1
0
mirror of https://github.com/django/django.git synced 2024-12-22 17:16:24 +00:00
Commit Graph

16029 Commits

Author SHA1 Message Date
tschilling
0d1ba84d13 Fixed #20702 -- Deprecated get_formsets in favor of get_formsets_with_inlines.
Thanks stanislas.guerra at gmail.com for the report.
2013-09-20 07:47:24 -04:00
Paul McMillan
f8f47718ab Merge pull request #1644 from PaulMcMillan/bump_hash_iterations
Increase default PBKDF2 iterations
2013-09-19 12:17:56 -07:00
Markus Amalthea Magnuson
2c5c422d34 Added missing "in" in sentence. 2013-09-19 13:26:01 -04:00
yokomizor
df27803a55 Fixed #9532 -- Added min_num and validate_min on formsets.
Thanks gsf for the suggestion.
2013-09-19 13:11:49 -04:00
Paul McMillan
a075e2ad0d Increase default PBKDF2 iterations
Increases the default PBKDF2 iterations, since computers have gotten
faster since 2011. In the future, we plan to increment by 10% per
major version.
2013-09-19 18:02:25 +01:00
Kevin Christopher Henry
59a34c43a8 Fixed #18744 -- Updated docstring to highlight limitations of NamedTemporaryFile
- Noted that this does not allow for reading and writing the same open
file in different processes under Windows.
- Noted that the keyword arguments to NamedTemporaryFile no longer
match the Python version.
2013-09-19 10:12:03 -04:00
Curtis Maloney
4e9f800742 Fixed #21125 -- Removed support for cache URI syntax 2013-09-19 10:01:39 -04:00
Tim Graham
7fec5a2240 Fixed #7557 -- Added type checking to Variable initialization.
Thanks tobias for the suggestion and boblefrag and saz for work on the
patch.
2013-09-19 09:27:19 -04:00
Tim Graham
55b9bff07f Added __pycache__ to gitignore 2013-09-19 06:37:23 -04:00
Tim Graham
e23de9e350 Fixed typo in exception message; refs #19414
Thanks Alexey Boriskin for the report.
2013-09-19 06:24:12 -04:00
Russell Keith-Magee
9d3e60aa3e Reworked security issue list to be per-issue, not per-release. 2013-09-19 14:57:01 +08:00
Russell Keith-Magee
8e134c27c9 Corrected markup problems in new security summary page. 2013-09-19 13:57:02 +08:00
Alex Gaynor
8b3bae9466 Fixed two typos in the docs 2013-09-18 23:29:55 -05:00
Alex Gaynor
c65ae7c969 Fixed a typo in the docs 2013-09-18 23:26:24 -05:00
Russell Keith-Magee
bbabc5325c Merge pull request #1641 from ubernostrum/security-issues-docs-21121
Fix #21121: Add archive of security issues.
2013-09-18 21:19:06 -07:00
James Bennett
a2e25e8a83 Fix #21121: Add archive of security issues. 2013-09-18 23:13:04 -05:00
Brian Holdefehr
98514849dc Fixed #19414 -- Added admin registration decorator
Thanks stavros for the suggestion.
2013-09-18 11:44:10 -04:00
Tim Graham
d1c9802811 Fixed #21116 -- Made usage of manage.py in docs more consistent.
Thanks daniel.quattro at gmail.com for the report.
2013-09-18 10:35:41 -04:00
Tim Graham
2daada800f Fixed #21098 -- Applied sensitive_post_parameters to MultiValueDict
Thanks simonpercivall for the report and bmispelon for the review.
2013-09-18 09:48:36 -04:00
Tim Graham
4f40b97d97 Fixed #21118 -- Isolated a test that uses the database.
Thanks rmboggs for the report.
2013-09-18 09:42:47 -04:00
Berker Peksag
2f0566fa61 Fixed #4278 -- Added a dirs parameter to a few functions to override TEMPLATE_DIRS.
* django.template.loader.get_template()
* django.template.loader.select_template()
* django.shortcuts.render()
* django.shortcuts.render_to_response()

Thanks amcnabb for the suggestion.
2013-09-18 07:37:08 -04:00
Tim Graham
893198509e Fixed #15625 -- Made message in MultiValueDictKeyError less verbose.
Thanks margieroginski for the suggestion.
2013-09-18 06:44:38 -04:00
Anssi Kääriäinen
50633e7353 Fixed #12568 -- no error when accessing custom field's descriptor
The SubfieldBase's descriptor caused an AttributeError when accessed
from the class. Introspection didn't like that.

Patch by Trac alias supervacuo.
2013-09-18 10:03:52 +03:00
Tim Graham
5be56d0e0d Fixed #21024 -- Documented how to deprecate a feature. 2013-09-17 13:23:32 -04:00
Markus Holtermann
a772ea8117 Fixed #21115 -- Fixed NameError in migrate --list command 2013-09-17 12:53:59 -04:00
Florian Apolloner
2c6079775e Destroy selenium before live server threads.
Ensure that selenium quits before the live server thread to
prevent occasional hangs when killing the live server.
2013-09-17 18:39:25 +02:00
Markus Holtermann
5a424c2393 Fixed #21114 -- Migrations must not have a dependency to themselves. 2013-09-17 11:47:19 -04:00
Florian Apolloner
73a610d2a8 Final attempt to solve sporadic test failures.
tearDownClass is not called if setUpClass throws an exception, in our case
this means that LiveServerTestCase leaks LiveServerThread sockets if the
test happens to be skipped later on, and AdminSeleniumWebDriverTestCase
doesn't close it's already open browser window. To prevent this leakage
we catch errors where needed and manually call _tearDownClassInternal.
_tearDownClassInternal should be written as defensively as possible since
it is not allowed to make any assumptions on how far setUpClass got.

