1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00
Commit Graph

31025 Commits

Author SHA1 Message Date
Mariusz Felisiak
5e2f4ddf29
Refs CVE-2022-34265 -- Unified DatabaseOperations._convert_*_to_tz() hook names. 2022-07-09 13:02:07 +02:00
Mariusz Felisiak
eb3699ea77
Fixed #33718 -- Dropped support for MySQL 5.7. 2022-07-08 13:30:12 +02:00
Stéphane "Twidi" Angel
ccbf714ebe Fixed #33829 -- Made BaseConstraint.deconstruct() and equality handle violation_error_message.
Regression in 667105877e.
2022-07-08 08:17:42 +02:00
David Wobrock
41019e48bb Refs #27236 -- Added generic mechanism to handle the deprecation of migration operations. 2022-07-08 07:05:55 +02:00
David Wobrock
57793b4765 Refs #27236 -- Refactored out DeprecationForHistoricalMigrationMixin. 2022-07-07 12:21:35 +02:00
Carlton Gibson
6f80050496 Fixed #33781 -- Restored alignment for admin split-field timezone warnings.
Regression in f3e2bb0833.
Refs #33750 and #27207.
2022-07-07 11:32:05 +02:00
Christos Kopanos
608ab043f7 Fixed #33826 -- Fixed RedisCache.set_many()/delete_many() crash with an empty list. 2022-07-06 10:45:52 +02:00
Christos Kopanos
fcee0d3fb6 Used list comprehensions in RedisCache.delete_many(). 2022-07-06 10:37:20 +02:00
Vladimir Kochetkov
3926e35aa8 Fixed #33823 -- Made inspectdb generate unique related_name when reverse accessor clashes. 2022-07-06 09:35:50 +02:00
Simon Charette
877c800f25 Refs CVE-2022-34265 -- Properly escaped Extract() and Trunc() parameters.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-07-06 07:40:07 +02:00
Mariusz Felisiak
73766c1187
Fixed RelatedGeoModelTest.test08_defer_only() on MySQL 8+ with MyISAM storage engine. 2022-07-05 19:05:03 +02:00
Shawn Dong
18c5ba07cc Fixed #33822 -- Fixed save() crash on model formsets when not created by modelformset_factory().
Thanks Claude Paroz for the report.

Regression in e87f57fdb8.
2022-07-05 07:19:18 +02:00
Mariusz Felisiak
249ecc437f
Fixed #33815 -- Fixed last_executed_query() on Oracle when parameter names overlap. 2022-07-05 05:53:49 +02:00
Mariusz Felisiak
d12d7c4c42 Added CVE-2022-34265 to security archive. 2022-07-04 10:27:14 +02:00
Mariusz Felisiak
c6932ea2ea Added stub release notes for 4.0.7. 2022-07-04 10:06:07 +02:00
Mariusz Felisiak
54eb8a374d Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
2022-07-04 08:13:41 +02:00
Ipakeev
425718726b
Fixed #33816 -- Fixed QuerySet.only() after select_related() crash on proxy models. 2022-07-04 06:37:36 +02:00
Aristotelis Mikropoulos
5eb6a2b33d
Fixed typo in docs/topics/signals.txt. 2022-07-02 16:45:24 +02:00
Mariusz Felisiak
863aa7541d
Fixed GEOSTest.test_emptyCollections() on GEOS 3.8.0.
It's a regression in GEOS 3.8.0 fixed in GEOS 3.8.1.
2022-07-01 19:05:27 +02:00
Michael Manfre
03eec9ff6c Updated vendored _urlsplit() to strip newline and tabs.
Refs Python CVE-2022-0391. Django is not affected, but others who
incorrectly use internal function url_has_allowed_host_and_scheme()
with unsanitized input could be at risk.
2022-07-01 08:48:38 +02:00
Arslan Noor
5c93a84f44 Corrected various typos in contributing docs. 2022-06-30 11:09:06 +02:00
Pablo Montepagano
bb2c5f69f4
Fixed #32749 -- Doc'd PyMemcacheCache defaults. 2022-06-28 21:56:51 +02:00
Mariusz Felisiak
154dd1c0ed
Refs #33697 -- Added backward incompatibility note about removing multipartparser.parse_header(). 2022-06-28 21:45:03 +02:00
Hrushikesh Vaidya
72e41a0df6 Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script(). 2022-06-28 10:54:38 +02:00
Hrushikesh Vaidya
0ee03a439b Refs #33779 -- Doc'd django.utils.html.json_script(). 2022-06-28 10:51:46 +02:00
Mehrdad
d4d5427571 Refs #33697 -- Used django.utils.http.parse_header_parameters() for parsing boundary streams.
This also removes unused parse_header() and _parse_header_params()
helpers in django.http.multipartparser.
2022-06-28 09:42:47 +02:00
Mariusz Felisiak
bff5c114be
Removed unnecessary _parse_header() from MultiPartParser.
Reraising ValueError was unused since its introduction in
d725cc9734.
2022-06-28 09:27:03 +02:00
Mariusz Felisiak
9cf2564d38
Bumped versions in pre-commit and npm configurations. 2022-06-28 08:53:05 +02:00
Mehrdad
d6e0c7c30c Refs #33697 -- Made MediaType use django.utils.http.parse_header_parameters(). 2022-06-28 07:33:41 +02:00
Ankur
eb7b8f3699 Fixed #33805 -- Made admin's many-to-many widgets do not display help text for selecting values when allow_multiple_selected is False. 2022-06-28 06:04:42 +02:00
Christopher Adams
90d2f9f416 Fixed #33422 -- Improved docs about isolating apps. 2022-06-27 11:29:21 +02:00
Mariusz Felisiak
b2eff16806 Added stub release notes and release date for 4.0.6 and 3.2.14. 2022-06-27 07:13:26 +02:00
Mariusz Felisiak
c48b34e26d Refs #32786 -- Made query clear ordering when ordered combined queryset is used in subquery on Oracle. 2022-06-27 06:21:31 +02:00
Mariusz Felisiak
20b6e30858 Refs #33713 -- Removed unnecessary skip for MariaDB 10.3. 2022-06-27 06:21:31 +02:00
Mariusz Felisiak
44ffd8d06f Fixed #33796 -- Fixed ordered combined queryset crash when used in subquery on PostgreSQL and MySQL.
Thanks Shai Berger for the report.

