mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-13 10:50:55 +00:00
Code Issues 32 Releases Wiki Activity
32,788 Commits 29 Branches 437 Tags
Commit Graph

5343 Commits

Author SHA1 Message Date
Jon Ribbens
d3da505999 [5.1.x] Fixed #35681 -- Corrected geoip2 docs when describing GeoIP2Exception. 
Backport of 826ef006681eae1e9b4bd0e4f18fa13713025cba from main.
 2024-09-07 00:04:59 -03:00
Natalia
3c733c78d6 [5.1.x] Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails. 
On successful submission of a password reset request, an email is sent
to the accounts known to the system. If sending this email fails (due to
email backend misconfiguration, service provider outage, network issues,
etc.), an attacker might exploit this by detecting which password reset
requests succeed and which ones generate a 500 error response.

Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam
Johnson, and Sarah Boyce for the reviews.
 2024-09-03 09:24:21 -03:00
Sarah Boyce
022ab0a75c [5.1.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
 2024-09-03 09:24:13 -03:00
Adam Johnson
fcb71a76cc [5.1.x] Removed outdated note about lack of subquery support in MySQL. 
Backport of 26a67943ac5c2f196621220b24f4314d84471d07 from main.
 2024-08-28 15:56:35 -03:00
Mariusz Felisiak
625aab3aea [5.1.x] Fixed typo in docs/ref/models/expressions.txt. 
Backport of fed11ba4617a5fa151bbabb91eb27ec01dd7c942 from main.
 2024-08-28 09:09:16 -03:00
David Smith
dbca05698a [5.1.x] Fixed typo of --no-startup in django-admin docs. 
Backport of 5ae99226669bc516ecb0ed17066ec11a898fddab from main.
 2024-08-13 11:21:06 +02:00
Jure Cuhalev
ecf13f192d [5.1.x] Doc'd that SessionMiddleware is required for the admin site. 
The system check "admin.E410" was already checking for this, but the
requirement was not listed in docs/ref/contrib/admin/index.txt.

Backport of f8ef4579ea710f93ec7edc93c6f3f216bd55d6be from main.
 2024-08-08 08:50:27 -03:00
Andrew Miller
73fcb14cd8 [5.1.x] Refs #35591 -- Emphasized that runserver is not suitable for production. 
Backport of cec62fb99e8ff63f30c7871a048ab15081142668 from main.
 2024-08-08 10:10:29 +02:00
Adam Johnson
291fa5fbbe [5.1.x] Refs #31405 -- Improved LoginRequiredMiddleware documentation. 
co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>

Backport of 49815f70e4508ae21135f725da177fc2935de32c from main.
 2024-08-08 10:07:12 +02:00
Mariusz Felisiak
20bd3f02be [5.1.x] Used :pypi: role in docs where appropriate. 
Backport of 304d25667433a59409e334a93acaaa9201840508 from main.
 2024-08-05 10:36:41 -03:00
Natalia
06fb6434b3 [5.1.x] Refs #35380 -- Updated screenshots in admin docs. 
Backport of 90adba85b29230acfe354bffd82bc0d3a4d63c9d from main.
 2024-08-05 09:14:24 -03:00
Lorenzo Peña
741f33eaf1 [5.1.x] Fixed #35627 -- Raised a LookupError rather than an unhandled ValueError in get_supported_language_variant(). 
LocaleMiddleware didn't handle the ValueError raised by
get_supported_language_variant() when language codes were
over 500 characters.

Regression in 9e9792228a6bb5d6402a5d645bc3be4cf364aefb.

Backport of 0e94f292cda632153f2b3d9a9037eb0141ae9c2e from main.
 2024-07-25 09:40:49 +02:00
Sarah Boyce
e42defb63b [5.1.x] Fixed #35604, Refs #35326 -- Made FileSystemStorage.exists() behaviour independent from allow_overwrite. 
Partially reverts 0b33a3abc2ca7d68a24f6d0772bc2b9fa603744e.

Storage.exists(name) was documented to "return False if
the name is available for a new file." but return True if
the file exists. This is ambiguous in the overwrite file
case. It will now always return whether the file exists.

Thank you to Natalia Bidart and Josh Schneier for the
review.

