1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00
Commit Graph

33123 Commits

Author SHA1 Message Date
Sarah Boyce
595cb4a7ae Added CVE-2024-53907 and CVE-2024-53908 to security archive. 2024-12-04 16:30:03 +01:00
Sarah Boyce
828afd782f Added stub release notes for 5.1.5. 2024-12-04 16:23:59 +01:00
Simon Charette
8f8dc5a1fc Fixed CVE-2024-53908 -- Prevented SQL injections in direct HasKeyLookup usage on Oracle.
Thanks Seokchan Yoon for the report, and Mariusz Felisiak and Sarah
Boyce for the reviews.
2024-12-04 13:43:13 +01:00
Sarah Boyce
49ff1042aa Fixed CVE-2024-53907 -- Mitigated potential DoS in strip_tags().
Thanks to jiangniao for the report, and Shai Berger and Natalia Bidart
for the reviews.
2024-12-04 13:43:13 +01:00
Jake Howard
58e548db8b Fixed #35952 -- Used class property for available apps check on TransactionTestCase. 2024-12-04 09:36:40 +01:00
Adam Zapletal
d2f2a6a6d5 Refs #21286 -- Enabled ImageField test cases in serializer data tests.
This aligns ImageField to be tested in the same way as FileField.
The commented-out test also exists for FileField and relates to #10244.
2024-12-03 15:15:16 +01:00
Sage Abdullah
b28438f379 Refs #35842 -- Fixed handling of quotes in JSONField key lookups on Oracle. 2024-12-03 11:19:55 +01:00
Mike Edmunds
ea34de3bd7 Refs #35581 -- Added tests for email parameters, attachments, MIME structure, bcc header, encoding and sending. 2024-12-03 11:17:12 +01:00
Mike Edmunds
5d7001b578 Refs #35581 -- Used modern email parser and helpers in mail tests.
- Used modern email API (policy.default) for tests that reparse
  generated messages, and switched to modern accessors where helpful.
- Split get_raw_attachments() helper out of get_decoded_attachments(),
  and used modern iter_attachments() to avoid finding nested attachments
  in attached message/* emails.
- Stopped using legacy parseaddr.
2024-12-03 11:17:12 +01:00
Mike Edmunds
bddd35cb1a Refs #35581 -- Improved reporting for failing tests in mail tests.
- Converted HeadersCheckMixin to MailTestsMixin for all shared helpers:
  - Hoisted assertStartsWith() from BaseEmailBackendTests.
  - Added matching assertEndsWith().
  - Hoisted get_decoded_attachments() from MailTests.
  - Improved failure reporting in assertMessageHasHeaders().
- Used unittest subTest() to improve handling of compound test cases.
- Replaced `assertTrue(test on string)` with custom assertions,
  so that failure reporting is more informative than `True != False`.
2024-12-03 11:17:12 +01:00
Anders Hovmöller
871e1ee5ff
Removed question marks from headings in docs/topics/db/fixtures.txt. 2024-12-02 21:54:48 -03:00
Adam Johnson
2f6b096b83 Fixed #35950 -- Restored refreshing of relations when fields deferred.
Thank you to Simon Charette and Sarah Boyce for the review.

Regression in 73df8b54a2.
2024-12-02 16:01:37 +01:00
antoliny0919
32b9e00b0c Fixed #35964 -- Cleaned up can_order and can_delete formset examples. 2024-12-02 12:56:46 +01:00
SaJH
b0d9c1fe32 Updated docs example to clear cached_property without raising AttributeError.
Signed-off-by: SaJH <wogur981208@gmail.com>
2024-12-02 11:17:51 +01:00
jburns6789
b8f9f625a1 Fixed #35915 -- Clarified the empty list case in QueryDict.__getitem__() docs. 2024-12-02 11:11:05 +01:00
Mariusz Felisiak
49761ac99a Refs #373 -- Simplified DatabaseIntrospection.get_constraints() tests for composite primary keys. 2024-12-02 11:03:42 +01:00
Mariusz Felisiak
81cf690111 Refs #373 -- Fixed CompositePKChecksTests.test_composite_pk_cannot_include_generated_field() test crash on databases with no GeneratedField support. 2024-12-02 08:37:53 +01:00
Sarah Boyce
d783a6f1c0 Improved assert_serializer test assertions in test.serializers. 2024-12-02 08:35:55 +01:00
Sarah Boyce
a444d2600b Used skipIf/UnlessDBFeature in test.serializers. 2024-12-02 08:35:55 +01:00
Clifford Gama
3d819e2324 Removed reference to "removing older versions of Django" in tutorial.
Obsoleted in c4fa0143f7.
The general install instructions are still linked above.
2024-11-29 17:10:16 +01:00
Ayush khatri
7a05f63a8e Fixed #35925 -- Added CSS gap for FilteredSelectMultiple filter icon. 2024-11-29 16:37:04 +01:00
Jacob Walls
58cc91275a
Fixed #35308 -- Handled OSError when launching code formatters.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-11-29 09:04:48 -03:00
Bendeguz Csirmaz
978aae4334 Fixed #373 -- Added CompositePrimaryKey.
Thanks Lily Foote and Simon Charette for reviews and mentoring
this Google Summer of Code 2024 project.

