1
0
mirror of https://github.com/django/django.git synced 2025-03-16 12:20:46 +00:00

1206 Commits

Author SHA1 Message Date
Tim Graham
af523573fc [1.7.x] Clarified deprecation of forms.forms.get_declared_fields(); refs #19617.
Backport of 89e9f81601f7a343690e1153e70fd56091246d0b from master
2015-01-18 16:07:48 -05:00
Tim Graham
e8191caca5 [1.7.x] Clarified a contrib.sites deprecation and added to 1.7 release notes.
Backport of ba27f895878bb155fefb8c1b9beee2c9f3d85b3f from master
2015-01-18 13:45:40 -05:00
Tim Graham
065b2a82f6 [1.7.x] Fixed #24135 -- Made RenameModel rename many-to-many tables.
Thanks Simon and Markus for reviews.

Backport of 28db4af80a319485c0da724d692e2f8396aa57e3 from master
2015-01-15 20:43:49 -05:00
Markus Holtermann
478546fcef [1.7.x] Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth
Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.

Backport of 737d24923ac69bb8b89af1bb2f3f4c4c744349e8 from master.
2015-01-14 20:37:56 +01:00
Tim Graham
2e2617991a [1.7.x] Added stub release notes for 1.7.4.
Backport of ec7ef5afbbd12abe74314d557aabb3d85d667749 from master
2015-01-14 09:48:06 -05:00
Tim Graham
9b403a108c [1.7.x] Added dates to release notes. 2015-01-13 13:09:34 -05:00
Tim Graham
bcfb47780c [1.7.x] Fixed DoS possibility in ModelMultipleChoiceField.
This is a security fix. Disclosure following shortly.

Thanks Keryn Knight for the report and initial patch.
2015-01-13 13:02:56 -05:00
Tim Graham
818e59a3f0 [1.7.x] Prevented views.static.serve() from using large memory on large files.
This is a security fix. Disclosure following shortly.
2015-01-13 13:02:56 -05:00
Tim Graham
de67dedc77 [1.7.x] Fixed is_safe_url() to handle leading whitespace.
This is a security fix. Disclosure following shortly.
2015-01-13 13:02:56 -05:00
Carl Meyer
41b4bc73ee [1.7.x] Stripped headers containing underscores to prevent spoofing in WSGI environ.
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
2015-01-13 13:02:56 -05:00
Tim Graham
33f1ccf5b1 [1.7.x] Added stub release notes for security releases. 2015-01-13 13:02:55 -05:00
Markus Holtermann
ef5889409b [1.7.x] Fixed #24110 -- Rewrote migration unapply to preserve intermediate states
Backport of fdc2cc948725866212a9bcc97b9b7cf21bb49b90 and be158e36251df0b07556657da47cdaf10913c57a from master
2015-01-11 00:35:49 +01:00
Serafeim Papastefanos
1a352fe175 [1.7.x] Fixed #23967 -- Added formats for Greek
Backport of 74f02557e0183812d6d60e2548985c5c40b3d27b from master
2015-01-10 11:11:57 -05:00
Claude Paroz
7e65876b7c [1.7.x] Fixed #24097 -- Prevented AttributeError in redirect_to_login
Thanks Peter Schmidt for the report and the initial patch.
Thanks to Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
Backport of d7bc37d61 from master.
2015-01-10 10:13:50 +01:00
Claude Paroz
d8fb557a51 [1.7.x] Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
Backport of 27dd7e7271 from master.
2015-01-06 08:45:10 +01:00
Tim Graham
0e21fd4e40 [1.7.x] Added 1.4.18 release notes.
Backport of ce17b045bf5629aac66f872c3f548205906e04db from master
2015-01-05 14:25:36 -05:00
Tim Graham
4aed731154 [1.7.x] Increased the default PBKDF2 iterations. 2015-01-03 13:36:13 -05:00
Tim Graham
0a06ae9ef3 [1.7.x] Added 1.7.3 release notes stub.
Backport of 439f15beabe2e4d21232798f805ba69367611276 from master
2015-01-03 13:27:46 -05:00
Tim Graham
20dcf5155b [1.7.x] Added dates to release notes.
Backport of 15cd71ed24945ff7be5716580603fd65c0d45ef7 from master
2015-01-02 19:20:44 -05:00
Tim Graham
fda458c0b6 [1.7.x] Updated six to 1.9.0.
Backport of 52f0b2b62262743d5f935ddae29428e661b5d8ea from master
2015-01-02 13:23:18 -05:00
Tim Graham
f461bc02cb [1.7.x] Fixed #23366 -- Fixed a crash with the migrate --list command.
Backport of b4bdd5262b18644456d12a00d475adf9897a9255 from master
2014-12-31 17:27:43 -05:00
Andrey Maslov
8de2a44064 [1.7.x] Fixed #24008 -- Fixed ValidationError crash with list of dicts.
Backport of 7a878ca5cb50ad65fc465cb263a44cc93629f75c from master
2014-12-31 14:46:17 -05:00
Piotr Pawlaczek
e11ff3975f [1.7.x] Fixed #23758 -- Allowed more than 5 levels of subqueries
Refactored bump_prefix() to avoid infinite loop and allow more than
than 5 subquires by extending the alphabet to use multi-letters.