Regression in 30a0144134.
2022-06-27 06:21:31 +02:00
Ian Wootten
6f63e0ce8e
Fixed #33804 -- Corrected GinIndex.gin_pending_list_limit description in docs. 2022-06-24 14:52:21 +02:00
Mariusz Felisiak
9a22d1769b
Bumped versions in Github actions configuration. 2022-06-24 07:38:13 +02:00
Mariusz Felisiak
083bfca6b6
Fixed #33800 -- Fixed system check for the same template tag module in installed apps and template tag libraries.
Thanks Claude Paroz for the report.

Regression in 004b4620f6.
2022-06-23 20:22:59 +02:00
DhruvaPatil98
c627226d05 Fixed #33799, Refs #31685 -- Added parameters for updating conflicts to QuerySeta.abulk_create(). 2022-06-23 11:12:35 +02:00
Florian Apolloner
e6f36ea0a9 Made HashedFilesMixin ignore URLs without a path. 2022-06-23 08:59:49 +02:00
Marcelo Galigniana
d80a258553 Fixed #33028 -- Used ModelAdmin's opts attribute instead of model._meta. 2022-06-22 07:50:24 +02:00
Claude Paroz
de74a74b4b Fixed #33794 -- Fixed string-casting of GIS queries on PostgreSQL.
Regression in 64c3f049ea.
2022-06-21 10:10:37 +02:00
Mariusz Felisiak
a0608c4b11
Fixed #33789 -- Doc'd changes in quoting table/column names on Oracle in Django 4.0.
Thanks Paul in 't Hout for the report.

Regression in 1f643c28b5.
2022-06-21 09:09:41 +02:00
Abhinav Yadav
2887b9f67c
Fixed #33657 -- Allowed customizing formatter class of argument parsers. 2022-06-20 17:34:52 +02:00
Anv3sh
d7f5bfd241 Fixed #32969 -- Fixed pickling HttpResponse and subclasses. 2022-06-20 08:51:26 +02:00
Zainab Amir
901a169198 Fixed #23689 -- Made parsing HTTP Accept-Language header case-insensitive.
Thank you Daniel Samuels for test project.
2022-06-20 07:40:28 +02:00
Ankur
d19a53d8e3 Fixed #33784 -- Removed unnecessary format escaping in admin calendar widget.
Replacements were added in fa0653cd1d
where we created a callback function by concatenating strings. It's
unnecessary since d638cdc42a.
2022-06-18 20:21:28 +02:00
Matt Brewer
8d160f154f Fixed #33788 -- Added TrigramStrictWordSimilarity() and TrigramStrictWordDistance() on PostgreSQL. 2022-06-17 11:14:30 +02:00
David Wobrock
3ef37a5245 Fixed #28897 -- Fixed QuerySet.update() on querysets ordered by annotations. 2022-06-17 10:06:17 +02:00
David Wobrock
f4680a112d Refs #28897 -- Added test for QuerySet.update() on querysets ordered by inline m2m annotation. 2022-06-17 10:06:12 +02:00