mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-10 18:36:05 +00:00
Code Issues 32 Releases Wiki Activity
31,490 Commits 28 Branches 426 Tags 651 MiB
6bdc3c58b6
Commit Graph

4468 Commits

Author SHA1 Message Date
tschilling
c5808470aa Fixed #34280 -- Allowed specifying different field values for create operation in QuerySet.update_or_create(). 2023-02-14 11:50:35 +01:00
Carlton Gibson
ecafcaf634 Added CVE-2023-24580 to security archive. 2023-02-14 09:52:30 +01:00
Markus Holtermann
85ac33591c Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. 
Thanks to Jakob Ackermann for the report.
 2023-02-14 08:18:40 +01:00
Sota Tabu
3e9d413231 Fixed #34318 -- Added release note for 4bfe8c0eec. 2023-02-13 11:59:11 +01:00
Carlton Gibson
534ac48297 Refs #34140 -- Applied rst code-block to non-Python examples. 
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
 2023-02-10 19:19:13 +01:00
Jacob Rief
473283d241
Fixed #34303 –- Allowed customizing admin site log entry list. 
Added AdminSite.get_log_entries() as an override point and made this
available to the template via each_context().
 2023-02-08 18:37:32 +01:00
Mariusz Felisiak
2fd755b361
Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e.
 2023-02-08 16:38:55 +01:00
Bakdolot
5f3c7b7e1d
Fixed #34317 -- Renamed "instance" argument of BaseModelFormSet.save_existing() method. 2023-02-07 14:18:58 +01:00
Carlton Gibson
fb77be9ae1 Fixed typo in release notes. 2023-02-07 10:11:01 +01:00
Carlton Gibson
7e003428f9 Added stub release notes for 4.0.10 and 3.2.18. 
Set date for 4.1.7 release.
 2023-02-07 10:08:21 +01:00
Mariusz Felisiak
5e9aded33f
Increased the default PBKDF2 iterations for Django 5.0. 
Follow up to 9a1848f48c.
 2023-02-04 13:37:44 +01:00
Mariusz Felisiak
f3c89744cc Added stub release notes for 4.1.7. 2023-02-01 13:18:34 +01:00
Mariusz Felisiak
36e3eef7d5 Added CVE-2023-23969 to security archive. 2023-02-01 12:09:03 +01:00
Nick Pope
8c660fb592 Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:44:04 +01:00
Mariusz Felisiak
2b1242abb3
Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e.
 2023-01-26 09:31:40 +01:00
Mariusz Felisiak
882f99031e
Moved release note about the default PBKDF2 iterations into django.contrib.auth section. 
Thanks Tim Graham for the report.
 2023-01-25 22:25:29 +01:00
Carlton Gibson
d8e1442ce2 Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 12:26:00 +01:00
Carlton Gibson
1df963ad24 Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 11:57:04 +01:00
Niccolò Mineo
79c298c9ce Fixed #34266 -- Added ClosestPoint GIS database functions. 2023-01-20 08:13:43 +01:00
Mariusz Felisiak
b209518089
Refs #32339 -- Deprecated transitional form renderers. 2023-01-18 11:08:39 +01:00
Mariusz Felisiak
3bbe22dafc
Fixed #34233 -- Dropped support for Python 3.8 and 3.9. 2023-01-18 09:46:01 +01:00
John Whitlock
d547171183
Fixed typo in docs/releases/4.2.txt. 2023-01-17 19:27:51 +01:00
Mariusz Felisiak
2785e121c7
Doc'd that 4.2 is LTS. 2023-01-17 19:24:31 +01:00
Mariusz Felisiak
a209f66259
Removed remaining empty sections from 4.2 release notes. 
Follow up to 772cd2b15b.
 2023-01-17 14:05:32 +01:00
Sébastien Corbin
e2964fed17
Fixed #34264 -- Moved release note about session cookies into error reporting section. 2023-01-17 13:08:42 +01:00
Mariusz Felisiak
4fc711a108 Increased the default PBKDF2 iterations for Django 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
94ad46e9d8 Refs #33543 -- Made Expression.asc()/desc() and OrderBy raise ValueError when nulls_first/nulls_last=False is passed. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
98756c685e Refs #32339 -- Changed default form and formset rendering style to div-based. 
Per deprecation timeline.

This also removes "django/forms/default.html" and
"django/forms/formsets/default.html" templates.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
b5ac6e78f8 Refs #33691 -- Removed django.contrib.auth.hashers.CryptPasswordHasher per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ce7b4f39e3 Refs #27674 -- Removed django.contrib.gis.admin.OpenLayersWidget per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
71d1203b07 Refs #33348 -- Removed support for passing response object and form/formset name to SimpleTestCase.assertFormError()/assertFormSetError(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
d6816bff73 Refs #32365 -- Removed django.utils.timezone.utc per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
9a01311d20 Refs #15619 -- Removed support for logging out via GET requests. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ba082e0952 Refs #33561 -- Made created=True required in signature of RemoteUserBackend.configure_user() subclasses. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4d78d7338c Refs #31486 -- Removed ability to pass unsaved model instances to related filters. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
1391356276 Refs #29984 -- Made QuerySet.iterator() without chunk_size raise ValueError after prefetch_related(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
b119f4329c Refs #29708 -- Removed PickleSerializer per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
23c8787439 Refs #33348 -- Removed support for passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
23ec318988 Refs #33342 -- Removed ExclusionConstraint.opclasses per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
5c10041f46 Refs #30127 -- Removed name argument for django.utils.functional.cached_property(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
e01970e9d2 Refs #32800 -- Removed CSRF_COOKIE_MASKED transitional setting per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
daf88e778b Refs #25916 -- Removed SitemapIndexItem.__str__() per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
31878b4d73 Refs #31026 -- Removed ability to return string when rendering ErrorDict/ErrorList. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
182d25eb7a Refs #31026 -- Removed BaseForm._html_output() per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4982958ec0 Refs #27674 -- Removed GeoModelAdmin and OSMGeoAdmin per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
2fad163257 Refs #32365 -- Removed is_dst argument for various methods and functions. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
e6f82438d4 Refs #32365 -- Removed support for pytz timezones per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
8d98f99a4a Refs #32873 -- Removed settings.USE_L10N per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
0be8095b25 Refs #10929 -- Stopped forcing empty result value by PostgreSQL aggregates. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
43b01300b7 Refs #32655 -- Removed extra_tests argument for DiscoverRunner.build_suite()/run_tests(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00