Backport of 41fc1c0b5eac156e200a10233c7c9210a1c0fed8 from master
2014-12-31 09:42:07 -05:00
Tim Graham
9311a94ca5 [1.7.x] Revert "Updated some docs for the delayed deprecation of legacy table creation; refs #22340."
The deprecation was moved back to 1.9 in
61da5f3f02f34810aaa6fcddac3808318a5b95c4.

Backport of d7fc6eb8ca67a6a628e8c7ce669731cf563606e7 from master
2014-12-30 11:53:33 -05:00
Tim Graham
a9da5dd5b6 [1.7.x] Fixed #23581 -- Prevented extraneous DROP DEFAULT statements.
Thanks john_scott for the report and Markus Holtermann for review.

Backport of ab4f709da4516672b0bd811f2b4d0c4ba9f5b636 from master
2014-12-30 08:31:18 -05:00
Tim Graham
79645529e7 Revert "[1.7.x] Fixed #23938 -- Added migration support for m2m to concrete fields and vice versa"
This reverts commit 1702bc52cc20ed0729893177fc8f4391b4b3183c.

This doesn't work on stable/1.7.x because #23844 wasn't backported and we're
not willing to do so because it's a large change.
2014-12-29 15:37:15 -05:00
Markus Holtermann
1702bc52cc [1.7.x] Fixed #23938 -- Added migration support for m2m to concrete fields and vice versa
Thanks to Michael D. Hoyle for the report and Tim Graham for the review.

Backport of 623ccdd598625591d1a12fc1564cf3ef9a87581f from master
2014-12-29 13:42:29 -05:00
Aymeric Augustin
3483682749 [1.7.x] Fixed #23831 -- Supported strings escaped by third-party libs in Django.
Refs #7261 -- Made strings escaped by Django usable in third-party libs.

The changes in mark_safe and mark_for_escaping are straightforward. The
more tricky part is to handle correctly objects that implement __html__.

Historically escape() has escaped SafeData. Even if that doesn't seem a
good behavior, changing it would create security concerns. Therefore
support for __html__() was only added to conditional_escape() where this
concern doesn't exist.

Then using conditional_escape() instead of escape() in the Django
template engine makes it understand data escaped by other libraries.

Template filter |escape accounts for __html__() when it's available.
|force_escape forces the use of Django's HTML escaping implementation.

Here's why the change in render_value_in_context() is safe. Before Django
1.7 conditional_escape() was implemented as follows:

    if isinstance(text, SafeData):
        return text
    else:
        return escape(text)

render_value_in_context() never called escape() on SafeData. Therefore
replacing escape() with conditional_escape() doesn't change the
autoescaping logic as it was originally intended.

This change should be backported to Django 1.7 because it corrects a
feature added in Django 1.7.

Thanks mitsuhiko for the report.

Backport of 6d52f6f from master.
2014-12-27 18:26:20 +01:00
Aymeric Augustin
b429a9796a [1.7.x] Fixed an inconsistency introduced in 547b1810.
mark_safe and mark_for_escaping should have been kept similar.

On Python 2 this change has no effect. On Python 3 it fixes the use case
shown in the regression test for mark_for_escaping, which used to raise
a TypeError. The regression test for mark_safe is just for completeness.

Backport of 5c5eb5fe from master.
2014-12-27 18:17:18 +01:00
Tim Graham
a79012f6d8 [1.7.x] Fixed #24000 -- Corrected contrib.sites default site creation in a multiple database setup.
Backport of 89e2c60f4396241c667b7a1de37765b7c96d702f from master
2014-12-27 10:29:21 -05:00
Claude Paroz
322560489b [1.7.x] Fixed #24051 -- Made schema infrastructure honor tablespaces
Partial backport of 30cbd5d36. Thanks Douglas J. Reynolds for the
report and initial patch.
2014-12-27 15:12:17 +01:00
Tim Graham
1173140dbf [1.7.x] Fixed #24054 -- Enabled sqlsequencereset for apps with migrations.
Backport of c2e419c26781b88f2b34b445f450b735267155b0 from master
2014-12-26 15:57:30 -05:00
Tim Graham
51ea30a43b [1.7.x] Fixed #24037 -- Prevented data loss possibility when changing Meta.managed.
The migrations autodetector now issues AlterModelOptions operations for
Meta.managed changes instead of DeleteModel + CreateModel.

