1
0
mirror of https://github.com/django/django.git synced 2025-10-23 21:59:11 +00:00
Commit Graph

452 Commits

Author SHA1 Message Date
Markus Holtermann
e078747290 [3.2.x] Updated Git branch "master" to "main".
This change follows a long discussion on django-develops:

https://groups.google.com/g/django-developers/c/tctDuKUGosc/

Backport of d9a266d657 from main
2021-03-09 09:33:50 +01:00
Nick Pope
be8237c7cc [3.2.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.parse_qsl(). 2021-02-19 09:15:09 +01:00
Mariusz Felisiak
f944f79e55 [3.2.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.

Backport of 05413afa8c from master.
2021-02-01 09:13:37 +01:00
Paul Ganssle
a5d70cca12 [3.2.x] Refs #32365 -- Allowed use of non-pytz timezone implementations.
Backport of 10d1261984 from master
2021-01-19 12:00:40 +01:00
William Schwartz
ec6d2531c5 Fixed #32314 -- Fixed detection when started non-django modules with "python -m" in autoreloader.
django.utils.autoreload.get_child_arguments() detected when Python was
started with the `-m` option only for `django` module. This commit
changes the logic to check __spec__, see
https://docs.python.org/3/reference/import.html#main-spec

Now packages can implement their own __main__ with the runserver
command.
2021-01-05 21:03:29 +01:00
starryrbs
2a76f43134 Fixed #32269 -- Fixed parse_duration() for negative days in ISO 8601 format. 2020-12-21 10:28:07 +01:00
starryrbs
57d05f94c3 Added more assertions for parse_duration() with negative timedeltas. 2020-12-21 10:15:22 +01:00
Hasan Ramezani
577f2338f1 Fixed #32208 -- Allowed adding lazy() objects.
Co-authored-by: Claude Paroz <claude@2xlibre.net>
2020-12-21 09:24:41 +01:00
Florian Apolloner
98e05ccde4 Fixed #32233 -- Cleaned-up duplicate connection functionality. 2020-12-08 08:55:44 +01:00
Carlton Gibson
ead37dfb58 Fixed #32202 -- Fixed autoreloader argument generation for Windows with Python 3.7-. 2020-11-19 12:07:15 +01:00
Nick Pope
0cbccaebeb Simplified TimeFormat.g(). 2020-11-12 15:19:17 +01:00
Sam
895f6e4992 Fixed #32149 -- Added support for years < 1000 to DateFormat.y(). 2020-11-12 12:43:06 +01:00
Tom Forbes
658bcc16f1 Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
Nick Pope
966b5b49b6 Updated MultiValueDict.update() to mirror dict.update() behavior.
Changes in behavior include:

- Accepting iteration over empty sequences, updating nothing.
- Accepting iterable of 2-tuples providing key-value pairs.
- Failing with the same or comparable exceptions for invalid input.

Notably this replaces the previous attempt to catch TypeError which was
unreachable as the call to .items() resulted in AttributeError on
non-dict objects.
2020-10-30 10:44:44 +01:00
Nick Pope
c3d9b8b28f Increased test coverage for django.utils.datastructures.MultiValueDict.
Co-authored-by: Mads Jensen <mje@inducks.org>
2020-10-30 10:44:44 +01:00
Mads Jensen
825f8470f5 Increased test coverage for django.utils.datastructures.OrderedSet.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2020-10-30 10:44:44 +01:00
Simon Charette
4c675523bd Refs #29838, Refs #28507 -- Made make_hashable() ignore key order. 2020-10-05 20:42:46 +02:00
Nick Pope
fd209f62f1 Refs #21231 -- Backport urllib.parse.parse_qsl() from Python 3.8. 2020-09-03 14:24:42 +02:00
David Smith
b6dfdaff33 Completed test coverage for colorize(). 2020-07-29 07:57:06 +02:00
Jon Dufresne
e1e4fd707f Used context manager version of tempfile.TemporaryDirectory() in utils_tests.test_autoreload. 2020-07-20 11:08:23 +02:00
Tom Forbes
730711e828 Used temporary directory in RestartWithReloaderTests.test_manage_py().
Using the current directory can cause a PermissionError.
2020-07-20 09:16:16 +02:00
Tim Park
8fa9a6d29e Fixed #31623 -- Allowed specifying number of adjacent time units in timesince()/timeuntil(). 2020-07-16 09:44:28 +02:00
Ad Timmering
ec5aa2161d Fixed #30807 -- Fixed TestArchive.test_extract_file_permissions() when umask is 0o000.
Fixed test that checks permissions on files extracted from archives
with no permissions set, to not assume a default umask of 0o002.

