docs: add v1.6.1 and v1.6.2 CHANGELOG entries
Documents StatusView eventify_id addition and the security fix that stops internal Python exceptions from reaching API callers. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
18
CHANGELOG.md
18
CHANGELOG.md
@@ -5,6 +5,24 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), version
|
||||
|
||||
---
|
||||
|
||||
## [1.6.2] — 2026-04-03
|
||||
|
||||
### Security
|
||||
- **Internal exceptions no longer exposed to API callers** — all 15 `except Exception as e` blocks across `mobile_api/views/user.py` and `mobile_api/views/events.py` now log the real error via `eventify_logger` and return a generic `"An unexpected server error occurred."` to the caller
|
||||
- Affected views: `RegisterView`, `WebRegisterView`, `LoginView`, `StatusView`, `LogoutView`, `UpdateProfileView`, `EventTypeAPI`, `EventListAPI`, `EventDetailAPI`, `EventImagesListAPI`, `EventsByDateAPI`, `DateSheetAPI`, `PincodeEventsAPI`, `FeaturedEventsAPI`, `TopEventsAPI`
|
||||
- `StatusView` and `UpdateProfileView` were also missing `log(...)` calls entirely — added
|
||||
- `from eventify_logger.services import log` import added to `events.py` (was absent)
|
||||
|
||||
---
|
||||
|
||||
## [1.6.1] — 2026-04-03
|
||||
|
||||
### Added
|
||||
- **`eventify_id` in `StatusView` response** (`/api/user/status/`) — consumer app uses this to refresh the Eventify ID badge (`EVT-XXXXXXXX`) for sessions that pre-date the `eventify_id` login field
|
||||
- **`accounts` migration `0012_user_eventify_id` deployed to production containers** — backfilled all existing users with unique Eventify IDs; previously the migration existed locally but had not been applied in production
|
||||
|
||||
---
|
||||
|
||||
## [1.6.0] — 2026-04-02
|
||||
|
||||
### Added
|
||||
|
||||
Reference in New Issue
Block a user