Thanks iambibhas for the report and Simon and Markus for review.

Backport of 061caa5b386681dc7bdef16918873043224a299c from master
2014-12-23 14:26:56 -05:00
Tim Graham
ac098867c0 [1.7.x] Fixed #23525 -- Fixed admindocs crash on apps installed as eggs.
Thanks welbornprod for report and initial patch.

Backport of 01ab84c61330ffa5ac87c637249611c5e5343e57 from master
2014-12-22 15:19:48 -05:00
Oscar Ramirez
1ad5deedd4 [1.7.x] Fixed #23998 -- Added datetime.time support to migrations questioner.
Backport of 54085b0f9ba7d9f705f9b9c90d3433b0ef6aa042 from master
2014-12-22 07:26:57 -05:00
Tim Graham
c24624025b [1.7.x] Added upgrade instructions for deprecated model _meta permission methods.
Backport of a3d96bee36040975ded8e3bf02e33e48d06f1f16 from master
2014-12-19 19:12:50 -05:00
Claude Paroz
f46a16614d [1.7.x] Fixed #24015 -- Factorized create_index_sql expression
Backport of 6072f17d0 from master, with one test reinforced.
Thanks Tim Graham for the review.
2014-12-18 21:14:29 +01:00
Claude Paroz
47912d9f2b [1.7.x] Fixed #24007 -- Ensure apps registry's ready before unpickling models
This prevents AppRegistryNotReady errors when unpickling Django
models from an external script.
Backport of 108b8bf85 from master.
2014-12-17 18:41:12 +01:00
Mosson, Andrew
6d8c14621e [1.7x.] Fixed #23497 -- Made admin system checks run for custom AdminSites.
Backport of b7219c7ba5fdfbf9349948b5a91af50e32822ee6 from master
2014-12-17 09:16:05 -05:00
Markus Holtermann
a38951948a [1.7.x] Fixed display of lists after website redesign
Thanks Brian Jacobel for the report. refs django/djangoproject.com#197

Backport of c7786550c4ed396b8580db58f7da60e850894d19 from master
2014-12-17 08:24:27 -05:00
Alex Gaynor
ebfb1dab26 [1.7.x] Fixed the formatting of one section of the security page
Backport of 104aaab7049afc6ef456fee52763f6d4f7dd575d from master
2014-12-16 19:01:06 -05:00
Tim Graham
c085bea6c3 [1.7.x] Fixed #23975 -- Restored pre_migrate signal if all apps have migrations.
Thanks kmmbvnr for the report.

Backport of d2ff8a7241b621b8013c7ec1631e95ae4445f76d from master
2014-12-16 18:39:19 -05:00
Andriy Sokolovskiy
10482faf19 [1.7.x] Fixed #23983 -- Fixed a crash in migrations when adding order_with_respect_to to non-empty table.
Backport of 3dbbb8a89ca4beaabd5359fe82e32ed633b15140 from master
2014-12-16 10:56:35 -05:00
Andriy Sokolovskiy
fdf4dc6cea [1.7.x] Fixed #23405 -- Fixed makemigrations prompt when adding Text/CharField.
A default is no longer required.

Backport of d8f3b86a7691c8aa0ec8f5a064ad4c3218250fed from master
2014-12-15 14:58:01 -05:00
Tim Graham
4cc646bb56 [1.7.x] Fixed typos in docs/releases/1.7.2.txt.
Backport of d39461eb46b2d11051940e16818baf2f0e1b894d from master
2014-12-15 13:43:34 -05:00
Andriy Sokolovskiy
1690b92b0d [1.7.x] Fixed #23987 -- Made SQLite SchemaEditor always use effective_default().
Backport of 089047331d972c0ee58d13476fc54f2118bf1359 from master
2014-12-15 13:42:08 -05:00
JuneHyeon Bae
eb632bfba5 [1.7.x] Fixed timesince translations for Korean
Refs #23989.
2014-12-14 16:47:06 +01:00
Shai Berger
9189ef438e [1.7.x] Added release note for Refs #23969 2014-12-13 22:57:25 +02:00
Carl Meyer
0a8b911582 [1.7.x] Fixed #23455 -- Accept either bytes or text for related_name, convert to text.
Backport of c72eb80d114fb5d90bd21b5549e8abd0bbd17f99 from master.
2014-12-12 13:13:57 -07:00
Carl Meyer
f8b4cf4022 [1.7.x] Revert "Fixed #23455 -- Forced related_name to be a unicode string during deconstruction."
This reverts commit 45bd7b3bd9008941580c100b9fc7361e3ff3ff0d.

This is a backport of 8aaf51f94c70e3cfcd2c75a0be1b6f55049d82d8 from master.
2014-12-12 13:09:04 -07:00