mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-02-27 02:54:23 +00:00
Code Issues 32 Releases Wiki Activity
32,813 Commits 29 Branches 434 Tags
Commit Graph

467 Commits

Author SHA1 Message Date
Sarah Boyce
c19465ad87 Fixed CVE-2024-41989 -- Prevented excessive memory consumption in floatformat. 
Thanks Elias Myllymäki for the report.

Co-authored-by: Shai Berger <shai@platonix.com>
 2024-08-06 08:50:08 +02:00
nessita
1b277b45cc
Added dedicated test for invalid inputs in floatformat template filter tests. 
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-07-25 16:15:53 -03:00
nessita
5dc17177c3
Refs #10941 -- Renamed test file test_query_string.py to test_querystring.py. 
This follows previous renames made in 27043bde5b795eb4a605aeca1d3bc4345d2ca478.
 2024-07-16 22:14:52 -03:00
Sarah Boyce
27043bde5b
Refs #10941 -- Renamed query_string template tag to querystring. 2024-07-15 13:28:55 -03:00
Sarah Boyce
c6d1f98d26 Improved test coverage of urlize. 2024-07-10 09:32:02 +02:00
George Y. Kussumoto
2a32b23382 Fixed #35417 -- Updated BaseContext.new() with values to create a context that can be flattened. 2024-06-13 14:22:40 +02:00
Tim Richardson
e64d42e753 Fixed #35395 -- slice filter crashes on an empty dict with Python 3.12. 
Keep consistent behaviour of slice() filter between python 3.12 and prior
versions in the case of a dict passed to the filter (catch the new to python
3.12 KeyError exception).
 2024-04-24 10:53:38 +02:00
David Smith
6ee37ada32 Fixed #30686 -- Used Python HTMLParser in utils.text.Truncator. 2024-02-07 09:46:25 +01:00
David Smith
70f39e46f8 Refs #30686 -- Fixed text truncation for negative or zero lengths. 2024-02-07 05:18:35 +01:00
David Smith
48a4693951 Refs #30686 -- Improved test coverage of Truncator. 2024-02-06 16:35:08 +01:00
Alexander Lazarević
22785f0d6b Refs #35141 -- Corrected value of CACHE_MIDDLEWARE_SECONDS in CacheMiddlewareTest tests. 2024-01-29 19:18:43 +01:00
Mariusz Felisiak
305757aec1
Applied Black's 2024 stable style. 
https://github.com/psf/black/releases/tag/24.1.0
 2024-01-26 12:45:07 +01:00
Mariusz Felisiak
d88ec42bd0
Used addCleanup() in tests where appropriate. 2023-12-31 10:01:31 +01:00
Tom Carrick
e67d3580ed Fixed #10941 -- Added {% query_string %} template tag. 2023-10-26 09:57:21 +02:00
Carlton Gibson
35bbb2c9c0 Fixed #34883 -- Allowed template tags to set extra data on templates. 
By setting a value in the `parser.extra_data` mapping, template tags
pass additional data out of the parsing context.

Any extra data set is exposed on the template via the matching
`.extra_data` attribute.

Library authors should use a key to namespace extra data. The 'django'
namespace is reserved for internal use.
 2023-10-02 16:16:43 +02:00
Mariusz Felisiak
6ad0dbc8d9
Refs #15667 -- Added resetting default renderer when FORM_RENDERER is changed. 2023-09-29 08:54:13 +02:00
Dan Jacob
fe835c2355 Fixed #34878 -- Fixed autoreloader crash when FORM_RENDERER is set to TemplatesSetting. 
Regression in 439242c5943e16dd5a3a68fadac76e5e723eb323.
 2023-09-29 06:01:04 +02:00
Mariusz Felisiak
14ef92fa9e Refs #33864 -- Removed length_is template filter per deprecation timeline. 2023-09-18 22:12:40 +02:00
konsti
48a1929ca0
Removed unnecessary trailing commas in tests. 2023-08-22 12:42:57 +02:00
priyank.panchal
439242c594 Fixed #34692 -- Made autoreloader reset cached template loader for default renderer. 2023-08-09 09:09:52 +02:00
Mariusz Felisiak
4afaeb14c2
Refs #30116 -- Simplified tests related with dictionary order. 
Dicts preserve order since Python 3.6.
 2023-07-12 11:06:59 +02:00
Arthur Moreira
061a8a1bd8 Fixed #34577 -- Added escapeseq template filter. 2023-05-22 09:58:03 +02:00
rajeeshp
a2da81fe08 Fixed #34578 -- Made "join" template filter respect autoescape for joiner. 2023-05-19 13:16:42 +02:00
David Sanders
7d0e566208
Fixed #34518 -- Fixed crash of random() template filter with an empty list. 2023-04-26 14:17:57 +02:00
David Sanders
5dba5fda55
Fixed #34427 -- Improved error message when context processor does not return a dict. 2023-03-29 08:54:04 +02:00
Liyang Zhang
f9f9215d3e
Fixed some typos in comments, docstrings, and tests. 2023-03-20 08:07:23 +01:00
Panagiotis H.M. Issaris
dcd9746983
Fixed #34363 -- Fixed floatformat crash on zero with trailing zeros. 
Regression in 08c5a787262c1ae57f6517d4574b54a5fcaad124.
Follow up to 4b066bde692078b194709d517b27e55defae787c.
 2023-02-22 20:46:16 +01:00
David Smith
097e3a70c1 Refs #33476 -- Applied Black's 2023 stable style. 
Black 23.1.0 is released which, as the first release of the year,
introduces the 2023 stable style. This incorporates most of last year's
preview style.

