{"html_url": "https://github.com/simonw/datasette/releases/tag/0.57", "id": 44155601, "node_id": "MDc6UmVsZWFzZTQ0MTU1NjAx", "tag_name": "0.57", "target_commitish": "main", "name": "0.57", "draft": 0, "author": {"value": 9599, "label": "simonw"}, "prerelease": 0, "created_at": "2021-06-05T22:06:55Z", "published_at": "2021-06-05T22:11:18Z", "body": "**Warning**: This release fixes a [reflected cross-site scripting](https://owasp.org/www-community/attacks/xss/#reflected-xss-attacks) security hole with the `?_trace=1` feature. You should upgrade to this version, or to Datasette 0.56.1, as soon as possible. ([#1360](https://github.com/simonw/datasette/issues/1360))\r\n\r\nIn addition to the security fix, this release includes `?_col=` and `?_nocol=` options for controlling which columns are displayed for a table, `?_facet_size=` for increasing the number of facet results returned, re-display of your SQL query should an error occur and numerous bug fixes.\r\n\r\n### New features\r\n\r\n-   If an error occurs while executing a user-provided SQL query, that query is now re-displayed in an editable form along with the error message. ([#619](https://github.com/simonw/datasette/issues/619))\r\n-   New `?_col=` and `?_nocol=` parameters to show and hide columns in a table, plus an interface for hiding and showing columns in the column cog menu. ([#615](https://github.com/simonw/datasette/issues/615))\r\n-   A new `?_facet_size=` parameter for customizing the number of facet results returned on a table or view page. ([#1332](https://github.com/simonw/datasette/issues/1332))\r\n-   `?_facet_size=max` sets that to the maximum, which defaults to 1,000 and is controlled by the the [max_returned_rows](https://docs.datasette.io/en/stable/settings.html#setting-max-returned-rows) setting. If facet results are truncated the ... at the bottom of the facet list now links to this parameter. ([#1337](https://github.com/simonw/datasette/issues/1337))\r\n-   `?_nofacet=1` option to disable all facet calculations on a page, used as a performance optimization for CSV exports and `?_shape=array/object`. ([#1349](https://github.com/simonw/datasette/issues/1349), [#263](https://github.com/simonw/datasette/issues/263))\r\n-   `?_nocount=1` option to disable full query result counts. ([#1353](https://github.com/simonw/datasette/issues/1353))\r\n-   `?_trace=1` debugging option is now controlled by the new [trace_debug](https://docs.datasette.io/en/stable/settings.html#setting-trace-debug) setting, which is turned off by default. ([#1359](https://github.com/simonw/datasette/issues/1359))\r\n\r\n### Bug fixes and other improvements\r\n\r\n-   [Custom pages](https://docs.datasette.io/en/stable/custom_templates.html#custom-pages) now work correctly when combined with the [base_url](https://docs.datasette.io/en/stable/settings.html#setting-base-url) setting. ([#1238](https://github.com/simonw/datasette/issues/1238))\r\n-   Fixed intermittent error displaying the index page when the user did not have permission to access one of the tables. Thanks, Guy Freeman. ([#1305](https://github.com/simonw/datasette/issues/1305))\r\n-   Columns with the name \"Link\" are no longer incorrectly displayed in bold. ([#1308](https://github.com/simonw/datasette/issues/1308))\r\n-   Fixed error caused by tables with a single quote in their names. ([#1257](https://github.com/simonw/datasette/issues/1257))\r\n-   Updated dependencies: `pytest-asyncio`, `Black`, `jinja2`, `aiofiles`, `click`, and `itsdangerous`.\r\n-   The official Datasette Docker image now supports `apt-get install`. ([#1320](https://github.com/simonw/datasette/issues/1320))\r\n-   The Heroku runtime used by `datasette publish heroku` is now `python-3.8.10`.", "repo": {"value": 107914493, "label": "datasette"}, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/releases/44155601/reactions\", \"total_count\": 1, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 1, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}"}
{"html_url": "https://github.com/simonw/datasette/releases/tag/0.56.1", "id": 44155459, "node_id": "MDc6UmVsZWFzZTQ0MTU1NDU5", "tag_name": "0.56.1", "target_commitish": "0.56.x", "name": "0.56.1", "draft": 0, "author": {"value": 9599, "label": "simonw"}, "prerelease": 0, "created_at": "2021-06-05T21:54:47Z", "published_at": "2021-06-05T22:00:01Z", "body": "- Fix for a security hole: [reflected cross-site scripting](https://owasp.org/www-community/attacks/xss/#reflected-xss-attacks) in the `?_trace=1` feature. [#1360](https://github.com/simonw/datasette/issues/1360)", "repo": {"value": 107914493, "label": "datasette"}, "reactions": null}