mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-09-09 18:49:11 +00:00
Code Issues 32 Releases Wiki Activity
33,833 Commits 29 Branches 455 Tags
Commit Graph

14062 Commits

Author SHA1 Message Date
Tim Graham
2a636118da Fixed #36564 -- Changed DEFAULT_AUTO_FIELD from AutoField to BigAutoField. 2025-09-05 10:43:10 -04:00
Ryan P Kilby
bad03eb108 Fixed #36481 -- Fixed QuerySet.update concrete fields check. 
FieldError is now emitted for invalid update calls involving reverse
relations, where previously they failed with AttributeError.
 2025-09-04 12:15:45 -04:00
Ryan P Kilby
11c2c9ac17 Refs #36481 -- Improved test coverage for invalid updates on reverse relations. 2025-09-04 12:15:45 -04:00
farhan
34bd3ed944 Refs #36559, #35667 -- Used skip_file_prefixes in PartialTemplate.source warning. 2025-09-04 12:14:10 -04:00
Ronan LE HAY
e197953f11 Refs #34989 -- Ensured the Content-Length header is set when redirect with APPEND_SLASH. 2025-09-03 22:49:34 +02:00
farhan
d82f25d3f0 Fixed #36559 -- Respected verbatim and comment blocks in PartialTemplate.source. 2025-09-03 10:59:58 -04:00
farhan
3485599ef0 Refs #36559 -- Ran template partial source tests in debug mode only. 
Added a warning for accessing PartialTemplate.source when debugging is disabled.
Thanks Sarah Boyce for the idea.
 2025-09-03 10:59:58 -04:00
Jake Howard
5171171709 Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL injection in column aliases. 
Thanks Eyal Gabay (EyalSec) for the report.
 2025-09-03 13:10:58 +02:00
SaJH
bb7a7701b1 Fixed #36431 -- Returned tuples for multi-column ForeignObject in values()/values_list(). 
Thanks Jacob Walls and Simon Charette for tests.

Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-29 15:33:44 -04:00
Jacob Walls
2d453a2a68 Refs #36152 -- Suppressed duplicate warning when using "%" in alias via values(). 2025-08-29 13:45:08 -04:00
SaJH
0be1c4575b Fixed #34624 -- Removed change, delete, and view buttons for non-Select widgets in RelatedFieldWidgetWrapper. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-29 08:38:12 +02:00
Rob Hudson
550822bcee Fixed #36532 -- Added Content Security Policy view decorators to override or disable policies. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-08-28 17:23:48 -03:00
Jake Howard
41ff30f6f9 Refs #36520 -- Ensured only the header value is passed to parse_header_parameters for multipart requests. 
Header parsing should apply only to the header value. The previous
implementation happened to work but relied on unintended behavior.
 2025-08-28 14:25:36 -03:00
SaJH
a9fe98d5bd Fixed #35533 -- Prevented urlize creating broken links given a markdown link input. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-28 08:54:56 +02:00
Tim Graham
1285de557b Fixed incorrect IDs in test_in_bulk_preserve_ordering. 2025-08-27 18:23:42 -04:00
Sarah Boyce
d0e4dd5cdd Fixed #36572 -- Revert "Fixed #36546 -- Deprecated django.utils.crypto.constant_time_compare() in favor of hmac.compare_digest()." 
This reverts commit 0246f478882c26bc1fe293224653074cd46a90d0.
 2025-08-27 10:50:50 +02:00
Jacob Walls
d454aefbd1
Refs #15727 -- Captured failed request log in CSPMiddlewareTest. 2025-08-26 17:26:01 -04:00
antoliny0919
3e7aedfb2e Fixed #36556 -- Fixed TabularInline width overflowing the page. 2025-08-26 13:45:28 +02:00
SaJH
0246f47888 Fixed #36546 -- Deprecated django.utils.crypto.constant_time_compare() in favor of hmac.compare_digest(). 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-25 14:45:16 +02:00
SaJH
3ba24c18e7 Fixed #36251 -- Avoided mutating form Meta.fields in BaseInlineFormSet. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-25 10:05:45 +02:00
Mariusz Felisiak
b3166e1e15 Refs #35530 -- Corrected deprecation message in auth.alogin(). 
Follow up to ceecd518b19044181a3598c55ebed7c2545963cc.
 2025-08-22 16:14:09 +02:00
Natalia
d6a8e5f5e1 Fixed failing bulk_create test raising IntegrityError when run in reverse. 
When running the `bulk_create` tests with Postgres settings and
`--reverse`, the following IntegrityError was raised in
bulk_create.tests.BulkCreateTransactionTests.test_objs_with_and_without_pk:

