1
0
mirror of https://github.com/django/django.git synced 2024-11-18 15:34:16 +00:00
Commit Graph

17629 Commits

Author SHA1 Message Date
Erik Romijn
c07f3e60c2 Added information on resolved security issues to release notes. 2014-04-21 18:11:26 -04:00
Erik Romijn
75c0d4ea3a Fixed queries that may return unexpected results on MySQL due to typecasting.
This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Aymeric Augustin
c083e3815a Prevented leaking the CSRF token through caching.
This is a security fix. Disclosure will follow shortly.
2014-04-21 18:11:26 -04:00
Tim Graham
8b93b31487 Fixed a remote code execution vulnerabilty in URL reversing.
Thanks Benjamin Bach for the report and initial patch.

This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Claude Paroz
ab90c4707b Fixed table cleanup in GIS migration tests 2014-04-21 23:08:00 +02:00
Claude Paroz
1667e736a7 Fixed PostGIS remove_field implementation
Fixed bad code introduced in 2f9d1576e8.
2014-04-21 22:42:11 +02:00
Claude Paroz
2f9d1576e8 Fixed removal of GIS column in PostGIS 1.x migration
Refs #22481.
2014-04-21 21:17:14 +02:00
Claude Paroz
fb09a489ca Fixed adding new GIS column in PostGIS 1.x migration
Refs #22451.
2014-04-21 20:58:09 +02:00
Matt Lauber
b2514c02e1 Corrected the section identifier for MySQL unicode reference. 2014-04-21 13:19:46 -04:00
Aymeric Augustin
c54e7ec9ca Merge pull request #2592 from prestontimmons/remove-test-runner-cases
Removed old test runner test cases.
2014-04-21 18:06:19 +02:00
Florian Apolloner
405b13fe83 Fixed migrate when called inside a transaction.
This is useful for tests manually calling migrate inside a testcase,
for normal usage this should make no difference, since there is no
surrounding transaction after all. If there is one we still try to
leave the transaction in a useable state (for postgres at least).

If this commit turns out to be causing issues, settings savepoint=False
is probably the right fix :)
2014-04-21 15:37:12 +02:00
Florian Apolloner
a4553e0510 Fixed monkeypatching in a staticfiles test. 2014-04-21 14:51:52 +02:00
Aymeric Augustin
428c0bbe1b Appeased flake8 2.1.0. 2014-04-21 12:27:34 +02:00
Aymeric Augustin
df3b1a01c7 Consolidated expressions tests. 2014-04-21 12:15:04 +02:00
Aymeric Augustin
25b2ce896b Consolidated get_or_create tests. 2014-04-21 12:12:09 +02:00
Aymeric Augustin
3f01e82c59 Further consolidated the model_inheritance tests. 2014-04-21 11:50:53 +02:00
Aymeric Augustin
3f76339355 Fixed #22402 -- Consolidated model_inheritance tests.
The model_inheritance_same_model_name tests couldn't be run without the
model_inheritance tests. Make the problem go away by merging them.

Thanks timo for the report.
2014-04-21 11:43:08 +02:00
Preston Timmons
251e833c75 Removed old test runner test cases.
These files were added as part of #12658, which pertained to the old django.test.simple test runner. No tests call them anymore.
2014-04-20 22:00:39 -05:00
Tim Graham
471fb04a30 Fixed flake8 errors. 2014-04-20 13:08:04 -04:00
Aymeric Augustin
bbe818b23c Changed paths in docs that referred to Python 2. 2014-04-20 08:34:01 +02:00
Tim Graham
1b3a3fc1e4 Fixed #22417 -- Added additional documentation for refs #16969.
Thanks Jon Foster for the report.
2014-04-19 21:39:08 -04:00
Andrew Gorcester
956bd64424 Fixed #22397 -- Issues removing M2M field with explicit through model
Changed the migration autodetector to remove models last so that FK
and M2M fields will not be left as dangling references. Added a check
in the migration state renderer to error out in the presence of
dangling references instead of leaving them as strings. Fixed a bug
in the sqlite backend to handle the deletion of M2M fields with
"through" models properly (i.e., do nothing successfully).