Test regression in c95d063e77.
2020-06-29 07:51:43 +02:00
Tom Forbes
8a902b7ee6 Fixed #31716 -- Fixed detection of console scripts in autoreloader on Windows. 2020-06-18 13:04:10 +02:00
Jon Dufresne
f47d5aac62 Refs #27804 -- Used subTest() in tests.utils_tests.test_text. 2020-06-04 11:16:21 +02:00
David Smith
0382ecfe02 Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores. 2020-05-29 06:47:51 +02:00
David Smith
dde05e192c Added more tests for slugify(). 2020-05-29 06:28:57 +02:00
Mariusz Felisiak
0668164b4a Fixed E128, E741 flake8 warnings. 2020-05-12 08:52:23 +02:00
Adam Johnson
d17b380653 Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments. 2020-05-04 12:10:47 +02:00
Rasmus Wriedt Larsen
f6d0bd208a Corrected opts argument of colorize in TermColorTests.test_colorize_empty_text(). 2020-05-04 11:34:08 +02:00
Hasan Ramezani
f121621073 Fixed #31521 -- Skipped test_parsing_rfc850 test on 32-bit systems. 2020-04-30 06:51:47 +02:00
Jon Dufresne
505fec6bad Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
Claude Paroz
e663f695fb Fixed #31359 -- Deprecated get_random_string() calls without an explicit length. 2020-03-11 13:16:44 +01:00
Hasan Ramezani
bc1c034076 Fixed #28280 -- Prevented numberformat.format() from formatting large/tiny floats in scientific notation. 2020-02-26 16:02:53 +01:00
Claude Paroz
4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Hasan Ramezani
fc4f45ebdc Used assertRaisesMessage() in various tests. 2020-02-07 12:46:23 +01:00
Claude Paroz
50cf183d21 Refs #27468 -- Added algorithm parameter to django.utils.crypto.salted_hmac(). 2020-01-27 12:42:21 +01:00
Claude Paroz
b5a62bd17d Refs #27468 -- Added explicit tests for django.utils.crypto.salted_hmac() 2020-01-15 12:53:21 +01:00
Sjbrgsn
b2bd08bb7a Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ".
Thanks Luis Nell for the implementation idea and very detailed report.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-12-30 20:47:22 +01:00
Mads Jensen
62727e65fb Increased test coverage of django.utils.inspect. 2019-12-27 10:08:24 +01:00
Jon Dufresne
e703b93a65 Fixed #31080 -- Removed redundant type="text/javascript" attribute from <script> tags. 2019-12-11 09:49:54 +01:00
Farhaan Bukhsh
1f817daa20 Fixed #30803 -- Allowed comma separators for milliseconds in django.utils.dateparse functions.
Co-Authored-By: Ben Wilber <benwilber@gmail.com>
2019-11-27 09:43:12 +01:00
Farhaan Bukhsh
42b23d1e79 Refs #30803 -- Allowed comma separators for decimal fractions in parse_duration(). 2019-11-27 09:43:12 +01:00
Baptiste Mispelon
8929afb8ec Fixed #9762 -- Made DateFormat.r() locale-independent.
Thanks to Antonio Melé for the original report all those years ago
and to all the contributors who helped along the way.
2019-11-22 12:41:53 +01:00
Baptiste Mispelon
76ec032712 Refs #26281 -- Added a helpful error message for an invalid "r" specifier to dateformat.format(). 2019-11-22 12:32:30 +01:00
Baptiste Mispelon
18e10740a4 Refs #30990 -- Added test for 'z' date format with a leap year. 2019-11-18 11:30:18 +01:00
Jon Dufresne
edeec1247e Passed strict=True to Path.resolve() to enforce that the path must exist. 2019-11-05 14:22:20 +01:00
Hasan Ramezani
6315a272c5 Refs #28428 -- Made filepath_to_uri() support pathlib.Path. 2019-10-30 13:13:15 +01:00
Nick Pope
7552de7866 Used more specific unittest assertions in tests.
* assertIsNone()/assertIsNotNone() instead of comparing to None.
* assertLess() for < comparisons.
* assertIs() for 'is' expressions.
* assertIsInstance() for isinstance() expressions.
* rounding of assertAlmostEqual() for round() expressions.
* assertIs(..., True/False) instead of comparing to True/False.
* assertIs()/assertIsNot() for ==/!= comparisons.
* assertNotEqual() for == comparisons.
* assertTrue()/assertFalse() instead of comparing to True/False.
2019-10-29 12:37:30 +01:00
Hasan Ramezani
52cb419072 Fixed #30918 -- Made timesince()/timeuntil() respect custom time strings for future and the same datetimes. 2019-10-28 12:28:18 +01:00