html_url,id,node_id,tag_name,target_commitish,name,draft,author,prerelease,created_at,published_at,body,repo,reactions
https://github.com/simonw/datasette/releases/tag/0.64.5,124182616,RE_kwDOBm6k_c4HZuBY,0.64.5,0.64.x,0.64.5,0,9599,0,2023-10-08T16:03:37Z,2023-10-08T16:05:20Z,"- Dropped dependency on `click-default-group-wheel`, which could cause a dependency conflict. ([#2197](https://github.com/simonw/datasette/issues/2197))",107914493,"{""url"": ""https://api.github.com/repos/simonw/datasette/releases/124182616/reactions"", ""total_count"": 1, ""+1"": 1, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}"
https://github.com/simonw/datasette/releases/tag/1.0a7,122124154,RE_kwDOBm6k_c4HR3d6,1.0a7,1.0a.x,1.0a7,0,9599,1,2023-09-21T22:06:19Z,2023-09-21T22:13:27Z,- Fix for a crashing bug caused by viewing the table page for a named in-memory database. [#2189](https://github.com/simonw/datasette/issues/2189),107914493,
https://github.com/simonw/datasette/releases/tag/0.64.4,122109244,RE_kwDOBm6k_c4HRz08,0.64.4,0.64.x,0.64.4,0,9599,0,2023-09-21T19:28:45Z,2023-09-21T19:43:54Z,- Fix for a crashing bug caused by viewing the table page for a named in-memory database. [#2189](https://github.com/simonw/datasette/issues/2189),107914493,
https://github.com/simonw/datasette/releases/tag/1.0a6,120375181,RE_kwDOBm6k_c4HLMeN,1.0a6,main,1.0a6,0,9599,1,2023-09-08T04:44:08Z,2023-09-08T04:45:12Z,"- New plugin hook: [actors_from_ids(datasette, actor_ids)](https://docs.datasette.io/en/latest/plugin_hooks.html#plugin-hook-actors-from-ids) and an internal method to accompany it, [await .actors_from_ids(actor_ids)](https://docs.datasette.io/en/latest/internals.html#datasette-actors-from-ids). This mechanism is intended to be used by plugins that may need to display the actor who was responsible for something managed by that plugin: they can now resolve the recorded IDs of actors into the full actor objects. ([#2181](https://github.com/simonw/datasette/issues/2181))
- `DATASETTE_LOAD_PLUGINS` environment variable for [controlling which plugins](https://docs.datasette.io/en/latest/plugins.html#plugins-datasette-load-plugins) are loaded by Datasette. ([#2164](https://github.com/simonw/datasette/issues/2164))
- Datasette now checks if the user has permission to view a table linked to by a foreign key before turning that foreign key into a clickable link. ([#2178](https://github.com/simonw/datasette/issues/2178))
- The `execute-sql` permission now implies that the actor can also view the database and instance. ([#2169](https://github.com/simonw/datasette/issues/2169))
- Documentation describing a pattern for building plugins that themselves [define further hooks](https://docs.datasette.io/en/latest/writing_plugins.html#writing-plugins-extra-hooks) for other plugins. ([#1765](https://github.com/simonw/datasette/issues/1765))
- Datasette is now tested against the Python 3.12 preview. ([#2175](https://github.com/simonw/datasette/pull/2175))",107914493,
https://github.com/simonw/datasette/releases/tag/1.0a5,119112633,RE_kwDOBm6k_c4HGYO5,1.0a5,main,1.0a5,0,9599,1,2023-08-29T17:17:54Z,2023-08-29T17:19:35Z,"- When restrictions are applied to [API tokens](https://docs.datasette.io/en/1.0a5/authentication.html#createtokenview), those restrictions now behave slightly differently: applying the `view-table` restriction will imply the ability to `view-database` for the database containing that table, and both `view-table` and `view-database` will imply `view-instance`. Previously you needed to create a token with restrictions that explicitly listed `view-instance` and `view-database` and `view-table` in order to view a table without getting a permission denied error. ([#2102](https://github.com/simonw/datasette/issues/2102))
- New `datasette.yaml` (or `.json`) configuration file, which can be specified using `datasette -c path-to-file`. The goal here to consolidate settings, plugin configuration, permissions, canned queries, and other Datasette configuration into a single single file, separate from `metadata.yaml`. The legacy `settings.json` config file used for [Configuration directory mode](https://docs.datasette.io/en/1.0a5/settings.html#config-dir) has been removed, and `datasette.yaml` has a `""settings""` section where the same settings key/value pairs can be included. In the next future alpha release, more configuration such as plugins/permissions/canned queries will be moved to the `datasette.yaml` file. See [#2093](https://github.com/simonw/datasette/issues/2093) for more details. Thanks, Alex Garcia.
