mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-28 03:55:50 +00:00
Code Issues 30 Releases Wiki Activity
31,099 Commits 28 Branches 426 Tags 678 MiB
bc3b8f1524
Commit Graph

13016 Commits

Author SHA1 Message Date
Mariusz Felisiak
78eeff8d33 Added CVE-2022-28346 and CVE-2022-28347 to security archive. 2022-04-11 10:32:22 +02:00
Mariusz Felisiak
6723a26e59 Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL. 2022-04-11 08:59:58 +02:00
Mariusz Felisiak
93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases. 
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
 2022-04-11 08:59:33 +02:00
Manel Clos
62739b6e26 Fixed #33628 -- Ignored directories with empty names in autoreloader check for template changes. 
Regression in 68357b2ca9.
 2022-04-11 07:37:30 +02:00
Carlton Gibson
9ffd4eae2c
Fixed #33611 -- Allowed View subclasses to define async method handlers. 2022-04-07 07:05:59 +02:00
sarahboyce
65effbdb10 Fixed #33471 -- Made AlterField operation a noop when changing "choices". 
This also allows customizing attributes of fields that don't affect
a column definition.
 2022-04-06 13:05:57 +02:00
Baptiste Mispelon
50e1e7ef8e Fixed #33348 -- Changed SimpleTestCase.assertFormError()/assertFormsetErrors() to take form/formset. 
Instead of taking a response object and a context name for
the form/formset, the two methods now take the object directly.
 2022-04-06 07:58:52 +02:00
Mariusz Felisiak
78277faafd Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28. 2022-04-04 10:31:57 +02:00
Lucidiot
13a9cde133 Fixed #33613 -- Made createsuperuser detect uniqueness of USERNAME_FIELD when using Meta.constraints. 2022-04-01 11:39:41 +02:00
sarahboyce
ae506181f7 Fixed #32129 -- Adjusted the docs for session expiry helpers. 
Updated the docs for `get_session_cookie_age`, `get_expiry_age`, and
`get_expiry_date` to clarify their intended usage by session backends
when saving the session.
 2022-03-31 17:06:14 +02:00
David
c8459708a7 Refs #32339 -- Added use_fieldset to Widget. 2022-03-30 16:28:14 +02:00
Mariusz Felisiak
fac662f479
Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_relation argument from Query methods." 
Thanks lind-marcus for the report.

This reverts commit 0c71e0f9cf.

Regression in 0c71e0f9cf.
 2022-03-30 07:31:56 +02:00
Carlton Gibson
59ab3fd0e9 Refs #32365 -- Deprecated django.utils.timezone.utc. 2022-03-29 14:47:44 +02:00
Alokik Vijay
baf9604ed8 Fixed #16406 -- Added ResolveMatch.captured_kwargs and extra_kwargs. 
Thanks Florian Apolloner for the review and implementation idea.
 2022-03-29 10:27:40 +02:00
Mariusz Felisiak
83c803f161
Updated Oracle docs links to Oracle 21c. 2022-03-29 09:41:57 +02:00
Mariusz Felisiak
010a9d8a4f
Updated various links to HTTPS and new locations. 2022-03-29 07:46:08 +02:00
René Fleschenberg
eb07b5be0c Fixed #15619 -- Deprecated log out via GET requests. 
Thanks Florian Apolloner for the implementation idea.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-03-29 06:42:14 +02:00
Sih Sîng-hông薛丞宏
d4bf3b4c75 Corrected models.FileField signature in docs. 2022-03-28 13:25:39 +02:00
David Smith
379bb201ed Fixed #33564 -- Confirmed support for PROJ 9.X. 2022-03-25 13:09:15 +01:00
David Smith
510c4e465c Used Cmake in GEOS installation docs. 2022-03-25 11:56:22 +01:00
adontz
2bee0b4328 Fixed #7497 -- Allowed overriding the order of apps and models in admin. 2022-03-25 10:33:44 +01:00
Mariusz Felisiak
94d8ed55fa
Refs #15619 -- Logged out with POST requests in admin. 2022-03-24 17:41:53 +01:00
Carlton Gibson
bb61f0186d Refs #32365 -- Removed internal uses of utils.timezone.utc alias. 
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
 2022-03-24 06:29:50 +01:00
Thomas Schmidt
1cf60ce601 Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value. 2022-03-23 19:33:36 +01:00
Samuel Hartmann
5cc9464e4d Fixed #33544 -- Expanded the TEMPLATES section of the Deployment checklist. 
Clarified that the cached template loader is enabled by default when
DEBUG = False.
 2022-03-22 12:37:38 +01:00
Carlton Gibson
9fed515a25
Fixed #33585 -- Made example git repo URLs use HTTPS protocol. 
The SSH-based checkout requires additional configuration, which is
beneficial to defer for new contributors.

