Refactored bump_prefix() to avoid infinite loop and allow more than
than 5 subquires by extending the alphabet to use multi-letters.
Backport of 41fc1c0b5eac156e200a10233c7c9210a1c0fed8 from master
This reverts commit 1702bc52cc20ed0729893177fc8f4391b4b3183c.
This doesn't work on stable/1.7.x because #23844 wasn't backported and we're
not willing to do so because it's a large change.
Refs #7261 -- Made strings escaped by Django usable in third-party libs.
The changes in mark_safe and mark_for_escaping are straightforward. The
more tricky part is to handle correctly objects that implement __html__.
Historically escape() has escaped SafeData. Even if that doesn't seem a
good behavior, changing it would create security concerns. Therefore
support for __html__() was only added to conditional_escape() where this
concern doesn't exist.
Then using conditional_escape() instead of escape() in the Django
template engine makes it understand data escaped by other libraries.
Template filter |escape accounts for __html__() when it's available.
|force_escape forces the use of Django's HTML escaping implementation.
Here's why the change in render_value_in_context() is safe. Before Django
1.7 conditional_escape() was implemented as follows:
if isinstance(text, SafeData):
return text
else:
return escape(text)
render_value_in_context() never called escape() on SafeData. Therefore
replacing escape() with conditional_escape() doesn't change the
autoescaping logic as it was originally intended.
This change should be backported to Django 1.7 because it corrects a
feature added in Django 1.7.
Thanks mitsuhiko for the report.
Backport of 6d52f6f from master.
mark_safe and mark_for_escaping should have been kept similar.
On Python 2 this change has no effect. On Python 3 it fixes the use case
shown in the regression test for mark_for_escaping, which used to raise
a TypeError. The regression test for mark_safe is just for completeness.
Backport of 5c5eb5fe from master.
The migrations autodetector now issues AlterModelOptions operations for
Meta.managed changes instead of DeleteModel + CreateModel.
Thanks iambibhas for the report and Simon and Markus for review.
Backport of 061caa5b386681dc7bdef16918873043224a299c from master
This change allows dynamically created inlines "Add related" button to work
correcly as long as their associated foreign key is pointing to the primary
key of the related model.
Thanks to amorce for the report, Julien Phalip for the initial patch,
and Collin Anderson for the review.
Backport of f9c4e14aeca7df79991bca8ac2d743953cbd095c from master
This rename is very tricky for the case of subclasses which define
get_query_set and haven't been updated yet, which applies to all projects in
the form of RelatedManager from Django 1.5.
Backport of 0c623da66406d1f20b5e26d497d57da5ad0de066 from master
This reverts commit 8014001d9287d516c58be80ad71fb63593648b3d.
Adding kwargs to deconstructed objects does not achieve useful
forward-compatibility in general, since the additional kwargs are silently
dropped rather than having their expected effect. In fact, it can cause the
failure to be more difficult to debug. Thanks Shai Berger for discussion.
Added relabeled_clone() method to sql.Query to fix the problem. It
manifested itself in rare cases where at least double nested subquery's
filter condition might target non-existing alias.
Thanks to Trac alias ris for reporting the problem.
Backport of 5c481db29572a387651681b43d5d4523f96b3793 from master
