From 1353d8e2c8d9d53dab5745c2b0015cc7200dad4c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 10:51:42 +0100 Subject: [PATCH 1/4] Bump flake8 from 7.1.1 to 7.1.2 (#314) Bumps [flake8](https://github.com/pycqa/flake8) from 7.1.1 to 7.1.2.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flake8&package-manager=pip&previous-version=7.1.1&new-version=7.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- linter-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linter-requirements.txt b/linter-requirements.txt index 5cd20868..bf5a98ee 100644 --- a/linter-requirements.txt +++ b/linter-requirements.txt @@ -1,5 +1,5 @@ bandit==1.8.2 black==25.1.0 -flake8==7.1.1 +flake8==7.1.2 isort==6.0.0 pydocstyle[toml]==6.3.0 From 10061a352b177bf61febd62c49ca69af5ce59e4e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 10:52:06 +0100 Subject: [PATCH 2/4] Bump bandit from 1.8.2 to 1.8.3 (#315) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [bandit](https://github.com/PyCQA/bandit) from 1.8.2 to 1.8.3.
Release notes

Sourced from bandit's releases.

1.8.3

What's Changed

New Contributors

Full Changelog: https://github.com/PyCQA/bandit/compare/1.8.2...1.8.3

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit&package-manager=pip&previous-version=1.8.2&new-version=1.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- linter-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linter-requirements.txt b/linter-requirements.txt index bf5a98ee..10f3b354 100644 --- a/linter-requirements.txt +++ b/linter-requirements.txt @@ -1,4 +1,4 @@ -bandit==1.8.2 +bandit==1.8.3 black==25.1.0 flake8==7.1.2 isort==6.0.0 From 6e6fdd9cdd3c83305306d7c6eb0626392929c461 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 27 Feb 2025 05:59:34 +0000 Subject: [PATCH 3/4] Bump isort from 6.0.0 to 6.0.1 Bumps [isort](https://github.com/PyCQA/isort) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/PyCQA/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](https://github.com/PyCQA/isort/compare/6.0.0...6.0.1) --- updated-dependencies: - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- linter-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linter-requirements.txt b/linter-requirements.txt index 10f3b354..f9f720f9 100644 --- a/linter-requirements.txt +++ b/linter-requirements.txt @@ -1,5 +1,5 @@ bandit==1.8.3 black==25.1.0 flake8==7.1.2 -isort==6.0.0 +isort==6.0.1 pydocstyle[toml]==6.3.0 From f78152762510ceca949ca8302ac83db9795ed0d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marduk=20Bola=C3=B1os?= Date: Sat, 15 Mar 2025 17:50:37 +0100 Subject: [PATCH 4/4] Fix #136 -- Support dependent fields in formsets (#316) * Find the closest common ancestor of two chained selects instead of assuming it is a form. * Try to find the dependent field by its name attribute using a two-fold search strategy: exact match otherwise ends with Special thanks to @rez0n --- django_select2/static/django_select2/django_select2.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/django_select2/static/django_select2/django_select2.js b/django_select2/static/django_select2/django_select2.js index 23447d54..f299e367 100644 --- a/django_select2/static/django_select2/django_select2.js +++ b/django_select2/static/django_select2/django_select2.js @@ -26,9 +26,16 @@ let dependentFields = $element.data('select2-dependent-fields') if (dependentFields) { + const findElement = function (selector) { + const result = $(selector, $element.closest(`:has(${selector})`)) + if (result.length > 0) return result + else return null + } dependentFields = dependentFields.trim().split(/\s+/) $.each(dependentFields, function (i, dependentField) { - result[dependentField] = $('[name=' + dependentField + ']', $element.closest('form')).val() + const nameIs = `[name=${dependentField}]` + const nameEndsWith = `[name$=-${dependentField}]` + result[dependentField] = (findElement(nameIs) || findElement(nameEndsWith)).val() }) }