Thanks to melinath for report, loic for tests and andrewgodwin and
charettes for assistance with architecture.
2014-04-18 16:44:47 -04:00
Tim Graham
26d118c3fe Moved RemoteUserBackend documentation to reference guide. 2014-04-18 16:06:26 -04:00
Moayad Mardini
11ac50b18e Fixed #22458 -- Added a note about MySQL utf8_unicode_ci collation
Thanks tobami at gmail.com for the report.
2014-04-18 15:10:21 -04:00
Tim Graham
b43bbd6d39 Fixed #22473 -- Emphasized that Model.clean() is not called from Model.save(). 2014-04-18 15:00:26 -04:00
Claude Paroz
275811a93c Adapted fixture read mode to file type
Binary mode added in ed532a6a1e is not supported by ZipFile.
Refs #22399.
2014-04-18 18:54:46 +02:00
Tim Graham
6b2ce38c49 Fixed #22472 -- Clarified meaning of dots in tutorial 4 code block. 2014-04-18 12:10:46 -04:00
Claude Paroz
ed532a6a1e Fixed #22399 -- Forced fixture reading in binary mode
This might help on systems where default encoding is not UTF-8 (and
on Python 3).
Thanks bacilla for the report.
2014-04-18 17:55:35 +02:00
Tim Graham
c2b269df6e Added some missing items to the 1.6.3 release notes. 2014-04-18 10:32:14 -04:00
Erik Romijn
54d5c37de6 Fixed #22471 -- Corrected misprint in i18n docs
Thanks to aruseni for the report.
2014-04-18 15:05:18 +02:00
Tim Graham
dc7bc42cce Added missing versionadded annotation and tweaked release note; refs #22465. 2014-04-18 07:18:15 -04:00
amatellanes
8394e570ba Fixed #22465 -- New assertion assertJSONNotEqual 2014-04-18 15:11:08 +07:00
Simon Charette
9bc377d7d0 Fixed a test failure introduced by 214d1e1b0f. 2014-04-18 02:30:40 -04:00
Alex Gaynor
f293063c20 Merge pull request #2586 from mmardini/patch-2
Fixed #22464 - included contrib/gis/static in tarball
2014-04-17 23:04:52 -07:00
Moayad Mardini
bad4721b45 Fixed #22464 - included contrib/gis/static in tarball
After switching to setuptools in commit 66f546b,
contrib/gis/static isn't included in tarball anymore, this commit adds
that path to be `recursive-include` in `MANIFEST.in`
2014-04-18 08:00:41 +02:00
Simon Charette
0d397e5a5b Revert "Fixed #22397 -- Issues removing M2M field with explicit through model."
This reverts commit 00e3b9a2a9.

It's causing a regression when tested with the proxy_model_inheritance tests.
2014-04-18 01:27:30 -04:00
Moayad Mardini
214d1e1b0f Fixed #22454 - Changed compatibility warning hint
The warning hint of `_check_test_runner` of 1.6 compatibility had a link
to a general release note. The link should be edited to refer the
relevant "Backwards incompatible changes in 1.6" section that documents
the cause and the possible solutions and workarounds of the warning.
2014-04-17 20:41:25 -04:00
Tim Graham
a4acb80463 Fixed #22444 -- Marked initial SQL/fixture loading as deprecated.
Thanks Karen Tracey for the report.
2014-04-17 20:36:52 -04:00
Tim Graham
11e30b684d Fixed a KeyError on login with legacy sessions; refs #21649.
Thanks Loic for the report.
2014-04-17 19:57:20 -04:00
Donald Stufft
ecff136f69 Merge pull request #2582 from alex/stdlib-pbkdf2hmac
Use the stdlib's PBKDF2 implementation when available.
2014-04-17 16:01:17 -04:00
Donald Stufft
438e6fe63d Merge pull request #2583 from alex/extras-bcrypt
Include an 'extra_requires' for bcrypt
2014-04-17 15:59:37 -04:00
Claude Paroz
3cea917e3e Confirmed support for PostGIS 2.1 and GDAL 1.10
Refs #22456.
2014-04-17 21:23:14 +02:00
Claude Paroz
c082f3c74c Fixed #22456 -- Replaced 900913 EPSG code by 3857 in some tests
3857 is now the official EPSG code for the Google spherical mercator
projection and some recent versions of GDAL do not recognize 900913
any longer.
Thanks Tim Graham for the report and initial patch.
2014-04-17 21:18:07 +02:00
Alex Gaynor
0e27882b3a Stray paren 2014-04-17 11:29:07 -07:00
Alex Gaynor
464b98b1fe Include an 'extra_requires' for bcrypt 2014-04-17 11:28:09 -07:00
Alex Gaynor
7283c21173 For another day 2014-04-17 11:07:19 -07:00
Alex Gaynor
21a1fddcc4 Typo fix 2014-04-17 11:04:57 -07:00
Alex Gaynor
cb68eb3e6d Use the stdlib's PBKDF2 implementation when available.
This is a bit faster than ours, which is good, because it lets you increase
the iteration counts.

This will be used on Python 3.4+, and, pending the acceptance of PEP466, on
newer Python 2.7s.
2014-04-17 11:02:42 -07:00
Andrew Gorcester
00e3b9a2a9 Fixed #22397 -- Issues removing M2M field with explicit through model.
Changed the migration autodetector to remove models last so that FK
and M2M fields will not be left as dangling references. Added a check
in the migration state renderer to error out in the presence of
dangling references instead of leaving them as strings. Fixed a bug
in the sqlite backend to handle the deletion of M2M fields with
"through" models properly (i.e., do nothing successfully).

Thanks to melinath for report, loic for tests and andrewgodwin and
charettes for assistance with architecture.
2014-04-17 12:54:35 -04:00
Tim Graham
47927eb786 Revert "Fixed #22401 -- Deprecated regular expression parsing of initial SQL in favor of installing sqlparse."
This reverts commit 071c933775.

This introduced a regression on MySQL and custom SQL is deprecated.
2014-04-16 21:03:22 -04:00