1
0
mirror of https://github.com/django/django.git synced 2024-12-22 17:16:24 +00:00
Commit Graph

30256 Commits

Author SHA1 Message Date
Florian Apolloner
d4dcd5b9dd Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
2021-12-07 06:28:08 +01:00
Mariusz Felisiak
628b6a6869 Updated translations from Transifex.
This also fixes related i18n tests.

Forwardport of 4c5215ab03 from stable/4.0.x

Co-authored-by: Claude Paroz <claude@2xlibre.net>
2021-12-06 20:31:03 +01:00
Hannes Ljungberg
1eaf38fa87 Fixed #33335 -- Made model validation ignore functional unique constraints.
Regression in 3aa545281e.

Thanks Hervé Le Roy for the report.
2021-12-06 07:59:11 +01:00
Mariusz Felisiak
d3a64bea51
Refs #33333 -- Fixed PickleabilityTestCase.test_annotation_with_callable_default() crash on Oracle.
Grouping by LOBs is not allowed on Oracle. This moves a binary field to
a separate model.
2021-12-04 15:55:03 +01:00
Maxim Piskunov
d3f4c2b95d Fixed #33078 -- Added support for language regions in i18n_patterns(). 2021-12-03 12:57:06 +01:00
Mariusz Felisiak
4f7bbc6138 Refs #33078 -- Added extra assertions to MiscTests.test_get_language_from_path_real(). 2021-12-03 12:03:30 +01:00
Mariusz Felisiak
2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL.
This makes models.BinaryField pickleable on PostgreSQL.

Regression in 3cf80d3fcf.

Thanks Adam Zimmerman for the report.
2021-12-03 11:56:22 +01:00
Georgi Yanchev
9c1fe446b6 Fixed #33339 -- Made QuerySet.bulk_create() use TO_NCLOB() for TextFields on Oracle. 2021-12-03 07:39:20 +01:00
Nick Pope
97e9a84d27 Removed unused country argument from GeoIP2._check_query().
Unused since its introduction in 79e68c225b.
2021-12-02 11:30:42 +01:00
Nick Pope
7d5058d870 Removed redundant GeoIP2._check_query() calls. 2021-12-02 11:30:42 +01:00
Nick Pope
adcb3a7a27 Removed unused GeoIP2._cache attribute.
Unused since its introduction in 79e68c225b.
2021-12-02 11:30:32 +01:00
Nick Pope
31bef51d8e Moved unnecessary inner import in GeoIP2.geos(). 2021-12-02 11:27:33 +01:00
Mariusz Felisiak
5def7f3f74 Updated various links to HTTPS and new locations.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-02 11:27:29 +01:00
Shivam Durgbuns
d75c387f46 Fixed #33334 -- Alphabetized form and model fields in reference docs. 2021-12-02 08:33:26 +01:00
Simon Charette
e5a92d400a Fixed #33282 -- Fixed a crash when OR'ing subquery and aggregation lookups.
As a QuerySet resolves to Query the outer column references grouping logic
should be defined on the latter and proxied from Subquery for the cases where
get_group_by_cols is called on unresolved expressions.

Thanks Antonio Terceiro for the report and initial patch.
2021-12-02 07:23:33 +01:00
Simon Charette
e3bde71676 Refs #32690 -- Altered lookups Query rhs alterations during initialization.
Having it happen at the lookup creation time ensures entry points
called before the compilation phase (e.g. get_group_by_cols) don't have
to duplicate the logic in charge of altering Query instances used as
rhs.

It also has the nice effect of reducing the amount of time the
alteration logic to once as opposed to multiple times if the queryset
is compiled more than once.
2021-12-02 07:00:52 +01:00
Przemysław Suliga
4ce59f602e Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.

Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
Claude Paroz
64c3f049ea Fixed #33047 -- Fixed CheckConstraint crash with GIS lookups on PostGIS and MySQL GIS backends.
Thanks Daniel Swain for the report and Arsalan Ghassemi for the initial
patch.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-30 20:06:29 +01:00
Mariusz Felisiak
ae4077e13e Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25. 2021-11-30 11:25:00 +01:00
Claude Paroz
322a1a037d
Refs #25706 - Removed inline JavaScript from OpenLayers template.
This allows setting a Content-Security-Policy HTTP header.
2021-11-30 06:35:15 +01:00
Chris Jerdonek
3ff7f6cf07 Refs #32800 -- Renamed _sanitize_token() to _check_token_format(). 2021-11-29 10:48:31 +01:00
Chris Jerdonek
5d80843ebc Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.

