mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-02-23 07:55:07 +00:00
Code Issues 32 Releases Wiki Activity
31,515 Commits 29 Branches 434 Tags
Commit Graph

4450 Commits

Author SHA1 Message Date
Scott Macpherson
090d5ccc6c [4.2.x] Fixed #34486 -- Fixed DatabaseOperations.compose_sql() crash with no existing database connection on PostgreSQL. 
Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca.

Backport of 53aee470d5b35e2708864d5221d2b5655e10c091 from main
 2023-04-14 11:02:47 +02:00
nessita
a3c14ea61b [4.2.x] Fixed #34483 -- Fixed timesince()/timeuntil() with timezone-aware dates and interval less than 1 day. 
Regression in 8d67e16493c903adc9d049141028bc0fff43f8c8.

Thanks Lorenzo Peña for the report.

Backport of 813015d67e2557fa859a07930a9becec4e5f64a0 from main
 2023-04-13 13:20:16 -03:00
Mariusz Felisiak
791407fef1 [4.2.x] Refs #34482 -- Reverted "Fixed #32969 -- Fixed pickling HttpResponse and subclasses." 
This reverts commit d7f5bfd241666c0a76e90208da1e9ef81aec44db.

Thanks Márton Salomváry for the report.

Backport of 173034b00589c083793d495e8b07e35be2cb1cf0 from main
 2023-04-12 18:53:29 +02:00
Mariusz Felisiak
2feb9333e7 [4.2.x] Fixed #34484, Refs #34482 -- Reverted "Fixed #29186 -- Fixed pickling HttpRequest and subclasses." 
This reverts commit 6220c445c40a6a7f4d442de8bde2628346153963.

Thanks Adam Johnson and Márton Salomváry for reports.

Backport of 280ca147af9cdfce1ca9cb14cc3c5527ff6c7a02 from main
 2023-04-12 18:53:22 +02:00
sarahboyce
facc153af7 [4.2.x] Fixed #34455 -- Restored i18n_patterns() respect of prefix_default_language argument when fallback language is used. 
Regression in 94e7f471c4edef845a4fe5e3160132997b4cca81.

Thanks Oussama Jarrousse for the report.

Backport of 3b4728310a7a64f8fcc548163b0aa5f98a5c78f5 from main
 2023-04-10 15:35:28 +02:00
Mariusz Felisiak
b0d7753d07 [4.2.x] Fixed #34470 -- Enforced UTF-8 encoding on PostgreSQL. 
Regression in 6a2165816394ab4bb259f6171e82417e098e97a6.
Backport of 5b8a043bf51ab8bcf4a758d0b4646f30a84be183 from main
 2023-04-07 10:12:19 +02:00
Anders Kaseorg
0bc2bbf041 [4.2.x] Fixed #34466 -- Reallowed setting cursor_factory in DATABASES["options"] on PostgreSQL. 
Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca.

Backport of 73cbb372baa45d1fdafd571e2f430a980831f722 from main
 2023-04-07 09:21:54 +02:00
Simon Charette
511dc3db53 [4.2.x] Fixed #34464 -- Fixed queryset aggregation over group by reference. 
Regression in 59bea9efd2768102fc9d3aedda469502c218e9b7.

Refs #28477.

Thanks Ian Cubitt for the report.

Backport of 9daf8b4109c3e133eb57349bb44d73cc60c5773c from main
 2023-04-07 06:58:24 +02:00
Mariusz Felisiak
db49def5fc [4.2.x] Fixed #34459 -- Fixed SearchVector() crash for parameters with % symbol. 
Thanks Patryk Zawadzki for the report.

Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca.

Backport of 4bf4222010fd8e413963c6c873e4088614332ef9 from main
 2023-04-06 13:33:13 +02:00
Mariusz Felisiak
05d6efa958 [4.2.x] Added release date for 4.1.8. 
Backport of fdf0a367bdd72c70f91fb3aed77dabbe9dcef69f from main
 2023-04-05 06:19:12 +02:00
Simon Charette
647920b766 [4.2.x] Fixed #34458 -- Fixed QuerySet.defer() crash on attribute names. 
Thanks Andrew Cordery for the report.

Regression in b3db6c8dcb5145f7d45eff517bcd96460475c879.