Follow up to 3c6a4fdb6d. This commit
updates the remaining examples.
 2022-03-22 11:57:44 +01:00
Mariusz Felisiak
653daaa60c
Refs #31676 -- Used term "merger" instead of "committer" in docs. 
Follow up to caa2dd08c4.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2022-03-22 11:13:36 +01:00
Tomas McNamer
f77216bd1a
Refs #28592 -- Improved some headings in CSRF how-to. 2022-03-22 06:05:34 +01:00
Mariusz Felisiak
b07ee98b27
Renamed Jenkins wiki page to CI. 
Jenkins is no longer the only CI tool.
 2022-03-19 15:41:48 +01:00
Mariusz Felisiak
39ae8d740e
Added missing backticks to function names. 2022-03-17 11:10:03 +01:00
tommcn
e458abc593 Refs #28592 -- Created a new CSRF how-to document. 2022-03-17 06:53:53 +01:00
tommcn
8e63390640 Corrected CSRF reference in middleware docs. 2022-03-17 06:03:10 +01:00
Gagaro
9c04af837a Doc'd BaseConstraint. 2022-03-16 16:55:17 +01:00
Mariusz Felisiak
970f5bf503
Fixed #33577 -- Confirmed support for GDAL 3.4. 2022-03-16 09:07:01 +01:00
Mariusz Felisiak
be80aa55ec
Removed outdated handling of length parameter to If-Modified-Since header. 
The length parameter is not described in RFC-7232 and it's against
HTTP/1.0 and HTTP/1.1 specifications. It was an old and unofficial
extension set by some ancient versions of IE.
 2022-03-15 13:07:44 +01:00
Tomas McNamer
65ac1431d5
Refs #28592 -- Removed redundant spaces in docs/ref/csrf.txt. 2022-03-14 07:46:01 +01:00
David Sanders
7c56fc8e91
Corrected AppConfig.get_models() signature in docs. 2022-03-14 06:54:16 +01:00
Mariusz Felisiak
6ffe48b8e4
Moved log_response() release notes into backwards incompatible changes section. 
Follow up to 90cf963264.
 2022-03-11 22:16:46 +01:00
Adrian Torres
d90e34c61b Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend. 2022-03-10 12:57:19 +01:00
David Smith
67b5f506a6
Changed some words to use inline markup. 2022-03-10 10:18:31 +01:00
David
3dbf46654c Removed unused and unnecessary words from docs/spelling_wordlist. 2022-03-09 10:35:00 +01:00
David Smith
71531cc32c
Changed "bolded" to "in bold" in docs. 2022-03-09 08:03:14 +01:00
Adam Johnson
a45f28f0ec Rewrote strip_tags test file to lorem ipsum. 2022-03-08 14:50:06 +01:00
Adam Johnson
a8c15481f4 Rewrote some references to "master". 
Following d9a266d657.
 2022-03-08 14:50:06 +01:00
Adam Johnson
76fda7729e
Clarified that tutorial background image should be self-provided. 2022-03-08 06:28:56 +01:00
Luke Plant
ae2da5ba65 Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_age argument. 2022-03-07 07:57:14 +01:00
Ryan Heard
c6b4d62fa2 Fixed #29865 -- Added logical XOR support for Q() and querysets. 2022-03-04 12:55:37 +01:00
Carlton Gibson
9652a118ce Added stub release notes for Django 4.0.4. 2022-03-01 09:58:35 +01:00
Carlton Gibson
47143e27d4 Updated release date for version 4.0.3. 2022-03-01 09:32:18 +01:00
Mariusz Felisiak
445b075def
Fixed #33547 -- Fixed error when rendering invalid inlines with readonly fields in admin. 
Regression in de95c82667.

Thanks David Glenck for the report.
 2022-03-01 08:09:58 +01:00
Mariusz Felisiak
aa8c36118c
Optimized docs images. 2022-02-25 13:40:13 +01:00
Albert Defler
2b6a3baebe Fixed #31486 -- Deprecated passing unsaved objects to related filters. 
Co-Authored-By: Hasan Ramezani <hasan.r67@gmail.com>
 2022-02-25 07:51:37 +01:00
Shubh1815
11cc227344 Fixed #33267 -- Added link to related item to related widget wrapper in admin. 2022-02-25 06:33:05 +01:00
Matthias Kestenholz
981615c6b5 Refs #33328 -- Added some advice regarding handling formset:added/removed in 3rd party libraries 2022-02-24 08:21:52 +01:00
Claude Paroz
eabc22f919
Fixed #33328 -- Transformed formset:added/removed to native JS events. 2022-02-23 10:33:07 +01:00
David Wobrock
7c318a8bdd Fixed #27844 -- Added optimizemigration management command. 2022-02-22 10:30:40 +01:00
Nick Pope
847f46e9bf
Removed redundant QuerySet.all() calls in docs and tests. 
Most QuerySet methods are mapped onto the Manager and, in general,
it isn't necessary to call .all() on the manager.
 2022-02-22 10:29:38 +01:00
Albert Defler
7ba6ebe914 Fixed #19580 -- Unified behavior of reverse foreign key and many-to-many relations for unsaved instances. 2022-02-22 09:16:40 +01:00
Theo Alexiou
659d2421c7 Fixed #20296 -- Prevented mark_safe() from evaluating lazy objects. 2022-02-21 10:11:26 +01:00
Vaarun Sinha
fe3518d25e Refs #33476 -- Mentioned black in docs about pre-commit checks. 2022-02-21 06:57:34 +01:00
Andrey Otto
f70a875cc0
Fixed #33530 -- Fixed typo in docs/ref/templates/builtins.txt. 2022-02-21 06:13:36 +01:00
Hasan Ramezani
9ac3ef59f9 Fixed #33379 -- Added minimum database version checks. 
Thanks Tim Graham for the review.
 2022-02-18 13:37:49 +01:00
Philipp Bosch
737542390a
Fixed typo in docs/topics/i18n/translation.txt. 2022-02-18 13:03:41 +01:00
Mariusz Felisiak
1e2e1be02b
Fixed #33515 -- Prevented recreation of migration for ManyToManyField to lowercased swappable setting. 
Thanks Chris Lee for the report.