This patch should fix the sporadic "Address already in use"-errors on jenkins
and also the "This code isn't under transaction management"-error for sqlite
(also just on jenkins).

After discussion with koniiiik, jezdez, kmtracey, tos9, lifeless, nedbat and
voidspace it was decided that this is the safest approach (thanks to everyone
for their comments and help). Manually calling tearDownClass was shut down
cause we don't know how our users override our classes.

This is a private and very specialized API on purpose and should not be used
without a strong reason!

This patch partially reverts the earlier attempts to fix those issues,
namely:
	2fa0dd73b1 and
	3c5775d36f

Final note: If this patch breaks in a later version of Django, please be
very careful on how you fix it, you might not see test failures locally.
That said, this patch hopefully doesn't produce even more failures.
2013-09-17 16:41:01 +02:00
Beshr Kayali
8e04ad9fc2 Added Arabic mapping to contrib/admin/static/admin/js/urlify.js 2013-09-17 10:34:12 -04:00
Simon Charette
f5f662fa5f Fixed #21112 -- Make sure sitemaps with no lastmod date work correctly.
Thanks to Matthias Kestenholz for the report and patch.
2013-09-17 10:21:11 -04:00
Anssi Kääriäinen
9400142132 Fixed #21109 -- made db cursor error wrapping faster 2013-09-17 12:18:55 +03:00
Aymeric Augustin
5abc43cabf Updated examples in the docs after eade315d. 2013-09-17 10:05:45 +02:00
Ramiro Morales
9d12f68a53 Reworded a paragraph in the logging docs. 2013-09-16 17:49:46 -03:00
Tim Graham
1234225068 Fixed test failures introduced in previous commit. 2013-09-16 13:12:50 -04:00
Tim Graham
f40c82213f Added backwards compatability shims for util modules.
refs #17627
2013-09-16 12:53:42 -04:00
Tim Graham
18ffdb1772 Fixed #17627 -- Renamed util.py files to utils.py
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Tim Graham
8d29005524 Cleaned up 1.5.4/1.4.8 release notes 2013-09-15 14:14:26 -04:00
Russell Keith-Magee
aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Florian Apolloner
351a061497 Fixed a timing edge case in the RelatedFieldWidgetSeleniumFirefoxTests.
By settings an implicit wait timeout for the find_* methods we can wait
till the javascript code add the new option to the DOM.

See http://ci.djangoproject.com/job/Django/database=mysql_gis,python=python3.3/3174/testReport/junit/admin_widgets.tests/RelatedFieldWidgetSeleniumFirefoxTests/test_foreign_key_using_to_field/

Stacktrace:
Traceback (most recent call last):
  File "/var/lib/jenkins/jobs/Django/workspace/database/mysql_gis/python/python3.3/tests/admin_widgets/tests.py", line 1060, in test_foreign_key_using_to_field
      self.assertEqual(username_value, new_option.get_attribute('value'))
      AssertionError: 'newuser' != 'testser'
      - newuser
      + testser
2013-09-15 01:11:07 +02:00
Florian Apolloner
2fa0dd73b1 Fixed error handling in 3c5775d36f for non-operational webdrivers. 2013-09-14 23:24:48 +02:00
Florian Apolloner
3c5775d36f Delayed initialization of Selenium webdrivers.
If setUpClass throws an exception (in this case "Address already in use" if the
super call can't find any open port to bind too) tearDownClass is not called.
This results in open browser windows from the webdriver, hence we only construct
it once we are sure there is no code afterwards which could error out.
2013-09-14 22:58:30 +02:00
Alex Gaynor
bac86ad1a3 REmoved some unused imports 2013-09-14 12:34:57 -07:00
Alex Gaynor
5c645ec81a Merge branch 'master' of https://github.com/django/django 2013-09-14 12:32:45 -07:00
Alex Gaynor
496b4d0331 Removed an import * that was masking importing stuff from the wrong location 2013-09-14 12:32:25 -07:00
Anssi Kääriäinen
ff723d894d Fixed #20950 -- Instantiate OrderedDict() only when needed
The use of OrderedDict (even an empty one) was surprisingly slow. By
initializing OrderedDict only when needed it is possible to save
non-trivial amount of computing time (Model.save() is around 30% faster
for example).

This commit targetted sql.Query only, there are likely other places
which could use similar optimizations.
2013-09-14 20:52:17 +03:00
Tim Graham
886bb9d878 Revert "Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique"
This reverts commit c1ec08998d.

There are backwards compatability concerns with this.
2013-09-14 07:19:32 -04:00
Anssi Kääriäinen
74b91b3888 Added tests for double-pickling a QuerySet
Refs #21102.
2013-09-14 10:33:15 +03:00
Michael Manfre
c89d80e2cc Fixed #21097 - Added DatabaseFeature.can_introspect_autofield 2013-09-14 09:48:59 +03:00
Juan Catalano
6feb75129f Fixed #21060 -- Refactored admin's autodiscover method to make it reusable.
We want to be able to use it for instance for discovering `tasks.py` modules
inside the INSTALLED_APPS.

This commit therefore moves the logic to `autodiscover_modules` method in
django.utils.module_loading.
2013-09-13 20:09:41 -04:00
Goetz
39b49fd339 Fixed #21101 -- Updated urlize documentation to mention email addresses 2013-09-13 12:42:06 -04:00