help_text="Double backticks here (general rst format).", + help_text="Markdown format. Single `backticks` for inline code.", ) reporter = models.CharField(max_length=1024, blank=True) remediator = models.CharField(max_length=1024, blank=True) diff --git a/checklists/templates/checklists/_releaser_info.rst b/checklists/templates/checklists/_releaser_info.md index 102f508e..d3646c76 100644 --- a/checklists/templates/checklists/_releaser_info.rst +++ b/checklists/templates/checklists/_releaser_info.md @@ -1 +1 @@ -The PGP key ID used for this release is {{ releaser.user.get_full_name }}: `{{ releaser.key_id }} <{{ releaser.key_url }}>`_ +The PGP key ID used for this release is {{ releaser.user.get_full_name }}: [{{ releaser.key_id }}]({{ releaser.key_url }}) diff --git a/checklists/templates/checklists/_write_blogpost.md b/checklists/templates/checklists/_write_blogpost.md index b0f385d6..e8f1edec 100644 --- a/checklists/templates/checklists/_write_blogpost.md +++ b/checklists/templates/checklists/_write_blogpost.md @@ -2,7 +2,7 @@ - Navigate to: https://www.djangoproject.com/admin/blog/entry/add/ - Headline: `{{ instance.blogpost_title }}` - Slug: `{{ slug }}` - - Format: reStructuredText + - Format: Markdown - Summary: `{{ instance.blogpost_summary }}` - Author: `{{ instance.releaser.user.get_full_name }}` - Active: `False` diff --git a/checklists/templates/checklists/release-security-prenotification.md b/checklists/templates/checklists/release-security-prenotification.md index ed8eddee..1c1a26dc 100644 --- a/checklists/templates/checklists/release-security-prenotification.md +++ b/checklists/templates/checklists/release-security-prenotification.md @@ -1,25 +1,22 @@ -{% load checklist_extras %} {% load tz %} You're receiving this message because you are on the security prenotification list for the Django web framework; information about this list can be found in -our security policy [1]. +our [security policy](https://www.djangoproject.com/security/). In accordance with that policy, a set of security releases will be issued on {{ when|utc|date:"l, F j, Y" }} around {{ when|utc|date:"H:i" }} UTC. This message contains descriptions of the issue(s), descriptions of the changes which will be made to Django, and the patches which will be applied to Django. {% for cve in cves %} -{{ cve.headline_for_blogpost|rst_underline_for_headline:'=' }} +## {{ cve.headline_for_blogpost }} {{ cve.blogdescription|safe }} {% endfor %} -Affected supported versions -=========================== +## Affected supported versions {% for branch in instance.affected_branches %} * Django {{ branch }}{% endfor %} -Resolution -========== +## Resolution Included with this email are patches implementing the changes described above for each affected version of Django. On the release date, these patches will be @@ -27,5 +24,3 @@ applied to the Django development repository and the following releases will be issued along with disclosure of the issues: {% for version in versions %} * Django {{ version }}{% endfor %} - -[1] https://www.djangoproject.com/security/ diff --git a/checklists/templates/checklists/release_alpha_blogpost.md b/checklists/templates/checklists/release_alpha_blogpost.md new file mode 100644 index 00000000..162c037f --- /dev/null +++ b/checklists/templates/checklists/release_alpha_blogpost.md @@ -0,0 +1,23 @@ +Django {{ final_version }} alpha 1 is now available. It represents the first +stage in the {{ final_version }} release cycle and is an opportunity to try out +the changes coming in Django {{ final_version }}. + +Django {{ final_version }} {{ instance.feature_release.tagline }}, which you +can read about in +[the in-development {{ final_version }} release notes](https://docs.djangoproject.com/en/dev/releases/{{ final_version }}/). + +This alpha milestone marks the feature freeze. The +[current release schedule](https://www.djangoproject.com/download/{{ final_version }}/roadmap/) +calls for a beta release in about a month and a release candidate roughly a +month after that. We'll only be able to keep this schedule with early and +frequent testing from the community. Updates on the release schedule are +available [on the Django forum]({{ instance.feature_release.forum_post }}). + +As with all alpha and beta packages, this release is **not** for production +use. However, if you'd like to take some of the new features for a spin, or +help find and fix bugs (which should be reported to +[the issue tracker](https://code.djangoproject.com/newticket)), you can grab a +copy of the alpha package from +[our downloads page](https://www.djangoproject.com/download/) or on PyPI. + +{% include "checklists/_releaser_info.md" %} diff --git a/checklists/templates/checklists/release_alpha_blogpost.rst b/checklists/templates/checklists/release_alpha_blogpost.rst deleted file mode 100644 index 129cd703..00000000 --- a/checklists/templates/checklists/release_alpha_blogpost.rst +++ /dev/null @@ -1,23 +0,0 @@ -Django {{ final_version }} alpha 1 is now available. It represents the first -stage in the {{ final_version }} release cycle and is an opportunity to try out -the changes coming in Django {{ final_version }}. - -Django {{ final_version }} {{ instance.feature_release.tagline }}, which you -can read about in `the in-development {{ final_version }} release notes -<https://docs.djangoproject.com/en/dev/releases/{{ final_version }}/>`_. - -This alpha milestone marks the feature freeze. The `current release schedule -<https://www.djangoproject.com/download/{{ final_version }}/roadmap/>`_ calls -for a beta release in about a month and a release candidate roughly a month -after that. We'll only be able to keep this schedule with early and frequent -testing from the community. Updates on the release schedule are available `on -the Django forum <{{ instance.feature_release.forum_post }}>`_. - -As with all alpha and beta packages, this release is **not** for production -use. However, if you'd like to take some of the new features for a spin, or -help find and fix bugs (which should be reported to `the issue tracker -<https://code.djangoproject.com/newticket>`_), you can grab a copy of the alpha -package from `our downloads page <https://www.djangoproject.com/download/>`_ or -on PyPI. - -{% include "checklists/_releaser_info.rst" %} diff --git a/checklists/templates/checklists/release_beta_blogpost.rst b/checklists/templates/checklists/release_beta_blogpost.md index 9b925c57..3a37f9bc 100644 --- a/checklists/templates/checklists/release_beta_blogpost.rst +++ b/checklists/templates/checklists/release_beta_blogpost.md @@ -3,26 +3,26 @@ stage in the {{ final_version }} release cycle and is an opportunity to try out the changes coming in Django {{ final_version }}. Django {{ final_version }} {{ instance.feature_release.tagline }}, which you -can read about in `the in-development {{ final_version }} release notes -<https://docs.djangoproject.com/en/dev/releases/{{ final_version }}/>`_. +can read about in +[the in-development {{ final_version }} release notes](https://docs.djangoproject.com/en/dev/releases/{{ final_version }}/). Only bugs in new features and regressions from earlier Django versions will be fixed between now and the {{ final_version }} final release. Translations will be updated following the "string freeze", which occurs when the release -candidate is issued. The `current release schedule -<https://www.djangoproject.com/download/{{ final_version }}/roadmap/>`_ calls -for a release candidate in about a month, with the final release scheduled -roughly two weeks later on {{ instance.feature_release.when|date:"F j" }}. +candidate is issued. The +[current release schedule](https://www.djangoproject.com/download/{{ final_version }}/roadmap/) +calls for a release candidate in about a month, with the final release +scheduled roughly two weeks later on {{ instance.feature_release.when|date:"F j" }}. Early and frequent testing from the community will help minimize the number of -bugs in the release. Updates on the release schedule are available `on the -Django forum <{{ instance.feature_release.forum_post }}>`_. +bugs in the release. Updates on the release schedule are available +[on the Django forum]({{ instance.feature_release.forum_post }}). As with all alpha and beta packages, this release is **not** for production use. However, if you'd like to try some of the new features or help find and -fix bugs (which should be reported to `the issue tracker -<https://code.djangoproject.com/newticket>`_), you can grab a copy of the beta -package from `our downloads page <https://www.djangoproject.com/download/>`_ or -on PyPI. +fix bugs (which should be reported to +[the issue tracker](https://code.djangoproject.com/newticket)), +you can grab a copy of the beta package from +[our downloads page](https://www.djangoproject.com/download/) or on PyPI. -{% include "checklists/_releaser_info.rst" %} +{% include "checklists/_releaser_info.md" %} diff --git a/checklists/templates/checklists/release_bugfix_blogpost.md b/checklists/templates/checklists/release_bugfix_blogpost.md new