mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-28 03:55:50 +00:00
Code Issues 30 Releases Wiki Activity
31,375 Commits 28 Branches 426 Tags 678 MiB
a3771c8229
Commit Graph

4416 Commits

Author SHA1 Message Date
Allen Jonathan David
cd1afd553f Fixed #29799 -- Allowed registering lookups per field instances. 
Thanks Simon Charette and Mariusz Felisiak for reviews and mentoring
this Google Summer of Code 2022 project.
 2022-09-02 10:02:24 +02:00
Mariusz Felisiak
974942a750
Fixed #33955, Fixed #33971 -- Reverted "Fixed #32565 -- Moved internal URLResolver view-strings mapping to admindocs." 
This reverts commit 7f3cfaa12b.

Thanks Tom Carrick and Greg Kaleka for reports.
 2022-09-01 21:09:16 +02:00
Swara
08303f4f06 Added Central Kurdish (Sorani) language. 2022-08-30 11:56:11 +02:00
Mariusz Felisiak
4483a9b12f
Fixed #33960 -- Fixed migrations crash on SQLite < 3.26. 
Regression in 0b95a96ee1.

Thanks Aristotelis Mikropoulos for the report.
 2022-08-29 09:55:45 +02:00
David Wobrock
806e9e2d0d Fixed #33952 -- Reallowed creating reverse foreign key managers on unsaved instances. 
Thanks Claude Paroz for the report.

Regression in 7ba6ebe914.
 2022-08-27 15:03:48 +02:00
Iuri de Silvio
166a3b3263 Fixed #33953 -- Reverted "Fixed #33201 -- Made RenameModel operation a noop for models with db_table." 
Regression in afeafd6036.
This reverts afeafd6036.

Thanks Timothy Thomas for the report.
 2022-08-26 06:14:44 +02:00
Simon Charette
71902e0d9f Fixed #33938 -- Fixed migration crash for m2m with a through model in another app. 
Regression in aa4acc164d.

Thanks bryangeplant for the report.
 2022-08-25 10:03:57 +02:00
Willem Van Onsem
16fffc829c Fixed #33916 -- Added support for serialization of enum.Flag in migrations. 2022-08-25 06:43:48 +02:00
Jacob Rief
aed60aee38 Fixed #33930 -- Eased customization of delete_confirmation.html template in the admin. 2022-08-18 10:51:12 +02:00
Benoît Vinot
e3cb8bcb7d Fixed #33932 -- Fixed altering AutoFields to OneToOneField on PostgreSQL. 
Regression in 2eea361eff.
 2022-08-17 17:06:00 +02:00
Tom Carrick
d46cc15c51 Fixed #33878 -- Switched to system fonts in CSS. 2022-08-17 10:19:00 +02:00
Simon Charette
242499f2dc Fixed #26780 -- Added prefetch_related() support for sliced queries. 
This was made possible by window function filtering support added in
f387d024fc.
 2022-08-15 10:25:20 +02:00
Simon Charette
f387d024fc Refs #28333 -- Added partial support for filtering against window functions. 
Adds support for joint predicates against window annotations through
subquery wrapping while maintaining errors for disjointed filter
attempts.

The "qualify" wording was used to refer to predicates against window
annotations as it's the name of a specialized Snowflake extension to
SQL that is to window functions what HAVING is to aggregates.

While not complete the implementation should cover most of the common
use cases for filtering against window functions without requiring
the complex subquery pushdown and predicate re-aliasing machinery to
deal with disjointed predicates against columns, aggregates, and window
functions.

A complete disjointed filtering implementation should likely be
deferred until proper QUALIFY support lands or the ORM gains a proper
subquery pushdown interface.
 2022-08-15 08:26:26 +02:00
Mohammadtaher Abbasi
e30d667842
Fixed #33921 -- Added release note for 5b8699e723. 2022-08-12 22:38:19 +02:00
Mariusz Felisiak
5c803bc070
Fixed #33919 -- Fixed adding AutoFields on PostgreSQL. 
Thanks Jack Calvin Brown for the report.