Regression in 4328970780.

Refs #23916.
 2022-02-16 21:09:24 +01:00
Claude Paroz
5d13cc540e
Refs #32074 -- Recommended aiosmtpd for minimal SMTP server. 
Follow up to 569a33579c.
 2022-02-12 19:32:32 +01:00
Carlton Gibson
d113b5a837 Refs #33476 -- Made management commands use black. 
Run black on generated files, if it is available on PATH.
 2022-02-11 12:23:26 +01:00
Theo Alexiou
f9ec777a82 Fixed #26287 -- Added support for addition operations to SimpleLazyObject. 2022-02-10 11:24:51 +01:00
Claude Paroz
4c76ffc2d6 Fixed #29490 -- Added support for object-based Media CSS and JS paths. 2022-02-10 08:48:27 +01:00
Aaron Chong
2d472ad05c Fixed #33495 -- Improved debug logging message about adapting handlers for middlewares. 
It's the wrapped handler that's adapted to the wrapping middleware.
 2022-02-09 12:10:26 +01:00
John Hollingsworth
d70b4bea18 Fixed #32518 -- Doc'd that QuerySet.contains() should not be overused. 
Thanks Tim McCurrach for the idea.
 2022-02-08 07:57:56 +01:00
Mariusz Felisiak
7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Carlton Gibson
ba94488196 Refs #33476 -- Adjusted docs and config files for Black. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-02-07 20:36:04 +01:00
Grace Hawkins
25514b604a
Refs #32243 -- Fixed typo in docs/topics/files.txt. 2022-02-05 11:19:22 +01:00
Joshua Massover
c9d6e3595c Fixed #32243 -- Added docs examples for manually saving Files. 2022-02-03 09:23:02 +01:00
Mike Lissner
e459b0f5a0
Improved example of using a custom queryset in Model formsets docs. 2022-02-03 06:58:14 +01:00
Theofilos Alexiou
3ba60951fc
Added Redis to warning about using cached sessions in docs. 2022-02-02 20:45:37 +01:00
David Smith
770d3e6a4c
Fixed typo in release notes. 2022-02-02 07:17:57 +01:00
Mariusz Felisiak
ca88caa103 Refs #33476 -- Used vertical hanging indentation for format lists with inline comments. 
Lists with multiple values and comments per-line are reformatted
by Black to multiple lines with a single comment. For example:

DATE_INPUT_FORMATS =
    "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y",  # '2006-10-25', '10/25/2006', '10/25/06'
]

is reformatted to the:

DATE_INPUT_FORMATS =
    "%Y-%m-%d",
    "%m/%d/%Y",
    "%m/%d/%y",  # '2006-10-25', '10/25/2006', '10/25/06'
]

This reformats affected entries to multiple lines with corresponding
comments.
 2022-02-01 15:11:35 +01:00
tschilling
0dcd549bbe Fixed #30360 -- Added support for secret key rotation. 
Thanks Florian Apolloner for the implementation idea.

Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
 2022-02-01 11:12:24 +01:00
Mariusz Felisiak
ba4a6880d1 Added stub release notes for 4.0.3. 2022-02-01 09:10:20 +01:00
Mariusz Felisiak
9e0df0d6dd Added CVE-2022-22818 and CVE-2022-23833 to security archive. 2022-02-01 08:17:25 +01:00
Mariusz Felisiak
fc18f36c4a Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads. 
Thanks Alan Ryan for the report and initial patch.
 2022-02-01 07:41:40 +01:00
Markus Holtermann
394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Kirill Safronov
97a7274468 Fixed #33480 -- Fixed makemigrations crash when renaming field of renamed model. 
Regression in aa4acc164d.
 2022-02-01 07:01:41 +01:00
Mariusz Felisiak
71e7c8e737
Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on aggregates with default. 
Thanks Adam Johnson for the report.
 2022-01-31 11:33:24 +01:00
Claude Paroz
beb7ddbcee Updated translations from Transifex. 
Updated Bulgarian, Czech, German, Uzbek, and Vietnamese translations.

Forwardport of 7a1c6533eb from stable/4.0.x.
 2022-01-29 19:01:15 +01:00
Thomas Aglassinger
3a9b8b25d4
Fixed #33459 -- Clarified index type in full text search docs. 2022-01-28 06:36:39 +01:00
vgolubev
e87f57fdb8 Fixed #26142 -- Allowed model formsets to prevent new object creation. 
Thanks Jacob Walls, David Smith, and Mariusz Felisiak for reviews.

Co-authored-by: parth <parthvin@gmail.com>
 2022-01-27 20:45:21 +01:00
Mariusz Felisiak
e972620ada
Fixed #33462 -- Fixed migration crash when altering type of primary key with MTI and foreign key. 
This prevents duplicated operations when altering type of primary key
with MTI and foreign key. Previously, a foreign key to the base model
was added twice, once directly and once by the inheritance model.

Thanks bcail for the report.

