1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00
Commit Graph

29041 Commits

Author SHA1 Message Date
Francisco Couzo
5ea1621c72
Fixed #31985 -- Corrected salted_hmac()'s docstring about supported algorithms.
salted_hmac() validates supported algorithms by checking hashlib
methods.
2020-09-07 10:59:36 +02:00
François Freitag
57dadfac3c Fixed #31944 -- Used addCleanup() to register TestContextDecorator cleanups.
Cleanups from addCleanup() are scheduled to happen in reverse order to
the order they are added (LIFO). Ensures each cleanup is executed from
the innermost to the outermost.
2020-09-07 08:07:26 +02:00
Jon Dufresne
11ebc6479f Fixed #31791 -- Made technical 404 debug page display the tried URL patterns for Http404. 2020-09-07 06:54:19 +02:00
Tim Graham
83dea65ed6
Refs #21231 -- Corrected parse_qsl() fallback.
An oversight in fd209f62f1.
2020-09-07 06:25:56 +02:00
Hasan Ramezani
d2d08c8cf6 Fixed #31982 -- Made HttpResponse.set_cookie() cast max_age argument to an integer. 2020-09-05 10:07:23 +02:00
Mariusz Felisiak
e6b5108acc
Fixed #27417 -- Made RenameField operation a noop for field name case changes on Oracle.
Field names are always uppercased in the Oracle backend. Changing case
should be a noop to avoid database errors: "ORA-00957: duplicate column
name".
2020-09-04 20:27:23 +02:00
jpribyl
17407eca59 Fixed #31894 -- Added note about using JSONField key lookups with QuerySet.exclude() in docs. 2020-09-04 09:04:38 +02:00
jpribyl
94e2238107 Refs #31894 -- Added tests for JSONField key lookups with QuerySet.exclude(). 2020-09-04 09:04:24 +02:00
Nick Pope
fd209f62f1 Refs #21231 -- Backport urllib.parse.parse_qsl() from Python 3.8. 2020-09-03 14:24:42 +02:00
Mariusz Felisiak
8d59075184 Refs #31224 -- Made sync_to_async() examples use thread sensitive with ORM calls. 2020-09-03 12:06:42 +02:00
Jon Dufresne
0b8871ab67
Fixed #31979 -- Made django.test.utils.setup_databases()'s time_keeper argument optional. 2020-09-03 09:48:40 +02:00
Collin Anderson
daa26acc4e Fixed #31978 -- Added username hint to admin's password reset confirmation form. 2020-09-03 09:25:21 +02:00
Mariusz Felisiak
6a881197e9
Refs #31901 -- Fixed SeleniumTests.test_list_editable_popups with headless mode. 2020-09-02 15:16:03 +02:00
Brian Helba
2d42e23b6d Fixed #31941 -- Corrected FileField.deconstruct() with a callable storage. 2020-09-02 11:06:18 +02:00
Tim Park
ece18207cb Fixed #31858 -- Reallowed whitespaces in URL paths outside of parameters.
Regression in 22394bd3a1.