- The `-s/--setting` option can now take dotted paths to nested settings. These will then be used to set or over-ride the same options as are present in the new configuration file. ([#2156](https://github.com/simonw/datasette/issues/2156))
- New `--actor '{""id"": ""json-goes-here""}'` option for use with `datasette --get` to treat the simulated request as being made by a specific actor, see [datasette --get](https://docs.datasette.io/en/1.0a5/cli-reference.html#cli-datasette-get). ([#2153](https://github.com/simonw/datasette/issues/2153))
- The Datasette `_internal` database has had some changes. It no longer shows up in the `datasette.databases` list by default, and is now instead available to plugins using the `datasette.get_internal_database()`. Plugins are invited to use this as a private database to store configuration and settings and secrets that should not be made visible through the default Datasette interface. Users can pass the new `--internal internal.db` option to persist that internal database to disk. Thanks, Alex Garcia. ([#2157](https://github.com/simonw/datasette/issues/2157)).",107914493,
https://github.com/simonw/datasette/releases/tag/1.0a4,118245443,RE_kwDOBm6k_c4HDEhD,1.0a4,main,1.0a4,0,9599,1,2023-08-22T17:10:01Z,2023-08-22T17:13:26Z,"This alpha fixes a security issue with the `/-/api` API explorer. On authenticated Datasette instances (instances protected using plugins such as [datasette-auth-passwords](https://datasette.io/plugins/datasette-auth-passwords)) the API explorer interface could reveal the names of databases and tables within the protected instance. The data stored in those tables was not revealed.
For more information and workarounds, read [the security advisory](https://github.com/simonw/datasette/security/advisories/GHSA-7ch3-7pp7-7cpq). The issue has been present in every previous alpha version of Datasette 1.0: versions 1.0a0, 1.0a1, 1.0a2 and 1.0a3.
Also in this alpha:
- The new `datasette plugins --requirements` option outputs a list of currently installed plugins in Python `requirements.txt` format, useful for duplicating that installation elsewhere. ([#2133](https://github.com/simonw/datasette/issues/2133))
- [Writable canned queries](https://docs.datasette.io/en/latest/sql_queries.html#canned-queries-writable) can now define a `on_success_message_sql` field in their configuration, containing a SQL query that should be executed upon successful completion of the write operation in order to generate a message to be shown to the user. ([#2138](https://github.com/simonw/datasette/issues/2138))
- The automatically generated border color for a database is now shown in more places around the application. ([#2119](https://github.com/simonw/datasette/issues/2119))
- Every instance of example shell script code in the documentation should now include a working copy button, free from additional syntax. ([#2140](https://github.com/simonw/datasette/issues/2140))",107914493,"{""url"": ""https://api.github.com/repos/simonw/datasette/releases/118245443/reactions"", ""total_count"": 3, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 2, ""confused"": 0, ""heart"": 1, ""rocket"": 0, ""eyes"": 0}"
https://github.com/simonw/datasette/releases/tag/1.0a3,115813784,RE_kwDOBm6k_c4G5y2Y,1.0a3,main,1.0a3,0,9599,1,2023-08-09T19:13:11Z,2023-08-09T19:17:26Z,"This alpha release previews the updated design for Datasette's default JSON API. ([#782](https://github.com/simonw/datasette/issues/782))
The new [default JSON representation](https://docs.datasette.io/en/1.0a3/json_api.html#json-api-default) for both table pages (`/dbname/table.json`) and arbitrary SQL queries (`/dbname.json?sql=...`) is now shaped like this:
```json
{
""ok"": true,
""rows"": [
{
""id"": 3,
""name"": ""Detroit""
},
{
""id"": 2,
""name"": ""Los Angeles""
},
{
""id"": 4,
""name"": ""Memnonia""
},
{
""id"": 1,
""name"": ""San Francisco""
}
],
""truncated"": false
}
```
Tables will include an additional `""next""` key for pagination, which can be passed to `?_next=` to fetch the next page of results.
The various `?_shape=` options continue to work as before - see [Different shapes](https://docs.datasette.io/en/1.0a3/json_api.html#json-api-shapes) for details.
A new `?_extra=` mechanism is available for tables, but has not yet been stabilized or documented. Details on that are available in [#262](https://github.com/simonw/datasette/issues/262).
### Smaller changes
- Datasette documentation now shows YAML examples for [Metadata](https://docs.datasette.io/en/1.0a3/metadata.html#metadata) by default, with a tab interface for switching to JSON. ([#1153](https://github.com/simonw/datasette/issues/1153))
- [register_output_renderer(datasette)](https://docs.datasette.io/en/1.0a3/plugin_hooks.html#plugin-register-output-renderer) plugins now have access to `error` and `truncated` arguments, allowing them to display error messages and take into account truncated results. ([#2130](https://github.com/simonw/datasette/issues/2130))
- `render_cell()` plugin hook now also supports an optional `request` argument. ([#2007](https://github.com/simonw/datasette/issues/2007))
- New `Justfile` to support development workflows for Datasette using [Just](https://github.com/casey/just).