Regression in 325d7710ce.
 2022-01-27 18:51:39 +01:00
Carlton Gibson
d15a10afb5
Adjusted CBV resolver_match example in testing tools docs. 
The view_class is available on the view callback, allowing that to be
checked, rather than the __name__.
 2022-01-26 20:58:22 +01:00
Kaushik Chintam
1625a8c8eb Fixed #33048 -- Doc'd that DEBUG static files requests don't use middleware chain. 2022-01-26 11:22:13 +01:00
Carlton Gibson
85f2a9fb0f Fixed #33407 -- Fixed .radiolist admin CSS. 
Regression in 5942ab5eb1.
 2022-01-26 09:26:48 +01:00
Mariusz Felisiak
34aba9c06e
Fixed typo in docs/releases/4.1.txt. 2022-01-25 10:57:05 +01:00
Mariusz Felisiak
eeca934238 Added stub release notes and release date for 4.0.2, 3.2.12, and 2.2.27. 2022-01-25 07:21:57 +01:00
Jacob Walls
edbf930287 Fixed #29984 -- Added QuerySet.iterator() support for prefetching related objects. 
Co-authored-by: Raphael Kimmig <raphael.kimmig@ampad.de>
Co-authored-by: Simon Charette <charette.s@gmail.com>
 2022-01-25 06:12:04 +01:00
Claude Paroz
7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00
Jacob Walls
2d8232fa71 Fixed #26760 -- Added --prune option to migrate command. 2022-01-21 17:10:31 +01:00
Fabian Büchler
eeff1787b0 Fixed #33449 -- Fixed makemigrations crash on models without Meta.order_with_respect_to but with _order field. 
Regression in aa4acc164d.
 2022-01-21 06:44:53 +01:00
Mariusz Felisiak
f605e85af9
Fixed #33453 -- Dropped support for GDAL 2.1. 2022-01-20 18:54:29 +01:00
Tilak
2c76c27a95 Improved wording in running Django’s test suite in contributing tutorial. 2022-01-20 10:02:47 +01:00
sean_c_hsu
0f6946495a Fixed #31685 -- Added support for updating conflicts to QuerySet.bulk_create(). 
Thanks Florian Apolloner, Chris Jerdonek, Hannes Ljungberg, Nick Pope,
and Mariusz Felisiak for reviews.
 2022-01-19 20:17:42 +01:00
Moritz Duchêne
ba9de2e74e Updated GEOS/GDAL links in docs and comments. 2022-01-19 19:06:12 +01:00
Adam Johnson
dc8bb35e39 Fixed #33446 -- Added CSS source map support to ManifestStaticFilesStorage. 2022-01-18 12:53:14 +01:00
Brad Solomon
b55ebe3241 Fixed #33443 -- Clarified when PasswordResetView sends an email. 2022-01-17 07:44:46 +01:00
Adam Johnson
652c68ffee
Clarified how contrib.auth picks a password hasher for verification. 2022-01-13 20:46:18 +01:00
Adam Johnson
45a42aabfa Fixed #29708 -- Deprecated PickleSerializer. 2022-01-13 13:50:20 +01:00
Adam Johnson
436862787c Refs #29708 -- Made SessionBase store expiry as string. 2022-01-13 13:05:42 +01:00
Adam Johnson
90cf963264 Changed django.utils.log.log_response() to take exception instance. 
There's little point retrieving a fresh reference to the exception in
the legacy tuple format, when it's all available via the exception
instance we already have.
 2022-01-12 20:23:42 +01:00
David Smith
75c1127eef
Alphabetized field attributes in form topic docs. 2022-01-12 08:07:21 +01:00
Scott Pashley
367d6920ec
Fixed typo in docs/ref/contrib/admin/index.txt. 2022-01-12 07:44:45 +01:00
Zeilentaucher
658dc7045a
Fixed #33432 -- Fixed typo in docs/howto/outputting-csv.txt. 2022-01-12 07:36:27 +01:00
Jacob Walls
dc9deea8e8 Fixed #11715 -- Changed default value of ModelAdmin.actions/inlines to empty tuples. 
This clarifies the intended pattern of overwriting the default value
rather than mutating it.
 2022-01-11 12:22:49 +01:00
mgaligniana
fa235004dd Fixed #13251 -- Made pre/post_delete signals dispatch the origin. 2022-01-11 08:06:18 +01:00
Victor Peralta
f1905db6c0
Fixed typo in docs/ref/contrib/admin/index.txt. 2022-01-11 06:19:43 +01:00
Jacob Walls
6f78cb6b13 Fixed #29026 -- Added --scriptable option to makemigrations. 2022-01-10 18:49:57 +01:00
Nick Pope
274771df91
Fixed #33428 -- Confirmed support for PostGIS 3.2. 2022-01-10 18:47:32 +01:00
Keryn Knight
f4b06a3cc1 Fixed #33426 -- Fixed ResolverMatch.__repr_() for class-based views. 
Regression in 7c08f26bf0.
 2022-01-10 17:30:41 +01:00
Mariusz Felisiak
178109c173 Corrected signatures of some functions in docs. 2022-01-10 13:30:24 +01:00
Mariusz Felisiak
b0ccf74549 Corrected directive for signals in django.contrib.auth docs. 2022-01-10 13:30:24 +01:00
Keryn Knight
2a66c102d9 Fixed #33425 -- Fixed view name for CBVs on technical 404 debug page. 
Regression in 0c0b87725b.
 2022-01-08 13:05:55 +01:00
David
4c60c3edff Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe. 
Regression in 456466d932.

