Mariusz Felisiak
8747052411
Added CVE-2021-44420 to security archive.
2021-12-07 08:51:26 +01:00
Florian Apolloner
d4dcd5b9dd
Fixed #30530 , CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
...
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
2021-12-07 06:28:08 +01:00
Mariusz Felisiak
628b6a6869
Updated translations from Transifex.
...
This also fixes related i18n tests.
Forwardport of 4c5215ab03
from stable/4.0.x
Co-authored-by: Claude Paroz <claude@2xlibre.net>
2021-12-06 20:31:03 +01:00
Hannes Ljungberg
1eaf38fa87
Fixed #33335 -- Made model validation ignore functional unique constraints.
...
Regression in 3aa545281e
.
Thanks Hervé Le Roy for the report.
2021-12-06 07:59:11 +01:00
Mariusz Felisiak
d3a64bea51
Refs #33333 -- Fixed PickleabilityTestCase.test_annotation_with_callable_default() crash on Oracle.
...
Grouping by LOBs is not allowed on Oracle. This moves a binary field to
a separate model.
2021-12-04 15:55:03 +01:00
Maxim Piskunov
d3f4c2b95d
Fixed #33078 -- Added support for language regions in i18n_patterns().
2021-12-03 12:57:06 +01:00
Mariusz Felisiak
4f7bbc6138
Refs #33078 -- Added extra assertions to MiscTests.test_get_language_from_path_real().
2021-12-03 12:03:30 +01:00
Mariusz Felisiak
2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL.
...
This makes models.BinaryField pickleable on PostgreSQL.
Regression in 3cf80d3fcf
.
Thanks Adam Zimmerman for the report.
2021-12-03 11:56:22 +01:00
Georgi Yanchev
9c1fe446b6
Fixed #33339 -- Made QuerySet.bulk_create() use TO_NCLOB() for TextFields on Oracle.
2021-12-03 07:39:20 +01:00
Nick Pope
97e9a84d27
Removed unused country argument from GeoIP2._check_query().
...
Unused since its introduction in 79e68c225b
.
2021-12-02 11:30:42 +01:00
Nick Pope
7d5058d870
Removed redundant GeoIP2._check_query() calls.
2021-12-02 11:30:42 +01:00
Nick Pope
adcb3a7a27
Removed unused GeoIP2._cache attribute.
...
Unused since its introduction in 79e68c225b
.
2021-12-02 11:30:32 +01:00
Nick Pope
31bef51d8e
Moved unnecessary inner import in GeoIP2.geos().
2021-12-02 11:27:33 +01:00
Mariusz Felisiak
5def7f3f74
Updated various links to HTTPS and new locations.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-02 11:27:29 +01:00
Shivam Durgbuns
d75c387f46
Fixed #33334 -- Alphabetized form and model fields in reference docs.
2021-12-02 08:33:26 +01:00
Simon Charette
e5a92d400a
Fixed #33282 -- Fixed a crash when OR'ing subquery and aggregation lookups.
...
As a QuerySet resolves to Query the outer column references grouping logic
should be defined on the latter and proxied from Subquery for the cases where
get_group_by_cols is called on unresolved expressions.
Thanks Antonio Terceiro for the report and initial patch.
2021-12-02 07:23:33 +01:00
Simon Charette
e3bde71676
Refs #32690 -- Altered lookups Query rhs alterations during initialization.
...
Having it happen at the lookup creation time ensures entry points
called before the compilation phase (e.g. get_group_by_cols) don't have
to duplicate the logic in charge of altering Query instances used as
rhs.
It also has the nice effect of reducing the amount of time the
alteration logic to once as opposed to multiple times if the queryset
is compiled more than once.
2021-12-02 07:00:52 +01:00
Przemysław Suliga
4ce59f602e
Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
...
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.
Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
Claude Paroz
64c3f049ea
Fixed #33047 -- Fixed CheckConstraint crash with GIS lookups on PostGIS and MySQL GIS backends.
...
Thanks Daniel Swain for the report and Arsalan Ghassemi for the initial
patch.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-30 20:06:29 +01:00
Mariusz Felisiak
ae4077e13e
Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25.
2021-11-30 11:25:00 +01:00
Claude Paroz
322a1a037d
Refs #25706 - Removed inline JavaScript from OpenLayers template.
...
This allows setting a Content-Security-Policy HTTP header.
2021-11-30 06:35:15 +01:00
Chris Jerdonek
3ff7f6cf07
Refs #32800 -- Renamed _sanitize_token() to _check_token_format().
2021-11-29 10:48:31 +01:00
Chris Jerdonek
5d80843ebc
Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
...
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.
Thanks Florian Apolloner and Shai Berger for reviews.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
Shubh1815
05e29da421
Fixed #32545 -- Improved admin widget for raw_id_fields for UUIDFields.
...
Co-Authored-By: Jerome Leclanche <jerome@leclan.ch>
2021-11-29 07:16:26 +01:00
Hannes Ljungberg
ed2018037d
Fixed #33322 -- Fixed loss of assigned related object when saving relation with bulk_update().
