Thomas Stephenson
035b0fa60d
Fixed #24716 -- Deprecated Field._get_val_from_obj()
...
The method duplicates the functionality of Field.value_from_object()
and has the additional downside of being a privately named public
API method.
2015-07-14 09:13:22 -04:00
Tim Graham
64f731e77d
Added 1.4.22 release notes.
2015-07-14 07:28:55 -04:00
Vlastimil Zíma
8f8c54f70b
Fixed #25099 -- Cleaned up HttpRequest representations in error reporting.
2015-07-13 19:22:39 -04:00
Daniel Roseman
24620d71f2
Fixed #25079 -- Added warning if both TEMPLATES and TEMPLATE_* settings are defined.
...
Django ignores the value of the TEMPLATE_* settings if TEMPLATES is also
set, which is confusing for users following older tutorials. This change
adds a system check that warns if any of the TEMPLATE_* settings have
changed from their defaults but the TEMPLATES dict is also non-empty.
Removed the TEMPLATE_DIRS from the test settings file; this was marked
for removal in 1.10 but no tests fail if it is removed now.
2015-07-13 17:50:22 -04:00
Andrei Kulakov
db97a88495
Fixed #24375 -- Added Migration.initial attribute
...
The new attribute is checked when the `migrate --fake-initial` option
is used. initial will be set to True for all initial migrations (this
is particularly useful when initial migrations are split) as well as
for squashed migrations.
2015-07-13 15:57:40 -04:00
Razvan Andrei Ionescu
97bc875234
Fixed #25117 -- Added Romanian char map for Javascript slug generation
2015-07-13 13:31:12 -04:00
Claude Paroz
2e05ef4e18
Added release note for the UUID serialization backport
...
Refs #25019 .
2015-07-10 09:00:19 +02:00
Claude Paroz
846cb6fef7
Added stub release notes for 1.8.4
2015-07-10 08:51:16 +02:00
Tim Graham
3d650e80ad
Added today's security issues to the archive.
2015-07-08 17:41:48 -04:00
Shai Berger
17d3a6d804
Fixed catastrophic backtracking in URLValidator.
...
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.
This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham
014247ad19
Prevented newlines from being accepted in some validators.
...
This is a security fix; disclosure to follow shortly.
Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Carl Meyer
df049ed77a
Fixed #19324 -- Avoided creating a session record when loading the session.
...
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.
This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham
125eaa19b2
Added security release note stubs.
2015-07-08 15:23:03 -04:00
Luke Plant
f87e552d98
Corrected example code for get_query_set upgrade in 1.6 release notes
...
The conditional setting of `get_query_set` is required for correct behaviour
if running Django 1.8. The full gory details are here:
http://lukeplant.me.uk/blog/posts/handling-django%27s-get_query_set-rename-is-hard/
2015-07-08 10:58:07 +01:00
Chris Bainbridge
e5cfa394d7
Refs #23882 -- Added detection for moved files when using inotify polling
...
Commit 15f82c7
("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
2015-07-07 12:23:04 -04:00
David Wolever
0d71349773
Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer
...
Thanks Jaap Roes for completing the patch.
2015-07-07 11:44:37 -04:00
Alexey Sveshnikov
bc98bc56a5
Fixed #25059 -- Allowed Punycode TLDs in URLValidator
2015-07-06 15:08:43 -04:00
Sylvain Fankhauser
f5d5867a4a
Fixed #24877 -- Added middleware handling of response.render() errors.
2015-07-03 12:06:40 -04:00
Rigel Di Scala
b91a2a499f
Fixed #23190 -- Made Paginator.page_range an iterator
2015-07-03 11:34:34 -04:00
Jan Pazdziora
a570701e02
Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication.
2015-07-02 17:38:10 -04:00
William Schwartz
9a5cfa05a0
Fixed #24997 -- Enabled bulk_create() on proxy models
2015-07-02 13:53:51 -04:00
Curtis
11cac1bd8e
Fixed #4960 -- Added "strip" option to CharField
2015-07-01 17:47:05 -04:00
Jon Dufresne
b44dee16e6
Fixed #20916 -- Added Client.force_login() to bypass authentication.
2015-07-01 13:01:08 -04:00
Matthew Somerville
839edcebb3
Fixed #21695 -- Added asvar option to blocktrans.
...
Thanks Bojan Mihelac for the initial patch.
2015-07-01 10:03:00 -04:00
Jean-Michel Vourgère
b64c0d4d61
Fixed #23658 -- Provided the password to PostgreSQL dbshell command
...
The password from settings.py is written in a temporary .pgpass file
file whose name is given to psql using the PGPASSFILE environment
variable.
2015-06-30 18:21:51 -04:00
Shai Berger
eecd42ea7d
Removed datetime_cast_sql, which is never overridden or used anywhere in Django.
...
Thanks Tim Graham for review.
