mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-14 19:30:46 +00:00
Code Issues 32 Releases Wiki Activity
18,634 Commits 29 Branches 437 Tags
Commit Graph

1235 Commits

Author SHA1 Message Date
Tim Graham
2a4113dbd5 [1.7.x] Made is_safe_url() reject URLs that start with control characters. 
This is a security fix; disclosure to follow shortly.
 2015-03-18 08:51:51 -04:00
Tim Graham
e63363f8e0 [1.7.x] Fixed an infinite loop possibility in strip_tags(). 
This is a security fix; disclosure to follow shortly.
 2015-03-18 08:51:21 -04:00
Tim Graham
26fd726274 [1.7.x] Added stub release notes for security releases. 2015-03-18 08:50:49 -04:00
Tim Graham
1189271371 [1.7.x] Refs #24487 -- Added upgrade tips about removal of SortedDict. 
Thanks Pascal Chambon for the initial patch.

Backport of c5c8751147d41913a05e86097ea29ccc9fc2e5be from master
 2015-03-17 13:42:57 -04:00
John Giannelos
cb48e192fb [1.7.x] Fixed #24427 -- Stopped writing migration files in dry run mode when merging. 
Also added display of migration to stdout when verbosity=3.

Backport of 8758a63ddbbf7a2626bd84d50cfe83b477e8de0a from master
 2015-03-16 19:58:08 -04:00
Steven Das
2583ee2a7e [1.7.x] Added comma to improve readability in 1.7 release notes. 
Backport of 4f494ed0c60cdfc44b65aeea7f42f6b7245c03af from master
 2015-03-16 08:17:15 -04:00
Matthew Wilkes
d0607a7eee [1.7.x] Fixed #24354 -- Prevented repointing of relations on superclasses when migrating a subclass's name change 2015-03-14 15:35:16 -04:00
Tim Graham
ee24ba2666 [1.7.x] Added stub release notes for 1.7.7. 
Backport of ea9157f681654d393c970108866edb344b65a1aa from master
 2015-03-09 13:10:15 -04:00
Baptiste Mispelon
2654e1b939 [1.7.x] Fixed #24461 -- Fixed XSS issue in ModelAdmin.readonly_fields 2015-03-09 10:17:54 -04:00
Tim Graham
5a3b531121 [1.7.x] Clarified an item in 1.7.6 release notes. 
Backport of 300fdbbebba45cb4e7f32edc524171019d9bce80 from master
 2015-03-09 10:11:49 -04:00
Jean-Louis Fuchs
283b630d63 Fixed #24447 -- Made migrations add FK constraints for existing columns 
When altering from e.g. an IntegerField to a ForeignKey, Django didn't
add a constraint.

Backport of f4f0060feaee6bbd76a0d575487682bc541111e4 from master
 2015-03-07 14:30:28 +01:00
Gabriel Muñumel
0831a43c3a [1.7.x] Fixed #24352 -- Fixed crash when coercing `ManyRelatedManager` to a string. 2015-02-26 11:00:52 -05:00
Tim Graham
aa6853da22 [1.7.x] Added stub release notes for 1.7.6. 
Backport of 71820721a19f5628b3176f16813d47378cb2c3cb from master
 2015-02-25 09:11:47 -05:00
Tim Graham
10f7c96f01 [1.7.x] Added release date for 1.7.5 release. 
Backport of aca73737da8ba173ad9435b1e9e1fe5d8516f3b3 from master
 2015-02-25 08:48:02 -05:00
Kenneth Kam
6e8f42cfc7 [1.7.x] Fixed #23762 -- clarified CACHE_MIDDLEWARE_ANONYMOUS_ONLY deprecation in docs 
Backport of e83aba0e2cce16cd1b32d1c172239a4e20867e95 from master
 2015-02-23 09:23:59 -05:00
Emin Mastizada
61705f0091 [1.7.x] Added formats for the Azerbaijani locale. 
Backport of dda2a3cf4cc29d01de180f66d19441f300732e52 from master
 2015-02-23 07:37:46 -05:00
Sean Wang
a3f7b034d7 [1.7.x] Fixed #24358 -- Corrected code-block directives for console sessions. 
Backport of eba6dff581aa8bd6a1c08456e83e68ad09ae4ec3 from master
 2015-02-22 09:38:54 -05:00
Tim Graham
c231ec1af0 [1.7.x] Fixed typo in path to is_safe_url() 
Backport of dd0b487872de4e3ff966da51e3610bac996e44f0 from master
 2015-02-20 09:22:24 -05:00
Aymeric Augustin
9b7d512d5f [1.7.x] Fixed #24318 -- Set the transaction isolation level with psycopg >= 2.4.2. 
Backport of 76356d96 from master
 2015-02-14 18:52:53 +01:00
Tim Graham
1b93b0977d [1.7.x] Fixed #24332 -- Fixed contrib.sites create_default_site() when 'default' DATABASES is empty. 
Backport of e8cf4f8abec87b9da6ed8e5c8cf833af9b27f4dd from master
 2015-02-13 07:08:49 -05:00
Markus Holtermann
f8c040e167 [1.7.x] Fixed #24236 -- Treated inherited m2m fields as such if they don't define get_internal_type() 
Regression introduced in 3d4a826174b7a411a03be39725e60c940944a7fe

