mirror of
https://github.com/django/django.git
synced 2024-11-18 15:34:16 +00:00
42736ac8e8
Thanks FunkyBob for the suggestion, prasoon2211 for the initial patch, and akaariai, loic, and charettes for helping in shaping the patch.
407 lines
14 KiB
Plaintext
407 lines
14 KiB
Plaintext
============================================
|
|
Django 1.8 release notes - UNDER DEVELOPMENT
|
|
============================================
|
|
|
|
Welcome to Django 1.8!
|
|
|
|
These release notes cover the `new features`_, as well as some `backwards
|
|
incompatible changes`_ you'll want to be aware of when upgrading from Django
|
|
1.6 or older versions. We've also dropped some features, which are detailed in
|
|
:ref:`our deprecation plan <deprecation-removed-in-1.8>`, and we've `begun the
|
|
deprecation process for some features`_.
|
|
|
|
.. _`new features`: `What's new in Django 1.8`_
|
|
.. _`backwards incompatible changes`: `Backwards incompatible changes in 1.8`_
|
|
.. _`begun the deprecation process for some features`: `Features deprecated in 1.8`_
|
|
|
|
Python compatibility
|
|
====================
|
|
|
|
Like Django 1.7, Django 1.8 requires Python 2.7 or above, though we
|
|
**highly recommend** the latest minor release.
|
|
|
|
What's new in Django 1.8
|
|
========================
|
|
|
|
...
|
|
|
|
Minor features
|
|
~~~~~~~~~~~~~~
|
|
|
|
:mod:`django.contrib.admin`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
:mod:`django.contrib.auth`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* Authorization backends can now raise
|
|
:class:`~django.core.exceptions.PermissionDenied` in
|
|
:meth:`~django.contrib.auth.models.User.has_perm`
|
|
and :meth:`~django.contrib.auth.models.User.has_module_perms`
|
|
to short-circuit permission checking.
|
|
* :class:`~django.contrib.auth.forms.PasswordResetForm` now
|
|
has a method :meth:`~django.contrib.auth.forms.PasswordResetForm.send_email`
|
|
that can be overridden to customize the mail to be sent.
|
|
|
|
:mod:`django.contrib.formtools`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* A :doc:`form wizard </ref/contrib/formtools/form-wizard>` using the
|
|
:class:`~django.contrib.formtools.wizard.views.CookieWizardView` will now ignore
|
|
an invalid cookie, and the wizard will restart from the first step. An invalid
|
|
cookie can occur in cases of intentional manipulation, but also after a secret
|
|
key change. Previously, this would raise ``WizardViewCookieModified``, a
|
|
``SuspiciousOperation``, causing an exception for any user with an invalid cookie
|
|
upon every request to the wizard, until the cookie is removed.
|
|
|
|
:mod:`django.contrib.gis`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* Compatibility shims for ``SpatialRefSys`` and ``GeometryColumns`` changed in
|
|
Django 1.2 have been removed.
|
|
|
|
:mod:`django.contrib.messages`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
:mod:`django.contrib.redirects`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
:mod:`django.contrib.sessions`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* Session cookie is now deleted after
|
|
:meth:`~django.contrib.sessions.backends.base.SessionBase.flush()` is called.
|
|
|
|
:mod:`django.contrib.sitemaps`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
:mod:`django.contrib.sites`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
:mod:`django.contrib.staticfiles`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
:mod:`django.contrib.syndication`
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
Cache
|
|
^^^^^
|
|
|
|
* ...
|
|
|
|
Email
|
|
^^^^^
|
|
|
|
* :ref:`Email backends <topic-email-backends>` now support the context manager
|
|
protocol for opening and closing connections.
|
|
|
|
File Storage
|
|
^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
File Uploads
|
|
^^^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
Forms
|
|
^^^^^
|
|
|
|
* Form widgets now render attributes with a value of ``True`` or ``False``
|
|
as HTML5 boolean attributes.