Regression in 2eea361eff.
 2022-08-12 17:30:23 +02:00
Claude Paroz
4fcba800b8 Fixed #33924 -- Deprecated BaseGeometryWidget.map_height/map_width attributes. 2022-08-12 13:26:35 +02:00
David Sanders
e0ae1363ec Fixed #33905 -- Fixed CheckConstraint() validation on range fields. 
Bug in 667105877e.
 2022-08-09 20:13:21 +02:00
Mariusz Felisiak
63884829ac
Fixed #33902 -- Fixed Meta.constraints validation crash with F() expressions. 
Thanks Adam Zahradník for the report.

Bug in 667105877e.
 2022-08-09 06:08:48 +02:00
Kamil Turek
e03cdf76e7 Fixed #31721 -- Allowed ModelForm meta to specify form fields. 2022-08-08 09:46:05 +02:00
Fiza Ashraf
c0beff2123 Fixed #33899 -- Fixed migration crash when removing indexed field on SQLite 3.35.5+. 
Regression in 702819227fd0cdd9b581cd99e11d1561d51cbeb.

Thanks cessor for the report.
 2022-08-08 06:28:53 +02:00
Mariusz Felisiak
fd93db97c7
Fixed #33898 -- Fixed Window() expression crash with ArrayAgg(). 
Thanks Kia for the report.

Regression in e06dc4571e.
 2022-08-06 17:59:31 +02:00
Fab
0756c61f2a Fixed #33893 -- Reverted "Fixed #28889 -- Prevented double submission of admin forms." 
Regression in fe7dbef586.
 2022-08-05 16:38:52 +02:00
Mariusz Felisiak
d4db417c8e
Fixed #33891 -- Fixed test command crash when running in parallel using spawn. 
Thanks Kevin Renskers for the report.

