mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-09-10 11:09:12 +00:00
Code Issues 32 Releases Wiki Activity
33,821 Commits 29 Branches 455 Tags
Commit Graph

33821 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronan LE HAY
e197953f11 Refs #34989 -- Ensured the Content-Length header is set when redirect with APPEND_SLASH. 2025-09-03 22:49:34 +02:00
farhan
d82f25d3f0 Fixed #36559 -- Respected verbatim and comment blocks in PartialTemplate.source. 2025-09-03 10:59:58 -04:00
farhan
3485599ef0 Refs #36559 -- Ran template partial source tests in debug mode only. 
Added a warning for accessing PartialTemplate.source when debugging is disabled.
Thanks Sarah Boyce for the idea.
 2025-09-03 10:59:58 -04:00
Sarah Boyce
f0c05a40d2 Added CVE-2025-57833 to security archive. 2025-09-03 15:26:45 +02:00
Sarah Boyce
ab7c7dd99b Added stub release notes for 5.2.7. 2025-09-03 15:20:37 +02:00
Jake Howard
5171171709 Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL injection in column aliases. 
Thanks Eyal Gabay (EyalSec) for the report.
 2025-09-03 13:10:58 +02:00
Sarah Boyce
d044e25dc2 Made cosmetic edits to 5.2.6 release notes. 2025-09-03 12:15:01 +02:00
David Smith
0a67611b81
Fixed #36549 -- Doc'd use of OpenLayersWidget and OSMWidget with CSP. 
OpenLayersWidget and OSMWidget load map tiles from NASA and OpenStreetMap,
respectively. When CSP is enabled, appropriate directives must be added to
allow these resources to load.
 2025-09-02 16:40:05 -03:00
사재혁
e427e6b19b
Refs #35967 -- Removed deprecation note from backwards incompatible changes in 6.0 release notes. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-09-01 21:31:21 +02:00
Clifford Gama
6c37a2fbb2
Removed outdated deprecation note in 6.0 release notes. 2025-08-31 08:18:23 +02:00
Clifford Gama
21603c5b50
Removed unused import in docs/ref/models/expressions.txt example. 2025-08-31 08:15:13 +02:00
Jacob Walls
a627194567
Refs #36485 -- Corrected docs linter to detect too-long lines at file end. 2025-08-29 17:35:50 -04:00
SaJH
bb7a7701b1 Fixed #36431 -- Returned tuples for multi-column ForeignObject in values()/values_list(). 
Thanks Jacob Walls and Simon Charette for tests.

Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-29 15:33:44 -04:00
Jacob Walls
2d453a2a68 Refs #36152 -- Suppressed duplicate warning when using "%" in alias via values(). 2025-08-29 13:45:08 -04:00
Mustafa Pirbhai
183fcebf88 Fixed #35831 -- Documented the model form meta API in model form reference docs. 
Co-authored-by: Jonathan <3218047+jernwerber@users.noreply.github.com>
Co-authored-by: Mustafa <117516335+mspirbhai@users.noreply.github.com>
 2025-08-29 08:58:58 +02:00
SaJH
eaaf01c96a Refs #34624 -- Changed RedirectAdmin to use a Select widget for the site field. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-29 08:38:12 +02:00
SaJH
0be1c4575b Fixed #34624 -- Removed change, delete, and view buttons for non-Select widgets in RelatedFieldWidgetWrapper. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-29 08:38:12 +02:00
Rob Hudson
550822bcee Fixed #36532 -- Added Content Security Policy view decorators to override or disable policies. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-08-28 17:23:48 -03:00
Simon Charette
292b9e6fe8 Refs #27222 -- Adapted RETURNING handling to be usable for UPDATE queries. 
Renamed existing methods and abstractions used for INSERT … RETURNING
to be generic enough to be used in the context of UPDATEs as well.

This also consolidates SQL compliant implementations on
BaseDatabaseOperations.
 2025-08-28 20:44:21 +02:00
Simon Charette
dc4ee99152 Refs #27222 -- Implemented BaseDatabaseOperations.return_insert_columns()/fetch_returned_insert_rows(). 2025-08-28 20:44:21 +02:00
Jake Howard
41ff30f6f9 Refs #36520 -- Ensured only the header value is passed to parse_header_parameters for multipart requests. 
Header parsing should apply only to the header value. The previous
implementation happened to work but relied on unintended behavior.
 2025-08-28 14:25:36 -03:00
David Smith
c93dddf659 Added sphinxlint checker to flag relative targets in :doc: roles. 
Co-authored-by: Adam Johnson <me@adamj.eu>
 2025-08-28 13:48:32 -03:00
Adam Johnson
56955636e6 Ensured :doc: role uses absolute targets in docs. 2025-08-28 13:48:32 -03:00
Natalia
ae03f81ffa Replaced :doc: role usage with :ref: when appropriate in docs. 2025-08-28 13:48:32 -03:00
SaJH
a9fe98d5bd Fixed #35533 -- Prevented urlize creating broken links given a markdown link input. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-28 08:54:56 +02:00
David Smith
05bac8c420 Refs #36570 -- Added sphinxlint checker to flag unnecessary :py domain in documentation roles. 2025-08-28 08:52:43 +02:00
SaJH
3c0c54351b Fixed #36570 -- Removed unnecessary :py domain from documentation roles. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-28 08:52:43 +02:00
Tim Graham
1285de557b Fixed incorrect IDs in test_in_bulk_preserve_ordering. 2025-08-27 18:23:42 -04:00
Adam Johnson
d8426f64a7 Fixed #36577 -- Removed obsolete try-except for GIS layermapping imports. 2025-08-27 13:16:28 -03:00
Natalia
4f07767106 Added matrix with newer image versions to the "postgis" GitHub Action. 
This work allows to test three types of postgis Docker images to cover
a wider spectrum of geo libraries versions:

* `latest` (recommended upstream): uses latest stable Debian packages.
  These versions are generally conservative, so they may lag behind.
* `alpine`: build PostGIS from source on Alpine, and ship newer
  geospatial libs.
* `master`: provides development versions, therefore coverage for what's
  coming. Future compatibility issues can be caught in advance.

