1
0
mirror of https://github.com/django/django.git synced 2025-02-18 21:34:31 +00:00

4483 Commits

Author SHA1 Message Date
sarahboyce
d2b688b966 Fixed -- Handled multi-valued query parameters in admin changelist filters. 2023-03-16 08:38:44 +01:00
Mariusz Felisiak
18473004af
Fixed -- Updated admin's jQuery to 3.6.4. 2023-03-09 08:55:08 +01:00
nabil-rady
32d4b61c31 Fixed -- Added integer fields validation as 64-bit on SQLite. 2023-03-08 11:52:57 +01:00
David Wobrock
2396933ca9 Fixed -- Fixed session validation when rotation secret keys.
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7.

Thanks Eric Zarowny for the report.
2023-03-08 10:48:04 +01:00
Jon Janzen
e846c5e724 Fixed -- Made AuthenticationMiddleware add request.auser(). 2023-03-07 13:11:22 +01:00
Jon Janzen
e83a88566a Fixed -- Adapted signals to allow async handlers.
co-authored-by: kozzztik <kozzztik@mail.ru>
co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2023-03-07 08:39:25 +01:00
Mariusz Felisiak
9a07999aef Added stub release notes for 4.1.8. 2023-03-06 17:31:26 +01:00
Ivan Sagalaev
a4205076a5
Fixed typo in docs/releases/5.0.txt. 2023-03-05 14:01:19 +01:00
sarahboyce
868e2fcdda Fixed -- Added toggleable facet filters to ModelAdmin.
Thanks Carlton Gibson, Simon Willison, David Smith, and Mariusz
Felisiak for reviews.
2023-03-03 20:24:57 +01:00
django-bot
14459f80ee Fixed -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:03:56 +01:00
Joseph Victor Zammit
ba755ca131 Refs -- Corrected rst code-block and various formatting issues in docs. 2023-02-28 12:21:37 +01:00
Xavier Fernandez
5b3d3e400a Fixed -- Allowed customizing code of ValidationError in BaseConstraint and subclasses. 2023-02-23 10:58:20 +01:00
Xavier Fernandez
ad18a0102c Fixed -- Deprecated passing positional arguments to BaseConstraint. 2023-02-22 09:37:58 +01:00
Tim Graham
31cd2852cb
Moved DatabaseIntrospection.get_table_description() internal_size release note to "Database backend API" section. 2023-02-22 05:17:02 +01:00
Durval Carvalho
85366fbca7 Fixed -- Improved accessibility of selecting items in admin changelist.
This adds "aria-label".
2023-02-16 08:29:40 +01:00
tschilling
c5808470aa Fixed -- Allowed specifying different field values for create operation in QuerySet.update_or_create(). 2023-02-14 11:50:35 +01:00
Carlton Gibson
ecafcaf634 Added CVE-2023-24580 to security archive. 2023-02-14 09:52:30 +01:00
Markus Holtermann
85ac33591c Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.
Thanks to Jakob Ackermann for the report.
2023-02-14 08:18:40 +01:00
Sota Tabu
3e9d413231 Fixed -- Added release note for 4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. 2023-02-13 11:59:11 +01:00
Carlton Gibson
534ac48297 Refs -- Applied rst code-block to non-Python examples.
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
2023-02-10 19:19:13 +01:00
Jacob Rief
473283d241
Fixed –- Allowed customizing admin site log entry list.
Added AdminSite.get_log_entries() as an override point and made this
available to the template via each_context().
2023-02-08 18:37:32 +01:00
Mariusz Felisiak
2fd755b361
Fixed -- Fixed Model.validate_constraints() crash on ValidationError with no code.
Thanks Mateusz Kurowski for the report.