Regression in 41c4cb253c.
 2022-08-04 09:16:38 +02:00
Claude Paroz
0638b4e23d Fixed #33888 -- Fixed get_select2_language() crash with no language activated. 
Regression in 3079133c73.
 2022-08-03 19:51:25 +02:00
NOTHING
a2792d09ad
Fixed typo in docs/releases/4.2.txt. 2022-08-03 18:40:42 +02:00
Aarni Koskela
e7afb8a180 Fixed #33886 -- Reallowed using GeoIP2() when GEOS is not installed. 
Regression in 31bef51d8e.
 2022-08-03 16:55:23 +02:00
Mariusz Felisiak
cb791a2540
Fixed #33872 -- Deprecated django.contrib.postgres.fields.CIText/CICharField/CIEmailField/CITextField. 2022-08-03 11:42:51 +02:00
Carlton Gibson
09e837c5d9 Added stub release notes for 4.1.1. 2022-08-03 10:52:38 +02:00
Carlton Gibson
a4cb1dae63 Updated release notes for Django 4.1 release. 2022-08-03 10:26:00 +02:00
Carlton Gibson
57c7220280 Added CVE-2022-36359 to security archive. 2022-08-03 09:09:48 +02:00
Carlton Gibson
bd062445cf Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header. 
Thanks to Motoyasu Saburi for the report.
 2022-08-03 08:46:31 +02:00
Carlton Gibson
9062c23de8 Adjusted version 4.0.7 release notes. 2022-08-03 08:36:32 +02:00
Sarah Abderemane
bc7aa2a5e9 Fixed #33690 -- Added switch button for dark mode in the admin. 2022-08-02 17:14:24 +02:00
Claude Paroz
44c24bf028 Refs #25706 -- Removed inline CSS in the openlayers widget template. 2022-08-01 20:29:49 +02:00
Claude Paroz
1e5bbbb2a8 Fixed #33442 -- Allowed GeoIP2 to use DB-IP Lite datasets. 2022-07-30 19:29:45 +02:00
Carlton Gibson
cadd864f68 Adjusted release notes for 4.0.7 and 3.2.15. 2022-07-27 10:03:06 +02:00
Carlton Gibson
0c1675781e Added release date and stub release notes for 4.0.7 and 3.2.15 releases. 2022-07-27 09:23:40 +02:00
Mariusz Felisiak
7e3c9c3205 Refs #27236 -- Doc'd that AlterIndexTogether is no longer officially supported for Django 4.2+ migration files. 2022-07-26 11:42:54 +02:00
Mariusz Felisiak
a1e9e9abc5 Refs #27236 -- Reverted "Refs #27236 -- Added generic mechanism to handle the deprecation of migration operations." 
This reverts commit 41019e48bb.
 2022-07-26 11:41:19 +02:00
Mariusz Felisiak
c773d5794e Refs #27236 -- Reverted AlterIndexTogether deprecation. 
This partly reverts a6385b382e.
 2022-07-26 11:41:19 +02:00
Claude Paroz
2d23a07817 Fixed #33866 -- Added pathlib.Path support to GDALRaster constructor. 2022-07-25 20:48:33 +02:00
Claude Paroz
3b79dab19a Refs #33691 -- Deprecated insecure password hashers. 
SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher
are now deprecated.
 2022-07-23 21:29:31 +02:00
Nick Pope
4d4bf55e0e Fixed #33864 -- Deprecated length_is template filter. 2022-07-23 12:36:21 +02:00
cheng
d4c5d2b52c Fixed #33631 -- Marked {% blocktranslate asvar %} result as HTML safe. 2022-07-14 11:09:19 +02:00
David Wobrock
a6385b382e
Fixed #27236 -- Deprecated Meta.index_together in favor of Meta.indexes. 
This also deprecates AlterIndexTogether migration operation.
 2022-07-12 09:04:31 +02:00
Mariusz Felisiak
5e2f4ddf29
Refs CVE-2022-34265 -- Unified DatabaseOperations._convert_*_to_tz() hook names. 2022-07-09 13:02:07 +02:00
Mariusz Felisiak
eb3699ea77
Fixed #33718 -- Dropped support for MySQL 5.7. 2022-07-08 13:30:12 +02:00
David Wobrock
41019e48bb Refs #27236 -- Added generic mechanism to handle the deprecation of migration operations. 2022-07-08 07:05:55 +02:00
Simon Charette
877c800f25 Refs CVE-2022-34265 -- Properly escaped Extract() and Trunc() parameters. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-07-06 07:40:07 +02:00
Mariusz Felisiak
d12d7c4c42 Added CVE-2022-34265 to security archive. 2022-07-04 10:27:14 +02:00
Mariusz Felisiak
c6932ea2ea Added stub release notes for 4.0.7. 2022-07-04 10:06:07 +02:00
Mariusz Felisiak
54eb8a374d Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection. 
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
 2022-07-04 08:13:41 +02:00
Michael Manfre
03eec9ff6c Updated vendored _urlsplit() to strip newline and tabs. 
Refs Python CVE-2022-0391. Django is not affected, but others who
incorrectly use internal function url_has_allowed_host_and_scheme()
with unsanitized input could be at risk.
 2022-07-01 08:48:38 +02:00
Mariusz Felisiak
154dd1c0ed
Refs #33697 -- Added backward incompatibility note about removing multipartparser.parse_header(). 2022-06-28 21:45:03 +02:00
Hrushikesh Vaidya
72e41a0df6 Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script(). 2022-06-28 10:54:38 +02:00
Mariusz Felisiak
b2eff16806 Added stub release notes and release date for 4.0.6 and 3.2.14. 2022-06-27 07:13:26 +02:00
Mariusz Felisiak
a0608c4b11
Fixed #33789 -- Doc'd changes in quoting table/column names on Oracle in Django 4.0. 
Thanks Paul in 't Hout for the report.

