mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-05 16:06:07 +00:00
Code Issues 30 Releases Wiki Activity
27,305 Commits 28 Branches 426 Tags 637 MiB
32796826bb
Commit Graph

11285 Commits

Author SHA1 Message Date
Mariusz Felisiak
1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params. 
Regression in 4f5b58f5cd.

Thanks Florian Apolloner for the report and helping with tests.
 2019-08-14 15:25:35 +02:00
Claude Paroz
eed2e740f7 Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path. 
Thanks Nikita Krokosh for the initial patch.
 2019-08-13 19:44:10 +02:00
Akash Agrawal
c1b26c77a9 Fixed #30696 -- Removed obsolete mention of CheckConstraint in the AddConstraint docs. 
Follow up to 8eae094638.
 2019-08-11 15:39:48 +02:00
Akash Agrawal
af08a54415 Fixed #30670 -- Doc'd SchemaEditor.add/remove_constraint(). 2019-08-11 03:26:44 +02:00
Carlton Gibson
514efa3129 Fixed #30688 -- Clarified base_manager_name docs. 2019-08-09 10:08:06 +02:00
Adnan Umer
8d3519071e Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning. 2019-08-08 21:14:06 +02:00
Andrew Godwin
052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer
c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak
1af469e67f Added stub release notes for 2.2.5. 2019-08-02 20:32:21 +02:00
niauah
75f8264083 Corrected StreamingHttpResponse.streaming_content description in docs. 2019-08-02 16:37:49 +02:00
Nick Pope
194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
Carlton Gibson
a5652eb795 Added CVE-2019-14235 to security release archive. 2019-08-01 12:01:27 +02:00
Carlton Gibson
3a6a2f5eaf Added CVE-2019-14234 to security release archive. 2019-08-01 11:59:45 +02:00
Carlton Gibson
9600f63885 Added CVE-2019-14233 to security release archive. 2019-08-01 11:57:24 +02:00
Carlton Gibson
87750787d1 Added CVE-2019-14232 to the security release archive. 2019-08-01 11:54:24 +02:00
Florian Apolloner
76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Mariusz Felisiak
7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection. 
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
 2019-08-01 09:24:54 +02:00
Florian Apolloner
4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Florian Apolloner
7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Étienne Beaulé
5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Nick Pope
f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope
1692f69e37 Refs #30160 -- Doc'd startapp/startproject support for tarfile templates. 2019-07-31 09:46:24 +02:00
Nick Pope
69a30f620e Refs #30160 -- Simplified archive extension map and added other aliases. 2019-07-31 09:46:17 +02:00
daniel a rios
68aeb90160 Fixed #30656 -- Added QuerySet.bulk_update() to the database optimization docs. 2019-07-29 09:52:29 +02:00
daniel a rios
fe33fdc049 Refs #30656 -- Reorganized bulk methods in the database optimization docs. 2019-07-29 09:52:29 +02:00
Jon Dufresne
4122d9d3f1 Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames. 
Regression in 519016e5f2.
 2019-07-27 12:04:56 +02:00
Carlton Gibson
f13147c8de Added stub release notes for security releases. 2019-07-25 10:49:30 +02:00
Jon Dufresne
5ed20b3aa3 Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute. 
Allows model fields to override the descriptor class used on the model
instance attribute.
 2019-07-25 08:15:20 +02:00
Tom Forbes
fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
terminator14
8323691de0 Fixed typo in docs/topics/http/sessions.txt. 2019-07-23 15:10:58 +02:00
Tom Forbes
2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Mariusz Felisiak
fc1182af01 Refs #30083 -- Added a warning about performing queries in pre/post_init receivers. 
Thanks Carlton Gibson the review.
 2019-07-19 16:06:05 +02:00
Mariusz Felisiak
a2e1c17f19 Refs #30083 -- Clarified database state of instances in signals.pre_init docs. 2019-07-19 16:06:05 +02:00
Davit Gachechiladze
7f612eda80 Fixed #30648 -- Removed unnecessary overriding get_context_data() from mixins with CBVs docs. 2019-07-18 18:40:40 +02:00
Mariusz Felisiak
230d75f59c
Refs #30547 -- Clarified that partial UniqueConstraints don't affect model validation. 2019-07-18 12:56:25 +02:00
Mads Jensen
a3417282ac Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL. 
Thanks to Nick Pope and Mariusz Felisiak for review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-07-16 18:04:41 +02:00
Mads Jensen
7174cf0b00 Refs #29824 -- Added RangeOperators helper class. 2019-07-16 16:57:46 +02:00
Mariusz Felisiak
ad4e83a6d1
Fixed heading level typo in docs/ref/contrib/postgres/fields.txt. 2019-07-16 15:08:14 +02:00
Frank Wiles
fa65b90a96 Updated WSGI servers ordering according to the more commonly used. 2019-07-16 14:43:59 +02:00
Frank Wiles
c1b94e32fb Fixed explanation of how to automatically create tables in database. 2019-07-15 11:04:30 +02:00
Hasan Ramezani
8dd5877f58 Doc'd --no-input option for createsuperuser. 2019-07-11 10:25:39 +02:00
Johannes Hoppe
00d4e6f8b5 Updated Select2 to version 4.0.7. 2019-07-10 12:31:16 +02:00
Mariusz Felisiak
7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type. 
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.