Thanks Matt Westcott for the report.
 2022-01-07 15:35:31 +01:00
Ad Timmering
bdf3e156b4 Fixed #28628 -- Changed \d to [0-9] in regexes where appropriate. 2022-01-07 12:25:06 +01:00
Baptiste Mispelon
c67e1cf44f Refs #33348 -- Deprecated passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors(). 2022-01-06 17:29:32 +01:00
Petter Friberg
bc174e6ea0 Fixed #33410 -- Fixed recursive capturing of callbacks by TestCase.captureOnCommitCallbacks(). 
Regression in d89f976bdd.
 2022-01-06 06:38:17 +01:00
David
973fa56652 Removed unused comment directive in CBV topic docs. 2022-01-05 08:11:13 +01:00
David
cc8e771c64 Fixed malformed attribute directives in docs. 2022-01-05 08:11:13 +01:00
Carlton Gibson
63869ab1f1 Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security archive. 2022-01-04 11:30:11 +01:00
Carlton Gibson
f38c66b555 Added stub release notes for Django 4.0.2. 2022-01-04 11:10:53 +01:00
Carlton Gibson
155e06a50b Corrected merge error in release notes. 2022-01-04 10:50:23 +01:00
Florian Apolloner
6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem. 
Thanks to Dennis Brinkrolf for the report.
 2022-01-04 10:04:12 +01:00
Florian Apolloner
761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. 
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-01-04 10:03:56 +01:00
Florian Apolloner
968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator. 
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-01-04 10:02:05 +01:00
Luke Plant
ccafad2e42
Avoided suggestion of plain text database password in sessions topic. 2022-01-04 06:47:24 +01:00
Mariusz Felisiak
4400d8568a
Fixed #33391 -- Clarified Aggregate.empty_result_set_value docs. 2021-12-31 06:49:10 +01:00
mangelozzi
eb901681ab
Improved @display(empty_value) example in ModelAdmin.empty_value_display docs. 2021-12-30 11:39:04 +01:00
Jacob Walls
6174814dbe Fixed #27936 -- Rewrote spanning multi-valued relationships docs. 2021-12-30 08:38:04 +01:00
Mariusz Felisiak
1283458baa Added default values to Entry's fields in making queries docs. 
This makes it easier to create a data in examples.
 2021-12-30 08:38:04 +01:00
Sergey Fursov
feeb0685c6 Updated example of YAML serialization format in docs. 2021-12-28 12:44:41 +01:00
Mariusz Felisiak
ad6bb20557
Avoided counting attributes and methods in docs. 2021-12-28 12:36:57 +01:00
Carlton Gibson
b13d920b7b Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases. 2021-12-28 08:47:33 +01:00
Hannes Ljungberg
59a66f0512 Refs #33342 -- Deprecated ExclusionConstraint.opclasses. 2021-12-27 08:55:18 +01:00
Hannes Ljungberg
0e656c02fe Fixed #33342 -- Added support for using OpClass() in exclusion constraints. 2021-12-24 11:39:00 +01:00
Mariusz Felisiak
ca04659b4b
Refs #32355 -- Bumped required psycopg2 version to 2.8.4. 
psycopg2 2.8.4 is the first release to support Python 3.8.
 2021-12-22 20:32:55 +01:00
David Smith
78f062f63e Refs #31026 -- Updated TemplatesSetting docs to refer to forms. 2021-12-22 08:03:47 +01:00
Adam Johnson
fde425051c
Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs. 2021-12-22 07:59:24 +01:00
Brenton Partridge
19fb838803 Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64. 2021-12-21 13:00:09 +01:00
Adam Johnson
b0d16d0129 Changed signatures of setting_changed signal receivers. 2021-12-17 13:07:04 +01:00
Simon Charette
4328970780 Fixed #33366 -- Fixed case handling with swappable setting detection in migrations autodetector. 
The migration framework uniquely identifies models by case insensitive
labels composed of their app label and model names and so does the app
registry in most of its methods (e.g. AppConfig.get_model) but it
wasn't the case for get_swappable_settings_name() until this change.

This likely slipped under the radar for so long and only regressed in
b9df2b74b9 because prior to the changes
related to the usage of model states instead of rendered models in the
auto-detector the exact value settings value was never going through a
case folding hoop.

Thanks Andrew Chen Wang for the report and Keryn Knight for the
investigation.
 2021-12-17 07:46:58 +01:00
Mariusz Felisiak
40165eecc4
Fixed #33350 -- Reallowed using cache decorators with duck-typed HttpRequest. 
Regression in 3fd82a6241.

Thanks Terence Honles for the report.
 2021-12-16 20:13:17 +01:00
mgaligniana
068b2c072b Fixed #30127 -- Deprecated name argument of cached_property(). 2021-12-16 18:52:27 +01:00
Mariusz Felisiak
5de12a369a
Refs #33365, Refs #30530 -- Doc'd re_path() behavior change in Django 2.2.25, 3.1.14, and 3.2.10. 
Follow up to d4dcd5b9dd.
 2021-12-15 18:54:02 +01:00
mgaligniana
ac5cc6cf01 Fixed #33316 -- Added pagination to admin history view. 2021-12-15 10:54:08 +01:00
Jacob Walls
76ccce64cc Fixed #16063 -- Adjusted admin changelist searches spanning multi-valued relationships. 
This reduces the likelihood of admin searches issuing queries with
excessive joins.
 2021-12-15 08:14:19 +01:00
Jeremy Lainé
2f33217ea2 Fixed #33361 -- Fixed Redis cache backend crash on booleans. 2021-12-14 07:16:30 +01:00
Adam Johnson
41329b9852
Improved wording in password validators docs and docstrings. 2021-12-13 18:53:07 +01:00
mgaligniana
669dcefc04 Fixed #33338 -- Doc'd that never_cache() decorator set Expires header. 2021-12-13 15:34:19 +01:00
Beomsoo Kim
7e4a9a9f69
Corrected example in models.DecimalField docs. 2021-12-13 07:20:35 +01:00
Wayne Lambert
8a8c8797e8
Updated link to Microsoft SQL Server backend. 2021-12-13 07:17:05 +01:00
David Smith
eba9a9b7f7 Refs #32338 -- Added Boundfield.legend_tag(). 2021-12-09 07:16:33 +01:00
Ömer Faruk Abacı
f04b44bad4 Refs #33319 -- Added note about commutation of QuerySet's | operator. 2021-12-08 21:16:24 +01:00
Baptiste Mispelon
cb383753c0 Fixed #33346 -- Fixed SimpleTestCase.assertFormsetError() crash on a formset named "form". 
Thanks OutOfFocus4 for the report.