Regression in 1f643c28b5.
 2022-06-21 09:09:41 +02:00
Anv3sh
d7f5bfd241 Fixed #32969 -- Fixed pickling HttpResponse and subclasses. 2022-06-20 08:51:26 +02:00
Matt Brewer
8d160f154f Fixed #33788 -- Added TrigramStrictWordSimilarity() and TrigramStrictWordDistance() on PostgreSQL. 2022-06-17 11:14:30 +02:00
David Wobrock
e286ce17ff Fixed #24870 -- Added --update option to makemigrations command. 2022-06-17 07:50:39 +02:00
Carlton Gibson
2a2bde52f3 Updated asgiref dependency for 4.1 release series. 2022-06-16 12:13:15 +02:00
Ronnie van den Crommenacker
c32858a8ce Fixed #33565 -- Improved locale format validation for the makemessages command. 2022-06-08 16:17:12 +02:00
Ciaran McCormick
286e7d076c Fixed #33764 -- Deprecated BaseUserManager.make_random_password(). 2022-06-03 07:30:57 +02:00
Samir Shah
6f73eb9d90 Fixed #33742 -- Added id to GeoJSON serializer. 2022-06-01 19:11:26 +02:00
Carlton Gibson
d5bc362030 Added stub release notes for 4.0.6. 2022-06-01 14:36:22 +02:00
Carlton Gibson
40bf34a92f Updated release date for Django 4.0.5. 2022-06-01 12:25:33 +02:00
Mariusz Felisiak
ac90529cc5 Fixed docs build with sphinxcontrib-spelling 7.5.0+. 
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set
of nodes for which the text is checked.
 2022-05-31 11:17:01 +02:00
Mariusz Felisiak
90aabd730a
Fixed #33724 -- Doc'd exclude argument changes in model validation. 
Thanks אורי for the report.

Follow up to 1ea7e3157d.
 2022-05-24 10:02:53 +02:00
Sankalp
90dcf27114 Fixed #33725 -- Made hidden quick filter in admin's navigation sidebar not focusable. 
Regression in d915dd1c58.

Follow up to 780473d756.
 2022-05-21 13:37:53 +02:00
Mariusz Felisiak
981c23c0cc
Fixed #33717 -- Dropped support for PostgreSQL 11. 2022-05-19 09:26:48 +02:00
David Wobrock
9f55489529 Fixed #33705 -- Fixed crash when using IsNull() lookup in filters. 
Thanks Florian Apolloner for the report.
Thanks Simon Charette for the review.
 2022-05-19 07:02:22 +02:00
Mariusz Felisiak
19297de2fe
Fixed #33713 -- Dropped support for MariaDB 10.3. 2022-05-18 08:38:08 +02:00
Carlton Gibson
3c6f1fd1f8 Increased the default PBKDF2 iterations for Django 4.2. 2022-05-17 14:22:06 +02:00
Carlton Gibson
d10e569ea5 Added stub release notes for 4.2. 2022-05-17 14:22:06 +02:00
Carlton Gibson
d6e3756946 Removed empty sections from 4.1 release notes. 2022-05-17 11:21:08 +02:00
David Smith
d126eba363 Refs #32339 -- Deprecated default.html form template. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2022-05-17 11:16:54 +02:00
Alokik Vijay
6af8673255 Update docs/releases/4.1.txt 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-05-17 10:50:09 +02:00
Alokik Vijay
7f3cfaa12b Fixed #32565 -- Moved internal URLResolver view-strings mapping to admindocs. 
Moved the functionality of URLResolver._is_callback(),
URLResolver._callback_strs, URLPattern.lookup_str() to
django.contrib.admindocs.
 2022-05-17 10:50:09 +02:00
David Wobrock
97f124f39e Refs #27064 -- Made migrations generate RenameIndex operations when moving indexes from index_together to Meta.indexes. 2022-05-17 07:21:36 +02:00
David Wobrock
c6cec3c2d2 Refs #27064 -- Made migrations generate RenameIndex operations when renaming Meta.indexes. 2022-05-16 17:46:24 +02:00
Marcelo Galigniana
76af861356 Fixed #27550 -- Allowed GEOSGeometry.normalize() to return a normalized clone. 2022-05-16 06:46:53 +02:00
Mariusz Felisiak
d27e6b233f
Fixed #33681 -- Made Redis client pass CACHES["OPTIONS"] to a connection pool. 
Thanks Ben Picolo for the report.
 2022-05-16 06:17:40 +02:00
David Wobrock
eacd4977f6 Refs #27064 -- Added RenameIndex migration operation. 2022-05-12 20:44:03 +02:00
Kapil Bansal
3a82b5f655 Fixed #32559 -- Added 'step_size’ to numeric form fields. 
Co-authored-by: Jacob Rief <jacob.rief@uibk.ac.at>
 2022-05-12 14:16:52 +02:00
Mariusz Felisiak
68da6b389c
Fixed #33543 -- Deprecated passing nulls_first/nulls_last=False to OrderBy and Expression.asc()/desc(). 
Thanks Allen Jonathan David for the initial patch.
 2022-05-12 11:30:03 +02:00
Mariusz Felisiak
02dbf1667c
Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher. 2022-05-11 09:13:45 +02:00
Marc Seguí Coll
262fde94de Fixed #33622 -- Allowed customizing error messages for invalid number of forms. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-05-10 13:42:31 +02:00
Gagaro
667105877e Fixed #30581 -- Added support for Meta.constraints validation. 
Thanks Simon Charette, Keryn Knight, and Mariusz Felisiak for reviews.
 2022-05-10 11:22:23 +02:00
David Smith
ec5659382a Fixed #32339 -- Added div.html form template. 2022-05-05 14:32:43 +02:00
Mariusz Felisiak
37470bbd90
Fixed #33675 -- Dropped support for PostgreSQL 10 and PostGIS 2.4. 2022-05-04 06:28:51 +02:00
Carlton Gibson
c5fd5e3cc3 Updated release date for Django 4.0.5. 2022-05-03 09:18:42 +02:00
David
ce586ed693 Removed hyphen from pre-/re- prefixes. 
"prepopulate", "preload", and "preprocessing" are already in the
spelling_wordlist.

