mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-28 12:06:22 +00:00
Code Issues 30 Releases Wiki Activity
31,624 Commits 28 Branches 426 Tags 680 MiB
b08f53ff46
Commit Graph

12789 Commits

Author SHA1 Message Date
Mariusz Felisiak
97e8a2afb1 [4.2.x] Fixed #34821 -- Prevented DEFAULT_FILE_STORAGE/STATICFILES_STORAGE settings from mutating the main STORAGES. 
Regression in 6b965c6000.
Backport of a7c73b944f from main
 2023-09-11 13:04:55 +02:00
Mariusz Felisiak
9c51b4dcfa [4.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri(). 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.

Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
 2023-09-04 12:05:35 +02:00
willzhao
acfb427522 [4.2.x] Fixed #34803 -- Fixed queryset crash when filtering againts deeply nested OuterRef annotations. 
Thanks Pierre-Nicolas Rigal for the report.

Regression in c67ea79aa9.

Backport of 9cc0d7f7f8 from main
 2023-09-01 11:25:00 +02:00
Juan Alvarez
46b2b08e45 [4.2.x] Fixed #34779 -- Avoided unnecessary selection of non-nullable m2m fields without natural keys during serialization. 
By using `select_related(None)` instead of `select_related()`, the
unnecessary joins are completely avoided. Note that the current tests
already covers the change, when the field is not `null=True`.

Regression in f9936deed1.

Backport of 517d3bb4dd from main
 2023-08-19 11:23:59 +02:00
Mariusz Felisiak
d34db6602e [4.2.x] Fixed #34773 -- Fixed syncing DEFAULT_FILE_STORAGE/STATICFILES_STORAGE settings with STORAGES. 
Thanks Petr Dlouhý for the report.

Bug in 32940d390a.
Backport of 6b965c6000 from main
 2023-08-18 18:12:30 +02:00
Simon Charette
3a1863319c [4.2.x] Fixed #34754 -- Fixed JSONField check constraints validation on NULL values. 
The __isnull lookup of JSONField must special case
Value(None, JSONField()) left-hand-side in order to be coherent with
its convoluted null handling.

Since psycopg>=3 offers no way to pass a NULL::jsonb the issue is
resolved by optimizing IsNull(Value(None), True | False) to
True | False.

Regression in 5c23d9f0c3.

Thanks Alexandre Collet for the report.

Backport of 3434dbd39d from main
 2023-08-04 10:58:53 +02:00
Mariusz Felisiak
8808d9da6b [4.2.x] Fixed #34750 -- Fixed QuerySet.count() when grouping by unused multi-valued annotations. 
Thanks Toan Vuong for the report.
Thanks Simon Charette for the review.

Regression in 59bea9efd2.
Backport of c9b9a52edc from main
 2023-08-01 16:17:06 +02:00
Mariusz Felisiak
8db9a0b5a0 [4.2.x] Fixed warnings per flake8 6.1.0. 
Backport of 22b0b73c77 from main
 2023-07-30 16:18:48 +02:00
Simon Charette
739da73164 [4.2.x] Fixed #34748 -- Fixed queryset crash when grouping by a reference in a subquery. 
Regression in dd68af62b2.

Thanks Toan Vuong for the report.

Backport of 4087367ba8 from main
 2023-07-30 07:51:52 +02:00
Simon Charette
7a67b065d7 [4.2.x] Fixed #34717 -- Fixed QuerySet.aggregate() crash when referencing window functions. 
Regression in 59bea9efd2.

Refs #28477.

Thanks younes-chaoui for the report.