Regression in 456466d932.
 2021-12-08 20:33:03 +01:00
Shreya Bamne
8a4e506760 Fixed #19721 -- Allowed admin filters to customize the list separator. 2021-12-08 15:25:52 +01:00
Shreya Bamne
2b76f45749 Refs #19721 -- Corrected list formatting in admin filters docs. 2021-12-08 14:27:53 +01:00
Nick Pope
dfdf1c6864 Improved release notes wording for template-based form rendering. 2021-12-07 12:44:33 +01:00
Mariusz Felisiak
adef3d975e Added stub release notes for 4.0.1. 2021-12-07 10:41:32 +01:00
Mariusz Felisiak
d7bd9eb6cd Finalized release notes for Django 4.0. 2021-12-07 10:02:41 +01:00
Mariusz Felisiak
513441240f
Updated asgiref dependency for 4.0 release series. 2021-12-07 09:49:39 +01:00
Mariusz Felisiak
8747052411 Added CVE-2021-44420 to security archive. 2021-12-07 08:51:26 +01:00
Florian Apolloner
d4dcd5b9dd Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths. 
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
 2021-12-07 06:28:08 +01:00
Hannes Ljungberg
1eaf38fa87 Fixed #33335 -- Made model validation ignore functional unique constraints. 
Regression in 3aa545281e.

Thanks Hervé Le Roy for the report.
 2021-12-06 07:59:11 +01:00
Maxim Piskunov
d3f4c2b95d Fixed #33078 -- Added support for language regions in i18n_patterns(). 2021-12-03 12:57:06 +01:00
Mariusz Felisiak
2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL. 
This makes models.BinaryField pickleable on PostgreSQL.

Regression in 3cf80d3fcf.

Thanks Adam Zimmerman for the report.
 2021-12-03 11:56:22 +01:00
Shivam Durgbuns
d75c387f46 Fixed #33334 -- Alphabetized form and model fields in reference docs. 2021-12-02 08:33:26 +01:00
Przemysław Suliga
4ce59f602e Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting. 
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.

Thanks Florian Apolloner for reviews.
 2021-12-01 07:44:48 +01:00
Mariusz Felisiak
ae4077e13e Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25. 2021-11-30 11:25:00 +01:00
Chris Jerdonek
5d80843ebc Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret. 
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.

Thanks Florian Apolloner and Shai Berger for reviews.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2021-11-29 10:47:39 +01:00
Baptiste Mispelon
528691d1b6 Fixed #33301 -- Clarified the type of arguments required by custom assertions. 2021-11-26 12:03:00 +01:00
Mariusz Felisiak
75ee7057e9
Refs #33163 -- Corrected example of connection signal handlers in AppConfig.ready(). 2021-11-26 11:16:35 +01:00
Ryuji Tsutsui
b8c0b22f2f
Fixed typo in docs/releases/4.0.txt. 2021-11-24 17:38:35 +01:00
mgaligniana
7f8f69fb38 Fixed #33298 -- Added docs and tests for using Q objects with get_object_or_404()/get_list_or_404(). 2021-11-24 09:28:21 +01:00
Simon Charette
aec71aaa5b Fixed #33304 -- Allowed passing string expressions to Window(order_by). 2021-11-23 07:58:44 +01:00
Mariusz Felisiak
a17becf4c7
Corrected signatures of QuerySet's methods. 2021-11-23 07:04:04 +01:00
Mariusz Felisiak
8b020f2e64
Corrected isort example in coding style docs. 
Follow up to e74b3d724e.
 2021-11-22 12:34:32 +01:00
Baptiste Mispelon
e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter. 
Added versionchanged note in documentation
 2021-11-22 11:52:19 +01:00
Paolo Melchiorre
dd528cb2ce
Corrected "pip install" call in coding style docs. 2021-11-22 09:56:56 +01:00
jhisham
5e218cc0b7 Added Malay language. 2021-11-18 20:57:50 +01:00
Shreya Bamne
e53aea2e23 Refs #19721 -- Moved ModelAdmin.list_filter docs into a separate file. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2021-11-18 14:01:04 +01:00
Mariusz Felisiak
f0480ddd2d
Fixed crash building HTML docs since Sphinx 4.3. 
See dd2ff3e911.
 2021-11-17 12:31:25 +01:00
Roxane
2d124f6a1c Fixed #33163 -- Added example of connection signal handlers in AppConfig.ready() to docs. 2021-11-17 09:55:51 +01:00
Krzysztof Jagiello
8d9827c06c Fixed #33161 -- Enabled durability check for nested atomic blocks in TestCase. 
Co-Authored-By: Adam Johnson <me@adamj.eu>
 2021-11-12 13:05:56 +01:00
Mariusz Felisiak
adb4100e58
Refs #33247 -- Used XeLaTeX for PDF docs build. 2021-11-12 09:36:18 +01:00
Mariusz Felisiak
0b95a96ee1
Removed DatabaseIntrospection.get_key_columns(). 
Thanks Simon Charette for the report.
 2021-11-10 16:38:43 +01:00
Baptiste Mispelon
91acfc3514 Fixed #33264 -- Made test runner return non-zero error code for unexpected successes. 2021-11-08 20:19:21 +01:00
Keryn Knight
4f8c7fd9d9 Fixed #32980 -- Made models cache related managers. 2021-11-08 08:44:12 +01:00
Mariusz Felisiak
ba9ced3e9a
Fixed #33253 -- Reverted "Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage." 
This reverts commit 91e21836f6.

