1
0
mirror of https://github.com/django/django.git synced 2024-12-27 11:35:53 +00:00
Commit Graph

29515 Commits

Author SHA1 Message Date
Mariusz Felisiak
f749148d62 Added CVE-2021-3281 to security archive. 2021-02-01 10:24:22 +01:00
Mariusz Felisiak
05413afa8c Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.
2021-02-01 09:07:36 +01:00
Sandro Covo
6822aa5c6c Fixed #32345 -- Fixed preserving encoded query strings in set_language() view.
Thanks Johannes Maron for the review.
2021-01-29 11:58:43 +01:00
Tilman Koschnick
fdfbc66331 Fixed #32392 -- Fixed ExclusionConstraint crash with Cast() in expressions. 2021-01-29 11:05:00 +01:00
Mariusz Felisiak
135c800fe6
Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database. 2021-01-29 11:00:12 +01:00
Adam Johnson
59e503b670 Modernized custom manager example
Since this example was added 15 years ago in a8ccdd0fcd, the ORM has gained the ability to do the `COUNT(*)` related query, so do it with the ORM to avoid misleading users that raw SQL is only supported from manager methods.
2021-01-28 15:59:39 +01:00
Denis Skulimovskiy
269a767146 Fixed #32391 -- Used CSS flex properties for changelist filter.
Matched layout adjustment using flex from admin sidebar added in
d24ba1be7a.

Filters would become squashed when viewport was
constrained or list display table became too wide.
2021-01-28 15:51:05 +01:00
Illia Volochii
3c004075b1 Fixed #32389 -- Fixed ResponseHeaders crash when data is not mapping. 2021-01-28 10:10:08 +01:00
Timothy McCurrach
241da3f06e Fixed #32388 -- Clarified QuerySet.bulk_update() caveat about duplicates for multiple batches. 2021-01-28 07:54:03 +01:00
David Smith
54102d20b2
Improved performance of django.forms.ChoiceWidget.optgroups(). 2021-01-27 21:10:11 +01:00
Adam Johnson
8a642b88c3 Changed "Don't overuse count() or exists()" example to Python. 2021-01-27 20:24:27 +01:00
tim-mccurrach
a736baab92
Fixed #32385 -- Removed unused and duplicated loading of tags in admin templates.
- `i18n` is duplicated in base.html.
- `l10n` is unused in prepopulated_fields_js.html
  since d638cdc42a.
- `static` is unused in change_list_results.html
  since f2ed107b07.
- `static` is unused in stacked.html
  since d61ebc8fed.
2021-01-27 12:16:12 +01:00
Hasan Ramezani
c978dd93fd Fixed #32290 -- Fixed TemplateNotFound in {% include %} tag for relative path in variable. 2021-01-27 10:07:31 +01:00
Hasan Ramezani
640a6e1dce Refs #32290 -- Added {% extends %} test for relative path in variable. 2021-01-27 09:37:03 +01:00
Carlton Gibson
f4272d000a Fixed #32348, Refs #29087 -- Corrected tutorial for updated deleting inlines UI.
Updated tutorial to match change in 24e540fbd7
allowing deletion of original extra inlines.
2021-01-27 08:44:36 +01:00
Mariusz Felisiak
b989d21336
Refs #26602 -- Added tests for aggregating over a RawSQL() annotation.
Fixed in 3f32154f40.

Thanks Manav Agarwal for initial test.
2021-01-26 10:59:05 +01:00
Jerin Peter George
1adc09064f Fixed #32347 -- Made ModelChoiceField include the value in ValidationError for invalid_choice. 2021-01-26 09:31:53 +01:00
Simon Charette
42e8cf47c7 Fixed #32369 -- Fixed adding check constraints with pattern lookups and expressions as rhs.
This disables interpolation of constraint creation statements. Since
Constraint.create_sql interpolates its parameters instead of deferring
this responsibility to the backend connection it must disable
connection level parameters interpolation.
2021-01-26 06:41:57 +01:00
Hannes Ljungberg
90ddf46ef7 Refs #26167 -- Corrected OpClass() example in docs. 2021-01-25 08:41:35 +01:00
Mariusz Felisiak
84ad7f3404
Refs #32380 -- Added test for distance lookups with F() expression.
Fixed in 5935a9aead.
2021-01-25 08:40:46 +01:00
Jack
2b4b6c8af0
Refs #32372 -- Updated manager name in related objects reference docs.
Follow up to 725c549ae7.
2021-01-22 20:18:44 +01:00
Timothy McCurrach
b1821fbad5 Fixed #32360 -- Added system check for FILE_UPLOAD_TEMP_DIR setting. 2021-01-22 07:51:00 +01:00
Jack Aitken
725c549ae7 Fixed #32372 -- Made examples in related objects reference docs consistent. 2021-01-22 06:33:33 +01:00
Mariusz Felisiak
a03a36121d Fixed #32367 -- Fixed system check for specifying type of auto-created primary keys for inherited PKs.
Regression in b5e12d490a.

