==========================
Django 5.1.1 release notes
==========================

*September 3, 2024*

Django 5.1.1 fixes one security issue with severity "moderate", one security
issue with severity "low", and several bugs in 5.1.

Bugfixes
========

* Fixed a regression in Django 5.1 that caused a crash of ``Window()`` when
  passing an empty sequence to the ``order_by`` parameter, and a crash of
  ``Prefetch()`` for a sliced queryset without ordering (:ticket:`35665`).

* Fixed a regression in Django 5.1 where a new ``usable_password`` field was
  included in :class:`~django.contrib.auth.forms.BaseUserCreationForm` (and
  children). A new :class:`~django.contrib.auth.forms.AdminUserCreationForm`
  including this field was added, isolating the feature to the admin where it
  was intended (:ticket:`35678`).

* Adjusted the deprecation warning ``stacklevel`` in :meth:`.Model.save` and
  :meth:`.Model.asave` to correctly point to the offending call site
  (:ticket:`35060`).

* Adjusted the deprecation warning ``stacklevel`` when using ``OS_OPEN_FLAGS``
  in :class:`~django.core.files.storage.FileSystemStorage` to correctly point
  to the offending call site (:ticket:`35326`).

* Adjusted the deprecation warning ``stacklevel`` in
  ``FieldCacheMixin.get_cache_name()`` to correctly point to the offending call
  site (:ticket:`35405`).

* Restored, following a regression in Django 5.1, the ability to override the
  timezone and role setting behavior used within the ``init_connection_state``
  method of the PostgreSQL backend (:ticket:`35688`).