1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00
Commit Graph

29023 Commits

Author SHA1 Message Date
Nick Pope
c3d9b8b28f Increased test coverage for django.utils.datastructures.MultiValueDict.
Co-authored-by: Mads Jensen <mje@inducks.org>
2020-10-30 10:44:44 +01:00
Mads Jensen
825f8470f5 Increased test coverage for django.utils.datastructures.OrderedSet.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2020-10-30 10:44:44 +01:00
Simon Charette
384ac0990f Refs #32061 -- Prevented password leak on MySQL dbshell crash.
The usage of the --password flag when invoking the mysql CLI has the
potential of exposing the password in plain text if the command happens
to crash due to the inclusion of args provided to
subprocess.run(check=True) in the string representation of the
subprocess.CalledProcessError exception raised on non-zero return code.

Since this has the potential of leaking the password to logging
facilities configured to capture crashes (e.g. sys.excepthook, Sentry)
it's safer to rely on the MYSQL_PWD environment variable instead even
if its usage is discouraged due to potential leak through the ps
command on old flavors of Unix.

Thanks Charlie Denton for reporting the issue to the security team.

Refs #24999.
2020-10-30 10:12:52 +01:00
Simon Charette
eb25fdb620 Refs #32061 -- Added test for dbshell password leak on PostgreSQL. 2020-10-30 10:12:47 +01:00
Simon Charette
bbe6fbb876 Refs #32061 -- Unified DatabaseClient.runshell() in db backends. 2020-10-29 22:22:58 +01:00
Christian Klus
4ac2d4fa42 Fixed #32152 -- Fixed grouping by subquery aliases.
Regression in 42c08ee465.

Thanks Simon Charette for the review.
2020-10-29 09:56:09 +01:00
Caio Ariede
9ca22c7733 Fixed #26962 -- Doc'd running migrations in transactions. 2020-10-29 08:00:06 +01:00
Martin Thoma
302caa40e4 Made small readability improvements. 2020-10-28 20:20:20 +01:00
Hasan Ramezani
4eb756793b
Refs #28215 -- Marked auth credentials as sensitive variables.
Co-authored-by: Collin Anderson <collin@onetencommunications.com>
2020-10-28 14:21:53 +01:00
Jon Dufresne
cee93c6ba1 Refs #25780 -- Removed redundant status code assertions from tests. 2020-10-28 12:26:49 +01:00
Gagan Deep
982e860b73 Fixed #32062 -- Added %b support to Date.strftime.
This enables the admin to display the month as locale's abbreviated
name if %b is used in the date format.
2020-10-28 11:11:37 +01:00
Gagan Deep
0ee3cbd988 Added unit test for Date.getFullMonthName. 2020-10-28 11:11:37 +01:00
Simon Charette
8593e162c9 Fixed #32143 -- Used EXISTS to exclude multi-valued relationships.
As mentioned in the pre-existing split_exclude() docstring EXISTS is
easier to optimize for query planers and circumvents the IN (NULL)
handling issue.
2020-10-28 07:22:00 +01:00
Simon Charette
bbf141bcdc Refs #27149 -- Fixed sql.Query identity.
By making Query subclass BaseExpression in
3543129822 the former defined it's
identity based off _construct_args which is not appropriate.
2020-10-28 07:21:53 +01:00
alvinshaita
556fa4bbba Fixed #1891, Fixed #11707 -- Prevented duplicates with limit_choices_to on multi-value relations. 2020-10-27 20:40:04 +01:00
Josh Santos
36bc47069c Fixed #32127 -- Fixed admin change-form textarea layout for mid-sized displays. 2020-10-27 16:06:11 +01:00
Carlton Gibson
e17ee44688 Fixed #32128 -- Added asgiref 3.3 compatibility.
Thread sensitive parameter is True by default from asgiref v3.3.0.
Added an explicit thread_sensitive=False to previously implicit uses.
2020-10-27 11:24:07 +01:00
Nguyen You
0b4fe82c74
Improved naming consistency in BaseManage.contribute_to_class().
Matches signatures of other contribute_to_class() methods.
2020-10-27 10:51:03 +01:00
Tim Graham
c3b1e41288 Removed unneeded @no_oracle skips. 2020-10-27 07:14:16 +01:00
Tim Graham
7734337bcb Made OracleSpatialAdapter clone geometries rather than mutate them. 2020-10-27 07:14:16 +01:00
Tim Graham
49ece89702
Fixed some queries tests when primary key values are large.
On CockroachDB, primary key values stored in these fields are larger
than they accept. Fixes:
queries.test_bulk_update.BulkUpdateNoteTests.test_multiple_fields,
queries.test_bulk_update.BulkUpdateNoteTests.test_inherited_fields, and
queries.tests.RelatedLookupTypeTests.test_values_queryset_lookup.
2020-10-27 06:39:52 +01:00
Tim Graham
73be11a266
Removed an obsolete query test that assumes serial pks.
The code from the original fix (922aba3def)
was removed in 419de7b00d.
2020-10-27 06:31:26 +01:00
Hannes Ljungberg
10f8b82d19 Fixed #29497 -- Fixed loss of assigned parent when saving child with bulk_create() after parent. 2020-10-26 12:00:34 +01:00
Tim Graham
83a8da576d
Fixed admin_views's test_history_view on databases that don't use serial pks. 2020-10-26 10:44:55 +01:00
David Smith
51d6e6e774 Refs #31670 -- Used allowlist_externals in tox.ini. 2020-10-26 09:09:59 +01:00
dokgeppo
6014fd89b3
Fixed #32138 -- Prevented admin's map from covering other widgets. 2020-10-26 08:35:55 +01:00
Jon Dufresne
b2717c7532
Simplifed formset iteration using enumerate(). 2020-10-26 08:02:38 +01:00
Jon Dufresne
2b56c56653 Corrected output of rendered formset example in model formsets docs. 2020-10-26 07:38:54 +01:00
Adam Johnson
a56586eafe Fixed #32134 -- Fixed crash of __range lookup with namedtuple.
Regression in 8be79984dc.