Backport of 87c63bd8df0eb0109df333df1264c6a96707d6a4 from main
 2023-04-05 06:06:03 +02:00
David Sanders
272dc386c2 [4.2.x] Refs #34434 -- Added note about breaking changes in psycopg version 3 to release notes. 
Backport of ff9ceed32b880733d94190742e45dbcf5927b161 from main
 2023-04-04 17:07:08 +02:00
Mariusz Felisiak
439d1c59f2 [4.2.x] Added stub release notes for 4.2.1. 
Backport of 4e4eda6d6c8a5867dafd2ba9167ad8c064bb644a from main
 2023-04-03 11:20:47 +02:00
Mariusz Felisiak
60018238c8 [4.2.x] Finalized release notes for Django 4.2. 
Backport of 8adbab49e116c31619ca38061cb2e74a1a1ec85a from main
 2023-04-03 09:03:00 +02:00
Mariusz Felisiak
f2923306f1 [4.2.x] Fixed #34322 -- Made ES module support to ManifestStaticFilesStorage optional. 
Co-authored-by: Author: Claude Paroz <claude@2xlibre.net>
Backport of e10c1688f96e3b2d202fe401472b7b25f6105969 from main
 2023-03-18 14:06:09 +01:00
Mariusz Felisiak
87a55e0b51 [4.2.x] Fixed #34395 -- Updated admin's jQuery to 3.6.4. 
Backport of 18473004afd82a616ba6c9ac22f476347fde4846 from main
 2023-03-09 08:55:34 +01:00
David Wobrock
6937c92169 [4.2.x] Fixed #34384 -- Fixed session validation when rotation secret keys. 
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7.

Thanks Eric Zarowny for the report.

Backport of 2396933ca99c6bfb53bda9e53968760316646e01 from main
 2023-03-08 11:33:03 +01:00
Mariusz Felisiak
046d2b9edb [4.2.x] Added stub release notes for 4.1.8. 
Backport of 9a07999aef7958c9b5441e368cd90646d0edc5c9 from main
 2023-03-06 17:37:50 +01:00
django-bot
62510f01e7 [4.2.x] Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:39:03 +01:00
Joseph Victor Zammit
5bdd6223a2 [4.2.x] Refs #34140 -- Corrected rst code-block and various formatting issues in docs. 
Backport of ba755ca13123d2691a0926ddb64e5d0a2906a880 from main
 2023-02-28 12:54:33 +01:00
Tim Graham
48b2ba8a55 [4.2.x] Moved DatabaseIntrospection.get_table_description() internal_size release note to "Database backend API" section. 
Backport of 31cd2852cb86197d5f3f5a637184a078ab0615f8 from main
 2023-02-22 05:18:03 +01:00
Carlton Gibson
ac8cf0ae76 [4.2.x] Added CVE-2023-24580 to security archive. 
Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
 2023-02-14 09:53:00 +01:00
Markus Holtermann
7ac5ff37b8 [4.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. 
Thanks to Jakob Ackermann for the report.
 2023-02-14 08:21:18 +01:00
Sota Tabu
8cc5caa113 [4.2.x] Fixed #34318 -- Added release note for 4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. 
Backport of 3e9d413231edc29768cc7ca0427e63b19233f562 from main
 2023-02-13 14:13:16 +01:00
Carlton Gibson
b784768eef [4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples. 
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.

Backport of 534ac4829764f317cf2fbc4a18354fcc998c1425 from main.
 2023-02-10 21:12:06 +01:00
Mariusz Felisiak
836ae73a89 [4.2.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e6723c6985399803a364848891513cc.
Backport of 2fd755b361d3da2cd0440fc9839feb2bb69b027b from main
 2023-02-08 16:39:53 +01:00
Carlton Gibson
600b88db4c [4.2.x] Added stub release notes for 4.0.10 and 3.2.18. 
Set date for 4.1.7 release.

Backport of 7e003428f96d616c1f77fed84882a95e63bc3644 from main
 2023-02-07 10:10:22 +01:00
Mariusz Felisiak
9a1848f48c
[4.2.x] Increased the default PBKDF2 iterations for Django 4.2. 
See https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2.

