Skip to content

Update wagtail requirement from >=4.1 to >=7.4#274

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/wagtail-gte-7.4
Closed

Update wagtail requirement from >=4.1 to >=7.4#274
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/wagtail-gte-7.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 6, 2026

Updates the requirements on wagtail to permit the latest version.

Release notes

Sourced from wagtail's releases.

7.4 LTS

  • Add is_deferred_validation flag to support skipping custom validation when saving drafts (Daniel Kirkham)
  • Update project template Dockerfile to build dependencies in a separate stage (Brylie Oxley, Akshat Gupta)
  • Add include_root parameter to admin pages API endpoint (Divyansh Mishra)
  • Add support for Flourish oEmbeds (Garrett Coakley)
  • Add support for Heyzine oEmbeds (Baptiste Darthenay)
  • Allow specifying creation_form_class on ChooserViewSet as a dotted path string (K Adithya)
  • Various user experience improvements to autosave and concurrent editing notifications (Sage Abdullah)
  • Allow validation of required StreamField blocks to be deferred on saving drafts (Sage Abdullah)
  • Add WAGTAILDOCS_MAX_UPLOAD_SIZE setting for specifying maximum document file size (Om Harsh)
  • Set the project template WAGTAILDOCS_MAX_UPLOAD_SIZE to 10MB (Thibaud Colas)
  • Optimize combining of querysets in site history report (Alex Bridge)
  • Add more informative error for format-* operations on SVG images (Ankit Kumar)
  • Store preview data in new FormState model to improve compatibility with cookie-based sessions (Sage Abdullah)
  • Change StreamBlock options so groups are shown in declaration order of their blocks (Darshan Kerkar)
  • Add WAGTAILADMIN_PAGE_SEARCH_FILTER_BY_PERMISSIONS setting to disable permission filtering on page searches (Matt Westcott)
  • Use choice label when displaying choice fields in SnippetViewSet/ModelViewSet's list_display (Srishti Jaiswal)
  • Add new content check empty-meta-description to validate meta description tags are not empty (Thibaud Colas)
  • Add extractMetrics method to PreviewController to retrieve content metrics from the preview panel (Thibaud Colas)
  • Refine hover / focus styles for title field’s comment button (Srishti Jaiswal)
  • Preserve "Collapse all" button state when switching between editor tabs (Raghad Dahi)
  • Upgrade modelsearch to 1.3 (Matt Westcott)
  • Implement checker error highlights within the preview panel (Thibaud Colas)
  • Add routablefullpageurl template tag (Pravin Kamble)
  • Add support for customizing page explorer views per page type using PageViewSet (Sage Abdullah)
  • Enhance page content type usage view with custom listings and ability to create new pages (Sage Abdullah)
  • Fix: CVE-2026-44197: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
  • Fix: CVE-2026-44198: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
  • Fix: CVE-2026-44199: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
  • Fix: CVE-2026-44200: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
  • Fix: CVE-2026-44201: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
  • Fix: Handle nested inline models when displaying object usage information (Sage Abdullah, Kacper Walęga, Tian Jie Wong)
  • Fix: Avoid duplicate get_object() DB query in API detail view (Siddheshwar Kadam)
  • Fix: Ensure ImageBlock alt text populates on choosing a new image after unchecking decorative state (Pratham Jaiswal)
  • Fix: Set verbose_name_plural for Query model in search promotions app (Saptami)
  • Fix: Truncate overly long task names in workflow admin view (Gaurav Takhi)
  • Fix: Hide "Add child page" button when no child pages can be created as per max_count or max_count_per_parent (Lasse Schmieding)
  • Fix: Prevent multiple child pages with max_count_per_parent being moved under one parent (James Biggs)
  • Fix: Use POST instead of DELETE in Cloudflare Frontend Cache Backend (Tom Usher)
  • Fix: Handle null values for title, author name or provider name in OEmbed responses (Baptiste Darthenay)
  • Fix: Preserve original data types from ChoiceBlock choices in block values (Devarshi Mani Tripathi)
  • Fix: Fix translation sync logic for django-treebeard 5.0.2 (Matt Westcott)
  • Fix: Correctly HTML-escape page title in approval/rejection notification emails (Matt Westcott)
  • Fix: Correctly HTML-escape URL in photo type oembeds (Thibaud Colas)
  • Fix: Ensure user with appropriate permissions can cancel a workflow task (Dan Braghis)
  • Fix: Ensure "submit to workflow" menu item uses the workflow name when creating pages (Sage Abdullah)
  • Fix: Better align page descriptions in add subpage views (Tibor Leupold)
  • Fix: Correctly close the Pages menu panel when clicking sidebar search (Divyansh Mishra)
  • Docs: Add documentation for the filter_spec parameter of ImageRenditionField (Soumya-codr)
  • Docs: Add guide for testing document upload forms (Wenli Tsai, Bhavesh Sharma)

... (truncated)

Changelog

Sourced from wagtail's changelog.