file mode 100644 index 00000000..9e3bcefa --- /dev/null +++ b/checklists/templates/checklists/release_bugfix_blogpost.md @@ -0,0 +1,8 @@ +Today we've issued the +[{{ version }}](https://docs.djangoproject.com/en/stable/releases/{{ version }}/) +bugfix release. + +The release package and checksums are available from +[our downloads page](/download/), as well as from the Python Package Index. + +{% include "checklists/_releaser_info.md" %} diff --git a/checklists/templates/checklists/release_bugfix_blogpost.rst b/checklists/templates/checklists/release_bugfix_blogpost.rst deleted file mode 100644 index 49fc2389..00000000 --- a/checklists/templates/checklists/release_bugfix_blogpost.rst +++ /dev/null @@ -1,7 +0,0 @@ -Today we've issued the `{{ version }} -<https://docs.djangoproject.com/en/stable/releases/{{ version }}/>`_ bugfix release. - -The release package and checksums are available from `our downloads page -</download/>`_, as well as from the Python Package Index. - -{% include "checklists/_releaser_info.rst" %} diff --git a/checklists/templates/checklists/release_final_blogpost.rst b/checklists/templates/checklists/release_final_blogpost.md index f9dbbf9c..dc60a6be 100644 --- a/checklists/templates/checklists/release_final_blogpost.rst +++ b/checklists/templates/checklists/release_final_blogpost.md @@ -1,20 +1,19 @@ The Django team is happy to announce the release of Django {{ version }}. -`The release notes <https://docs.djangoproject.com/en/{{ version }}/releases/{{ version }}/>`_ +[The release notes](https://docs.djangoproject.com/en/{{ version }}/releases/{{ version }}/) showcase {{ tagline }}. A few highlights are: {{ highlights|default:"* Add highlights in the admin." }} -You can get Django {{ version }} from `our downloads page -<https://www.djangoproject.com/download/>`_ or from `the Python Package Index -<https://pypi.python.org/pypi/Django/{{ version }}>`_. +You can get Django {{ version }} from +[our downloads page](https://www.djangoproject.com/download/) or from +[the Python Package Index](https://pypi.python.org/pypi/Django/{{ version }}). -{% include "checklists/_releaser_info.rst" %} +{% include "checklists/_releaser_info.md" %} {% if instance.eom_release %} With the release of Django {{ version }}, Django {{ instance.eom_release.feature_version}} has reached the end of mainstream support. The final minor bug fix release, -`{{ instance.eom_release.version }} -<https://docs.djangoproject.com/en/stable/releases/{{ instance.eom_release.version }}/>`_, +[{{ instance.eom_release.version }}](https://docs.djangoproject.com/en/stable/releases/{{ instance.eom_release.version }}/), was issued on {{ instance.eom_release.date }}. Django {{ instance.eom_release.feature_version }} will receive security and data loss fixes until {{ instance.eom_release.feature_release.eol_date|date:"F, Y" }}. All users are encouraged to upgrade before then to continue receiving fixes for @@ -22,13 +21,10 @@ security issues. {% endif %} {% if instance.eol_release %} Django {{ instance.eol_release.feature_version }} has reached the end of extended support. -The final security release, `{{ instance.eol_release.version }} -<https://docs.djangoproject.com/en/stable/releases/{{ instance.eol_release.version }}/>`_, +The final security release, [{{ instance.eol_release.version }}](https://docs.djangoproject.com/en/stable/releases/{{ instance.eol_release.version }}/), was issued on {{ instance.eol_release.date }}. All Django {{ instance.eol_release.feature_version }} -users are encouraged to `upgrade -<https://docs.djangoproject.com/en/dev/howto/upgrade-version/>`_ to a supported +users are encouraged to [upgrade](https://docs.djangoproject.com/en/dev/howto/upgrade-version/) to a supported Django version. {% endif %} -See the `downloads page -<https://www.djangoproject.com/download/#supported-versions>`_ for a table of +See the [downloads page](https://www.djangoproject.com/download/#supported-versions) for a table of supported versions and the future release schedule. diff --git a/checklists/templates/checklists/release_rc_blogpost.md b/checklists/templates/checklists/release_rc_blogpost.md new file mode 100644 index 00000000..84f1b568 --- /dev/null +++ b/checklists/templates/checklists/release_rc_blogpost.md @@ -0,0 +1,18 @@ +Django {{ final_version }} release candidate 1 is now available. It represents +the final opportunity for you to try out the version that +[{{ instance.feature_release.tagline }}](https://docs.djangoproject.com/en/dev/releases/{{ final_version }}/), +before Django {{ final_version }} final is released. + +The release candidate stage marks the string freeze and the call for translators +[to submit translations](https://docs.djangoproject.com/en/dev/internals/contributing/localizing/#translations). +Provided no major bugs are discovered that can't be solved in the next two +weeks, Django {{ final_version }} will be released on or around +{{ instance.feature_release.when|date:"F j" }}. Any delays will be communicated +on the [Django forum]({{ instance.feature_release.forum_post }}). + +Please use this opportunity to help find and fix bugs (which should be reported +to [the issue tracker](https://code.djangoproject.com/newticket)), you can grab +a copy of the release candidate package from +[our downloads page](https://www.djangoproject.com/download/) or on PyPI. + +{% include "checklists/_releaser_info.md" %} diff --git a/checklists/templates/checklists/release_rc_blogpost.rst b/checklists/templates/checklists/release_rc_blogpost.rst deleted file mode 100644 index 62a1a284..00000000 --- a/checklists/templates/checklists/release_rc_blogpost.rst +++ /dev/null @@ -1,21 +0,0 @@ -Django {{ final_version }} release candidate 1 is now available. It represents -the final opportunity for you to try out the version that -`{{ instance.feature_release.tagline }}`__, -before Django {{ final_version }} final is released. - -__ https://docs.djangoproject.com/en/dev/releases/{{ final_version }}/ - -The release candidate stage marks the string freeze and the call for -translators `to submit translations -<https://docs.djangoproject.com/en/dev/internals/contributing/localizing/#translations>`_. -Provided no major bugs are discovered that can't be solved in the next two -weeks, Django {{ final_version }} will be released on or around -{{ instance.feature_release.when|date:"F j" }}. Any delays will be communicated -on the `on the Django forum <{{ instance.feature_release.forum_post }}>`_. - -Please use this opportunity to help find and fix bugs (which should be reported -to `the issue tracker <https://code.djangoproject.com/newticket>`_), you can -grab a copy of the release candidate package from -`our downloads page <https://www.djangoproject.com/download/>`_ or on PyPI. - -{% include "checklists/_releaser_info.rst" %} diff --git a/checklists/templates/checklists/release_security_blogpost.md b/checklists/templates/checklists/release_security_blogpost.md new file mode 100644 index 00000000..20c7e0a4 --- /dev/null +++ b/checklists/templates/checklists/release_security_blogpost.md @@ -0,0 +1,44 @@ +{% load checklist_extras %} +In accordance with [our security release policy](https://docs.djangoproject.com/en/dev/internals/security/), +the Django team is issuing relases for +{{ versions|format_versions_for_blogpost|safe|wordwrap:79 }}. +These releases address the security issues detailed below. We encourage all +users of Django to upgrade as soon as possible. +{% for cve in cves %} +## {{cve.headline_for_blogpost }} + +{{ cve.blogdescription|safe|default:cve.description }} +{% if cve.reporter %} +Thanks to {{ cve.reporter }} for the report. +{% endif %} +This issue has severity "{{ cve.severity }}" according to the Django security policy. +{% endfor %} + +## Affected supported versions +{% for branch in instance.affected_branches %} +* Django {{ branch }}{% endfor %} + +## Resolution + +Patches to resolve the issue have been applied to Django's +{{ instance.affected_branches|enumerate_items }} branches. +The patches may be obtained from the following changesets. +{% for cve in cves %} +### {{ cve.headline_for_blogpost }} +{% for branch, hash in cve.hashes_by_branch %} +* On the [{{ branch }} branch](https://github.com/django/django/commit/{{ hash }}){% endfor %} +{% endfor %} + +## The following releases have been issued +{% for version in versions %} +* Django {{ version }} ([tarball](https://www.djangoproject.com/download/{{ version }}/tarball/) | [checksums](https://www.djangoproject.com/download/{{ version }}/checksum/)){% endfor %} + +{% include "checklists/_releaser_info.md" %} + +## General notes regarding security reporting + +As always, we ask that potential security issues be reported via private email +to `security@djangoproject.com`, and not via Django's Trac instance, nor via +the Django Forum. Please see +[our security policies](https://www.djangoproject.com/security/) for further +information. diff --git a/checklists/templates/checklists/release_security_blogpost.rst b/checklists/templates/checklists/release_security_blogpost.rst