`export` and `import` directives have several syntax variants and not
all of them were properly covered.

Thanks Hervé Le Roy for the report.
 2021-11-05 12:11:18 +01:00
Carlton Gibson
2c01ebb4be Refs #33263 -- Expanded release notes for DeleteView adopting FormMixin. 2021-11-05 09:22:53 +01:00
Guilherme Martins Crocetti
fc565cb539 Fixed #27147 -- Allowed specifying bounds of tuple inputs for non-discrete range fields. 2021-11-04 19:08:57 +01:00
Mariusz Felisiak
60503cc747
Corrected multiply defined labels in docs. 2021-11-04 10:46:01 +01:00
Andrew Neitsch
95a4db3fbd Refs #33247 -- Fixed rendering of Unicode chars and emojis in PDF docs build. 2021-11-04 08:06:03 +01:00
Carlton Gibson
447b6c866f
Refs #33247 -- Corrected configuration for Read The Docs. 
This pins Sphinx version, because the default Sphinx version used by
RTD is not compatible with Python 3.8+.

This also, sets Python 3.8 for RTD builds which is compatible with all
current versions of Django.

Thanks to Mariusz Felisiak for the suggestion.
 2021-11-03 18:35:27 +01:00
Adam Johnson
9f3bd9dfc4
Corrected module reference in contributing tutorial. 2021-11-03 07:47:27 +01:00
Brad
c7152cb58e
Fixed typo in docs/topics/logging.txt. 2021-11-03 07:41:50 +01:00
Mariusz Felisiak
d811fa1d10 Added stub release notes for Django 3.2.10. 2021-11-01 10:41:06 +01:00
Mariusz Felisiak
7ec603ba25 Added release date for 3.2.9. 2021-11-01 10:18:49 +01:00
Vikash Singh
125f9afc2c Added Google Cloud Spanner to list of third-party DB backends. 2021-11-01 08:47:41 +01:00
Chinmoy
073b7b5915
Fixed #33228 -- Changed value of BaseDatabaseFeatures.has_case_insensitive_like to False. 2021-10-28 17:56:29 +02:00
Carlton Gibson
a754b82dac Refs #33182 -- Adjusted custom admin theming example to use correct template block. 2021-10-27 10:35:02 +02:00
Matteo Vitali
3f1f8b9376 Fixed #33182 -- Moved admin dark mode vars to separate stylesheet and template block. 2021-10-27 10:34:01 +02:00
Mariusz Felisiak
9231526af4
Fixed #33215 -- Confirmed support for GEOS 3.10. 2021-10-21 20:23:58 +02:00
Arkadiusz Adamski
1405dc7887 Fixed #33210 -- Clarified docs for sitemaps ping_google() helper. 2021-10-21 16:22:25 +02:00
David Smith
480191244d Fixed #25916 -- Added lastmod support to sitemap index view. 
Co-authored-by: Matthew Downey <matthew.downey@webit.com.au>
 2021-10-21 15:26:22 +02:00
Carlton Gibson
2ccc0b22db Fixed #33211 -- Updated tests for Selenium 4.0.0. 
Replaced deprecated `find_element[s]_by_*()` usages, in favour of
`find_element[s]()` with an explicit `By`.
 2021-10-21 14:37:16 +02:00
Shreya Bamne
004b4620f6 Fixed #32987 -- Added system check for template tag modules with the same name. 
Co-authored-by: Daniel Fairhead <daniel@dev.ngo>
 2021-10-20 11:15:47 +02:00
David Smith
7ef0bc922c Refs #32956 -- Capitalized HTTP/HTTPS in comments, docs, and docstrings. 2021-10-20 08:40:19 +02:00
Mariusz Felisiak
fd881e8cd9
Refs #33207 -- Clarified that AUTH_USER_MODEL expects an app label. 2021-10-19 13:05:13 +02:00
David Smith
69b0736fad Refs #32956 -- Changed docs to treat the acronym HTTP phonetically. 2021-10-18 21:00:28 +02:00
sreehari1997
e2f778d579 Fixed #33172 -- Added example of modifying upload handlers on the fly for CBVs. 2021-10-18 09:45:52 +02:00
Hannes Ljungberg
86971c4090 Fixed #33194 -- Fixed migrations when altering a field with functional indexes/unique constraints on SQLite. 
This adjusts Expressions.rename_table_references() to only update alias
when needed.

