django

mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00

Author	SHA1	Message	Date
David Smith	f81e6e3a53	Refs #36485 -- Rewrapped docs to 79 columns line length. Lines in the docs files were manually adjusted to conform to the 79 columns limit per line (plus newline), improving readability and consistency across the content.	2025-08-25 10:51:10 -03:00
Jake Howard	bc1bfe12b6	Clarified that only latest dependency versions are valid for security reports.	2025-06-18 11:04:34 -03:00
nessita	0f60102444	Added guidance on AI-assisted security reports to docs/internals/security.txt. Co-authored-by: Shai Berger <shai@platonix.com> Co-authored-by: Mike Edmunds <medmunds@gmail.com>	2025-06-17 11:45:03 -03:00
Sarah Boyce	582ba18d56	Added security guideline on reasonable size limitations when rendering content via the DTL. This also removes the need to add warnings for every Django template filter.	2025-02-24 08:51:08 +01:00
Sarah Boyce	5935336059	Added security reporting guidelines.	2025-02-24 08:51:08 +01:00
Sarah Boyce	cecb76a942	Updated expectations for when security reports will receive a reply.	2025-02-24 08:51:08 +01:00
nessita	f609a2da86	Refs #35612 -- Extended docs on how the security team evaluates reports. Co-authored-by: Shai Berger <shai@platonix.com>	2025-02-04 08:54:01 -03:00
Sarah Boyce	9423f8b476	Fixed #35612 -- Added documentation on how the security team evaluates reports. Co-authored-by: Joshua Olatunji <joshua+github@etentlabs.com>	2024-10-11 10:53:11 +02:00
shivaramkumar	a47de0d6cd	Changed severity levels to list in security policy docs.	2024-02-05 05:36:32 +01:00
Tim Graham	2c4dc64760	Used extlinks for PyPI links. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-04-17 06:55:32 +02:00
Markus Holtermann	d9a266d657	Updated Git branch "master" to "main". This change follows a long discussion on django-develops: https://groups.google.com/g/django-developers/c/tctDuKUGosc/	2021-03-09 08:48:32 +01:00
Michael Manfre	0e893248b2	Added notes related to security pre-notification list requests.	2020-05-21 10:30:14 +02:00
Tobias Kunze	4a954cfd11	Fixed #30573 -- Rephrased documentation to avoid words that minimise the involved difficulty. This patch does not remove all occurrences of the words in question. Rather, I went through all of the occurrences of the words listed below, and judged if they a) suggested the reader had some kind of knowledge/experience, and b) if they added anything of value (including tone of voice, etc). I left most of the words alone. I looked at the following words: - simply/simple - easy/easier/easiest - obvious - just - merely - straightforward - ridiculous Thanks to Carlton Gibson for guidance on how to approach this issue, and to Tim Bell for providing the idea. But the enormous lion's share of thanks go to Adam Johnson for his patient and helpful review.	2019-09-06 13:27:46 +02:00
François Freitag	9b15ff08ba	Used auto-numbered lists in documentation.	2018-11-15 13:54:28 -05:00
Brett Cannon	64b74804c5	Fixed #29334 -- Updated pypi.python.org URLs to pypi.org.	2018-04-17 20:24:27 -04:00
Tim Graham	e1cf2a607e	Added "Denial-of-service attacks" to the security issue severity classification.	2018-03-12 11:00:47 -04:00
Florian Apolloner	bf0dff4bed	Typo fix.	2017-03-13 22:01:42 +01:00
Tim Graham	3d14cbc867	Removed docs/internals/roles.txt. It's moved to https://www.djangoproject.com/foundation/teams/.	2017-02-15 09:31:41 +01:00
Tim Graham	af98a0a25e	Updated security policy according to current practices. Also added security release date notifications to django-announce.	2016-10-15 07:53:08 -04:00
Elif T. Kus	bca9faae95	Fixed #26020 -- Normalized header stylings in docs.	2016-01-22 12:12:17 -05:00
Tim Graham	aed437d567	Updated release process for new release schedule.	2015-06-25 11:36:17 -04:00
Tim Graham	46ce72e8d2	Added oss-security@lists.openwall.com to security release announcements.	2015-05-25 08:31:51 -04:00
Tim Graham	016d8cfbe2	Removed obsolete distros@vs.openwall.org security notification.	2015-05-21 19:22:58 -04:00
Aymeric Augustin	a4ead67ee9	Adjusted 'internals' docs to the new organization. Most of these changes are about using the correct vocabulary -- "core team member" vs "core developer/committer" and adding internal links.	2014-08-01 14:41:25 +02:00
James Bennett	c83583fb34	Correctly remove extraneous text about keys from previous edit.	2014-07-27 13:49:53 +02:00
James Bennett	fe87f8d670	Update from key ID in security.txt to authorized release keys list.	2014-07-27 13:48:59 +02:00
Tim Graham	7f2505ad9e	Fixed doc typos.	2014-02-28 11:44:03 -05:00
James Turley	4d8209431d	Fixed #21824 -- Added reference to LTS in docs/internals/security.txt	2014-01-24 08:13:17 -05:00
Claude Paroz	626bdf648a	Updated a bunch of hyperlinks in documentation	2013-12-08 18:40:09 +01:00
Unai Zalakain	3895d8899d	Fixed #21213 -- Added docs for Django's mailing lists. Added docs/internals/mailing-lists.txt documenting the use of django's mailing lists. All references across docs changed to point to this page. The referencing makes use of substitution because there's no way to make a :ref: link in a non-inline fashion in Sphinx. It also makes use of rst_epilog Sphinx conf for making this substitutions across all the docs.	2013-10-04 10:00:36 -04:00
Russell Keith-Magee	8e134c27c9	Corrected markup problems in new security summary page.	2013-09-19 13:57:02 +08:00
James Bennett	a2e25e8a83	Fix #21121 : Add archive of security issues.	2013-09-18 23:13:04 -05:00
Tim Graham	5737c57d95	Fixed #20868 -- Added an email to django-announce as a security step. Thanks garrison for the report.	2013-08-09 16:02:05 -04:00
Loic Bistuer	aff0aa3af8	Rephrased the docs for reporting security issues to make it less intimidating.	2013-07-16 17:17:08 +07:00
James Bennett	1ef1bceb3b	Add new security-policy documentation. This formally describes our policies on reporting, notification and disclosure of security issues, and provides a detailed explanation of our full security-response process, for reference purposes.	2012-08-07 16:06:34 -04:00

35 Commits