This also removes hyphen from double "e" combinations with "pre" and
"re", e.g. preexisting, preempt, reestablish, or reenter.

See also:
- https://ahdictionary.com/word/search.html?q=rerun
- https://ahdictionary.com/word/search.html?q=recreate
- https://ahdictionary.com/word/search.html?q=predetermined
- https://ahdictionary.com/word/search.html?q=reuse
- https://ahdictionary.com/word/search.html?q=reopening
 2022-04-28 10:44:14 +02:00
David
33e89de8ca Changed "stdlib" to "Standard Library" in docs/releases/1.9.txt. 2022-04-28 10:44:14 +02:00
David
51874dd160 Added backticks to code literals in various docs. 2022-04-28 10:44:14 +02:00
David
15b888bb83 Changed "refactorings" to "refactoring" in docs/releases/1.0.txt. 2022-04-28 10:44:09 +02:00
David
1c2bf80acb Changed "ie." to "i.e." in docs. 2022-04-28 10:37:06 +02:00
Carlton Gibson
476d4d5087 Refs #32339 -- Allowed renderer to specify default form and formset templates. 
Co-authored-by: David Smith <smithdc@gmail.com>
 2022-04-27 10:21:04 +02:00
Andrew Godwin
58b27e0dbb Fixed #33646 -- Added async-compatible interface to QuerySet. 
Thanks Simon Charette for reviews.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-04-26 20:25:23 +02:00
Mariusz Felisiak
eeb0bb6379
Refs #27674 --- Deprecated django.contrib.gis.admin.OpenLayersWidget. 2022-04-22 11:36:27 +02:00
Aymeric Augustin
12576bd371 Refactored out RedirectURLMixin.get_redirect_url(). 
This also renames SuccessURLAllowedHostsMixin to RedirectURLMixin.