|
|
|
|
* The new :meth:`~django.forms.Form.has_error()` method allows checking
|
|
if a specific error has happened.
|
|
|
|
* If :attr:`~django.forms.Form.required_css_class` is defined on a form, then
|
|
the ``<label>`` tags for required fields will have this class present in its
|
|
attributes.
|
|
|
|
* The rendering of non-field errors in unordered lists (``<ul>``) now includes
|
|
``nonfield`` in its list of classes to distinguish them from field-specific
|
|
errors.
|
|
|
|
* :class:`~django.forms.Field` now accepts a
|
|
:attr:`~django.forms.Field.label_suffix` argument, which will override the
|
|
form's :attr:`~django.forms.Form.label_suffix`. This enables customizing the
|
|
suffix on a per-field basis — previously it wasn't possible to override
|
|
a form's :attr:`~django.forms.Form.label_suffix` while using shortcuts such
|
|
as ``{{ form.as_p }}`` in templates.
|
|
|
|
* :class:`~django.forms.extras.widgets.SelectDateWidget` now accepts an
|
|
:attr:`~django.forms.extras.widgets.SelectDateWidget.empty_label` argument, which will
|
|
override the top list choice label when :class:`~django.forms.DateField` is not required.
|
|
|
|
Internationalization
|
|
^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* :setting:`FORMAT_MODULE_PATH` can now be a list of strings representing
|
|
module paths. This allows importing several format modules from different
|
|
reusable apps. It also allows overriding those custom formats in your main
|
|
Django project.
|
|
|
|
Management Commands
|
|
^^^^^^^^^^^^^^^^^^^
|
|
|
|
* :djadmin:`dumpdata` now has the option :djadminopt:`--output` which allows
|
|
specifying the file to which the serialized data is written.
|
|
|
|
* :djadmin:`makemessages` and :djadmin:`compilemessages` now have the option
|
|
:djadminopt:`--exclude` which allows exclusion of specific locales from
|
|
processing.
|
|
|
|
* The :djadminopt:`--ignorenonexistent` option of the :djadmin:`loaddata`
|
|
management command now ignores data for models that no longer exist.
|
|
|
|
* :djadmin:`runserver` now uses daemon threads for faster reloading.
|
|
|
|
Models
|
|
^^^^^^
|
|
|
|
* Django now logs at most 9000 queries in ``connections.queries``, in order
|
|
to prevent excessive memory usage in long-running processes in debug mode.
|
|
|
|
* Pickling models and querysets across different versions of Django isn't
|
|
officially supported (it may work, but there's no guarantee). An extra
|
|
variable that specifies the current Django version is now added to the
|
|
pickled state of models and querysets, and Django raises a ``RuntimeWarning``
|
|
when these objects are unpickled in a different version than the one in
|
|
which they were pickled.
|
|
|
|
Signals
|
|
^^^^^^^
|
|
|
|
* Exceptions from the ``(receiver, exception)`` tuples returned by
|
|
:meth:`Signal.send_robust() <django.dispatch.Signal.send_robust>` now have
|
|
their traceback attached as a ``__traceback__`` attribute.
|
|
|
|
Templates
|
|
^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
Requests and Responses
|
|
^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
* ``WSGIRequest`` now respects paths starting with ``//``.
|
|
|
|
* The :meth:`HttpRequest.build_absolute_uri()
|
|
<django.http.HttpRequest.build_absolute_uri>` method now handles paths
|
|
starting with ``//`` correctly.
|
|
|
|
Tests
|
|
^^^^^
|
|
|
|
* The ``count`` argument was added to
|
|
:meth:`~django.test.SimpleTestCase.assertTemplateUsed`. This allows you to
|
|
assert that a template was rendered a specific number of times.
|
|
|
|
* The new :meth:`~django.test.SimpleTestCase.assertJSONNotEqual` assertion
|
|
allows you to test that two JSON fragments are not equal.