django.db.utils.IntegrityError: duplicate key value violates unique
constraint "bulk_create_country_pkey"
DETAIL:  Key (id)=(1) already exists.

This branch fixes this by ensuring the ID is unique since DB sequences
are not resetted between tests.
 2025-08-21 12:25:57 -03:00
antoliny0919
aae7836cc0 Refs #36366 -- Fixed page number layout in admin pagination on small screens. 
Regression in 3f59711581bd22ebd0f13fb040b15b69c0eee21f.
 2025-08-21 17:04:28 +02:00
SaJH
f2a6c0477f Fixed #36399 -- Added support for multiple Cookie headers in HTTP/2 for ASGIRequest. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-21 16:48:54 +02:00
mengxun
ed7c1a5640 Fixed #36560 -- Prevented UpdateCacheMiddleware from caching responses with Cache-Control 'no-cache' or 'no-store'. 2025-08-21 16:48:36 +02:00
Jacob Walls
d3cf24e9b4 Refs #36430, #36416, #34378 -- Simplified batch size calculation in QuerySet.in_bulk(). 2025-08-21 16:47:41 +02:00
Jacob Walls
a2ce4900a6 Fixed #36430 -- Removed artificially low limit on single field bulk operations on SQLite. 2025-08-21 16:47:41 +02:00
David Smith
fb0d463b1f Fixed #36382 -- Confirmed support for GDAL 3.11. 
TIGER driver was removed in GDAL 3.11.

eb793be039
 2025-08-21 16:46:41 +02:00
Xinyi Rong
cd7554e551 Fixed #36561 -- Used request.auser() in contrib.auth.aupdate_session_auth_hash(). 2025-08-20 09:14:50 +02:00
Artyom Kotovskiy
f02b49d2f3 Fixed #27489 -- Renamed permissions upon model renaming in migrations. 2025-08-19 16:36:52 +02:00
antoliny0919
4187da258f Fixed #35892 -- Supported Widget.use_fieldset in admin forms. 2025-08-19 16:35:56 +02:00
Simon Charette
cd0966cd4e Avoided usage of DEBUG setting override in bulk_create tests. 
Asserting an upper bound for the number of executed queries can be achieved by
using CaptureQueriesContext instead of enabling the whole DEBUG machinery.
 2025-08-15 10:45:02 +02:00
Simon Charette
e1671278e8 Fixed #36490 -- Avoided unnecessary transaction in bulk_create. 
When dealing with an heterogeneous set of object with regards to primary key
assignment that fits in a single batch there's no need to wrap the single
INSERT statement in a transaction.
 2025-08-15 10:45:02 +02:00
farhan
5e06b97095 Fixed #36410 -- Added support for Template Partials to the Django Template Language. 
Introduced `{% partialdef %}` and `{% partial %}` template tags to
define and render reusable named fragments within a template file.
Partials can also be accessed using the `template_name#partial_name`
syntax via `get_template()`, `render()`, `{% include %}`, and other
template-loading tools.

Adjusted `get_template()` behavior to support partial resolution, with
appropriate error handling for invalid names and edge cases. Introduced
`PartialTemplate` to encapsulate partial rendering behavior.

Includes tests and internal refactors to support partial context
binding, exception reporting, and tag validation.

