1
0
mirror of https://github.com/django/django.git synced 2025-10-25 06:36:07 +00:00
Commit Graph

29 Commits

Author SHA1 Message Date
Simon Charette
877c800f25 Refs CVE-2022-34265 -- Properly escaped Extract() and Trunc() parameters.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-07-06 07:40:07 +02:00
Mariusz Felisiak
54eb8a374d Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
2022-07-04 08:13:41 +02:00
Carlton Gibson
bb61f0186d Refs #32365 -- Removed internal uses of utils.timezone.utc alias.
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
2022-03-24 06:29:50 +01:00
nabil-rady
b7f263551c Refs #33517 -- Prevented __second lookup from returning fractional seconds on PostgreSQL. 2022-02-22 07:26:44 +01:00
Mariusz Felisiak
7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Adam Johnson
5111b636d9 Refs #33355 -- Fixed Trunc() with years < 1000 on SQLite.
Thanks to Nick Pope for spotting the bug in Code Review.

Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-13 11:50:45 +01:00
Mariusz Felisiak
c66ecc5568 Refs #33355 -- Moved Trunc() assertions for invalid arguments and ISO 8601 week to separate tests. 2021-12-13 11:28:35 +01:00
Can Sarigol
661316b066 Fixed #33279 -- Fixed handling time zones with "-" sign in names.
Thanks yakimka for the report.

Regression in fde9b7d35e.
2021-11-12 07:30:02 +01:00
Carlton Gibson
306607d5b9 Fixed #32365 -- Made zoneinfo the default timezone implementation.
Thanks to Adam Johnson, Aymeric Augustin, David Smith, Mariusz Felisiak, Nick
Pope, and Paul Ganssle for reviews.
2021-09-16 12:11:05 +02:00
Daniyal
f479df7f8d Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.db.models.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-15 11:43:33 +02:00
Artur Beltsov
3954bf50fb Fixed #32750 -- Fixed crash of Extract() transform on OuterRef() expressions.
Thanks Simon Charette for the review.
2021-05-17 17:51:39 +02:00
Mariusz Felisiak
b1a4b1f0bd Fixed #32722 -- Fixed comparing to TruncTime() on Oracle. 2021-05-11 09:19:25 +02:00
Alex Hill
c4ee3b208a Fixed #32699 -- Fixed comparing to TruncTime() with 0 microseconds on MySQL. 2021-05-07 08:13:40 +02:00
Florian Demmer
3a185cee2a Fixed #32573 -- Fixed bounds in __iso_year lookup optimization. 2021-03-23 21:27:55 +01:00
Paul Ganssle
10d1261984 Refs #32365 -- Allowed use of non-pytz timezone implementations. 2021-01-19 11:59:37 +01:00
David-Wobrock
ee005328c8 Fixed #31640 -- Made Trunc() truncate datetimes to Date/TimeField in a specific timezone. 2020-10-14 20:06:26 +02:00
David-Wobrock
8d018231ac Removed redundant tests in test_extract_trunc.
tzinfo is ignored for DateFields and TimeFields, and it's already
covered by DateFunctionTests.test_trunc_func().
2020-10-14 20:03:44 +02:00
David-Wobrock
a0571c1003 Refs #31640 -- Made Extract raise ValueError when using tzinfo with Date/TimeField. 2020-10-14 20:03:07 +02:00
Joe Jackson
9d5d865fd6 Fixed #31948 -- Added tzinfo parameter to TruncDate() and TruncTime(). 2020-09-02 07:42:27 +02:00
Anatol Ulrich
8ed6788aa4 Fixed #30821 -- Added ExtractIsoWeekYear database function and iso_week_day lookup. 2019-10-02 10:41:34 +02:00
Hasan Ramezani
402e6d292f Fixed #30602 -- Made Extract raise ValueError when using unsupported lookups for DurationField. 2019-07-12 08:08:35 +02:00
can
fde9b7d35e Fixed #30128 -- Fixed handling timedelta timezone in database functions. 2019-06-13 09:29:43 +02:00
Simon Charette
2b582a7b84 Fixed #29396 -- Added indirect values support to __year lookups.
Thanks Windson Yang for the initial patch.
2019-05-21 07:12:33 +02:00
Simon Charette
4d1420947e Fixed #30494 -- Disabled __year lookup optimization for indirect values.
The previous heuristics were naively enabling the BETWEEN optimization on
successful cast of the first rhs SQL params to an integer while it was
not appropriate for a lot of database resolved expressions.

Thanks Alexey Chernov for the report.
2019-05-21 07:11:26 +02:00
ahbk
d527639804 Fixed #29754 -- Added is_dst parameter to Trunc database functions. 2019-03-07 10:02:18 -05:00
Srinivas Reddy Thatiparthy
34d6bceec4 Fixed #29500 -- Fixed SQLite function crashes on null values.
Co-authored-by: Srinivas Reddy Thatiparthy <thatiparthysreenivas@gmail.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2018-09-10 15:08:55 -04:00
Sigurd Ljødal
3e09b37f80 Fixed #28649 -- Added ExtractIsoYear database function and iso_year lookup. 2018-08-18 13:09:15 -04:00
Nick Pope
b523d42561 Reorganized datetime db function tests. 2018-08-16 16:18:09 -04:00