|
|
|
|
* Added the ability to preserve the test database by adding the :djadminopt:`--keepdb`
|
|
flag.
|
|
|
|
Validators
|
|
^^^^^^^^^^
|
|
|
|
* ...
|
|
|
|
Backwards incompatible changes in 1.8
|
|
=====================================
|
|
|
|
.. warning::
|
|
|
|
In addition to the changes outlined in this section, be sure to review the
|
|
:ref:`deprecation plan <deprecation-removed-in-1.8>` for any features that
|
|
have been removed. If you haven't updated your code within the
|
|
deprecation timeline for a given feature, its removal may appear as a
|
|
backwards incompatible change.
|
|
|
|
Related object operations are run in a transaction
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Some operations on related objects such as
|
|
:meth:`~django.db.models.fields.related.RelatedManager.add()` or
|
|
:ref:`direct assignment<direct-assignment>` ran multiple data modifying
|
|
queries without wrapping them in transactions. To reduce the risk of data
|
|
corruption, all data modifying methods that affect multiple related objects
|
|
(i.e. ``add()``, ``remove()``, ``clear()``, and :ref:`direct assignment
|
|
<direct-assignment>`) now perform their data modifying queries from within a
|
|
transaction, provided your database supports transactions.
|
|
|
|
This has one backwards incompatible side effect, signal handlers triggered from
|
|
these methods are now executed within the method's transaction and any
|
|
exception in a signal handler will prevent the whole operation.
|
|
|
|
Unassigning unsaved objects to relations raises an error
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Assigning unsaved objects to a :class:`~django.db.models.ForeignKey`,
|
|
:class:`~django.contrib.contenttypes.fields.GenericForeignKey`, and
|
|
:class:`~django.db.models.OneToOneField` now raises a :exc:`ValueError`.
|
|
|
|
Previously, the assignment of an unsaved object would be silently ignored.
|
|
For example::
|
|
|
|
>>> book = Book.objects.create(name="Django")
|
|
>>> book.author = Author(name="John")
|
|
>>> book.author.save()
|
|
>>> book.save()
|
|
|
|
>>> Book.objects.get(name="Django")
|
|
>>> book.author
|
|
>>>
|
|
|
|
Now, an error will be raised to prevent data loss::
|
|
|
|
>>> book.author = Author(name="john")
|
|
Traceback (most recent call last):
|
|
...
|
|
ValueError: Cannot assign "<Author: John>": "Author" instance isn't saved in the database.
|
|
|
|
Miscellaneous
|
|
~~~~~~~~~~~~~
|
|
|
|
* ``connections.queries`` is now a read-only attribute.
|
|
|
|
* Database connections are considered equal only if they're the same object.
|
|
They aren't hashable any more.
|
|
|
|
* :class:`~django.middleware.gzip.GZipMiddleware` used to disable compression
|
|
for some content types when the request is from Internet Explorer, in order
|
|
to work around a bug in IE6 and earlier. This behavior could affect
|
|
performance on IE7 and later. It was removed.
|
|
|
|
* ``URLField.to_python`` no longer adds a trailing slash to pathless URLs.
|
|
|
|
* ``django.contrib.gis`` dropped support for GEOS 3.1 and GDAL 1.6.
|
|
|
|
* The :tfilter:`length` template filter now returns ``0`` for an undefined
|
|
variable, rather than an empty string.
|
|
|
|
* Support for SpatiaLite < 2.4 has been dropped.
|
|
|
|
.. _deprecated-features-1.8:
|
|
|
|
Features deprecated in 1.8
|
|
==========================
|
|
|
|
Loading ``cycle`` and ``firstof`` template tags from ``future`` library
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Django 1.6 introduced ``{% load cycle from future %}`` and
|
|
``{% load firstof from future %}`` syntax for forward compatibility of the
|
|
:ttag:`cycle` and :ttag:`firstof` template tags. This syntax is now deprecated
|
|
and will be removed in Django 2.0. You can simply remove the
|
|
``{% load ... from future %}`` tags.