2021-11-29 06:27:22 +01:00
Baptiste Mispelon
9ac92b1efc
Refs #33301 -- Made SimpleTestCase.assertFormError()/assertFormsetErrors() raise ValueError for non test client responses.
2021-11-26 13:10:43 +01:00
Baptiste Mispelon
68144f4049
Added tests for SimpleTestCase.assertFormError()/assertFormsetErrors().
2021-11-26 12:36:25 +01:00
Baptiste Mispelon
528691d1b6
Fixed #33301 -- Clarified the type of arguments required by custom assertions.
2021-11-26 12:03:00 +01:00
Mariusz Felisiak
75ee7057e9
Refs #33163 -- Corrected example of connection signal handlers in AppConfig.ready().
2021-11-26 11:16:35 +01:00
Hasan Ramezani
24b316536a
Fixed #33303 -- Changed messages' level tags on MESSAGE_TAGS setting change.
2021-11-26 07:09:31 +01:00
Ad Timmering
9a6e2df3a8
Fixed #32397 -- Made startapp/startproject management commands set User-Agent.
...
This sets User-Agent to 'Django/<version>'.
2021-11-25 20:36:04 +01:00
Mariusz Felisiak
e361621dbc
Removed unneeded can_use_chunked_reads feature flag on SQLite.
...
Unneeded since c0e3c65b9d
.
2021-11-25 20:08:46 +01:00
Shubh1815
51c24d8799
Fixed #33024 -- Fixed height of admin selector boxes in collapsed fieldset.
...
Thanks Tom Carrick for the review.
2021-11-25 07:57:19 +01:00
Ryuji Tsutsui
b8c0b22f2f
Fixed typo in docs/releases/4.0.txt.
2021-11-24 17:38:35 +01:00
Ad Timmering
59f4796918
Fixed #4282 -- Made startapp/startproject management commands honor umask.
...
Co-authored-by: Christian Schmitt <c.schmitt@briefdomain.de>
2021-11-24 13:10:45 +01:00
Mariusz Felisiak
1555e5850d
Removed unneeded supports_combined_alters feature flag on Oracle.
...
supports_combined_alters is False by default.
2021-11-24 10:23:43 +01:00
mgaligniana
7f8f69fb38
Fixed #33298 -- Added docs and tests for using Q objects with get_object_or_404()/get_list_or_404().
2021-11-24 09:28:21 +01:00
Tim Graham
ddf321479b
Removed unneeded @skipUnlessDBFeature('supports_combined_alters').
...
The test acts a regression test for 715ccfde24
if the feature is True, but it works on other backends too.
2021-11-24 09:13:28 +01:00
Tim Graham
9772eaa6c0
Fixed typo in delete test docstring.
2021-11-24 09:04:54 +01:00
Álvaro Pelegrina Fernández
98352ddf3a
Fixed #33310 -- Removed unused rule from admin CSS.
...
Unused since 30e59705fc
.
2021-11-23 21:14:36 +01:00
arsalan.ghassemi
bdcda1ca9b
Fixed #33309 -- Fixed QuerySet.distinct() crash on mixed case annotation.
2021-11-23 20:43:20 +01:00
Simon Charette
aec71aaa5b
Fixed #33304 -- Allowed passing string expressions to Window(order_by).
2021-11-23 07:58:44 +01:00
Simon Charette
e06dc4571e
Refs #33304 -- Enclosed aggregate ordering logic in an expression.
...
This greatly simplifies the implementation of contrib.postgres'
OrderableAggMixin and allows for reuse in Window expressions.
2021-11-23 07:28:27 +01:00
Mariusz Felisiak
a17becf4c7
Corrected signatures of QuerySet's methods.
2021-11-23 07:04:04 +01:00
Mariusz Felisiak
8b020f2e64
Corrected isort example in coding style docs.
...
Follow up to e74b3d724e
.
2021-11-22 12:34:32 +01:00
Baptiste Mispelon
e6e664a711
Fixed #33302 -- Made element_id optional argument for json_script template filter.
...
Added versionchanged note in documentation
2021-11-22 11:52:19 +01:00
Paolo Melchiorre
dd528cb2ce
Corrected "pip install" call in coding style docs.
2021-11-22 09:56:56 +01:00
Baptiste Mispelon
a0ed3cfad1
Fixed #33305 -- Fixed autodetector crash for ForeignKey with hardcoded "to" attribute.
...
Co-authored-by: Simon Charette <charette.s@gmail.com>
2021-11-22 06:46:25 +01:00
SwastikTripathi
a7e7043c87
Fixed #33229 -- Fixed BaseDatabaseOperations.adapt_datetimefield_value()/adapt_timefield_value() crash with expressions.
2021-11-19 09:47:57 +01:00
Jonny Park
6fa2930573
Refs #24121 -- Added __repr__() to BaseDatabaseWrapper, JoinPromoter, and SQLCompiler.
2021-11-19 07:57:02 +01:00