Thanks Florian Apolloner and Shai Berger for reviews.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
Shubh1815
05e29da421 Fixed #32545 -- Improved admin widget for raw_id_fields for UUIDFields.
Co-Authored-By: Jerome Leclanche <jerome@leclan.ch>
2021-11-29 07:16:26 +01:00
Hannes Ljungberg
ed2018037d Fixed #33322 -- Fixed loss of assigned related object when saving relation with bulk_update(). 2021-11-29 06:27:22 +01:00
Baptiste Mispelon
9ac92b1efc Refs #33301 -- Made SimpleTestCase.assertFormError()/assertFormsetErrors() raise ValueError for non test client responses. 2021-11-26 13:10:43 +01:00
Baptiste Mispelon
68144f4049 Added tests for SimpleTestCase.assertFormError()/assertFormsetErrors(). 2021-11-26 12:36:25 +01:00
Baptiste Mispelon
528691d1b6 Fixed #33301 -- Clarified the type of arguments required by custom assertions. 2021-11-26 12:03:00 +01:00
Mariusz Felisiak
75ee7057e9
Refs #33163 -- Corrected example of connection signal handlers in AppConfig.ready(). 2021-11-26 11:16:35 +01:00
Hasan Ramezani
24b316536a Fixed #33303 -- Changed messages' level tags on MESSAGE_TAGS setting change. 2021-11-26 07:09:31 +01:00
Ad Timmering
9a6e2df3a8 Fixed #32397 -- Made startapp/startproject management commands set User-Agent.
This sets User-Agent to 'Django/<version>'.
2021-11-25 20:36:04 +01:00
Mariusz Felisiak
e361621dbc
Removed unneeded can_use_chunked_reads feature flag on SQLite.
Unneeded since c0e3c65b9d.
2021-11-25 20:08:46 +01:00
Shubh1815
51c24d8799 Fixed #33024 -- Fixed height of admin selector boxes in collapsed fieldset.
Thanks Tom Carrick for the review.
2021-11-25 07:57:19 +01:00
Ryuji Tsutsui
b8c0b22f2f
Fixed typo in docs/releases/4.0.txt. 2021-11-24 17:38:35 +01:00
Ad Timmering
59f4796918 Fixed #4282 -- Made startapp/startproject management commands honor umask.
Co-authored-by: Christian Schmitt <c.schmitt@briefdomain.de>
2021-11-24 13:10:45 +01:00
Mariusz Felisiak
1555e5850d
Removed unneeded supports_combined_alters feature flag on Oracle.
supports_combined_alters is False by default.
2021-11-24 10:23:43 +01:00
mgaligniana
7f8f69fb38 Fixed #33298 -- Added docs and tests for using Q objects with get_object_or_404()/get_list_or_404(). 2021-11-24 09:28:21 +01:00
Tim Graham
ddf321479b
Removed unneeded @skipUnlessDBFeature('supports_combined_alters').
The test acts a regression test for 715ccfde24
if the feature is True, but it works on other backends too.
2021-11-24 09:13:28 +01:00
Tim Graham
9772eaa6c0
Fixed typo in delete test docstring. 2021-11-24 09:04:54 +01:00
Álvaro Pelegrina Fernández
98352ddf3a
Fixed #33310 -- Removed unused rule from admin CSS.
Unused since 30e59705fc.
2021-11-23 21:14:36 +01:00
arsalan.ghassemi
bdcda1ca9b Fixed #33309 -- Fixed QuerySet.distinct() crash on mixed case annotation. 2021-11-23 20:43:20 +01:00
Simon Charette
aec71aaa5b Fixed #33304 -- Allowed passing string expressions to Window(order_by). 2021-11-23 07:58:44 +01:00
Simon Charette
e06dc4571e Refs #33304 -- Enclosed aggregate ordering logic in an expression.
This greatly simplifies the implementation of contrib.postgres'
OrderableAggMixin and allows for reuse in Window expressions.
2021-11-23 07:28:27 +01:00
Mariusz Felisiak
a17becf4c7
Corrected signatures of QuerySet's methods. 2021-11-23 07:04:04 +01:00
Mariusz Felisiak
8b020f2e64
Corrected isort example in coding style docs.
Follow up to e74b3d724e.
2021-11-22 12:34:32 +01:00
Baptiste Mispelon
e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter.
Added versionchanged note in documentation
2021-11-22 11:52:19 +01:00
Paolo Melchiorre
dd528cb2ce
Corrected "pip install" call in coding style docs. 2021-11-22 09:56:56 +01:00
Baptiste Mispelon
a0ed3cfad1 Fixed #33305 -- Fixed autodetector crash for ForeignKey with hardcoded "to" attribute.
Co-authored-by: Simon Charette <charette.s@gmail.com>
2021-11-22 06:46:25 +01:00
SwastikTripathi
a7e7043c87 Fixed #33229 -- Fixed BaseDatabaseOperations.adapt_datetimefield_value()/adapt_timefield_value() crash with expressions. 2021-11-19 09:47:57 +01:00
Jonny Park
6fa2930573 Refs #24121 -- Added __repr__() to BaseDatabaseWrapper, JoinPromoter, and SQLCompiler. 2021-11-19 07:57:02 +01:00
jhisham
5e218cc0b7 Added Malay language. 2021-11-18 20:57:50 +01:00