Co-authored-by: Carlton Gibson <carlton@noumenal.es>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2025-08-14 21:53:14 -03:00
Natalia
2980627502 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. 
Python fixed a quadratic complexity processing for HTMLParser in:
https://github.com/python/cpython/commit/6eb6c5db.
 2025-08-12 23:04:09 -03:00
Natalia
e4515dad7a Fixed test_utils.tests.HTMLEqualTests.test_parsing_errors following Python's HTMLParser fixed parsing. 
Further details about Python changes can be found in:
0243f97cba.

Thank you Clifford Gama for the thorough review!
 2025-08-12 23:04:09 -03:00
michalpokusa
2c99fbcf95 Fixed #36368 -- Prevented duplicate locale paths and write_po_file calls in makemessages. 2025-08-12 09:47:16 +02:00
James Bligh
c1aa4a7a79 Fixed #36525 -- Silenced individual deleted file messages in collectstatic --clear's default verbosity. 2025-08-08 09:52:16 +02:00
Xinyi Rong
31a43c571f Fixed #36540 -- Updated request.auser() in contrib.auth.alogin() and contrib.auth.alogout(). 2025-08-08 09:51:03 +02:00
Jacob Walls
fd569dd45b Fixed #36210, Refs #36181 -- Allowed Subquery usage in further lookups against composite pks. 
Follow-up to 8561100425876bde3be4b2a22324655f74ff9609.

Co-authored-by: Simon Charette <charette.s@gmail.com>
 2025-08-07 14:28:44 +02:00
Jacob Walls
de7bb7eab8 Refs #36210 -- Added missing limits in Subquery tests. 2025-08-07 14:28:44 +02:00
James Bligh
6142e3f347 Fixed #26583 -- Silenced individual clashing name warnings in collectstatic's default verbosity. 
Made collectstatic report individual destination conflicts only at verbosity 2+.
Made verbosity level 1 report a summary count of skipped files.
 2025-08-05 16:37:43 +02:00
antoliny0919
6537732585 Fixed #36079 -- Fixed text size of TabularInline object titles. 2025-08-05 16:36:06 +02:00
Matthias Kestenholz
0a262c8407 Fixed #36537 -- Ensured unique HTML IDs for geometry widget option scripts in the admin. 
This work amends the code from f2f6046c0f92ff1faed057da0711ac478eef439c
where multiple geometry widgets rendered `<script>` elements in the
admin with the same HTML `id`, resulting in invalid HTML and fragile
JavaScript selectors. Refs #25706.

This change uses the widget's textarea ID to generate a unique `id` for
each JSON options `<script>`, ensuring valid and robust markup.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-08-05 11:35:04 -03:00
jkhall81
2013092b69 Fixed #36530 -- Extended fields.E347 to check for ManyToManyField involving CompositePrimaryKey on either side. 
Thanks to Jacob Walls for the report.
 2025-08-05 08:34:40 -03:00
Mariusz Felisiak
e664c5afa9
Refs #36282 -- Fixed PrefetchRelatedMTICacheTests test ordering expectations. 2025-08-05 10:13:00 +02:00
Jacob Walls
8914f4703c Fixed #35972 -- Fixed lookup crashes after subquery annotations. 2025-08-04 10:14:01 +02:00
Simon Charette
079d31e698 Fixed #34871, #36518 -- Implemented unresolved lookups expression replacement. 
This allows the proper resolving of lookups when performing constraint
validation involving Q and Case objects.

Thanks Andrew Roberts for the report and Sarah for the tests and review.
 2025-08-04 09:22:53 +02:00
Mariusz Felisiak
500bd42b96
Refs #35844 -- Readded optional requirements on daily builds for Python 3.14. 2025-08-01 09:43:22 +02:00
antoliny0919
6ea3319079 Fixed #36511 -- Ensured filters came before table in keyboard navigation in admin changelist. 2025-07-30 17:32:39 +02:00