0.64.3

• Added pip and setuptools as explicit dependencies. This fixes a bug where Datasette could not be installed using Rye. (#2065)

0.64.2

• Fixed a bug with datasette publish cloudrun where deploys all used the same Docker image tag. This was mostly inconsequential as the service is deployed as soon as the image has been pushed to the registry, but could result in the incorrect image being deployed if two different deploys for two separate services ran at exactly the same time. #2036

0.64.1

• Documentation now links to a current source of information for installing Python 3. (#1987)
• Incorrectly calling the Datasette constructor using Datasette("path/to/data.db") instead of Datasette(["path/to/data.db"]) now returns a useful error message. (#1985)

0.64

• Datasette now strongly recommends against allowing arbitrary SQL queries if you are using SpatiaLite. SpatiaLite includes SQL functions that could cause the Datasette server to crash. See SpatiaLite for more details.
• New default_allow_sql setting, providing an easier way to disable all arbitrary SQL execution by end users: datasette --setting default_allow_sql off. See also Controlling the ability to execute arbitrary SQL. (#1409)
• Building a location to time zone API with SpatiaLite is a new Datasette tutorial showing how to safely use SpatiaLite to create a location to time zone API.
• New documentation about how to debug problems loading SQLite extensions. The error message shown when an extension cannot be loaded has also been improved. (#1979)
• Fixed an accessibility issue: the <select> elements in the table filter form now show an outline when they are currently focused. (#1771)

0.63.3

• Fixed a bug where datasette --root, when running in Docker, would only output the URL to sign in as root when the server shut down, not when it started up. (#1958)
• You no longer need to ensure await datasette.invoke_startup() has been called in order for Datasette to start correctly serving requests - this is now handled automatically the first time the server receives a request. This fixes a bug experienced when Datasette is served directly by an ASGI application server such as Uvicorn or Gunicorn. It also fixes a bug with the datasette-gunicorn plugin. (#1955)

1.0a2

The third Datasette 1.0 alpha release adds upsert support to the JSON API, plus the ability to specify finely grained permissions when creating an API token.

See Datasette 1.0a2: Upserts and finely grained permissions for an extended, annotated version of these release notes.

• New /db/table/-/upsert API, documented here. upsert is an update-or-insert: existing rows will have specified keys updated, but if no row matches the incoming primary key a brand new row will be inserted instead. (#1878)
• New register_permissions(datasette) plugin hook. Plugins can now register named permissions, which will then be listed in various interfaces that show available permissions. (#1940)
• The /db/-/create API for creating a table now accepts "ignore": true and "replace": true options when called with the "rows" property that creates a new table based on an example set of rows. This means the API can be called multiple times with different rows, setting rules for what should happen if a primary key collides with an existing row. (#1927)
• Arbitrary permissions can now be configured at the instance, database and resource (table, SQL view or canned query) level in Datasette's Metadata JSON and YAML files. The new "permissions" key can be used to specify which actors should have which permissions. See Other permissions in metadata for details. (#1636)
• The /-/create-token page can now be used to create API tokens which are restricted to just a subset of actions, including against specific databases or resources. See API Tokens for details. (#1947)
• Likewise, the datasette create-token CLI command can now create tokens with a subset of permissions. (#1855)
• New datasette.create_token() API method <datasette_create_token>` for programmatically creating signed API tokens. (#1951)
• /db/-/create API now requires actor to have insert-row permission in order to use the "row" or "rows" properties. (#1937)

1.0a1

• Write APIs now serve correct CORS headers if Datasette is started in --cors mode. See the full list of CORS headers in the documentation. (#1922)
• Fixed a bug where the _memory database could be written to even though writes were not persisted. (#1917)
• The https://latest.datasette.io/ demo instance now includes an ephemeral database which can be used to test Datasette's write APIs, using the new datasette-ephemeral-tables plugin to drop any created tables after five minutes. This database is only available if you sign in as the root user using the link on the homepage. (#1915)
• Fixed a bug where hitting the write endpoints with a GET request returned a 500 error. It now returns a 405 (method not allowed) error instead. (#1916)
• The list of endpoints in the API explorer now lists mutable databases first. (#1918)
• The "ignore": true and "replace": true options for the insert API are now documented. (#1924)

1.0a0

This first alpha release of Datasette 1.0 introduces a brand new collection of APIs for writing to the database (#1850), as well as a new API token mechanism baked into Datasette core. Previously, API tokens have only been supported by installing additional plugins.

This is very much a preview: expect many more backwards incompatible API changes prior to the full 1.0 release.

Feedback enthusiastically welcomed, either through issue comments or via the Datasette Discord community.

Signed API tokens

• New /-/create-token page allowing authenticated users to create signed API tokens that can act on their behalf, see API Tokens. (#1852)
• New datasette create-token command for creating tokens from the command line: datasette create-token.
• New allow_signed_tokens setting which can be used to turn off signed token support. (#1856)
• New max_signed_tokens_ttl setting for restricting the maximum allowed duration of a signed token. (#1858)

Write API

• New API explorer at /-/api for trying out the API. (#1871)
• /db/-/create API for Creating a table. (#1882)
• /db/table/-/insert API for Inserting rows. (#1851)
• /db/table/-/drop API for Dropping tables. (#1874)
• /db/table/pk/-/update API for Updating a row. (#1863)
• /db/table/pk/-/delete API for Deleting a row. (#1864)

0.63.2

• Fixed a bug in datasette publish heroku where deployments failed due to an older version of Python being requested. (#1905)
• New datasette publish heroku --generate-dir <dir> option for generating a Heroku deployment directory without deploying it.

0.63.1

• Fixed a bug where Datasette's table filter form would not redirect correctly when run behind a proxy using the base_url setting. (#1883)
• SQL query is now shown wrapped in a <textarea> if a query exceeds a time limit. (#1876)
• Fixed an intermittent "Too many open files" error while running the test suite. (#1843)
• New db.close() internal method.