deleted file mode 100644 index a6802abb..00000000 --- a/checklists/templates/checklists/release_security_blogpost.rst +++ /dev/null @@ -1,51 +0,0 @@ -{% load checklist_extras %} -In accordance with `our security release policy -<https://docs.djangoproject.com/en/dev/internals/security/>`_, the Django team -is issuing releases for -{{ versions|format_versions_for_blogpost|safe|wordwrap:79 }}. -These releases address the security issues detailed below. We encourage all -users of Django to upgrade as soon as possible. -{% for cve in cves %} -{{ cve.headline_for_blogpost|rst_backticks|rst_underline_for_headline:'=' }} - -{{ cve.blogdescription|safe|default:cve.description }} -{% if cve.reporter %} -Thanks to {{ cve.reporter }} for the report. -{% endif %} -This issue has severity "{{ cve.severity }}" according to the Django security policy. -{% endfor %} - -Affected supported versions -=========================== -{% for branch in instance.affected_branches %} -* Django {{ branch }}{% endfor %} - -Resolution -========== - -Patches to resolve the issue have been applied to Django's -{{ instance.affected_branches|enumerate_items }} branches. -The patches may be obtained from the following changesets. -{% for cve in cves %} -{{ cve.headline_for_blogpost|rst_backticks|rst_underline_for_headline:'-' }} -{% for branch, hash in cve.hashes_by_branch %} -* On the `{{ branch }} branch <https://github.com/django/django/commit/{{ hash }}>`__{% endfor %} -{% endfor %} - -The following releases have been issued -======================================= -{% for version in versions %} -* Django {{ version }} (`download Django {{ version }} - <https://www.djangoproject.com/download/{{ version }}/tarball/>`_ | - `{{ version }} checksums - <https://www.djangoproject.com/download/{{ version }}/checksum/>`_){% endfor %} - -{% include "checklists/_releaser_info.rst" %} - -General notes regarding security reporting -========================================== - -As always, we ask that potential security issues be reported via private email -to ``security@djangoproject.com``, and not via Django's Trac instance, nor via -the Django Forum. Please see `our security policies -<https://www.djangoproject.com/security/>`_ for further information. diff --git a/checklists/templatetags/checklist_extras.py b/checklists/templatetags/checklist_extras.py index e006180e..334d533b 100644 --- a/checklists/templatetags/checklist_extras.py +++ b/checklists/templatetags/checklist_extras.py @@ -72,8 +72,7 @@ def format_releases_for_cves(releases): @register.filter def format_version_for_blogpost(version): return ( - f"`Django {version} " - f"<https://docs.djangoproject.com/en/dev/releases/{version}/>`_" + f"[Django {version}](https://docs.djangoproject.com/en/dev/releases/{version}/)" ) diff --git a/checklists/tests/test_models.py b/checklists/tests/test_models.py index e1259f63..bbf9c795 100644 --- a/checklists/tests/test_models.py +++ b/checklists/tests/test_models.py @@ -148,7 +148,7 @@ class BugFixReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): "series.", ) self.assertEqual( - checklist.blogpost_template, "checklists/release_bugfix_blogpost.rst" + checklist.blogpost_template, "checklists/release_bugfix_blogpost.md" ) def test_render_checklist(self): @@ -211,7 +211,7 @@ class SecurityReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): checklist = self.make_checklist(releases=[release51, release52, prerelease]) self.factory.make_security_issue(checklist, releases=[release52]) self.assertEqual( - checklist.blogpost_template, "checklists/release_security_blogpost.rst" + checklist.blogpost_template, "checklists/release_security_blogpost.md" ) self.assertEqual( checklist.blogpost_summary, "Django 5.2 and 5.1.9 fix 2 security issues" @@ -426,7 +426,7 @@ class SecurityReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): "a set of security releases will be issued on Wednesday, May 7, 2025 " "around 16:18 UTC", *(cve.headline_for_blogpost for cve in cves), - "Affected supported versions =========================== " + "## Affected supported versions " + " ".join(f"* Django {branch}" for branch in checklist.affected_branches), "* Django 5.0.14", "* Django 5.1.8", @@ -482,26 +482,22 @@ class SecurityReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): checklist = self.make_checklist(releases=releases) checklist_content = self.do_render_checklist(checklist) + url = "https://www.djangoproject.com/download/" expected = ( - "The following releases have been issued\n" - "=======================================\n" + "## The