mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-11-18 15:34:16 +00:00
Code Issues 24 Releases Wiki Activity
22,304 Commits 28 Branches 423 Tags 636 MiB
53e8ab580f
Commit Graph

2172 Commits

Author SHA1 Message Date
Jason Parrott
4c1c93032f Fixed #26373 -- Fixed reverse lookup crash with a ForeignKey to_field in a subquery. 2016-03-19 17:54:29 -04:00
José Tomás Tocino
39a16dd2e0 Fixed #25658 -- Allowed inspectdb to inspect a specific set of tables. 2016-03-18 08:41:15 -04:00
Berker Peksag
28bcff82c5 Fixed #26297 -- Fixed collectstatic --clear crash if storage doesn't implement path(). 2016-03-17 09:49:57 -04:00
Alex Hill
ecb59cc657 Fixed #26306 -- Fixed memory leak in cached template loader. 2016-03-16 12:37:57 -04:00
Collin Anderson
93a135d111 Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers. 2016-03-15 12:24:06 -04:00
Vincenzo Pandolfo
d0fe6c9156 Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields. 2016-03-14 20:20:24 -04:00
Jakub Wilk
402da9ab7b Fixed typos in docs. 2016-03-13 19:48:24 +01:00
Tim Graham
4f0cd0fd16 Fixed #26324 -- Fixed DurationField with fractional seconds on SQLite. 2016-03-10 12:18:29 -05:00
Przemysław Suliga
96ec67a7cf Fixed #26332 -- Fixed a race condition in BaseCache.get_or_set(). 2016-03-08 11:44:37 -05:00
Bas Westerbaan
b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Saúl Ibarra Corretgé
6c33e73333 Fixed #26289 -- Enabled shell tab completion on systems using libedit. 2016-03-08 08:37:14 -05:00
Krzysztof Urbaniak
839a955d08 Fixed #25933 -- Allowed an unprefixed default language in i18n_patterns(). 2016-03-08 08:14:10 -05:00
John-Mark Bell
4b129ac81f Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string. 2016-03-07 13:19:39 -05:00
Jon Dufresne
1845bc1d10 Refs #26315 -- Cleaned up argparse options in commands. 
* Removed type coercion. Options created by argparse are already coerced
  to the correct type.
* Removed fallback default values. Options created by argparse already
  have a default value.
* Used direct indexing. Options created by argparse are always set. This
  eliminates the need to use dict.get().
 2016-03-05 13:19:29 -05:00
Jon Dufresne
4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Tim Graham
bc0410d98a Fixed typo in docs/releases/1.8.12.txt. 2016-03-05 10:02:29 -05:00
Tim Graham
c960af4adb Added stub release notes for 1.9.5/1.8.12. 2016-03-05 10:00:40 -05:00
Claude Paroz
552f03869e Added safety to URL decoding in is_safe_url() on Python 2 
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
 2016-03-04 23:33:35 +01:00
Claude Paroz
ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url() 
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
 2016-03-04 21:14:14 +01:00
Tim Graham
cecbf1bdef Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
Tim Graham
2f0c785a4c Added stub release notes for 1.8.11. 2016-03-04 09:47:43 -05:00
Simon Charette
d0451e4cad Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf. 
Thanks Tim for the review.
 2016-03-03 12:08:49 -05:00
Alasdair Nicol
2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Simon Charette
c92123cc1d Fixed #26226 -- Made related managers honor the queryset used for prefetching their results. 
Thanks Loïc for the suggested improvements and Tim for the review.
 2016-03-02 16:10:18 -05:00
Marc Tamlyn
8ddc79a799 Fixed #26285 -- Deprecated the MySQL-specific __search lookup. 2016-03-02 14:41:56 -05:00
acrefoot
04240b2365 Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects. 
PostgreSQL support only.

Thanks Vladislav Manchev and alesasnouski for working on the patch.
 2016-03-02 14:29:09 -05:00
Dmitry Dygalo
5155c2b458 Fixed typo in 1.9.3/1.8.10 release date. 2016-03-02 07:08:36 -05:00
Tim Graham
2e895d2870 Added stub release notes for 1.9.4. 2016-03-01 12:39:01 -05:00
Tim Graham
24fc935218 Added CVE-2016-2512/2513 to security release archive. 2016-03-01 12:32:42 -05:00
Florian Apolloner
67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login. 
This is a security fix.
 2016-03-01 11:25:28 -05:00
Mark Striemer
c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth. 
This is a security fix.
 2016-03-01 11:25:28 -05:00
Tim Graham
f43291639b Added stub release notes for security issues. 2016-03-01 11:25:28 -05:00
Simon Charette
0223e213dd Fixed #26186 -- Documented how app relative relationships of abstract models behave. 
This partially reverts commit bc7d201bdb.

Thanks Tim for the review.

Refs #25858.
 2016-02-29 22:07:05 -05:00
chenesan
b84f5ab4ec Fixed #26230 -- Made default_related_name affect related_query_name. 2016-02-27 08:48:32 -05:00
Simon Charette
3938b3ccaa Fixed #26286 -- Prevented content type managers from sharing their cache. 
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.

Thanks Tim for the review.

Refs #23822.
 2016-02-26 16:18:16 -05:00
Adam Chainz
ef33bc2d4d Fixed #25279 -- Made prefetch_related_objects() public. 2016-02-26 14:55:01 -05:00
Simon Charette
766afc22a1 Fixed #24793 -- Unified temporal difference support. 2016-02-26 12:25:12 -05:00
Ivan Tsouvarev
8890c533e0 Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template. 2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus
bbe136e1a2 Fixed #26231 -- Used .get_username in admin login template. 2016-02-25 19:29:53 -05:00
Olivier Le Thanh Duong
10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view. 
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
 2016-02-25 07:18:33 -05:00
Claude Paroz
c5517b9e74 Fixed #26266 -- Output the primary key in the GeoJSON serializer properties 
Thanks Tim Graham for the review.
 2016-02-24 16:10:46 +01:00
Jon Dufresne
b412681359 Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets. 2016-02-24 07:02:51 -05:00
James Aylett
1ff6e37de4 Fixed #23832 -- Added timezone aware Storage API. 
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
 2016-02-23 18:51:43 -05:00
Andrew Kuchev
e81d1c995c Fixed #25670 -- Allowed dictsort to sort a list of lists. 
Thanks Tim Graham for the review.
 2016-02-23 12:15:08 -05:00
Tim Graham
cdbd8745f6 Fixed #26263 -- Deprecated Context.has_key() 2016-02-23 08:08:55 -05:00
Claude Paroz
b46c0ea6c8 Fixed #26190 -- Returned handle() result from call_command 
Thanks Tim Graham for the review.
 2016-02-23 09:12:12 +01:00
Tim Graham
47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Tim Graham
33a4040d07 Refs #26253 -- Forwardported release note. 2016-02-22 17:19:08 -05:00
Tim Graham
b1afebf882 Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator. 
Thanks Shai Berger for the review.
 2016-02-18 19:06:49 -05:00
Akshesh
d58aaa24e3 Fixed #26107 -- Added option to int_list_validator() to allow negative integers. 2016-02-18 18:58:18 -05:00