https://github.com/psf/black/releases/tag/23.1.0
 2023-02-01 11:04:38 +01:00
David Wobrock
4b066bde69 Fixed #34272 -- Fixed floatformat crash on zero with trailing zeros to zero decimal places. 
Regression in 08c5a787262c1ae57f6517d4574b54a5fcaad124.

Thanks Andrii Lahuta for the report.
 2023-01-19 10:15:40 +01:00
GianpaoloBranca
8d67e16493
Fixed #33879 -- Improved timesince handling of long intervals. 2023-01-04 11:14:06 +01:00
LightDiscord
e20c9eb60a Fixed #27654 -- Propagated alters_data attribute to callables overridden in subclasses. 
Thanks Shai Berger and Adam Johnson for reviews and the implementation
idea.
 2022-11-04 11:08:58 +01:00
Vlastimil Zíma
08c5a78726
Fixed #34098 -- Fixed loss of precision for Decimal values in floatformat filter. 
Regression in 12f7928f5a455e330c0a7f19bc86b37baca12811.
 2022-10-24 12:59:34 +02:00
Nick Pope
4d4bf55e0e Fixed #33864 -- Deprecated length_is template filter. 2022-07-23 12:36:21 +02:00
cheng
d4c5d2b52c Fixed #33631 -- Marked {% blocktranslate asvar %} result as HTML safe. 2022-07-14 11:09:19 +02:00
Claude Paroz
292f372768 Fixed #33748 -- Fixed date template filter crash with lazy format. 
Regression in 659d2421c7adbbcd205604002d521d82d6b0b465.
 2022-05-31 06:09:39 +02:00
Aymeric Augustin
aff649a3bd Normalized imports of functools.wraps. 
@wraps is 10 times more common than @functools.wraps. Standardize to
the most common version.
 2022-05-25 10:58:28 +02:00
cheng
0dd2920909 Fixed #33653 -- Fixed template crash when calling methods for built-in types without required arguments. 
Regression in 09341856ed9008875c1cc883dc0c287670131458.
 2022-05-20 07:53:05 +02:00
Manel Clos
62739b6e26 Fixed #33628 -- Ignored directories with empty names in autoreloader check for template changes. 
Regression in 68357b2ca9e88c40fc00d848799813241be39129.
 2022-04-11 07:37:30 +02:00
Mariusz Felisiak
7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Hrushikesh Vaidya
832adb31f2 Fixed #33473 -- Fixed detecting changes by autoreloader in .py files inside template directories. 2022-02-03 11:22:45 +01:00
Mariusz Felisiak
c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black. 
In these cases Black produces unexpected results, e.g.

def make_random_password(
    self,
    length=10,
    allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):

or

cursor.execute("""
SELECT ...
""",
    [table name],
)
 2022-02-03 11:20:46 +01:00
Markus Holtermann
394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Florian Apolloner
761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. 
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-01-04 10:03:56 +01:00
Baptiste Mispelon
e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter. 
Added versionchanged note in documentation
 2021-11-22 11:52:19 +01:00
Claude Paroz
676bd084f2 Fixed #32873 -- Deprecated settings.USE_L10N. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2021-09-14 12:05:43 +02:00
Mariusz Felisiak
4a43335d30
Fixed #30086, Refs #32873 -- Made floatformat template filter independent of USE_L10N. 2021-09-08 08:37:27 +02:00
Matt Westcott
5092f7247d Fixed #33036 -- Made simple_tag()/inclusion_tag() with takes_context raise TemplateSyntaxError when function has no parameters. 2021-08-19 07:39:55 +02:00
Mariusz Felisiak
65ed96fa39 Refs #33002 -- Added DebugLexer/Lexer.tokenize() test for trailing text token. 2021-08-09 13:42:26 +02:00
Chris Jerdonek
b2be7e12cc Refs #33002 -- Made template_tests.tests.py's tests test both Lexer and DebugLexer. 2021-08-09 13:37:02 +02:00