Backport of 68912e4f6f from main
 2023-07-19 09:06:16 +02:00
Mariusz Felisiak
b7c5feb35a [4.2.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator. 
Thanks Seokchan Yoon for reports.
 2023-07-03 08:19:23 +02:00
Mariusz Felisiak
4b433ef236 [4.2.x] Refs #30220 -- Bumped required version of Selenium to 3.8.0. 
Follow up to 8d010f3986.
Backport of 06881341d4 from main
 2023-06-13 10:13:15 +02:00
Mariusz Felisiak
31d1fc36b3 [4.2.x] Fixed #34645 -- Restored alignment for admin date/time timezone warnings. 
Regression in 96a598356a.
Backport of caf80cb41f from main
 2023-06-09 21:37:50 +02:00
Mariusz Felisiak
87a4cd559b [4.2.x] Fixed #34620 -- Fixed serialization crash on m2m fields without natural keys when base querysets use select_related(). 
Regression in 19e0587ee5.

Thanks Martin Svoboda for the report.
Backport of f9936deed1 from main
 2023-06-04 20:49:40 +02:00
Simon Charette
738386470d [4.2.x] Fixed #34612 -- Fixed QuerySet.only() crash on reverse relationships. 
Regression in b3db6c8dcb.

Thanks Ian Cubitt for the report.

This also corrected test_inheritance_deferred2() test which was
previously properly defined and marked as an expected failure but was
then wrongly adjusted to mask the lack of support for per-alias
deferral that was fixed by #21204.

Backport of 2cf76f2d5d from main
 2023-06-01 20:27:06 +01:00
David Sanders
91f8df5c2e [4.2.x] Fixed #34590 -- Reverted "Refs #33308 -- Improved adapting DecimalField values to decimal." 
This reverts 7990d254b0.

Thanks Marc Odermatt for the report.
Backport of 0c1518ee42 from main
 2023-05-24 11:00:21 +02:00
Mariusz Felisiak
bf5249fc8e [4.2.x] Refs #34118 -- Fixed FunctionalTests.test_cached_property_reuse_different_names() on Python 3.12+. 
Python 3.12+ no longer wraps exceptions in __set_name__, see
55c99d97e1
Backport of fc9c90d9c4 from main
 2023-05-23 12:58:32 +02:00
Simon Charette
c78a4421de [4.2.x] Fixed #34551 -- Fixed QuerySet.aggregate() crash when referencing subqueries. 
Regression in 59bea9efd2.

Refs #28477.

Thanks Denis Roldán and Mariusz for the test.

Backport of e5c844d6f2 from main
 2023-05-23 07:39:24 +02:00
Simon Charette
57f499e412 [4.2.x] Refs #34551 -- Fixed QuerySet.aggregate() crash on precending aggregation reference. 
Regression in 1297c0d0d7.

Refs #31679.

Backport of 2ee01747c3 from main
 2023-05-23 07:39:18 +02:00
Mariusz Felisiak
cdd970ae22 [4.2.x] Fixed #34568 -- Made makemigrations --update respect --name option. 
Thanks David Sanders for the report.
Backport of c52f4295f2 from main
 2023-05-17 13:15:30 +02:00
Simon Charette
201d29b371 [4.2.x] Fixed #34570 -- Silenced noop deferral of many-to-many and GFK. 
While deferring many-to-many and GFK has no effect, the previous
implementation of QuerySet.defer() ignore them instead of crashing.

Regression in b3db6c8dcb.

Thanks Paco Martínez for the report.

Backport of 99e5dff737 from main
 2023-05-17 08:39:44 +02:00
Julie Rymer
9c301814b0 [4.2.x] Fixed #34539 -- Restored get_prep_value() call when adapting JSONFields. 
Regression in 5c23d9f0c3.

Backport of 0ec60661e6 from main
 2023-05-16 11:02:33 +02:00
Mariusz Felisiak
e0d8981139 [4.2.x] Fixed #34544 -- Avoided DBMS_LOB.SUBSTR() wrapping with IS NULL condition on Oracle. 
Regression in 09ffc5c121.

Thanks Michael Smith for the report.