Backport of 8d6a20b656ff3fa18e36954668a44a831c2f6ddd from main.
 2024-07-24 14:58:57 +02:00
Matthew Somerville
07d0d2975c [5.1.x] Updated example links in urlize docs. 
goo.gl links are being removed in 2025:
https://developers.googleblog.com/en/google-url-shortener-links-will-no-longer-be-available/

Backport of fb7be022cb44d8faec52f17042fa58e4c9f02daf from main.
 2024-07-23 14:04:05 +02:00
nessita
39062e7946 [5.1.x] Refs #10941 -- Reorganized querystring template tag docs. 
Backport of cf03aa4e94625971852a09e869f7ee7c328b573f from main.
 2024-07-22 10:33:46 -03:00
Sarah Boyce
91a5b5a4bb [5.1.x] Refs #10941 -- Renamed query_string template tag to querystring. 
Backport of 27043bde5b795eb4a605aeca1d3bc4345d2ca478 from main.
 2024-07-15 13:29:54 -03:00
Maryam Yusuf
bdfcda8c26 [5.1.x] Fixed #35464 -- Updated docs to note fieldsets have limited impact on TabularInlines. 
Backport of b5f4d76bc400b9f2017da0a52ee4ff0d7c09be15 from main.
 2024-07-15 12:45:18 +02:00
Sarah Boyce
e99ccc4342 [5.1.x] Fixed CVE-2024-39614 -- Mitigated potential DoS in get_supported_language_variant(). 
Language codes are now parsed with a maximum length limit of 500 chars.

Thanks to MProgrammer for the report.
 2024-07-09 09:42:58 -03:00
Mariusz Felisiak
5cd070069d [5.1.x] Removed outdated note about limitations in Clickjacking protection. 
There is no need to list old browser versions or point users to
workarounds.
Backport of f302343380c77e1eb5dab3b64dd70895a95926ca from main.
 2024-07-04 18:10:47 -03:00
Carlton Gibson
3b5d04f879 [5.1.x] Removed unneeded hyphens in "counterintuitive". 
Follow-up to 65ad4ade74dc9208b9d686a451cd6045df0c9c3a which added
counterintuitive to the wordlist. Removes unneeded (antiquated)
hyphenated usages.

See e.g. https://www.merriam-webster.com/dictionary/counterintuitive

Backport of 704192e478885762411252979021771ba23b8adb from main.
 2024-07-04 08:32:34 +02:00
Andrew Miller
fb140420bd [5.1.x] Fixed #23790 -- Warned about renaming AppConfig.label in docs/ref/applications.txt. 
Backport of aa74c4083e047473ac385753e047e075e8f04890 from main.
 2024-07-01 21:53:02 -03:00
lufafajoshua
a6dd2880f5 [5.1.x] Fixed #35470 -- Separated i18n and l10n globalization settings docs. 
Backport of 8733e9af998f0009d62e4f0f3d5ee566e93a4893 from main.
 2024-07-01 16:33:28 -03:00
Sarah Boyce
9c7bff1ee4 [5.1.x] Optimized admin docs images. 
Backport of 72b7b59680fecb0bf7108fc00cc27b0476aae107 from main.
 2024-06-25 17:46:35 -03:00
nessita
3fb3b8a4fd [5.1.x] Refs #35380 -- Updated screenshots in admin docs. 
When listing users, ensure that user first and last name are diverse.

Backport of bcc327aa326093a39f01a9bc98198807444900f3 from main.
 2024-06-25 10:59:31 -03:00
lufafajoshua
3d55f2966d [5.1.x] Fixed #35306 -- Documented fallback localization formats in templates when localization is disabled. 
Backport of 3ac0e43207b4a1b9327ba12612005c285fbff7ee from main.
 2024-06-24 18:08:50 +02:00
John Higgins
874fea63b4 [5.1.x] Fixed #35441 -- Documented Context and RequestContext keyword arguments. 
Backport of 60acad933d66e116c89150d3eb9040f62ca871a1 from main.
 2024-06-20 09:37:34 +02:00
Simon Törnqvist
e65b7d5b06 [5.1.x] Fixed #35443 -- Changed ordinal to return negative numbers unchanged. 
Previously, `-1` was converted to `"-1th"`. This has been updated to
return negative numbers "as is", so that for example `-1` is
converted to `"-1"`. This is now explicit in the docs.