Thanks IRC user ris for the report, Loïc Bistuer, Anssi Kääriäinen and
Andriy Sokolovskiy for the discussion and Tim Graham for the review.
 2015-02-09 16:48:51 +01:00
Markus Holtermann
208d5c42e7 [1.7.x] Revert "[1.7.x] Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth" 
This reverts commit 478546fcef38d95866a92bc44d10e15b26c7254c.

Backport of 2832a9b028c267997b2fd3dd0989670d57cdd08f from master
 2015-02-07 20:50:15 +01:00
Tim Graham
39a8640e30 [1.7.x] Added stub 1.7.5 release notes. 
Backport of ac6033d8835ac54c1222801f6aeb47f9997b517a from master
 2015-01-28 06:39:22 -05:00
Tim Graham
c93fb26527 [1.7.x] Added 1.4.19 release notes. 
Backport of 6f8418089c5e81d12718187da2140394ed30da43 from master
 2015-01-27 11:48:33 -05:00
Andriy Sokolovskiy
3d4a826174 [1.7.x] Fixed #24104 -- Fixed check to look on field.get_internal_type() instead of class instance 2015-01-27 14:40:39 +01:00
Claude Paroz
b1bf8d64fb [1.7.x] Fixed #24193 -- Prevented unclosed file warnings in static.serve() 
This regression was caused by 818e59a3f0. The patch is a partial
backport of the new FileResponse class available in later Django
versions.
Thanks Raphaël Hertzog for the report, and Tim Graham and Collin
Anderson for the reviews.
 2015-01-23 08:58:34 +01:00
Markus Holtermann
db2a97870d [1.7.x] Fixed #24163 -- Removed unique constraint after index on MySQL 
Thanks Łukasz Harasimowicz for the report.

Backport of 5792e6a88c1444d4ec84abe62077338ad3765b80 from master
 2015-01-19 17:25:05 +01:00
Tim Graham
bb2b4acc7a [1.7.x] Added deprecation docs for legacy lookup support; refs #16187. 
Backport of 8e435a564034c59ac408ec71283d8ac6ede2ce1f from master
 2015-01-19 10:45:55 -05:00
Tim Graham
07bd23d329 [1.7.x] Added missing items to deprecation timeline/1.7 release notes. 
Backport of ecf109f2159f4581adb354263406116c2bda11d7 from master.
 2015-01-18 21:26:19 -05:00
Tim Graham
af523573fc [1.7.x] Clarified deprecation of forms.forms.get_declared_fields(); refs #19617. 
Backport of 89e9f81601f7a343690e1153e70fd56091246d0b from master
 2015-01-18 16:07:48 -05:00
Tim Graham
e8191caca5 [1.7.x] Clarified a contrib.sites deprecation and added to 1.7 release notes. 
Backport of ba27f895878bb155fefb8c1b9beee2c9f3d85b3f from master
 2015-01-18 13:45:40 -05:00
Tim Graham
065b2a82f6 [1.7.x] Fixed #24135 -- Made RenameModel rename many-to-many tables. 
Thanks Simon and Markus for reviews.