This doesn't change the behavior of LogoutView.get_next_page() because
next_page == "" implies url_is_safe == False before the refactoring.
 2022-04-20 10:04:29 +02:00
Carlton Gibson
bf7c51a5f4 Fixed #33639 -- Enabled cached template loader in development. 2022-04-19 12:13:27 +02:00
Carlton Gibson
deedf5bbc3 Refs #31169 -- Added release note for parallel test running changes. 2022-04-14 12:38:31 +02:00
Florian Apolloner
2eea361eff Fixed #30511 -- Used identity columns instead of serials on PostgreSQL. 2022-04-13 21:51:51 +02:00
Mariusz Felisiak
b54fd0e36e Added stub release notes for 4.0.5. 2022-04-11 10:45:57 +02:00
Mariusz Felisiak
78eeff8d33 Added CVE-2022-28346 and CVE-2022-28347 to security archive. 2022-04-11 10:32:22 +02:00
Mariusz Felisiak
6723a26e59 Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL. 2022-04-11 08:59:58 +02:00
Mariusz Felisiak
93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases. 
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
 2022-04-11 08:59:33 +02:00
Manel Clos
62739b6e26 Fixed #33628 -- Ignored directories with empty names in autoreloader check for template changes. 
Regression in 68357b2ca9.
 2022-04-11 07:37:30 +02:00
Carlton Gibson
9ffd4eae2c
Fixed #33611 -- Allowed View subclasses to define async method handlers. 2022-04-07 07:05:59 +02:00
sarahboyce
65effbdb10 Fixed #33471 -- Made AlterField operation a noop when changing "choices". 
This also allows customizing attributes of fields that don't affect
a column definition.
 2022-04-06 13:05:57 +02:00
Baptiste Mispelon
50e1e7ef8e Fixed #33348 -- Changed SimpleTestCase.assertFormError()/assertFormsetErrors() to take form/formset. 
Instead of taking a response object and a context name for
the form/formset, the two methods now take the object directly.
 2022-04-06 07:58:52 +02:00
Mariusz Felisiak
78277faafd Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28. 2022-04-04 10:31:57 +02:00
David
c8459708a7 Refs #32339 -- Added use_fieldset to Widget. 2022-03-30 16:28:14 +02:00
Mariusz Felisiak
fac662f479
Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_relation argument from Query methods." 
Thanks lind-marcus for the report.

This reverts commit 0c71e0f9cf.

Regression in 0c71e0f9cf.
 2022-03-30 07:31:56 +02:00
Carlton Gibson
59ab3fd0e9 Refs #32365 -- Deprecated django.utils.timezone.utc. 2022-03-29 14:47:44 +02:00
Alokik Vijay
baf9604ed8 Fixed #16406 -- Added ResolveMatch.captured_kwargs and extra_kwargs. 
Thanks Florian Apolloner for the review and implementation idea.
 2022-03-29 10:27:40 +02:00
Mariusz Felisiak
83c803f161
Updated Oracle docs links to Oracle 21c. 2022-03-29 09:41:57 +02:00
René Fleschenberg
eb07b5be0c Fixed #15619 -- Deprecated log out via GET requests. 
Thanks Florian Apolloner for the implementation idea.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-03-29 06:42:14 +02:00
adontz
2bee0b4328 Fixed #7497 -- Allowed overriding the order of apps and models in admin. 2022-03-25 10:33:44 +01:00
Mariusz Felisiak
94d8ed55fa
Refs #15619 -- Logged out with POST requests in admin. 2022-03-24 17:41:53 +01:00
Thomas Schmidt
1cf60ce601 Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value. 2022-03-23 19:33:36 +01:00
Mariusz Felisiak
39ae8d740e
Added missing backticks to function names. 2022-03-17 11:10:03 +01:00
Mariusz Felisiak
be80aa55ec
Removed outdated handling of length parameter to If-Modified-Since header. 
The length parameter is not described in RFC-7232 and it's against
HTTP/1.0 and HTTP/1.1 specifications. It was an old and unofficial
extension set by some ancient versions of IE.
 2022-03-15 13:07:44 +01:00
Mariusz Felisiak
6ffe48b8e4
Moved log_response() release notes into backwards incompatible changes section. 
Follow up to 90cf963264.
 2022-03-11 22:16:46 +01:00
Adrian Torres
d90e34c61b Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend. 2022-03-10 12:57:19 +01:00
David Smith
67b5f506a6
Changed some words to use inline markup. 2022-03-10 10:18:31 +01:00
Luke Plant
ae2da5ba65 Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_age argument. 2022-03-07 07:57:14 +01:00
Ryan Heard
c6b4d62fa2 Fixed #29865 -- Added logical XOR support for Q() and querysets. 2022-03-04 12:55:37 +01:00
Carlton Gibson
9652a118ce Added stub release notes for Django 4.0.4. 2022-03-01 09:58:35 +01:00
Carlton Gibson
47143e27d4 Updated release date for version 4.0.3. 2022-03-01 09:32:18 +01:00
Mariusz Felisiak
445b075def
Fixed #33547 -- Fixed error when rendering invalid inlines with readonly fields in admin. 
Regression in de95c82667.