Co-authored-by: Martin Jonson <artin.onson@gmail.com>

Backport of d3a7ed5bcc45000a6c3dd55d85a4caaa83299f83 from main.
 2024-06-14 13:53:43 +02:00
Adam Zapletal
bf9a89f5d1 [5.1.x] Fixed #24076 -- Added warnings on usage of dates with DateTimeField and datetimes with DateField. 
Backport of 99273fd525129a973639044dfb12cfd732d8f1d6 from main.
 2024-06-14 13:49:30 +02:00
Mariusz Felisiak
f0d592ed34 [5.1.x] Made cosmetic edits to code snippets reformatted with blacken-docs. 
Backport of 0f694ce2ebce01356d48302c33c23902b4777537 from main.
 2024-05-30 09:43:21 -03:00
Hisham Mahmood
c7fc9f20b4 Fixed #31405 -- Added LoginRequiredMiddleware. 
Co-authored-by: Adam Johnson <me@adamj.eu>
Co-authored-by: Mehmet İnce <mehmet@mehmetince.net>
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-05-22 08:51:17 +02:00
Natalia
676060d683 Refs #35189 -- Updated ModelAdmin.fieldsets screenshot in admin docs. 2024-05-22 00:13:55 -03:00
Marijke Luttekes
e4a693f50a Fixed #35189 -- Improved admin collapsible fieldsets by using <details> elements. 
This work improves the accessibility of the add and change pages in the
admin site by adding <details> and <summary> elements to the collapsible
fieldsets. This has the nice side effect of no longer requiring custom
JavaScript helpers to implement the fieldsets' show/hide capabilities.

Thanks to James Scholes for the accessibility advice, and to Sarah Boyce
and Tom Carrick for reviews.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-05-22 00:13:55 -03:00
Berker Peksag
4971a9afe5 Fixed #18119 -- Added a DomainNameValidator validator. 
Thanks Claude Paroz for the review.

Co-authored-by: Nina Menezes <77671865+nmenezes0@users.noreply.github.com>
 2024-05-21 23:11:12 +02:00
Ben Cail
0b33a3abc2 Fixed #35326 -- Added allow_overwrite parameter to FileSystemStorage. 2024-05-21 07:28:12 +02:00
Adam Johnson
50852b2c2c Replaced fictional class 'extrapretty' in admin fieldsets docs. 2024-05-16 21:25:23 -03:00
Sarah Boyce
d4f6e6c088 Moved FileSystemStorage note in docs to the correct place. 2024-05-16 11:17:57 +02:00
Mariusz Felisiak
f030236a86 Fixed #35275 -- Fixed Meta.constraints validation crash on UniqueConstraint with OpClass(). 
This also introduces Expression.constraint_validation_compatible that
allows specifying that expression should be ignored during a constraint
validation.
 2024-05-14 10:34:30 +02:00
alexgmin
dba05042dd Added link to the csrf template tag in the csrf page. 2024-05-06 13:25:30 +02:00
sobolevn
9a27c76021 Fixed #35426 -- Updated querysets to be a required argument of GenericPrefetch. 2024-05-04 11:30:36 +02:00
Shamil
32d163e680 Fixed #35427 -- Corrected help text for makemessages --extension in docs/ref/django-admin.txt. 2024-05-03 22:48:17 -03:00
John Parton
914bf69171 Clarified when ImageField attributes are set. 2024-05-02 10:04:55 +02:00
Mariusz Felisiak
160c0ab13a Fixed rendering XOR section in docs. 2024-05-02 09:26:44 +02:00
Mariusz Felisiak
85c154da2f Fixed #35412 -- Dropped support for SQLite < 3.31. 2024-04-29 11:07:54 +02:00
Adam Zapletal
828b94b178
Fixed #20744 -- Removed hint that arbitrary kwargs are allowed when creating forms.Fields. 2024-04-26 11:23:38 -03:00
David Sanders
f0d50a9379
Doc'd that RemoveField also drops related database objects in PostgreSQL. 2024-04-16 13:11:06 -03:00
Mohammad Kazemi
47c608202a
Extended docs for Q() objects mentioning the ~ (NOT) operator. 
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-04-15 13:16:35 -03:00
Adam Johnson
8bbf73ca74
Fixed settings path in docs for installing SpatiaLite with Homebrew. 
Co-authored-by: Adam Zapletal <adamzap@gmail.com>
 2024-04-10 18:15:42 -03:00
Carlton Gibson
ca5cd3e3e8 Refs #35354 -- Clarified FORCE_SCRIPT_NAME docs. 2024-04-05 15:13:54 +02:00
Giannis Terzopoulos
d658a3162f Fixed #35233 -- Moved template engine system checks to backend methods. 
Thanks Adam Johnson for reviews.
 2024-03-27 08:14:54 +01:00
Adam Zapletal
fd2514d17d
Added RowNumber() link in Rank() docs. 2024-03-21 05:52:07 +01:00