Regression in 83fcfc9ec8.

Co-authored-by: Simon Charette <charettes@users.noreply.github.com>
 2021-10-18 08:25:23 +02:00
Nick Frazier
0d4e575c96 Fixed #33198 -- Corrected BinaryField.max_length docs. 2021-10-18 07:27:00 +02:00
Mariusz Felisiak
569a33579c
Refs #32074 -- Removed usage of deprecated asyncore and smtpd modules. 
asyncore and smtpd modules were deprecated in Python 3.10.
 2021-10-15 09:58:35 +02:00
Mariusz Felisiak
94beb679a6
Used :source: role in docs/howto/custom-template-tags.txt. 2021-10-14 06:04:56 +02:00
Sih Sîng-hông薛丞宏
30d8932753 Doc'd a precise exception type in Paginator.page() docs. 2021-10-13 08:46:46 +02:00
Jacob Walls
32f1fe5f89 Fixed #29470 -- Logged makemigrations automatic decisions in non-interactive mode. 2021-10-12 15:19:39 +02:00
Mariusz Felisiak
e43a131887
Added 'formatter' to spelling wordlist. 2021-10-12 15:16:00 +02:00
Nick Frazier
bf4be3711a Improved docs regarding UTF-8 support with Apache and mod_wsgi. 2021-10-08 12:26:06 +02:00
David Smith
9be36f8044 Refs #31026 -- Improved BoundField.label_tag() docs. 2021-10-06 20:30:53 +02:00
Bernd Wechner
2116238d5f Fixed #33131 -- Improved error messages for clashing reverse accessor names. 2021-10-06 12:33:15 +02:00
Mariusz Felisiak
604df4e0ad
Refs #32074 -- Doc'd Python 3.10 compatibility in Django 3.2.x. 2021-10-05 13:30:41 +02:00
Carlton Gibson
a31edf43b6 Dropped easy_install example from Release How-To. 
easy_install was deprecated in 2019.
https://setuptools.pypa.io/en/latest/history.html#v42-0-0
 2021-10-05 10:48:37 +02:00
Carlton Gibson
c113f7fb0d Added stub release notes for Django 3.2.9. 2021-10-05 09:39:20 +02:00
Carlton Gibson
c5776bfca9 Added release date for 3.2.7. 2021-10-05 09:07:26 +02:00
Jacob Walls
cd6bddd44e Fixed #22224 -- Added note about supplying missing values for non-nullable fields with blank=True. 2021-10-05 06:09:54 +02:00
Hannes Ljungberg
d400b08a8b
Fixed #32888 -- Doc'd that select_for_update() only locks tables with selected columns. 2021-10-04 10:20:34 +02:00
Sarah Abderemane
1953dd02b6 Refs #27694 -- Doc'd lookups that can be chained with HStoreField key transforms. 2021-10-04 07:18:16 +02:00
Nick Pope
c2f6c05c4c Refs #32943 -- Added support for covering exclusion constraints using SP-GiST indexes on PostgreSQL 14+. 2021-10-01 13:11:37 +02:00
Nick Pope
e76f9d5b44 Refs #32943 -- Added support for covering SP-GiST indexes on PostgreSQL 14+. 2021-10-01 13:11:34 +02:00
Nick Pope
bd47b9bc81 Fixed #32961 -- Added BitXor() aggregate to django.contrib.postgres. 2021-10-01 10:32:39 +02:00
David Wobrock
ad36a198a1 Fixed #33141 -- Renamed Expression.empty_aggregate_value to empty_result_set_value. 2021-09-29 12:58:01 +02:00
Victor Sowa
9466fd7842
Recommended using .tables on SQLite in tutorial 2. 2021-09-29 12:42:59 +02:00
Mariusz Felisiak
93f3b7a0ba
Corrected field and model check messages in docs. 
Follow up to 72d04e0385.
 2021-09-28 10:57:16 +02:00
Claude Paroz
4ffada3609 Fixed #33136 -- Added GEOSGeometry.make_valid() method. 2021-09-27 09:58:28 +02:00
Claude Paroz
8036b53de6
Removed obsolete GEOS 3.5 requirement note. 
Follow up to ea87a85fad.
 2021-09-24 18:52:08 +02:00
Jero Bado
3f2170f720 Fixed typo in 4.0 release notes. 2021-09-22 15:17:01 +02:00
Mariusz Felisiak
221b2f85fe
Fixed #33129 -- Dropped support for MariaDB 10.2. 2021-09-22 11:57:54 +02:00
Joel Farthing
2f14432375 Fixed #33128 -- Corrected possessive 's usage in FormSet docs. 2021-09-22 11:26:24 +02:00
Carlton Gibson
b0ed619303
Fixed #33083 -- Fixed selecting all items in the admin changelist when actions are both top and bottom. 
Thanks Benjamin Locher for the report.

Regression in 30e59705fc.
 2021-09-21 19:58:00 +02:00
Mariusz Felisiak
1d16dbc745 Fixed broken links and redirects in docs. 2021-09-21 09:27:44 +02:00
Mariusz Felisiak
f8bab4e0dc Used :rfc: role in docs/topics/conditional-view-processing.txt. 2021-09-21 09:27:44 +02:00
Mariusz Felisiak
32b7ffc2bb Increased the default PBKDF2 iterations for Django 4.1. 2021-09-20 21:23:01 +02:00