- `datasette.render_template()` can now accepts a `datasette.views.Context` subclass as an alternative to a dictionary. ([#2127](https://github.com/simonw/datasette/issues/2127))
- `datasette install -e path` option for editable installations, useful while developing plugins. ([#2106](https://github.com/simonw/datasette/issues/2106))
- When started with the `--cors` option Datasette now serves an `Access-Control-Max-Age: 3600` header, ensuring CORS OPTIONS requests are repeated no more than once an hour. ([#2079](https://github.com/simonw/datasette/issues/2079))
- Fixed a bug where the `_internal` database could display `None` instead of `null` for in-memory databases. ([#1970](https://github.com/simonw/datasette/issues/1970))",107914493,"{""url"": ""https://api.github.com/repos/simonw/datasette/releases/115813784/reactions"", ""total_count"": 3, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 3, ""eyes"": 0}"
https://github.com/simonw/datasette/releases/tag/0.64.3,101136455,RE_kwDOBm6k_c4GBzhH,0.64.3,0.64.x,0.64.3,0,9599,0,2023-04-27T14:55:25Z,2023-04-27T15:00:27Z,- Added `pip` and `setuptools` as explicit dependencies. This fixes a bug where Datasette could not be installed using [Rye](https://github.com/mitsuhiko/rye). ([#2065](https://github.com/simonw/datasette/issues/2065)),107914493,"{""url"": ""https://api.github.com/repos/simonw/datasette/releases/101136455/reactions"", ""total_count"": 3, ""+1"": 1, ""-1"": 0, ""laugh"": 0, ""hooray"": 2, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}"
https://github.com/simonw/datasette/releases/tag/0.64.2,94985654,RE_kwDOBm6k_c4FqV22,0.64.2,0.64.x,0.64.2,0,9599,0,2023-03-08T20:41:13Z,2023-03-08T20:46:27Z,"- Fixed a bug with `datasette publish cloudrun` where deploys all used the same Docker image tag. This was mostly inconsequential as the service is deployed as soon as the image has been pushed to the registry, but could result in the incorrect image being deployed if two different deploys for two separate services ran at exactly the same time. [#2036](https://github.com/simonw/datasette/issues/2036)
",107914493,"{""url"": ""https://api.github.com/repos/simonw/datasette/releases/94985654/reactions"", ""total_count"": 1, ""+1"": 1, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}"
https://github.com/simonw/datasette/releases/tag/0.64.1,88623648,RE_kwDOBm6k_c4FSEog,0.64.1,0.64.x,0.64.1,0,9599,0,2023-01-11T18:21:37Z,2023-01-11T18:27:56Z,"- Documentation now links to a current source of information for installing Python 3. ([#1987](https://github.com/simonw/datasette/issues/1987))
- Incorrectly calling the Datasette constructor using `Datasette(""path/to/data.db"")` instead of `Datasette([""path/to/data.db""])` now returns a useful error message. ([#1985](https://github.com/simonw/datasette/issues/1985))",107914493,
https://github.com/simonw/datasette/releases/tag/0.64,88331580,RE_kwDOBm6k_c4FQ9U8,0.64,0.63.x,0.64,0,9599,0,2023-01-09T16:37:21Z,2023-01-09T16:49:04Z,"- Datasette now **strongly recommends against allowing arbitrary SQL queries if you are using SpatiaLite**. SpatiaLite includes SQL functions that could cause the Datasette server to crash. See [SpatiaLite](https://docs.datasette.io/en/stable/spatialite.html#spatialite) for more details.
- New [default_allow_sql](https://docs.datasette.io/en/stable/settings.html#setting-default-allow-sql) setting, providing an easier way to disable all arbitrary SQL execution by end users: `datasette --setting default_allow_sql off`. See also [Controlling the ability to execute arbitrary SQL](https://docs.datasette.io/en/stable/authentication.html#authentication-permissions-execute-sql). ([#1409](https://github.com/simonw/datasette/issues/1409))
- [Building a location to time zone API with SpatiaLite](https://datasette.io/tutorials/spatialite) is a new Datasette tutorial showing how to safely use SpatiaLite to create a location to time zone API.
- New documentation about [how to debug problems loading SQLite extensions](https://docs.datasette.io/en/stable/installation.html#installation-extensions). The error message shown when an extension cannot be loaded has also been improved. ([#1979](https://github.com/simonw/datasette/issues/1979))
- Fixed an accessibility issue: the `