mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-11 02:46:13 +00:00
Code Issues 32 Releases Wiki Activity
27,982 Commits 28 Branches 426 Tags 654 MiB
df4d622cac
Commit Graph

3546 Commits

Author SHA1 Message Date
Jon Dufresne
769cee5252 Fixed #31327 -- Deprecated providing_args argument for Signal. 2020-03-05 09:38:52 +01:00
Mariusz Felisiak
1b3a900a69 Added stub release notes for 3.0.5. 2020-03-04 10:56:07 +01:00
Mariusz Felisiak
43f8ba1c7c Fixed typo in docs/releases/1.11.29.txt. 2020-03-04 10:46:43 +01:00
Mariusz Felisiak
f37f9a0bf0 Added CVE-2020-9402 to security archive. 2020-03-04 09:59:07 +01:00
Mariusz Felisiak
6695d29b1c Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle. 
Thanks to Norbert Szetei for the report.
 2020-03-04 09:04:50 +01:00
Hannes Ljungberg
65ab4f9f03 Fixed #31147 -- Added SearchHeadline to django.contrib.postgres. 2020-03-03 15:39:52 +01:00
Mariusz Felisiak
7b8fa1653f Fixed #31150 -- Included subqueries that reference related fields in GROUP BY clauses. 
Thanks Johannes Hoppe for the report.

Regression in fb3f034f1c.

Co-authored-by: Simon Charette <charette.s@gmail.com>
 2020-03-03 11:25:37 +01:00
Claude Paroz
d4fff711d4 Fixed #31274 -- Used signing infrastructure in SessionBase.encode()/decode(). 
Thanks Mariusz Felisiak and Florian Apolloner for the reviews.
 2020-03-02 12:16:48 +01:00
Carlton Gibson
8b30360322
Fixed #31032 -- Updated admin browser support FAQ for 2020. 
Following web standards, the modern _evergreen_ browsers are all
supported. This applies equally to mobile platforms. Assuming current
trends continue, this should be a sustainable policy.

Microsoft deprecated all versions of Internet Explorer. IE 11, the last
version, is described as a "compatibility solution" rather than a web
browser. Whilst it will receive security updates for the lifetime of
Windows 10 it's use is actively discouraged.

The IE 11 downloads page makes it clear: "We recommend you use the new
Microsoft Edge".
 2020-02-28 12:39:14 +01:00
Simon Charette
41ebe60728 Fixed #31312 -- Properly ordered temporal subtraction params on MySQL. 
Regression in 9bcbcd599a.

Thanks rick2ricks for the report.
 2020-02-27 08:50:55 +01:00
Adam Johnson
a6b3938afc
Fixed #31182 -- Adjusted release notes for ASGI support. 2020-02-20 15:05:47 +01:00
Claude Paroz
4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes. 
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2020-02-18 20:03:44 +01:00
Mariusz Felisiak
2a038521c4
Fixed #31271 -- Preserved ordering when unifying query parameters on Oracle. 
This caused misplacing parameters in logged SQL queries.

Regression in 79065b55a7.

Thanks Hans Aarne Liblik for the report.
 2020-02-18 11:45:12 +01:00
Keshav Kumar
f37d548ede Fixed #20995 -- Added support for iterables of template names to {% include %} template tag. 
Thanks Adam Johnson for the review.
 2020-02-18 06:56:05 +01:00
Claude Paroz
da4923ea87 Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm. 2020-02-12 21:46:56 +01:00
Abhijeet Viswa
1712a76b9d Fixed #31246 -- Fixed locking models in QuerySet.select_for_update(of=()) for related fields and parent link fields with multi-table inheritance. 
Partly regression in 0107e3d105.
 2020-02-11 20:43:57 +01:00
Florian Apolloner
41a3b3d186 Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used. 
Thanks to Oskar Persson for the report.
 2020-02-11 20:39:12 +01:00
Jon Dufresne
e3f6e18513 Fixed #31253 -- Fixed data loss possibility when using caching from async code. 
Case missed in a415ce70be.
 2020-02-11 09:09:25 +01:00
Mariusz Felisiak
7e8339748c Added stub release notes for 2.2.11. 2020-02-10 08:18:58 +01:00
Mariusz Felisiak
932bd794b2 Added "Bugfixes" section to release notes for 3.0.4. 2020-02-10 08:14:58 +01:00
Simon Charette
430e796980 Refs #31055 -- Made DiscoverRunner skip running system checks on unused test databases. 2020-02-07 11:01:31 +01:00
Simon Charette
0b83c8cc4d Refs #31055 -- Added --database option to the check management command. 
This avoids enabling the ``database`` checks unless they are explicitly
requested and allows to disable on a per-alias basis which is required
when only creating a subset of the test databases.