Co-authored-by: Simon Charette <charette.s@gmail.com>
Co-authored-by: Lily Foote <code@lilyf.org>
2024-11-29 11:23:04 +01:00
Tainara Palmeira
86661f2449 Fixed #35791 -- Updated icon button dimensions to 24x24 pixels.
This is to meet the WCAG 2.5.8 minimum size requirement.

Co-authored-by: Eva Nanyonga <evewish@gmail.com>
2024-11-29 08:31:06 +01:00
Natalia
15ca75449b Refs #10941 -- Added tests in querystring template tag.
These extra tests assert over the handling of empty params (None, empty
dict, empty QueryDict), and also for dicts having non-string keys.
2024-11-29 08:27:11 +01:00
Natalia
f2b44ef408 Refs #10941 -- Added helper and refactored tests for querystring template tag.
Thank you Sarah Boyce for the review and suggestions.
2024-11-29 08:27:11 +01:00
Jaap Roes
ceecd518b1 Fixed #35530 -- Deprecated request.user fallback in auth.login and auth.alogin. 2024-11-28 17:43:46 +01:00
Jaap Roes
28b9b8d6d9 Refs #35530 -- Added basic test cases for auth.login. 2024-11-28 17:43:46 +01:00
Salvo Polizzi
b82f80906a Fixed #35038 -- Created AlterConstraint operation. 2024-11-28 17:40:52 +01:00
Salvo Polizzi
b92511b474 Refs #35038 -- Added test for drop and recreation of a constraint. 2024-11-28 17:40:52 +01:00
Klaas van Schelven
1722f2db58 Fixed #35897 -- Removed unnecessary escaping in template's get_exception_info(). 2024-11-28 15:53:31 +01:00
Adam Zapletal
1636912bf1 Refs #21286 -- Fixed serializer test with primary key TextField. 2024-11-28 11:45:34 +01:00
Paolo Melchiorre
0977ec671a
Added parallelism support via --jobs to docs build Makefile rule. 2024-11-27 18:15:25 -03:00
Clifford Gama
e9929cb494
Made reverse() docs more self-contained. 2024-11-27 15:26:14 -03:00
David Smith
73d532d9a9
Upgraded to Python 3.12, Ubuntu 24.04, and enabled fail_on_warning for docs builds. 2024-11-27 15:20:49 -03:00
Adam Zapletal
e9ed5da3cb
Removed trailing whitespace in docs. 2024-11-27 13:13:28 -03:00
Sarah Boyce
2544c15854 Added stub release notes and release date for 5.1.4, 5.0.10, and 4.2.17. 2024-11-27 15:41:18 +01:00
Jacob Walls
d4b2e06a67 Fixed #35921 -- Fixed failure when running tests in parallel on postgres.
Follow-up to a060a22ee2.
2024-11-27 12:51:41 +01:00
Brock
d8eb13f0f8 Fixed #35939 -- Linked documentation of Permission.content_type to the ContentType model. 2024-11-27 12:34:49 +01:00
Jacob Walls
a5bc0cfd35 Refs #33735 -- Captured stderr during ASGITest.test_file_response. 2024-11-27 11:00:05 +01:00
Tommy Allen
c635decb00
Fixed #35942 -- Fixed createsuperuser crash on Python 3.13+ when username is unavailable.
Thanks Mariusz Felisiak and Jacob Tyler Walls for reviews.
2024-11-26 17:15:00 -03:00
Adam Zapletal
2e190a48d6
Added missing backticks to class-based views docs. 2024-11-26 17:10:39 -03:00
GappleBee
857b1048d5 Fixed #34619 -- Associated FilteredSelectMultiple elements to their label and help text. 2024-11-20 13:23:18 +01:00
antoliny0919
f60d5e46e1 Fixed #35913 -- Prevented formset name suffix 'FormFormSet'. 2024-11-20 11:36:33 +01:00
Jake Howard
4c452cc377
Fixed #35535 -- Added template tag decorator simple_block_tag().
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-11-19 14:35:02 -03:00
David Smith
9543c605c3 Fixed #35775 -- Confirmed support for GEOS 3.13. 2024-11-19 16:14:15 +01:00
Tim Schilling
17e544ece7 Updated maintainers of Django Debug Toolbar to Django Commons. 2024-11-19 12:01:19 +01:00
antoliny0919
c56e1273a9 Refs #32339 -- Updated formset docs to reflect default rendering as as_div. 2024-11-18 16:59:33 +01:00
Mariusz Felisiak
8d7b1423f8 Refs #35844 -- Fixed copying BaseContext and its subclasses on Python 3.14+.
super objects are copyable on Python 3.14+:

5ca4e34bc1

and can no longer be used in BaseContext.__copy__().
2024-11-18 16:05:37 +01:00
Adam Johnson
e035db1bc3 Fixed #35882 -- Made migration questioner loop on all errors. 2024-11-18 15:15:44 +01:00