This also reverts commit 1e4da43955.
Backport of 1586a09b79 from main
 2023-05-08 19:35:20 +02:00
Mariusz Felisiak
9ec1ff7879 [4.2.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if Pillow isn't installed. 
Follow up to fb4c55d9ec.
Backport of fcfbf08abe from main
 2023-05-04 08:09:27 +02:00
Mariusz Felisiak
21b1b1fc03 [4.2.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field. 
Thanks Moataz Al-Sharida and nawaik for reports.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
 2023-05-03 13:43:16 +02:00
Mariusz Felisiak
290fd5ecec [4.2.x] Fixed #34529, Refs #34525 -- Reduced index operations with Meta.indexes/index_together when optimizing migrations. 
This makes squashing migrations an available path for changing
Meta.index_together, which is deprecated, to Meta.indexes.

Follow up to f810325721.

Backport of 8e2460d599 from main.
 2023-05-03 13:09:49 +02:00
Mariusz Felisiak
f200d83698 [4.2.x] Fixed #34515 -- Made LocaleMiddleware prefer language from paths when i18n patterns are used. 
Regression in 94e7f471c4.

This reverts commit 94e7f471c4
(refs #34069) and
partly reverts commit 3b4728310a.

Thanks Anthony Baillard for the report.

Co-Authored-By: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>

Backport of 0e444e84f8 from main
 2023-05-02 06:33:23 +02:00
Mariusz Felisiak
fffbf85080 [4.2.x] Fixed #34512 -- Restored breadcrumbs on admin app index view. 
Thanks Adam (ataylor32) for the report.

Regression in 872b61193b.
Backport of 9440f6ba41 from main
 2023-04-26 08:37:30 +02:00
Mariusz Felisiak
f75a6977e4 [4.2.x] Refs #34483 -- Fixed timesince()/timeuntil() with timezone-aware dates on different days and interval less than 1 day. 
Follow up to 813015d67e.
Regression in 8d67e16493.
Backport of 198a19b692 from main
 2023-04-14 17:42:33 +02:00
Scott Macpherson
090d5ccc6c [4.2.x] Fixed #34486 -- Fixed DatabaseOperations.compose_sql() crash with no existing database connection on PostgreSQL. 
Regression in 09ffc5c121.

Backport of 53aee470d5 from main
 2023-04-14 11:02:47 +02:00
Mariusz Felisiak
cd464fbc3a
[4.2.x] Refs #34483 -- Fixed utils_tests.test_timesince crash on Python 3.8. 2023-04-14 06:10:31 +02:00
nessita
a3c14ea61b [4.2.x] Fixed #34483 -- Fixed timesince()/timeuntil() with timezone-aware dates and interval less than 1 day. 
Regression in 8d67e16493.

Thanks Lorenzo Peña for the report.

Backport of 813015d67e from main
 2023-04-13 13:20:16 -03:00
Mariusz Felisiak
791407fef1 [4.2.x] Refs #34482 -- Reverted "Fixed #32969 -- Fixed pickling HttpResponse and subclasses." 
This reverts commit d7f5bfd241.

Thanks Márton Salomváry for the report.

Backport of 173034b005 from main
 2023-04-12 18:53:29 +02:00
Mariusz Felisiak
2feb9333e7 [4.2.x] Fixed #34484, Refs #34482 -- Reverted "Fixed #29186 -- Fixed pickling HttpRequest and subclasses." 
This reverts commit 6220c445c4.

Thanks Adam Johnson and Márton Salomváry for reports.

Backport of 280ca147af from main
 2023-04-12 18:53:22 +02:00
sarahboyce
facc153af7 [4.2.x] Fixed #34455 -- Restored i18n_patterns() respect of prefix_default_language argument when fallback language is used. 
Regression in 94e7f471c4.

Thanks Oussama Jarrousse for the report.