Thanks אורי for the report.
2021-01-21 09:03:07 +01:00
Simon Charette
0c42cdf0d2 Fixed #32374 -- Stopped recording migration application before deferred SQL.
Migrations cannot be recorded in the same transaction as its associated
DDL operations when some of it is deferred until the schema editor
context exits.

Regression in c86a3d80a2.
2021-01-21 07:03:35 +01:00
Simon Charette
533a583578 Refs #29721 -- Simplified migration used to test atomic recording.
This makes sure atomic recording of migration application is used when
the schema editor doesn't defer any statement.
2021-01-21 06:50:23 +01:00
Matthias Kestenholz
7b3ec6bcc8 Fixed #32371 -- Doc'd jquery.init.js dependency for admin widgets. 2021-01-20 20:32:46 +01:00
Hasan Ramezani
dcb3ad3319 Fixed #32292 -- Added support for connection by service name to PostgreSQL. 2021-01-20 17:30:37 +01:00
Tom Carrick
f054468cac
Refs #31259 -- Made various dark theme adjustments. 2021-01-20 15:47:23 +01:00
Tom Forbes
bd308260d8 Used GitHub actions for isort and flake8 tests. 2021-01-20 10:49:16 +01:00
Mariusz Felisiak
cfddca543a
Fixed isolation of utils_tests.test_autoreload tests. 2021-01-20 09:53:34 +01:00
Jon Dufresne
dc2ddfe91a Refs #32165 -- Bumped minimum ESLint version to 7.16.0 to match pre-commit configuration. 2021-01-19 21:11:34 +01:00
Tom Forbes
bbd18943c6 Used GitHub actions for JavaScript tests. 2021-01-19 20:14:56 +01:00
Nick Pope
0bcce2e246 Bumped minimum grunt-contrib-qunit version to 4.0.0. 2021-01-19 20:09:17 +01:00
muskanvaswan
ab7478d1d4 Fixed #32324 -- Added template block to override the admin site header. 2021-01-19 12:27:07 +01:00
Mariusz Felisiak
5371342ed6
Fixed #32357 -- Dropped support for PostgreSQL 9.6 and PostGIS 2.3. 2021-01-19 12:25:20 +01:00
Paul Ganssle
10d1261984 Refs #32365 -- Allowed use of non-pytz timezone implementations. 2021-01-19 11:59:37 +01:00
Mariusz Felisiak
73ffc73b68 Corrected versionadded annotations. 2021-01-19 11:52:47 +01:00
Adam Johnson
8c7ff7b8cf
Removed unreachable SystemExit check.
This check dates back to Python <2.5, before Python introduced
BaseException to prevent exactly unwarranted catching of SystemExit
(and others).

response_for_exception() is only called under `except Exception` or
`except Http404` so it's now impossible for a SystemExit instance to
reach the branch.
2021-01-19 07:04:53 +01:00
David Smith
6b01511f04
Removed unnecessary empty dict creation in ChoiceWidget.create_option().
build_atttrs() already creates an empty dict if extra_attrs is None.
2021-01-19 06:52:34 +01:00
Hasan Ramezani
34aa4f1997 Fixed #32296 -- Added --skip-checks option to runserver command. 2021-01-18 12:51:35 +01:00
Mariusz Felisiak
e8b4f23115 Fixed isolation of test_check_errors_catches_all_exceptions. 2021-01-18 12:51:35 +01:00
Illia Volochii
bef6f75842 Fixed #32358 -- Fixed queryset crash when grouping by annotation with Distance()/Area().
Made MeasureBase hashable.
2021-01-18 09:58:50 +01:00
Timothy McCurrach
0aff3fd711 Fixed #18549 -- Fixed heading for inlines with a OneToOneField.
Used verbose_name instead of verbose_name_plural.
2021-01-18 08:12:19 +01:00
Timothy McCurrach
13409a0c0d Refs #18549 -- Added test for heading of foreign key inlines. 2021-01-18 07:38:12 +01:00
David Smith
e58f79c535
Improved performance of DecimalField.
strip() is unnecessary because decimal.Decimal() strips the input value.
2021-01-16 17:49:02 +01:00
Mariusz Felisiak
88e972e46d
Fixed #32265, Refs #32355 -- Removed unnecessary ServerHandler.handle_error().
ConnectionAbortedError, BrokenPipeError, ConnectionResetError raised
from SocketServer.BaseServer.finish_request() are already suppressed
by wsgiref.handlers.BaseHandler.run() in Python 3.7+, see
47ffc1a9f6
2021-01-16 17:37:53 +01:00
Claude Paroz
e0a46367df Updated source translation catalogs.
Forwardport of 3dc3a952b2 from stable/3.2.x.
2021-01-15 09:43:45 +01:00
Mariusz Felisiak
a948d9df39 Increased the default PBKDF2 iterations for Django 4.0. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak
b4c5f878bd Advanced deprecation warnings for Django 4.0. 2021-01-14 17:50:04 +01:00