This also removes unnecessary BaseCommand._run_checks() hook.
 2020-02-07 11:01:31 +01:00
Jon Dufresne
f48f671223 Refs #31233 -- Changed DatabaseWrapper._nodb_connection to _nodb_cursor(). 
It is now a method instead of a property and returns a context manager
that yields a cursor on entry and closes the cursor and connection upon
exit.
 2020-02-06 15:29:38 +01:00
Adam Johnson
72b97a5b1e Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. 2020-02-05 14:39:01 +01:00
Adam Johnson
de1924e0e7
Improved grammar in 3.0 release notes for SECURE_CONTENT_TYPE_NOSNIFF change. 2020-02-05 12:46:14 +01:00
Adam Johnson
469bf2db15 Fixed #31210 -- Doc'd how to reproduce HttpRequest.is_ajax() in release notes. 2020-02-04 12:21:48 +01:00
Adam Johnson
85cb59cba9 Fixed typo in docs/releases/3.1.txt. 2020-02-04 12:21:45 +01:00
Claude Paroz
8ae84156d6 Fixed #27604 -- Used the cookie signer to sign message cookies. 
Co-authored-by: Craig Anderson <craiga@craiga.id.au>
 2020-02-04 08:05:02 +01:00
Carlton Gibson
273918c25b Added stub release notes for 3.0.4. 2020-02-03 10:23:54 +01:00
Carlton Gibson
d8b2ccbbb8 Added CVE-2020-7471 to security archive. 2020-02-03 10:11:34 +01:00
Carlton Gibson
1a2600d8df Added release date for 3.0.3. 2020-02-03 08:52:16 +01:00
Simon Charette
eb31d84532 Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter. 2020-02-03 08:49:13 +01:00
Hasan Ramezani
a97111eabf Fixed 31207 -- Prevented references to non-local remote fields in ForeignKey.to_field. 
Thanks Simon Charette for the initial patch and review.
 2020-01-31 10:19:12 +01:00
Mariusz Felisiak
0ac8ac8b0d
Refs #25778 -- Updated some links to HTTPS and new locations. 2020-01-29 09:34:37 +01:00
Nick Pope
c9bf1910e2 Refs #30997 -- Added link to Fetch API in release notes. 2020-01-28 08:37:41 +01:00
Claude Paroz
e348ab0d43 Fixed #30997 -- Deprecated HttpRequest.is_ajax(). 2020-01-27 08:54:32 +01:00
Claude Paroz
7fa0fa45c5 Refs #30997 -- Removed HttpRequest.is_ajax() usage. 2020-01-27 08:52:40 +01:00
Claude Paroz
d66d72f956 Refs #30997 -- Added HttpRequest.accepts(). 2020-01-24 14:24:59 +01:00
Hasan Ramezani
b94764e178 Fixed #27888 -- Added link to clear all filters in the admin changelist view. 2020-01-23 14:14:54 +01:00
Eugene Hatsko
0b013564ef Fixed #31190 -- Fixed prefetch_related() crash for GenericForeignKey with custom ContentType foreign key. 
Regression in dffa3e1992.
 2020-01-22 07:54:16 +01:00
Pavel Lysak
13e4abf83e Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. 2020-01-16 15:25:49 +01:00
Flavio Curella
d08d4f464a Fixed #30765 -- Made cache_page decorator take precedence over max-age Cache-Control directive. 2020-01-16 13:39:16 +01:00
Carlton Gibson
29c126bb34 Fixed #31124 -- Fixed setting of get_FOO_display() when overriding inherited choices. 
Regression in 2d38eb0ab9
 2020-01-15 15:35:22 +01:00
Carlton Gibson
927c903f3c Refs #31097 -- Added release notes for 2f565f84ac. 
.
 2020-01-14 14:35:28 +01:00
Carlton Gibson
1f4b9f4f1f Removed unused ExceptionReporterFilter class. 
Unused since 8f8c54f70b.
 2020-01-11 20:18:38 +01:00
Mariusz Felisiak
6f7998adc7
Fixed #31155 -- Fixed a system check for the longest choice when a named group contains only non-string values. 
Regression in b6251956b6.

Thanks Murat Guchetl for the report.
 2020-01-11 19:47:36 +01:00
Carlton Gibson
e2d9d66a22 Fixed #23004 -- Added request.META filtering to SafeExceptionReporterFilter. 
Co-authored-by: Ryan Castner <castner.rr@gmail.com>
 2020-01-10 11:35:41 +01:00
Carlton Gibson
581ba5a948 Refs #23004 -- Allowed exception reporter filters to customize settings filtering. 
Thanks to Tim Graham for the original implementation idea.

Co-authored-by: Daniel Maxson <dmaxson@ccpgames.com>
 2020-01-10 11:21:23 +01:00
Adam Johnson
5166097d7c Fixed #31154 -- Added support for using enumeration types in templates. 
Enumeration helpers are callables, so the template system tried to call
them with no arguments.

Thanks Rupert Baker for helping discover this.
 2020-01-10 07:52:06 +01:00
Jack Cushman
eb629f4c02 Fixed #30995 -- Allowed converter.to_url() to raise ValueError to indicate no match. 2020-01-09 14:41:41 +01:00