following releases have been issued\n" "\n" - "* Django 5.1.9 (`download Django 5.1.9\n" - " <https://www.djangoproject.com/download/5.1.9/tarball/>`_ |\n" - " `5.1.9 checksums\n" - " <https://www.djangoproject.com/download/5.1.9/checksum/>`_)\n" - "* Django 4.2.21 (`download Django 4.2.21\n" - " <https://www.djangoproject.com/download/4.2.21/tarball/>`_ |\n" - " `4.2.21 checksums\n" - " <https://www.djangoproject.com/download/4.2.21/checksum/>`_)\n" + f"* Django 5.1.9 ([tarball]({url}5.1.9/tarball/) | " + f"[checksums]({url}5.1.9/checksum/))\n" + f"* Django 4.2.21 ([tarball]({url}4.2.21/tarball/) | " + f"[checksums]({url}4.2.21/checksum/))\n" "\n" "The PGP key ID used for this release is Merry Pippin: " - "`1234567890ABCDEF <https://github.com/releaser.gpg>`_\n" + "[1234567890ABCDEF](https://github.com/releaser.gpg)\n" ) # Proper download links are shown. self.assertIn(expected, checklist_content) - def test_render_checklist_rst_backticks(self): + def test_render_checklist_headline_formats(self): releases = [ self.factory.make_release(version="5.1.9"), self.factory.make_release(version="5.2.1"), @@ -523,15 +519,19 @@ class SecurityReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): ) checklist_content = self.do_render_checklist(checklist) - expected = [ - "CVE-2025-11111: Denial-of-service possibility in ``strip_tags()``\n" - "=================================================================\n", - "CVE-2025-11111: Denial-of-service possibility in ``strip_tags()``\n" - "-----------------------------------------------------------------\n", - "CVE-2025-22222: Denial-of-service in ``LoginView`` and ``LogoutView``\n" - "=====================================================================\n", - "CVE-2025-22222: Denial-of-service in ``LoginView`` and ``LogoutView``\n" - "---------------------------------------------------------------------\n", + # MD blogpost uses single backticks and ## / ### headings. + expected_md = [ + "## CVE-2025-11111: Denial-of-service possibility in `strip_tags()`\n", + "### CVE-2025-11111: Denial-of-service possibility in `strip_tags()`\n", + "## CVE-2025-22222: Denial-of-service in `LoginView` and `LogoutView`\n", + "### CVE-2025-22222: Denial-of-service in `LoginView` and `LogoutView`\n", + ] + for headline in expected_md: + with self.subTest(headline=headline): + self.assertIn(headline, checklist_content) + + # RST security archive uses double backticks and RST-style headings. + expected_rst = [ "May 7, 2025 - :cve:`2025-11111`\n" "-------------------------------\n\n" "Denial-of-service possibility in ``strip_tags()``.\n" @@ -541,7 +541,7 @@ class SecurityReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): "Denial-of-service in ``LoginView`` and ``LogoutView``.\n" f"`Full description\n<{checklist.blogpost_link}>`__", ] - for headline in expected: + for headline in expected_rst: with self.subTest(headline=headline): self.assertIn(headline, checklist_content) @@ -879,7 +879,7 @@ class PreReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): ) self.assertEqual( checklist.blogpost_template, - f"checklists/release_{checklist.status_reversed}_blogpost.rst", + f"checklists/release_{checklist.status_reversed}_blogpost.md", ) expected = ( f"Today Django 6.0 {verbose} 1, a preview/testing package for the " @@ -943,7 +943,7 @@ class FeatureReleaseChecklistTestCase(BaseChecklistTestCaseMixin, TestCase): checklist = self.make_checklist(release=release) self.assertEqual(checklist.blogpost_title, "Django 6.0 released") self.assertEqual( - checklist.blogpost_template, "checklists/release_final_blogpost.rst" + checklist.blogpost_template, "checklists/release_final_blogpost.md" ) self.assertEqual(checklist.blogpost_summary, "Django 6.0 has been released!") diff --git a/checklists/tests/test_templatetags.py b/checklists/tests/test_templatetags.py index 125d2f91..c18b7866 100644 --- a/checklists/tests/test_templatetags.py +++ b/checklists/tests/test_templatetags.py @@ -232,14 +232,14 @@ class FormatVersionForBlogpostTestCase(TestCase): result = format_version_for_blogpost("5.2.3") self.assertEqual( result, - "`Django 5.2.3 <https://docs.djangoproject.com/en/dev/releases/5.2.3/>`_", + "[Django 5.2.3](https://docs.djangoproject.com/en/dev/releases/5.2.3/)", ) def test_format_version_for_blogpost_dot_zero(self): result = format_version_for_blogpost("5.2") self.assertEqual( result, - "`Django 5.2 <https://docs.djangoproject.com/en/dev/releases/5.2/>`_", + "[Django 5.2](https://docs.djangoproject.com/en/dev/releases/5.2/)", ) |