Backport of 3b4728310a from main
 2023-04-10 15:35:28 +02:00
Mariusz Felisiak
f6e0029fcd [4.2.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on Python 3.11.4+. 
5342f5e713

Follow up to 38e63c9e61.
Backport of 2eb1f37260 from main
 2023-04-07 11:08:32 +02:00
Mariusz Felisiak
b0d7753d07 [4.2.x] Fixed #34470 -- Enforced UTF-8 encoding on PostgreSQL. 
Regression in 6a21658163.
Backport of 5b8a043bf5 from main
 2023-04-07 10:12:19 +02:00
Anders Kaseorg
0bc2bbf041 [4.2.x] Fixed #34466 -- Reallowed setting cursor_factory in DATABASES["options"] on PostgreSQL. 
Regression in 09ffc5c121.

Backport of 73cbb372ba from main
 2023-04-07 09:21:54 +02:00
Simon Charette
511dc3db53 [4.2.x] Fixed #34464 -- Fixed queryset aggregation over group by reference. 
Regression in 59bea9efd2.

Refs #28477.

Thanks Ian Cubitt for the report.

Backport of 9daf8b4109 from main
 2023-04-07 06:58:24 +02:00
Mariusz Felisiak
db49def5fc [4.2.x] Fixed #34459 -- Fixed SearchVector() crash for parameters with % symbol. 
Thanks Patryk Zawadzki for the report.

Regression in 09ffc5c121.

Backport of 4bf4222010 from main
 2023-04-06 13:33:13 +02:00
Mariusz Felisiak
dece89df81 [4.2.x] Moved SearchVectorIndexTests.test_search_vector_index to postgres_tests.test_indexes. 
Backport of 02a04ab79a from main
 2023-04-06 13:33:08 +02:00
Mariusz Felisiak
32cfa73c6a [4.2.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on Python 3.12+. 
2a4d8c0a9e
Backport of 38e63c9e61 from main
 2023-04-05 13:59:55 +02:00
Simon Charette
647920b766 [4.2.x] Fixed #34458 -- Fixed QuerySet.defer() crash on attribute names. 
Thanks Andrew Cordery for the report.

Regression in b3db6c8dcb.

Backport of 87c63bd8df from main
 2023-04-05 06:06:03 +02:00
Mariusz Felisiak
f12dc36754 [4.2.x] Fixed #34443 -- Fixed filtering by transforms on reverse relations. 
Regression in ce6230aa97.
Backport of 996c802229 from main
 2023-03-28 21:03:48 +02:00
Mariusz Felisiak
be6a309b1d [4.2.x] Refs #29799 -- Added field instance lookups to suggestions in FieldErrors. 
Bug in cd1afd553f.
Backport of 3afdc9e9b4 from main
 2023-03-28 19:19:30 +02:00
Gary Jarrel
99ba5b43f0 [4.2.x] Fixed #34438 -- Reallowed extending UserCreationForm. 
Regression in 298d02a77a.

Backport of fcc7dc5781 from main
 2023-03-28 12:48:25 +02:00
Tom Carrick
788f7b8100 [4.2.x] Fixed #34383 -- Fixed layout of admin fieldsets with multiple fields on the same line. 
Thanks Antonio Candido Nazareth junior for the report.

Regression in 96a598356a.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>

Backport of d687febce5 from main
 2023-03-28 05:35:28 +02:00
Carlton Gibson
ae824eceb1 [4.2.x] Fixed #34428 -- Made ASGIStaticFilesHandler adapt response to async iterator. 
Bug in 0bd2c0c901.
Backport of 02c356f2f3 from main
 2023-03-21 20:52:59 +01:00
Mariusz Felisiak
f2923306f1 [4.2.x] Fixed #34322 -- Made ES module support to ManifestStaticFilesStorage optional. 
Co-authored-by: Author: Claude Paroz <claude@2xlibre.net>
Backport of e10c1688f9 from main
 2023-03-18 14:06:09 +01:00
David Wobrock
6937c92169 [4.2.x] Fixed #34384 -- Fixed session validation when rotation secret keys. 
Bug in 0dcd549bbe.

Thanks Eric Zarowny for the report.

Backport of 2396933ca9 from main
 2023-03-08 11:33:03 +01:00