This split is important because each image differs significantly in
GEOS/PROJ/GDAL versions, so testing all increases confidence in
compatibility. More info at https://hub.docker.com/r/postgis/postgis/.

For example, at the time of this branch:

* latest stable in debian:
  * POSTGIS="3.5.2 dea6d0a"
  * GEOS="3.9.0-CAPI-1.16.2"
  * PROJ="7.2.1"
* latest stable in alpine:
  * POSTGIS="3.5.3 0"
  * GEOS="3.13.1-CAPI-1.19.2"
  * PROJ="9.6.0
* latest development branch:
  * POSTGIS="3.6.0dev 3.6.0beta1-29-g7c8cfe07d"
  * GEOS="3.14.0beta2-CAPI-1.20.1"
  * PROJ="9.7.0"
 2025-08-27 11:33:13 -03:00
Natalia
1b0c4d5ea5 Ensured apt repo is updated before installing deps in "postgis" GitHub Action. 2025-08-27 11:33:13 -03:00
Sarah Boyce
4c71e33440 Added stub release notes and release date for 5.2.6, 5.1.12, and 4.2.24. 2025-08-27 16:01:20 +02:00
Sarah Boyce
d0e4dd5cdd Fixed #36572 -- Revert "Fixed #36546 -- Deprecated django.utils.crypto.constant_time_compare() in favor of hmac.compare_digest()." 
This reverts commit 0246f478882c26bc1fe293224653074cd46a90d0.
 2025-08-27 10:50:50 +02:00
Jacob Walls
c594574175 Clarified Trac "version" attribute in contributing guide. 2025-08-26 17:49:06 -04:00
Jacob Walls
d454aefbd1
Refs #15727 -- Captured failed request log in CSPMiddlewareTest. 2025-08-26 17:26:01 -04:00
Jacob Walls
66082a7dac
Corrected definition of "needsinfo" triage stage in contributing guide. 2025-08-26 16:00:47 -04:00
David Smith
07f44c9e9a Fixed #36568 -- Confirmed support for GEOS 3.14. 2025-08-26 16:01:41 -03:00
antoliny0919
3e7aedfb2e Fixed #36556 -- Fixed TabularInline width overflowing the page. 2025-08-26 13:45:28 +02:00
Natalia
9efce80ca7 Refs #36485 -- Ignored line-length formatting changes in git blame. 2025-08-26 08:31:24 -03:00
David Smith
43e4d0a142 Fixed #36485 -- Added lint-docs check in Tox and GitHub Actions. 
The `check` docs target now runs spelling, black, and lint, so all
current documentation quality checks can be run with a single command.

Also documented the lint-docs check's availability and usage.
 2025-08-25 10:51:10 -03:00
David Smith
f81e6e3a53 Refs #36485 -- Rewrapped docs to 79 columns line length. 
Lines in the docs files were manually adjusted to conform to the
79 columns limit per line (plus newline), improving readability and
consistency across the content.
 2025-08-25 10:51:10 -03:00
Natalia
4286a23df6 Refs #36485 -- Removed double spaces after periods in sentences. 2025-08-25 10:51:10 -03:00
Natalia
01a460f23e Refs #36485 -- Removed trailing spaces and tabs in docs. 2025-08-25 10:51:10 -03:00
David Smith
724e5ec6f2 Refs #36485 -- Fixed dangling hyphen and unbalanced inline markup in docs. 2025-08-25 10:51:10 -03:00
David Smith
6f8e23d1c1 Refs #36485 -- Removed unnecessary parentheses in :meth: and :func: roles in docs. 2025-08-25 10:51:10 -03:00
David Smith
ef2f16bc48 Refs #36485 -- Added sphinx-lint support and make lint rule for docs. 
This adds a `lint.py` script to run sphinx-lint on Django's docs files,
a mathing `lint` target in the `docs/Makefile` and `docs/make.bat`, and
updates `docs/requirements.txt` accordingly.
 2025-08-25 10:51:10 -03:00
SaJH
0246f47888 Fixed #36546 -- Deprecated django.utils.crypto.constant_time_compare() in favor of hmac.compare_digest(). 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-25 14:45:16 +02:00
SaJH
3ba24c18e7 Fixed #36251 -- Avoided mutating form Meta.fields in BaseInlineFormSet. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-08-25 10:05:45 +02:00
Jacob Walls
165ad74c57
Removed reference to flake8 file exclusions. 
Obsolete since 41384812efe209c8295a50d78b45e0ffb2992436.
(six was removed in 9285926295fbfc86b70e7be8d595d4cfbe7895b8.)
 2025-08-23 20:01:00 +02:00
Simon Charette
836894f27a Refs #470 -- Adjusted Field.db_returning to be backend agnostic. 
Determining if a field is db_returning based on the default connection
feature availability prevents the usage of RETURNING for db_default
fields in setups where non-default backends do support RETURNING.

Whether or not the field should be attempted to be returned is already
checked at the compiler level which is backend aware.
 2025-08-23 18:09:43 +02:00