Regression in 667105877e6723c6985399803a364848891513cc.
2023-02-08 16:38:55 +01:00
Bakdolot
5f3c7b7e1d
Fixed -- Renamed "instance" argument of BaseModelFormSet.save_existing() method. 2023-02-07 14:18:58 +01:00
Carlton Gibson
fb77be9ae1 Fixed typo in release notes. 2023-02-07 10:11:01 +01:00
Carlton Gibson
7e003428f9 Added stub release notes for 4.0.10 and 3.2.18.
Set date for 4.1.7 release.
2023-02-07 10:08:21 +01:00
Mariusz Felisiak
5e9aded33f
Increased the default PBKDF2 iterations for Django 5.0.
Follow up to 9a1848f48c1f7f627a52b2063a8a8428e77765d6.
2023-02-04 13:37:44 +01:00
Mariusz Felisiak
f3c89744cc Added stub release notes for 4.1.7. 2023-02-01 13:18:34 +01:00
Mariusz Felisiak
36e3eef7d5 Added CVE-2023-23969 to security archive. 2023-02-01 12:09:03 +01:00
Nick Pope
8c660fb592 Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
2023-02-01 09:44:04 +01:00
Mariusz Felisiak
2b1242abb3
Fixed -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions.
Thanks Dan F for the report.

Bug in 667105877e6723c6985399803a364848891513cc.
2023-01-26 09:31:40 +01:00
Mariusz Felisiak
882f99031e
Moved release note about the default PBKDF2 iterations into django.contrib.auth section.
Thanks Tim Graham for the report.
2023-01-25 22:25:29 +01:00
Carlton Gibson
d8e1442ce2 Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 12:26:00 +01:00
Carlton Gibson
1df963ad24 Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 11:57:04 +01:00
Niccolò Mineo
79c298c9ce Fixed -- Added ClosestPoint GIS database functions. 2023-01-20 08:13:43 +01:00
Mariusz Felisiak
b209518089
Refs -- Deprecated transitional form renderers. 2023-01-18 11:08:39 +01:00
Mariusz Felisiak
3bbe22dafc
Fixed -- Dropped support for Python 3.8 and 3.9. 2023-01-18 09:46:01 +01:00
John Whitlock
d547171183
Fixed typo in docs/releases/4.2.txt. 2023-01-17 19:27:51 +01:00
Mariusz Felisiak
2785e121c7
Doc'd that 4.2 is LTS. 2023-01-17 19:24:31 +01:00
Mariusz Felisiak
a209f66259
Removed remaining empty sections from 4.2 release notes.
Follow up to 772cd2b15b158679b9dc15fb599aa935ec7c25b1.
2023-01-17 14:05:32 +01:00
Sébastien Corbin
e2964fed17
Fixed -- Moved release note about session cookies into error reporting section. 2023-01-17 13:08:42 +01:00
Mariusz Felisiak
4fc711a108 Increased the default PBKDF2 iterations for Django 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
94ad46e9d8 Refs -- Made Expression.asc()/desc() and OrderBy raise ValueError when nulls_first/nulls_last=False is passed.
Per deprecation timeline.
2023-01-17 11:49:15 +01:00
Mariusz Felisiak
98756c685e Refs -- Changed default form and formset rendering style to div-based.
Per deprecation timeline.

This also removes "django/forms/default.html" and
"django/forms/formsets/default.html" templates.
2023-01-17 11:49:15 +01:00
Mariusz Felisiak
b5ac6e78f8 Refs -- Removed django.contrib.auth.hashers.CryptPasswordHasher per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ce7b4f39e3 Refs -- Removed django.contrib.gis.admin.OpenLayersWidget per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
71d1203b07 Refs -- Removed support for passing response object and form/formset name to SimpleTestCase.assertFormError()/assertFormSetError().
Per deprecation timeline.
2023-01-17 11:49:15 +01:00
Mariusz Felisiak
d6816bff73 Refs -- Removed django.utils.timezone.utc per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
9a01311d20 Refs -- Removed support for logging out via GET requests.
Per deprecation timeline.
2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ba082e0952 Refs -- Made created=True required in signature of RemoteUserBackend.configure_user() subclasses.
Per deprecation timeline.
2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4d78d7338c Refs -- Removed ability to pass unsaved model instances to related filters.
Per deprecation timeline.
2023-01-17 11:49:15 +01:00