Thanks Gordon Wrigley for the report.
2020-10-23 18:01:31 +02:00
Tim Graham
755dbf39fc Replaced @no_oracle skips with DatabaseFeatures.allows_group_by_lob. 2020-10-22 18:16:58 +02:00
Carlton Gibson
ad11f5b8c9 Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior. 2020-10-22 14:15:19 +02:00
Mariusz Felisiak
3418092238
Fixed #32130 -- Fixed pre-Django 3.1 password reset tokens validation.
Thanks Gordon Wrigley for the report and implementation idea.

Regression in 226ebb1729.
2020-10-22 13:21:14 +02:00
Simon Charette
284bde3fbe
Refs #9475 -- Linked through_default docs to related managers methods. 2020-10-22 10:08:35 +02:00
Étienne Beaulé
509d9da26f Fixed #26390 -- Disabled grouping by Random().
Thanks to Tzu-ping Chung for the tests.
2020-10-21 20:54:53 +02:00
Carlton Gibson
257f8495d6 Fixed #32069 -- Fixed admin change-form layout on small screens.
Restored flex-wrap CSS declaration to form elements at smallest breakpoint.
This was present since the responsive admin was introduced in dc37e8846e.
Regression in 8ee4bb6ffc, where it was accidentally removed.
2020-10-21 15:06:43 +02:00
manav014
096b14f0ac Fixed #13060 -- Improved error message when ManagementForm data is missing. 2020-10-21 11:47:07 +02:00
Tom Carrick
f5e07601b2 Fixed #32046 -- Added CreateCollation/RemoveCollation operations for PostgreSQL. 2020-10-21 10:53:44 +02:00
Jacob Walls
0362b0e986 Fixed #26615 -- Made password reset token invalidate when changing email.
Co-Authored-By: Silas Barta <sbarta@gmail.com>
2020-10-21 09:29:53 +02:00
Jacob Walls
7f9e4524d6
Fixed typo in docs/releases/3.2.txt. 2020-10-21 08:06:24 +02:00
Hannes Ljungberg
0e7a45fca0 Fixed #32126 -- Fixed grouping by Case() annotation without cases.
Co-authored-by: Simon Charette <charettes@users.noreply.github.com>
2020-10-21 07:22:52 +02:00
Octavio
4343430e9c Removed hardcoded pks in syndication tests. 2020-10-21 06:43:19 +02:00
Mariusz Felisiak
197b55c534
Fixed outdated notes in SchemaEditor docs. 2020-10-20 09:49:05 +02:00
Hannes Ljungberg
f7963615eb Fixed #32121 -- Fixed detecting uniqueness of USERNAME_FIELD when using Meta.constraints.
Co-authored-by: Simon Charette <charettes@users.noreply.github.com>
2020-10-20 07:23:51 +02:00
Tim Graham
ede9fac758
Fixed #32120 -- Added DatabaseFeatures.indexes_foreign_keys. 2020-10-20 06:22:56 +02:00
Herbert Poul
c897b1587c Fixed #32108 -- Made transaction.on_commit() raise TypeError when callback is not a callable. 2020-10-19 20:46:13 +02:00
Mariusz Felisiak
0f18255848
Reverted "Reduced time.sleep() in cache touch() tests."
This reverts commit 177a49e79c
which caused more frequent failures of test_touch().
2020-10-19 19:54:23 +02:00
Mariusz Felisiak
b3b0be3df3
Fixed typo in docs/ref/checks.txt. 2020-10-19 19:22:37 +02:00
Tim Graham
afcad0f1b1
Relaxed some query ordering assertions in expressions tests.
It accounts for differences seen on CockroachDB.
2020-10-19 19:21:31 +02:00
Hasan Ramezani
3b1746d519 Fixed #32107 -- Fixed ProtectedError.protected_objects and RestrictedError.restricted_objects.
Regression in 4ca5c565f4 and
ab3cbd8b9a.

Thanks Vitaliy Yelnik for the report.
2020-10-19 12:43:32 +02:00
Tim Graham
0eee5c1b9c
Added DatabaseFeatures.can_alter_geometry_field. 2020-10-19 12:41:52 +02:00