Backport of 28db4af80a319485c0da724d692e2f8396aa57e3 from master
 2015-01-15 20:43:49 -05:00
Markus Holtermann
478546fcef [1.7.x] Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth 
Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.

Backport of 737d24923ac69bb8b89af1bb2f3f4c4c744349e8 from master.
 2015-01-14 20:37:56 +01:00
Tim Graham
2e2617991a [1.7.x] Added stub release notes for 1.7.4. 
Backport of ec7ef5afbbd12abe74314d557aabb3d85d667749 from master
 2015-01-14 09:48:06 -05:00
Tim Graham
9b403a108c [1.7.x] Added dates to release notes. 2015-01-13 13:09:34 -05:00
Tim Graham
bcfb47780c [1.7.x] Fixed DoS possibility in ModelMultipleChoiceField. 
This is a security fix. Disclosure following shortly.

Thanks Keryn Knight for the report and initial patch.
 2015-01-13 13:02:56 -05:00
Tim Graham
818e59a3f0 [1.7.x] Prevented views.static.serve() from using large memory on large files. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:02:56 -05:00
Tim Graham
de67dedc77 [1.7.x] Fixed is_safe_url() to handle leading whitespace. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:02:56 -05:00
Carl Meyer
41b4bc73ee [1.7.x] Stripped headers containing underscores to prevent spoofing in WSGI environ. 
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
 2015-01-13 13:02:56 -05:00
Tim Graham
33f1ccf5b1 [1.7.x] Added stub release notes for security releases. 2015-01-13 13:02:55 -05:00
Markus Holtermann
ef5889409b [1.7.x] Fixed #24110 -- Rewrote migration unapply to preserve intermediate states 
Backport of fdc2cc948725866212a9bcc97b9b7cf21bb49b90 and be158e36251df0b07556657da47cdaf10913c57a from master
 2015-01-11 00:35:49 +01:00
Serafeim Papastefanos
1a352fe175 [1.7.x] Fixed #23967 -- Added formats for Greek 
Backport of 74f02557e0183812d6d60e2548985c5c40b3d27b from master
 2015-01-10 11:11:57 -05:00
Claude Paroz
7e65876b7c [1.7.x] Fixed #24097 -- Prevented AttributeError in redirect_to_login 
Thanks Peter Schmidt for the report and the initial patch.
Thanks to Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
Backport of d7bc37d61 from master.
 2015-01-10 10:13:50 +01:00
Claude Paroz
d8fb557a51 [1.7.x] Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware 
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
Backport of 27dd7e7271 from master.
 2015-01-06 08:45:10 +01:00
Tim Graham
0e21fd4e40 [1.7.x] Added 1.4.18 release notes. 
Backport of ce17b045bf5629aac66f872c3f548205906e04db from master
 2015-01-05 14:25:36 -05:00
Tim Graham
4aed731154 [1.7.x] Increased the default PBKDF2 iterations. 2015-01-03 13:36:13 -05:00
Tim Graham
0a06ae9ef3 [1.7.x] Added 1.7.3 release notes stub. 
Backport of 439f15beabe2e4d21232798f805ba69367611276 from master
 2015-01-03 13:27:46 -05:00
Tim Graham
20dcf5155b [1.7.x] Added dates to release notes. 
Backport of 15cd71ed24945ff7be5716580603fd65c0d45ef7 from master
 2015-01-02 19:20:44 -05:00
Tim Graham
fda458c0b6 [1.7.x] Updated six to 1.9.0. 
Backport of 52f0b2b62262743d5f935ddae29428e661b5d8ea from master
 2015-01-02 13:23:18 -05:00
Tim Graham
f461bc02cb [1.7.x] Fixed #23366 -- Fixed a crash with the migrate --list command. 
Backport of b4bdd5262b18644456d12a00d475adf9897a9255 from master
 2014-12-31 17:27:43 -05:00