Thanks David Glenck for the report.
 2022-03-01 08:09:58 +01:00
Albert Defler
2b6a3baebe Fixed #31486 -- Deprecated passing unsaved objects to related filters. 
Co-Authored-By: Hasan Ramezani <hasan.r67@gmail.com>
 2022-02-25 07:51:37 +01:00
Shubh1815
11cc227344 Fixed #33267 -- Added link to related item to related widget wrapper in admin. 2022-02-25 06:33:05 +01:00
Claude Paroz
eabc22f919
Fixed #33328 -- Transformed formset:added/removed to native JS events. 2022-02-23 10:33:07 +01:00
David Wobrock
7c318a8bdd Fixed #27844 -- Added optimizemigration management command. 2022-02-22 10:30:40 +01:00
Albert Defler
7ba6ebe914 Fixed #19580 -- Unified behavior of reverse foreign key and many-to-many relations for unsaved instances. 2022-02-22 09:16:40 +01:00
Theo Alexiou
659d2421c7 Fixed #20296 -- Prevented mark_safe() from evaluating lazy objects. 2022-02-21 10:11:26 +01:00
Hasan Ramezani
9ac3ef59f9 Fixed #33379 -- Added minimum database version checks. 
Thanks Tim Graham for the review.
 2022-02-18 13:37:49 +01:00
Mariusz Felisiak
1e2e1be02b
Fixed #33515 -- Prevented recreation of migration for ManyToManyField to lowercased swappable setting. 
Thanks Chris Lee for the report.

Regression in 4328970780.

Refs #23916.
 2022-02-16 21:09:24 +01:00
Carlton Gibson
d113b5a837 Refs #33476 -- Made management commands use black. 
Run black on generated files, if it is available on PATH.
 2022-02-11 12:23:26 +01:00
Theo Alexiou
f9ec777a82 Fixed #26287 -- Added support for addition operations to SimpleLazyObject. 2022-02-10 11:24:51 +01:00
Claude Paroz
4c76ffc2d6 Fixed #29490 -- Added support for object-based Media CSS and JS paths. 2022-02-10 08:48:27 +01:00
Carlton Gibson
ba94488196 Refs #33476 -- Adjusted docs and config files for Black. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-02-07 20:36:04 +01:00
David Smith
770d3e6a4c
Fixed typo in release notes. 2022-02-02 07:17:57 +01:00
tschilling
0dcd549bbe Fixed #30360 -- Added support for secret key rotation. 
Thanks Florian Apolloner for the implementation idea.

Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
 2022-02-01 11:12:24 +01:00
Mariusz Felisiak
ba4a6880d1 Added stub release notes for 4.0.3. 2022-02-01 09:10:20 +01:00
Mariusz Felisiak
9e0df0d6dd Added CVE-2022-22818 and CVE-2022-23833 to security archive. 2022-02-01 08:17:25 +01:00
Mariusz Felisiak
fc18f36c4a Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads. 
Thanks Alan Ryan for the report and initial patch.
 2022-02-01 07:41:40 +01:00
Markus Holtermann
394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Kirill Safronov
97a7274468 Fixed #33480 -- Fixed makemigrations crash when renaming field of renamed model. 
Regression in aa4acc164d.
 2022-02-01 07:01:41 +01:00