Regression in 6b048b364c.
 2019-07-10 10:33:36 +02:00
Simon Charette
ee6e93ec87 Fixed #30628 -- Adjusted expression identity to differentiate bound fields. 
Expressions referring to different bound fields should not be
considered equal.

Thanks Julien Enselme for the detailed report.

Regression in bc7e288ca9.
 2019-07-10 07:46:08 +02:00
Mariusz Felisiak
24e8f7f7d3 Fixed typos in docs/ref/django-admin.txt. 2019-07-09 13:38:11 +02:00
Mariusz Felisiak
08e69cad9c Added stub release notes for 2.2.4. 2019-07-09 07:39:35 +02:00
can
febe136d4c Fixed #30397 -- Added app_label/class interpolation for names of indexes and constraints. 2019-07-08 14:57:56 +02:00
Johannes Hoppe
bc91f27a86 Refs #29444 -- Added support for fetching a returned non-integer insert values on Oracle. 
This is currently not actively used, since the ORM will ask the
SQL compiler to only return auto fields.
 2019-07-08 08:53:08 +02:00
Nuno
34a88b21da Fixed #30620 -- Made an example of admin-compliant custom user app pep8 compliant. 2019-07-08 07:39:28 +02:00
can
53209f7830 Fixed #30613 -- Moved index name validation to system checks. 2019-07-05 09:30:21 +02:00
sp1rs
f197c3dd91 Fixed #30600 -- Clarified that ValueError raised by converter.to_python() means no match. 2019-07-04 13:14:51 +02:00
luto
d37ea5f09b Fixed #28581 -- Moved django.core.paginator documentation to API Reference. 
Co-Authored-By: Arman <armansabyrov@gmail.com>
 2019-07-04 11:04:39 +02:00
luto
93b611c797 Refs #28581 -- Doc's how to paginate a ListView. 2019-07-04 11:04:31 +02:00
swatantra
c13e3715f5 Fixed #28667 -- Clarified how to override list of forms fields for custom UserAdmin with a custom user model. 2019-07-04 08:05:20 +02:00
Hasan Ramezani
a5308514fb Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields. 2019-07-02 12:55:09 +02:00
Carlton Gibson
4b32d039db Fixed #28588 -- Doc'd User.has_perm() & co. behavior for active superusers. 
Equivalent note for PermissionsMixin was added in d33864ed13.
 2019-07-02 11:20:53 +02:00
Min ho Kim
fbb83fefd4 Fixed typos in comments and docs. 2019-07-02 09:36:17 +02:00
aitoehigie
c2f381ef17 Fixed #30589 -- Clarified that urlize should be applied only to email addresses without single quotes. 2019-07-01 11:39:31 +02:00
Mariusz Felisiak
868cd56f05 Added CVE-2019-12781 to the security release archive. 2019-07-01 10:14:36 +02:00
Mariusz Felisiak
fc41401f33 Added release date for 2.2.3. 2019-07-01 07:48:45 +02:00
Carlton Gibson
54d0f5e62f Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. 
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.

HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.

Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
 2019-07-01 07:48:04 +02:00
Mariusz Felisiak
30b3ee9d0b Added stub release notes for security releases. 2019-07-01 06:57:27 +02:00
Claude Paroz
d54baf6970 Updated translations from Transifex 
Forward port of b3f7262e6e from stable/2.2.x
 2019-06-29 16:17:16 +02:00
nsasaki128
a289e79679 Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator. 2019-06-26 09:25:24 +02:00
Tom Forbes
8454f6dea4 Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute. 2019-06-26 06:44:10 +02:00
Meysam
833878411c Fixed typo in docs/topics/db/models.txt. 2019-06-24 09:04:33 +02:00
Alexey Opalev
2f91e7832f Fixed typo in docs/ref/models/indexes.txt. 2019-06-24 08:58:56 +02:00
Claude Paroz
8590726a5d Removed unneeded non-breaking spaces added in 00169bc36 2019-06-22 10:26:14 +02:00
Nadège Michel
87b1ad6e73 Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField. 2019-06-21 15:03:17 +02:00
Jon Dufresne
2ef6f209f7 Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes. 2019-06-21 07:07:23 +02:00
Mariusz Felisiak
9aeac29949
Removed unnecessary backslashes from docs. 2019-06-20 14:04:36 +02:00
Andrew Godwin
a415ce70be Fixed #30451 -- Added ASGI handler and coroutine-safety. 
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
 2019-06-20 12:29:43 +02:00
Chris Jerdonek
cce47ff65a Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object. 2019-06-20 11:48:49 +02:00
Chris Jerdonek
533311782f Refs #30565 -- Doc'd HttpResponse.close() method. 2019-06-20 11:48:49 +02:00
Swat009
00169bc361 Fixed #30547 -- Doc'd how Meta.constraints affect model validation. 2019-06-20 10:44:02 +02:00
Hasan Ramezani
a7038adbd0 Fixed typos in signals and custom management commands docs. 2019-06-19 08:40:46 +02:00
Hasan Ramezani
036362e0cf Fixed typos and example in signals.pre_init docs. 2019-06-18 14:51:17 +02:00
Sanyam Khurana
87f5d07eed Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names. 2019-06-14 18:20:29 +02:00
Joachim Jablon
0c2ffdd526 Fixed an example of email with display name in EmailMessage.from_email. 2019-06-13 16:22:15 +02:00
Mariusz Felisiak
fc2536fe66
Refs #29548 -- Doc'd MariaDB support for GIS database functions. 2019-06-13 10:26:21 +02:00
can
fde9b7d35e Fixed #30128 -- Fixed handling timedelta timezone in database functions. 2019-06-13 09:29:43 +02:00
Mariusz Felisiak
b616f65855
Added missing support for PointOnSurface function on MariaDB. 2019-06-12 10:51:43 +02:00
Jon Dufresne
9e38ed0536 Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters. 
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692.

For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.

For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
 2019-06-11 20:34:59 +02:00
Jon Dufresne
175656e166 Fixed intword example in docs/ref/contrib/humanize.txt. 2019-06-11 20:18:36 +02:00
Vyacheslav Ver
76b3fc5c8d Fixed #30486 -- Fixed the default value of Aggregate.distinct and updated example of custom aggregate functions. 2019-06-11 11:40:48 +02:00
Mykola Nicholas
f3a03d5b61 Changed charset and collation link to MySQL docs. 2019-06-11 11:16:27 +02:00
swatantra
03cd3d137e Fixed #30553 -- Clarified the default value of disable_existing_loggers. 2019-06-10 13:38:49 +02:00
Hasan Ramezani
dcb8f00d06 Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields. 
Thank you to Nick Pope for review.

Co-authored-by: CHI Cheng <cloudream@gmail.com>
 2019-06-07 12:44:39 +02:00
Tobias Bengfort
581a0f4545 Refs #30226 -- Added User.get_user_permissions() method. 
Added to mirror the existing User.get_group_permissions().
 2019-06-05 13:56:37 +02:00
Tobias Bengfort
75337a6050 Fixed #30226 -- Added BaseBackend for authentication. 2019-06-05 13:39:46 +02:00
Étienne Beaulé
4b6dfe1622 Fixed #30542 -- Fixed crash of numerical aggregations with filter. 
Filters in annotations crashed when used with numerical-type
aggregations (i.e. Avg, StdDev, and Variance). This was caused as the
source expressions no not necessarily have an output_field (such as the
filter field), which lead to an AttributeError: 'WhereNode' object has
no attribute output_field.

Thanks to Chuan-Zheng Lee for the report.

Regression in c690afb873 and two following
commits.
 2019-06-05 08:06:26 +02:00
Mariusz Felisiak
1f81e2df69 Added stub release notes for 2.2.3. 2019-06-05 06:57:44 +02:00
Carlton Gibson
8a187bfa3b Updated release process notes for oss-security list content guidelines. 
c.f. https://oss-security.openwall.org/wiki/mailing-lists/oss-security#list-content-guidelines
 2019-06-04 16:40:25 +02:00
Caio Ariede
5248abe9b0 Fixed #30505 -- Doc'd how changes in the order of Field.choices affect migrations. 2019-06-04 14:11:41 +02:00
Nick Pope
21b1d23912 Added CVE-2019-12308 to the security release archive. 2019-06-03 21:44:55 +02:00
Nick Pope
8fb0ea5583 Added CVE-2019-11358 to the security release archive. 2019-06-03 21:44:55 +02:00
Mariusz Felisiak
100ec901ae Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes. 2019-06-03 14:08:51 +02:00
Mariusz Felisiak
5ab75adb90 Removed redundant object descriptions to prevent warnings with Sphinx 2.1.0. 2019-06-03 14:08:51 +02:00
Carlton Gibson
34ec52269a Applied jQuery patch for CVE-2019-11358. 2019-06-03 11:36:12 +02:00
Carlton Gibson
deeba6d920 Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link. 2019-06-03 11:36:12 +02:00