Thanks Markus Holtermann for the report.
 2023-02-04 13:36:06 +01:00
Mariusz Felisiak
ba7d8ac37d [4.2.x] Added stub release notes for 4.1.7. 
Backport of f3c89744cc801cc7d134bca9958c4a74aa76380f from main
 2023-02-01 13:22:00 +01:00
Mariusz Felisiak
379b37171b [4.2.x] Added CVE-2023-23969 to security archive. 
Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main
 2023-02-01 12:10:03 +01:00
Nick Pope
8a7b22d4a6 [4.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:45:07 +01:00
Mariusz Felisiak
719a14badc [4.2.x] Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e6723c6985399803a364848891513cc.
Backport of 2b1242abb3989f5d74e787b09132d01bcbee5b55 from main
 2023-01-26 09:32:14 +01:00
Carlton Gibson
d43fbdf6f1 [4.2.x] Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of d8e1442ce2c56282785dd806e5c1147975e8c857 from main
 2023-01-25 12:26:40 +01:00
Carlton Gibson
50432e3fd5 [4.2.x] Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of 1df963ad2476726d63be132c0cee47e07b8250d7 from main
 2023-01-25 11:58:35 +01:00
John Whitlock
a3771c8229 [4.2.x] Fixed typo in docs/releases/4.2.txt. 
Backport of d54717118360e8679aa2bd0c5a1625f3e84712ba from main
 2023-01-17 19:28:19 +01:00
Mariusz Felisiak
1452e7cb7f [4.2.x] Doc'd that 4.2 is LTS. 
Backport of 2785e121c7eb941202565343d3880da6ba5aa21d from main
 2023-01-17 19:25:44 +01:00
Mariusz Felisiak
2cbb3c9135 [4.2.x] Removed remaining empty sections from 4.2 release notes. 
Follow up to 772cd2b15b158679b9dc15fb599aa935ec7c25b1.
Backport of a209f6625936cff2c714e99735782663dc95218f from main
 2023-01-17 14:05:51 +01:00
Sébastien Corbin
57680658f3 [4.2.x] Fixed #34264 -- Moved release note about session cookies into error reporting section. 
Backport of e2964fed1761981ff7e5c60762e954f307cf7969 from main
 2023-01-17 13:09:47 +01:00
Mariusz Felisiak
e734cccea0 Made cosmetic edits to docs/releases/4.2.txt. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
772cd2b15b Removed empty sections from 4.2 release notes. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
0e2649fdf4 Fixed #34255 -- Made PostgreSQL backend use client-side parameters binding with psycopg version 3. 
Thanks Guillaume Andreu Sabater for the report.

Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
 2023-01-17 08:24:08 +01:00
Mariusz Felisiak
c8a76059ff Refs #34255 -- Bumped required psycopg version to 3.1.8. 2023-01-17 08:24:08 +01:00
Steven
4b7016866a Fixed "nulls characters" typo in docs. 2023-01-16 07:54:00 +01:00
Leo
5da5f3773e Fixed #34234 -- Dropped support for PROJ 4. 2023-01-13 12:31:41 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Jarosław Wygoda
1ec3f0961f Fixed #26029 -- Allowed configuring custom file storage backends. 2023-01-12 06:20:57 +01:00
Mariusz Felisiak
552384fa97
Refs #31014 -- Added FromWKB and FromWKT GIS database functions. 
Co-authored-by: Ondřej Böhm <ondrej.bohm@firma.seznam.cz>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
 2023-01-10 11:51:09 +01:00
Francesco Panico
72efd840a8 Fixed #34110 -- Added in-memory file storage. 
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
 2023-01-10 10:56:59 +01:00
Nick Pope
b47f2f5b90 Fixed #33865 -- Optimized LimitedStream wrapper. 
The current implementation of LimitedStream is slow because .read()
performs an extra copy into a buffer and .readline() performs two
extra copies. The stream being wrapped is already typically a BytesIO
object so this is unnecessary.

This implementation has largely been untouched for 12 years and,
inspired by a simpler implementation in werkzeug, it was possible to
achieve the following performance improvement:

LimitedStream.read() (single line):
  Mean +- std dev: [bench_limitedstream-main] 286 ns +- 6 ns
  -> [bench_limitedstream-patch] 227 ns +- 6 ns: 1.26x faster
LimitedStream.readline() (single line):
  Mean +- std dev: [bench_limitedstream-main] 507 ns +- 11 ns
  -> [bench_limitedstream-patch] 232 ns +- 8 ns: 2.18x faster
LimitedStream.read(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 360 ns +- 8 ns
  -> [bench_limitedstream-patch] 297 ns +- 6 ns: 1.21x faster
LimitedStream.readline(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 602 ns +- 10 ns
  -> [bench_limitedstream-patch] 305 ns +- 10 ns: 1.98x faster
LimitedStream.read() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 290 ns +- 5 ns
  -> [bench_limitedstream-patch] 236 ns +- 6 ns: 1.23x faster
LimitedStream.readline() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 517 ns +- 19 ns
  -> [bench_limitedstream-patch] 239 ns +- 7 ns: 2.16x faster
LimitedStream.read(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 363 ns +- 8 ns
  -> [bench_limitedstream-patch] 311 ns +- 11 ns: 1.17x faster
LimitedStream.readline(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 601 ns +- 12 ns
  -> [bench_limitedstream-patch] 308 ns +- 7 ns: 1.95x faster

Geometric mean: 1.59x faster
 2023-01-05 19:26:56 +01:00
Mariusz Felisiak
63d1cb0092
Refs #32355 -- Bumped minimum supported versions of 3rd-party packages. 
This bumps minimum supported versions of 3rd-party packages to the first
releases to support Python 3.8.
 2023-01-05 18:09:33 +01:00