2015-07-01 00:43:45 +03:00
Andreas Pelme
00a1d4d042
Fixed #21803 -- Added support for post-commit callbacks
...
Made it possible to register and run callbacks after a database
transaction is committed with the `transaction.on_commit()` function.
This patch is heavily based on Carl Meyers django-transaction-hooks
<https://django-transaction-hooks.readthedocs.org/ >. Thanks to
Aymeric Augustin, Carl Meyer, and Tim Graham for review and feedback.
2015-06-30 14:51:00 -04:00
Tim Graham
9f0d67137c
Fixed #25038 -- Reverted incorrect documentation about inspectdb introspecting views.
...
This reverts commit bd691f4586
(refs #24177 ).
2015-06-30 14:23:29 -04:00
Luke Plant
aef2a0ec59
Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output.
...
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.
Thanks to Tim Graham for the review.
2015-06-29 08:16:19 -04:00
Noam
e291fc4757
Fixed #25031 -- Fixed a regression in the unordered_list template filter.
2015-06-27 09:37:41 -04:00
sujayskumar
2e70bf3785
Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response
2015-06-27 08:46:23 -04:00
Jason Hoos
a50b66da30
Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children.
2015-06-26 09:09:09 -04:00
薛丞宏
d3e12c9017
Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3.
2015-06-26 08:30:05 -04:00
Tim Graham
aed437d567
Updated release process for new release schedule.
2015-06-25 11:36:17 -04:00
Tim Graham
aaacaeb096
Renamed RemovedInDjangoXYWarnings for new roadmap.
...
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Daniel Wiesmann
c078021555
Refs #24840 -- Added GDALRaster Warp and transform methods
...
Thanks to Tim Graham for the review.
2015-06-24 18:31:22 +02:00
Tim Graham
7f155a0703
Refs #25006 -- Added a '6 p.m.' option to the admin's time picker.
2015-06-22 07:24:57 -04:00
Marten Kenbeek
738c0de300
Fixed #14200 -- Added a fallback if HttpRequest.urlconf is None.
...
Made BaseHandler fall back to settings.ROOT_URLCONF if
HttpRequest.urlconf is set to None, rather than raising
ImproperlyConfigured.
2015-06-20 18:52:33 -04:00
Claude Paroz
9368f51e12
Fixed #20197 -- Made XML serializer fail loudly when outputting unserializable chars
...
Thanks Tim Graham for the review.
2015-06-19 20:54:46 +02:00
Daniel Wiesmann
b769bbd4f6
Fixed #23804 -- Added RasterField for PostGIS.
...
Thanks to Tim Graham and Claude Paroz for the reviews and patches.
2015-06-19 14:36:43 -04:00
Markus Holtermann
d3d66d4722
Fixed #24940 -- Made model managers hashable
...
Thanks Federico Jaramillo Martínez for the report and Tim Graham for the
test and review.
2015-06-19 19:02:01 +02:00
Nick Pope
b3d5dc6932
Fixed #24834 -- Fixed get_current_site() when Host header contains port.
...
When the Host header contains a port, looking up the Site record fails
as the host will never match the domain.
2015-06-18 10:18:12 -04:00
Tim Graham
7f1168e387
Removed support for Python 3.3.
2015-06-18 08:36:50 -04:00
Markus Holtermann
e5cb4e1411
Fixed #24914 -- Added authentication mixins for CBVs
...
Added the mixins LoginRequiredMixin, PermissionRequiredMixin and
UserPassesTestMixin to contrib.auth as counterparts to the respective
view decorators.
The authentication mixins UserPassesTestMixin, LoginRequiredMixin and
PermissionRequiredMixin have been inspired by django-braces
<https://github.com/brack3t/django-braces/ >
Thanks Raphael Michel for the initial patch, tests and docs on the PR
and Ana Balica, Kenneth Love, Marc Tamlyn, and Tim Graham for the
review.
2015-06-17 23:19:10 +02:00
ana-balica
2f615b10e6
Fixed #24829 -- Allowed use of TemplateResponse in view error handlers.
2015-06-17 17:11:50 -04:00
Andriy Sokolovskiy
cf6ce279c7
Fixed #24948 -- Fixed crash when uploading bitmap images in forms.ImageField
2015-06-16 14:37:58 -04:00
Mounir Messelmeni
e6dd7f995a
Fixed #24971 -- Made startapp generate an apps.py
2015-06-16 07:08:04 -04:00
Adam Brenecki
65296b3be3
Fixed #24972 -- Fixed removing unique_together indexes on MySQL.
2015-06-15 17:28:13 -04:00
Adam Chainz
d34d39ade7
Fixed #24894 -- Added contrib.postgres.functions.TransactionNow
2015-06-15 14:03:17 -04:00
Tim Graham
4b600ed244
Removed django.utils.functional.total_ordering()
2015-06-15 13:15:24 -04:00