Thanks David Smith for the review.
2020-09-02 10:24:14 +02:00
Nick Pope
a629139425 Refs #29887, Refs #24212 -- Added servers configuration hook for memcached backends.
The servers property can be overridden to allow memcached backends to
alter the server configuration prior to it being passed to instantiate
the client. This allows avoidance of documentation for per-backend
differences, e.g. stripping the 'unix:' prefix for pylibmc.
2020-09-02 08:51:17 +02:00
Carlton Gibson
0bf627f0b2
Refs #11390 -- Clarified dual-calling of ChoiceField.choices callable. 2020-09-02 08:29:01 +02:00
Joe Jackson
9d5d865fd6 Fixed #31948 -- Added tzinfo parameter to TruncDate() and TruncTime(). 2020-09-02 07:42:27 +02:00
007gzs
76e0151ea0 Added "Bugfixes" section to release notes for 3.1.2. 2020-09-02 06:32:47 +02:00
Carlton Gibson
d5b526bf78 Added CVE-2020-24583 & CVE-2020-24584 to security archive. 2020-09-01 11:32:57 +02:00
Nick Pope
cc1f2c6a19 Refs #29887 -- Simplified memcached client instantiation. 2020-09-01 10:51:00 +02:00
Carlton Gibson
7a60670b78 Added stub release notes for 3.1.2. 2020-09-01 10:45:12 +02:00
Carlton Gibson
976e2b7420 Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
Mariusz Felisiak
1853724aca Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 2020-09-01 09:17:23 +02:00
Mariusz Felisiak
8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
007gzs
2bc38bc7ca Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar. 2020-09-01 07:51:22 +02:00
Abdullah Dursun
fcad0b1324
Corrected note about long names in search docs. 2020-08-31 22:36:25 +02:00
Hasan Ramezani
70731fc6fe Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers. 2020-08-31 10:57:41 +02:00
Federico Jaramillo Martínez
179d9dc0c2 Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
Simon Charette
f6405c0b8e Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
The optimization introduced in 7acef095d7 did not properly handle
deletion involving filters against aggregate annotations.

It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031.

Thanks Anton Plotkin for the report.

Refs #23576.
2020-08-31 08:11:28 +02:00
Simon Charette
38fce49c82 Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations. 2020-08-31 06:42:40 +02:00
Simon Charette
40894f2967 Refs #30446 -- Added tests for resolving output_field of CombinedExpression. 2020-08-31 06:40:39 +02:00
Mariusz Felisiak
0be51d2226 Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
Mariusz Felisiak
2210539142 Refs #31956 -- Added test for ordering by JSONField with a custom decoder. 2020-08-28 19:09:41 +02:00
Koen De Wit
4c0b4720b0 Fixed #31954 -- Fixed migration optimization for MTI model creation with parent model with mixed case app label. 2020-08-28 13:35:13 +02:00
Kevin Michel
225261b701 Refs #31928 -- Added various middlewares tests for detecting when get_response is coroutine. 2020-08-28 12:33:29 +02:00
Kevin Michel
825ce75fae Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.

This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.

Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
Kevin Michel
ea57a2834f Refs #31928 -- Made SessionMiddleware call super().__init__(). 2020-08-28 12:33:15 +02:00
Kevin Michel
68d7cf4054 Refs #26601 -- Added various middlewares tests for deprecation of passing None as get_response. 2020-08-28 12:33:15 +02:00
Kevin Michel
abbdd3a622 Added tests for cache middlewares constructors. 2020-08-28 10:00:39 +02:00
Mariusz Felisiak
e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator.
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
2020-08-28 05:57:36 +02:00
Phil Gyford
e02738bf55 Refs #31913 -- Corrected comment in PasswordResetTokenGenerator.
Follow up to da4923ea87.
2020-08-27 12:57:16 +02:00
Alexander
20d38fd759 Fixed #31947 -- Made QuerySet.update_or_create() reuse get_or_create(). 2020-08-27 11:46:47 +02:00
Mariusz Felisiak
1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.

Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
Jeremy Lainé
9c92924cd5 Fixed #31942 -- Made settings cleansing work with dictionary settings with non-string keys. 2020-08-26 11:59:37 +02:00
Kaustubh
b9be11d442 Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field. 2020-08-26 09:43:39 +02:00
Michael Galler
547a07fa7e Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
Mariusz Felisiak
0b0658111c Removed trailing whitespace in 3.2 release notes. 2020-08-25 10:02:56 +02:00
Cleiton de Lima
9f8c7d2b4b
Moved CreateExtension release notes into django.contrib.postgres section. 2020-08-25 06:13:19 +02:00
Tim Graham
ea880ec233 Fixed #24533 -- Dropped PostgreSQL sequence and Oracle identity when migrating away from AutoField. 2020-08-24 14:32:07 +02:00