7.4 LTS (05.05.2026)


 * Add `is_deferred_validation` flag to support skipping custom validation when saving drafts (Daniel Kirkham)
 * Update project template Dockerfile to build dependencies in a separate stage (Brylie Oxley, Akshat Gupta)
 * Add `include_root` parameter to admin pages API endpoint (Divyansh Mishra)
 * Add support for Flourish oEmbeds (Garrett Coakley)
 * Add support for Heyzine oEmbeds (Baptiste Darthenay)
 * Allow specifying `creation_form_class` on `ChooserViewSet` as a dotted path string (K Adithya)
 * Various user experience improvements to autosave and concurrent editing notifications (Sage Abdullah)
 * Allow validation of required StreamField blocks to be deferred on saving drafts (Sage Abdullah)
 * Add `WAGTAILDOCS_MAX_UPLOAD_SIZE` setting for specifying maximum document file size (Om Harsh)
 * Set the project template `WAGTAILDOCS_MAX_UPLOAD_SIZE` to 10MB (Thibaud Colas)
 * Optimize combining of querysets in site history report (Alex Bridge)
 * Add more informative error for `format-*` operations on SVG images (Ankit Kumar)
 * Store preview data in new `FormState` model to improve compatibility with cookie-based sessions (Sage Abdullah)
 * Change StreamBlock options so groups are shown in declaration order of their blocks (Darshan Kerkar)
 * Add `WAGTAILADMIN_PAGE_SEARCH_FILTER_BY_PERMISSIONS` setting to disable permission filtering on page searches (Matt Westcott)
 * Use choice label when displaying choice fields in `SnippetViewSet`/`ModelViewSet`'s `list_display` (Srishti Jaiswal)
 * Add new content check `empty-meta-description` to validate meta description tags are not empty (Thibaud Colas)
 * Add `extractMetrics` method to `PreviewController` to retrieve content metrics from the preview panel (Thibaud Colas)
 * Refine hover / focus styles for title field’s comment button (Srishti Jaiswal)
 * Preserve "Collapse all" button state when switching between editor tabs (Raghad Dahi)
 * Upgrade modelsearch to 1.3 (Matt Westcott)
 * Implement checker error highlights within the preview panel (Thibaud Colas)
 * Add `routablefullpageurl` template tag (Pravin Kamble)
 * Add support for customizing page explorer views per page type using `PageViewSet` (Sage Abdullah)
 * Enhance page content type usage view with custom listings and ability to create new pages (Sage Abdullah)
 * Fix: CVE-2026-44197: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
 * Fix: CVE-2026-44198: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
 * Fix: CVE-2026-44199: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
 * Fix: CVE-2026-44200: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
 * Fix: CVE-2026-44201: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
 * Fix: Handle nested inline models when displaying object usage information (Sage Abdullah, Kacper Walęga, Tian Jie Wong)
 * Fix: Avoid duplicate `get_object()` DB query in API detail view (Siddheshwar Kadam)
 * Fix: Ensure `ImageBlock` alt text populates on choosing a new image after unchecking decorative state (Pratham Jaiswal)
 * Fix: Set `verbose_name_plural` for Query model in search promotions app (Saptami)
 * Fix: Truncate overly long task names in workflow admin view (Gaurav Takhi)
 * Fix: Hide "Add child page" button when no child pages can be created as per `max_count` or `max_count_per_parent` (Lasse Schmieding)
 * Fix: Prevent multiple child pages with `max_count_per_parent` being moved under one parent (James Biggs)
 * Fix: Use POST instead of DELETE in Cloudflare Frontend Cache Backend (Tom Usher)
 * Fix: Handle null values for title, author name or provider name in OEmbed responses (Baptiste Darthenay)
 * Fix: Preserve original data types from `ChoiceBlock` choices in block values (Devarshi Mani Tripathi)
 * Fix: Fix translation sync logic for django-treebeard 5.0.2 (Matt Westcott)
 * Fix: Correctly HTML-escape page title in approval/rejection notification emails (Matt Westcott)
 * Fix: Correctly HTML-escape URL in photo type oembeds (Thibaud Colas)
 * Fix: Ensure user with appropriate permissions can cancel a workflow task (Dan Braghis)
 * Fix: Ensure "submit to workflow" menu item uses the workflow name when creating pages (Sage Abdullah)
 * Fix: Better align page descriptions in add subpage views (Tibor Leupold)
 * Fix: Correctly close the Pages menu panel when clicking sidebar search (Divyansh Mishra)
</tr></table>

... (truncated)

Commits
  • 06237c5 Fill in CVE identifiers
  • 48a7d42 Fetch new translations from Transifex
  • 3bcddf2 ruff format
  • e182e3e Version bump to 7.4 final
  • d504b23 Release notes for security fixes in 7.4
  • 2d3b103 Release notes for security fixes in 7.3.2
  • 1a491b0 Fix permission check on creating alias
  • 2540d7a Fix permission handling on page copy
  • 538a703 Exclude view-restricted collections from document and images API
  • 2123168 Only support deleting form submissions for the chosen page
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Update wagtail requirement from >=4.1 to >=7.4
2aa8a6b 
Updates the requirements on [wagtail](https://github.com/wagtail/wagtail) to permit the latest version.
- [Release notes](https://github.com/wagtail/wagtail/releases)
- [Changelog](https://github.com/wagtail/wagtail/blob/main/CHANGELOG.txt)
- [Commits](wagtail/wagtail@v7.0...v7.4)

---
updated-dependencies:
- dependency-name: wagtail
  dependency-version: '7.4'
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 6, 2026
@dependabot dependabot Bot mentioned this pull request May 6, 2026
Closed
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 20, 2026

Superseded by #277.

@dependabot dependabot Bot closed this May 20, 2026
@dependabot dependabot Bot deleted the dependabot/pip/wagtail-gte-7.4 branch May 20, 2026 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants