1
0
mirror of https://github.com/django/django.git synced 2025-01-05 07:55:47 +00:00
Commit Graph

3554 Commits

Author SHA1 Message Date
Baptiste Mispelon
3baf92cf82 Fixed #31340 -- Allowed query expressions in SearchQuery.value and __search lookup. 2020-03-16 10:27:23 +01:00
jay20162016
924c01ba09 Fixed #31363 -- Added support for negative integers to intword template filter. 2020-03-16 08:44:43 +01:00
David Smith
ccf32aca44 Fixed #8760 -- Changed ModelMultipleChoiceField to use invalid_list as a error message key. 2020-03-12 09:36:01 +01:00
Claude Paroz
e663f695fb Fixed #31359 -- Deprecated get_random_string() calls without an explicit length. 2020-03-11 13:16:44 +01:00
Claude Paroz
e3e48b0012
Fixed #30439 -- Added support for different plural forms for a language.
Thanks to Michal Čihař for review.
2020-03-10 15:56:32 +01:00
Carlton Gibson
692870b611 Removed trailing whitespace in 3.1 release notes. 2020-03-10 12:01:32 +01:00
Carlton Gibson
a4200e958d Added stub release notes for 2.2.12. 2020-03-10 12:01:01 +01:00
Jon Dufresne
eb77e80de0 Fixed #31349 -- Used :nth-child() CSS pseudo-class to style alternative rows in admin. 2020-03-09 12:34:32 +01:00
Jon Dufresne
769cee5252 Fixed #31327 -- Deprecated providing_args argument for Signal. 2020-03-05 09:38:52 +01:00
Mariusz Felisiak
1b3a900a69 Added stub release notes for 3.0.5. 2020-03-04 10:56:07 +01:00
Mariusz Felisiak
43f8ba1c7c Fixed typo in docs/releases/1.11.29.txt. 2020-03-04 10:46:43 +01:00
Mariusz Felisiak
f37f9a0bf0 Added CVE-2020-9402 to security archive. 2020-03-04 09:59:07 +01:00
Mariusz Felisiak
6695d29b1c Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle.
Thanks to Norbert Szetei for the report.
2020-03-04 09:04:50 +01:00
Hannes Ljungberg
65ab4f9f03 Fixed #31147 -- Added SearchHeadline to django.contrib.postgres. 2020-03-03 15:39:52 +01:00
Mariusz Felisiak
7b8fa1653f Fixed #31150 -- Included subqueries that reference related fields in GROUP BY clauses.
Thanks Johannes Hoppe for the report.

Regression in fb3f034f1c.

Co-authored-by: Simon Charette <charette.s@gmail.com>
2020-03-03 11:25:37 +01:00
Claude Paroz
d4fff711d4 Fixed #31274 -- Used signing infrastructure in SessionBase.encode()/decode().
Thanks Mariusz Felisiak and Florian Apolloner for the reviews.
2020-03-02 12:16:48 +01:00
Carlton Gibson
8b30360322
Fixed #31032 -- Updated admin browser support FAQ for 2020.
Following web standards, the modern _evergreen_ browsers are all
supported. This applies equally to mobile platforms. Assuming current
trends continue, this should be a sustainable policy.

Microsoft deprecated all versions of Internet Explorer. IE 11, the last
version, is described as a "compatibility solution" rather than a web
browser. Whilst it will receive security updates for the lifetime of
Windows 10 it's use is actively discouraged.

The IE 11 downloads page makes it clear: "We recommend you use the new
Microsoft Edge".
2020-02-28 12:39:14 +01:00
Simon Charette
41ebe60728 Fixed #31312 -- Properly ordered temporal subtraction params on MySQL.
Regression in 9bcbcd599a.

Thanks rick2ricks for the report.
2020-02-27 08:50:55 +01:00
Adam Johnson
a6b3938afc
Fixed #31182 -- Adjusted release notes for ASGI support. 2020-02-20 15:05:47 +01:00
Claude Paroz
4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Mariusz Felisiak
2a038521c4
Fixed #31271 -- Preserved ordering when unifying query parameters on Oracle.
This caused misplacing parameters in logged SQL queries.

Regression in 79065b55a7.

