1
0
mirror of https://github.com/django/django.git synced 2024-12-23 09:36:06 +00:00
Commit Graph

33010 Commits

Author SHA1 Message Date
Richard Laager
16af0c60ed Fixed #35755 -- Hid help text of hidden fields in admin fieldsets.
Regression in 96a598356a.
2024-09-12 13:49:07 +02:00
Amir Karimi
b2501759eb Refs #29522 -- Improved test coverage of deserializers. 2024-09-12 13:44:28 +02:00
Ronny V.
f4813211e2
Added example of email sending with additional capabilities to docs/topics/email.txt.
Co-authored-by: Mike Edmunds <medmunds@gmail.com>
2024-09-11 13:04:43 -03:00
Csirmaz Bendegúz
96c990795c
Refs #373 -- Removed outdated comment in RelatedIn lookup. 2024-09-11 11:32:06 -03:00
Gastón Avila
c3ca6075cc Fixed #35732 -- Wrapped ConcatPair expression in parentheses to ensure operator precedence.
When ConcatPair was updated to use || this lost the implicit wrapping from CONCAT(...).
This broke the WHERE clauses when used in combination with PostgreSQL trigram similarity.

Regression in 6364b6ee10.

Co-authored-by: Emiliano Cuenca <106986074+emicuencac@users.noreply.github.com>
2024-09-11 14:36:56 +02:00
Clifford Gama
38c2065154 Refs #35060 -- Fixed the update to update_fields in overridden save() method docs.
Regression in 3915d4c70d.
2024-09-11 13:23:36 +02:00
Bendeguz Csirmaz
0bfaa55708 Fixed #35752 -- Fixed crash when using In() lookup in filters. 2024-09-11 12:42:17 +02:00
Bendeguz Csirmaz
727587c089 Refs #373 -- Refactored variable assignments in ColPairs and tuple lookups. 2024-09-11 11:23:01 +02:00
Bendeguz Csirmaz
347ab72c02 Refs #373 -- Improved test coverage of tuple lookup checks.
This also removed unreachable checks.
2024-09-11 11:23:01 +02:00
ldeluigi
2a4321ba23 Fixed #35747 -- Used default ordering when the ORDER_VAR param is blank in the admin changelist. 2024-09-11 10:41:23 +02:00
Mariusz Felisiak
371a9f3c5f Refs #35074 -- Added _create_spatial_index_sql()/_delete_spatial_index_sql() hooks to GIS backends. 2024-09-10 10:49:20 +02:00
Mário Falcão
d4bce26c94 Refs #35074 -- Added PostGISSchemaEditor._create_spatial_index_name().
This is consistent with Oracle and MySQL GIS database backends.
2024-09-10 10:49:20 +02:00
Csirmaz Bendegúz
5865ff5adc
Refs #373 -- Added Model._is_pk_set() abstraction to check if a Model's PK is set. 2024-09-09 17:46:50 -03:00
Mariusz Felisiak
cdbd31960e Refs #33817 -- Corrected errors raised when Oracle driver is not installed.
oracledb_any should reraise ImportError instead of raising
ImproperlyConfigured.
2024-09-09 14:08:49 +02:00
Jake Howard
e161bd4657 Fixed #35631 -- Added HttpRequest.get_preferred_type(). 2024-09-09 12:02:18 +02:00
Jon Ribbens
826ef00668
Fixed #35681 -- Corrected geoip2 docs when describing GeoIP2Exception. 2024-09-06 23:21:15 -03:00
Mariatta
01a4d8a3c7
Fixed #35737 -- Clarified where "models" comes from in tutorial 7. 2024-09-05 21:37:03 -03:00
SirenityK
03d52d2a52
Updated instruction for deploying with Uvicorn and Gunicorn. 2024-09-05 18:32:46 -03:00
Wassef Ben Ahmed
957c54d945
Fixed #32831 -– Allowed cache tests to be retried via a new "retry" decorator. 2024-09-05 18:25:05 -03:00
Natalia
aa52930687 Added CVE-2024-45230 and CVE-2024-45231 to security archive. 2024-09-03 11:19:02 -03:00
Natalia
60073a3e6b Added stub release notes for 5.1.2. 2024-09-03 10:01:46 -03:00
Natalia
8c35a0a903 Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails.
On successful submission of a password reset request, an email is sent
to the accounts known to the system. If sending this email fails (due to
email backend misconfiguration, service provider outage, network issues,
etc.), an attacker might exploit this by detecting which password reset
requests succeed and which ones generate a 500 error response.

Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam
Johnson, and Sarah Boyce for the reviews.
2024-09-03 09:22:32 -03:00
Sarah Boyce
320dd27412 Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters.
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
2024-09-03 09:22:32 -03:00
Adam Johnson
f5ddd54986 Fixed #35704 -- Fixed reduction for AddIndex subclasses. 2024-09-03 12:51:06 +02:00
github-user-en
ad7f8129f3 Added EMAIL_USE_SSL to the 'Core Settings Topical Index' docs. 2024-09-03 10:16:20 +02:00
sanjeevholla26
4470d1f156 Refs #35706 -- Replaced template _('...') usages with translate tag. 2024-09-03 10:16:05 +02:00
Tim Graham
6f9c6678bf Added assertion for the results of migrating an integer pk to SmallAutoField.
Follow up to 7ca42974ee which did the same for
similar tests.
2024-09-03 08:22:39 +02:00
Jacob Walls
4082a8886e Fixed #35724 -- Tested migration commands handling of distributed namespace packages.
Also increased coverage of module_loading.py.
2024-09-03 08:07:53 +02:00
Alex Fischer
c6a4f853c7 Fixed #35712 -- Prevented Q.check() from leaving the connection in an unusable state.
Co-authored-by: Simon Charette <charette.s@gmail.com>
2024-09-02 17:00:55 +02:00
sanjeevholla26
387475c5b2 Refs #35706 -- Prefixed 'Error:' to titles of admin pages with form errors.
This improves the screen reader experience.
2024-09-02 15:19:33 +02:00
John Parton
e4a2e22ddb Fixed #35690 -- Errored nicely when using in_bulk() with a values() or values_list() queryset. 2024-09-02 15:04:52 +02:00
Sarah Boyce
fd1dd76778 Fixed #35716 -- Fixed VariableDoesNotExist when rendering admin fieldsets.
Regression in 01ed59f753.

Thank you to Fábio Domingues and Marijke Luttekes for the report,
and thank you to Natalia Bidart for the review.
2024-08-30 20:49:27 +02:00
Adam Johnson
20d44abb41 Fixed #35700 -- Added AlterModelTable and AlterModelTableComment reductions. 2024-08-30 18:50:12 +02:00
Vaarun Sinha
884ce37479 Fixed #35083 -- Updated method_decorator to handle async methods.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2024-08-30 08:54:49 -03:00
Claude Paroz
2c1f27d0d0 Dropped safeguards against very old versions of gettext.
gettext 0.19 was released in 2014.
2024-08-30 13:39:04 +02:00
SaJH
2ff00251f9 Fixed #35669 -- Improved max post-process passes exceeded error message in HashedFilesMixin.
Signed-off-by: SaJH <wogur981208@gmail.com>
2024-08-30 10:00:51 +02:00
Hisham Mahmood
2b2a2c0e26 Fixed #35702 -- Removed connection pooling note for mysql drivers. 2024-08-30 09:08:32 +02:00
Sarah Boyce
7380ac5734 Fixed #35688 -- Restored timezone and role setters to be PostgreSQL DatabaseWrapper methods.
Following the addition of PostgreSQL connection pool support in
Refs #33497, the methods for configuring the database role and timezone
were moved to module-level functions. This change prevented subclasses
of DatabaseWrapper from overriding these methods as needed, for example,
when creating wrappers for other PostgreSQL-based backends.

Thank you Christian Hardenberg for the report and to
Florian Apolloner and Natalia Bidart for the review.

Regression in fad334e1a9.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-08-28 19:25:07 -03:00
Adam Johnson
26a67943ac
Removed outdated note about lack of subquery support in MySQL. 2024-08-28 15:55:30 -03:00
Jacob Walls
920efe503f
Fixed typos in docs/howto/initial-data.txt. 2024-08-28 15:24:07 -03:00
Simon Charette
57307bbc7d Fixed #35666 -- Documented stacklevel usage and testing, and adjusted test suite accordingly.
Over the years we've had multiple instances of hit and misses when
emitting warnings: either setting the wrong stacklevel or not setting
it at all.

This work adds assertions for the existing warnings that were declaring
the correct stacklevel, but were lacking tests for it.
2024-08-28 11:44:05 -03:00
Simon Charette
39abd56a7f Refs #35405 -- Adjusted deprecation warning stacklevel in FieldCacheMixin.get_cache_name(). 2024-08-28 11:44:05 -03:00
Simon Charette
47f18a7226 Refs #35326 -- Adjusted deprecation warning stacklevel in FileSystemStorage.OS_OPEN_FLAGS. 2024-08-28 11:44:05 -03:00
Simon Charette
52ed2b645e Refs #35060 -- Adjusted deprecation warning stacklevel in Model.save()/asave(). 2024-08-28 11:44:05 -03:00
Simon Charette
a69f895d7d Refs #34547 -- Adjusted deprecation warning stacklevel in DatabaseOperations.field_cast_sql(). 2024-08-28 11:44:05 -03:00
Simon Charette
c042fe3a74 Refs #33735 -- Adjusted warning stacklevel in StreamingHttpResponse.__iter__()/__aiter__(). 2024-08-28 11:44:05 -03:00
Simon Charette
7e6e1c8383 Refs #32339 -- Adjusted deprecation warning stacklevel in transitional form renderers. 2024-08-28 11:44:05 -03:00
Simon Charette
6bd5d4f705 Refs #22712 -- Adjusted deprecation warning stacklevel in staticfiles finders. 2024-08-28 11:44:05 -03:00
Simon Charette
8ee17037ae Refs #16055 -- Adjusted deprecation warning stacklevel in get_joining_columns()/get_reverse_joining_columns(). 2024-08-28 11:44:05 -03:00
Simon Charette
5e81a4e790 Refs #12581 -- Adjusted warning stacklevel in queries ring buffer. 2024-08-28 11:44:05 -03:00