Thanks Hans Aarne Liblik for the report.
2020-02-18 11:45:12 +01:00
Keshav Kumar
f37d548ede Fixed #20995 -- Added support for iterables of template names to {% include %} template tag.
Thanks Adam Johnson for the review.
2020-02-18 06:56:05 +01:00
Claude Paroz
da4923ea87 Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm. 2020-02-12 21:46:56 +01:00
Abhijeet Viswa
1712a76b9d Fixed #31246 -- Fixed locking models in QuerySet.select_for_update(of=()) for related fields and parent link fields with multi-table inheritance.
Partly regression in 0107e3d105.
2020-02-11 20:43:57 +01:00
Florian Apolloner
41a3b3d186 Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used.
Thanks to Oskar Persson for the report.
2020-02-11 20:39:12 +01:00
Jon Dufresne
e3f6e18513 Fixed #31253 -- Fixed data loss possibility when using caching from async code.
Case missed in a415ce70be.
2020-02-11 09:09:25 +01:00
Mariusz Felisiak
7e8339748c Added stub release notes for 2.2.11. 2020-02-10 08:18:58 +01:00
Mariusz Felisiak
932bd794b2 Added "Bugfixes" section to release notes for 3.0.4. 2020-02-10 08:14:58 +01:00
Simon Charette
430e796980 Refs #31055 -- Made DiscoverRunner skip running system checks on unused test databases. 2020-02-07 11:01:31 +01:00
Simon Charette
0b83c8cc4d Refs #31055 -- Added --database option to the check management command.
This avoids enabling the ``database`` checks unless they are explicitly
requested and allows to disable on a per-alias basis which is required
when only creating a subset of the test databases.

This also removes unnecessary BaseCommand._run_checks() hook.
2020-02-07 11:01:31 +01:00
Jon Dufresne
f48f671223 Refs #31233 -- Changed DatabaseWrapper._nodb_connection to _nodb_cursor().
It is now a method instead of a property and returns a context manager
that yields a cursor on entry and closes the cursor and connection upon
exit.
2020-02-06 15:29:38 +01:00
Adam Johnson
72b97a5b1e Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. 2020-02-05 14:39:01 +01:00
Adam Johnson
de1924e0e7
Improved grammar in 3.0 release notes for SECURE_CONTENT_TYPE_NOSNIFF change. 2020-02-05 12:46:14 +01:00
Adam Johnson
469bf2db15 Fixed #31210 -- Doc'd how to reproduce HttpRequest.is_ajax() in release notes. 2020-02-04 12:21:48 +01:00
Adam Johnson
85cb59cba9 Fixed typo in docs/releases/3.1.txt. 2020-02-04 12:21:45 +01:00
Claude Paroz
8ae84156d6 Fixed #27604 -- Used the cookie signer to sign message cookies.
Co-authored-by: Craig Anderson <craiga@craiga.id.au>
2020-02-04 08:05:02 +01:00
Carlton Gibson
273918c25b Added stub release notes for 3.0.4. 2020-02-03 10:23:54 +01:00
Carlton Gibson
d8b2ccbbb8 Added CVE-2020-7471 to security archive. 2020-02-03 10:11:34 +01:00
Carlton Gibson
1a2600d8df Added release date for 3.0.3. 2020-02-03 08:52:16 +01:00
Simon Charette
eb31d84532 Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter. 2020-02-03 08:49:13 +01:00
Hasan Ramezani
a97111eabf Fixed 31207 -- Prevented references to non-local remote fields in ForeignKey.to_field.
Thanks Simon Charette for the initial patch and review.
2020-01-31 10:19:12 +01:00
Mariusz Felisiak
0ac8ac8b0d
Refs #25778 -- Updated some links to HTTPS and new locations. 2020-01-29 09:34:37 +01:00
Nick Pope
c9bf1910e2 Refs #30997 -- Added link to Fetch API in release notes. 2020-01-28 08:37:41 +01:00
Claude Paroz
e348ab0d43 Fixed #30997 -- Deprecated HttpRequest.is_ajax(). 2020-01-27 08:54:32 +01:00
Claude Paroz
7fa0fa45c5 Refs #30997 -- Removed HttpRequest.is_ajax() usage. 2020-01-27 08:52:40 +01:00
Claude Paroz
d66d72f956 Refs #30997 -- Added HttpRequest.accepts(). 2020-01-24 14:24:59 +01:00
Hasan Ramezani
b94764e178 Fixed #27888 -- Added link to clear all filters in the admin changelist view. 2020-01-23 14:14:54 +01:00
Eugene Hatsko
0b013564ef Fixed #31190 -- Fixed prefetch_related() crash for GenericForeignKey with custom ContentType foreign key.
Regression in dffa3e1992.
2020-01-22 07:54:16 +01:00
Pavel Lysak
13e4abf83e Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. 2020-01-16 15:25:49 +01:00
Flavio Curella
d08d4f464a Fixed #30765 -- Made cache_page decorator take precedence over max-age Cache-Control directive. 2020-01-16 13:39:16 +01:00