|
|
|
|
``django.conf.urls.patterns()``
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
In the olden days of Django, it was encouraged to reference views as strings
|
|
in ``urlpatterns``::
|
|
|
|
urlpatterns = patterns('',
|
|
url('^$', 'myapp.views.myview'),
|
|
)
|
|
|
|
and Django would magically import ``myapp.views.myview`` internally and turn
|
|
the string into a real function reference. In order to reduce repetition when
|
|
referencing many views from the same module, the ``patterns()`` function takes
|
|
a required initial ``prefix`` argument which is prepended to all
|
|
views-as-strings in that set of ``urlpatterns``::
|
|
|
|
urlpatterns = patterns('myapp.views',
|
|
url('^$', 'myview'),
|
|
url('^other/$', 'otherview'),
|
|
)
|
|
|
|
In the modern era, we have updated the tutorial to instead recommend importing
|
|
your views module and referencing your view functions (or classes) directly.
|
|
This has a number of advantages, all deriving from the fact that we are using
|
|
normal Python in place of "Django String Magic": the errors when you mistype a
|
|
view name are less obscure, IDEs can help with autocompletion of view names,
|
|
etc.
|
|
|
|
So these days, the above use of the ``prefix`` arg is much more likely to be
|
|
written (and is better written) as::
|
|
|
|
from myapp import views
|
|
|
|
urlpatterns = patterns('',
|
|
url('^$', views.myview),
|
|
url('^other/$', views.otherview),
|
|
)
|
|
|
|
Thus ``patterns()`` serves little purpose and is a burden when teaching new users
|
|
(answering the newbie's question "why do I need this empty string as the first
|
|
argument to ``patterns()``?"). For these reasons, we are deprecating it.
|
|
Updating your code is as simple as ensuring that ``urlpatterns`` is a list of
|
|
:func:`django.conf.urls.url` instances. For example::
|
|
|
|
from django.conf.urls import url
|
|
from myapp import views
|
|
|
|
urlpatterns = [
|
|
url('^$', views.myview),
|
|
url('^other/$', views.otherview),
|
|
]
|
|
|
|
``django.test.SimpleTestCase.urls``
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
The attribute :attr:`SimpleTestCase.urls <django.test.SimpleTestCase.urls>`
|
|
for specifying URLconf configuration in tests has been deprecated and will be
|
|
removed in Django 2.0. Use :func:`@override_settings(ROOT_URLCONF=...)
|
|
<django.test.override_settings>` instead.
|
|
|
|
``prefix`` argument to :func:`~django.conf.urls.i18n.i18n_patterns`
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Related to the previous item, the ``prefix`` argument to
|
|
:func:`django.conf.urls.i18n.i18n_patterns` has been deprecated. Simply pass a
|
|
list of :func:`django.conf.urls.url` instances instead.
|
|
|
|
Using an incorrect count of unpacked values in the :ttag:`for` template tag
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Using an incorrect count of unpacked values in :ttag:`for` tag will raise an
|
|
exception rather than fail silently in Django 2.0.
|
|
|
|
Passing a dotted path to :func:`~django.core.urlresolvers.reverse()` and :ttag:`url`
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Reversing URLs by Python path is an expensive operation as it causes the
|
|
path being reversed to be imported. This behavior has also resulted in a
|
|
`security issue`_. Use :ref:`named URL patterns <naming-url-patterns>`
|
|
for reversing instead.
|
|
|
|
If you are using :mod:`django.contrib.sitemaps`, add the ``name`` argument to
|
|
the ``url`` that references :func:`django.contrib.sitemaps.views.sitemap`::
|
|
|
|
url(r'^sitemap\.xml$', 'django.contrib.sitemaps.views.sitemap',
|
|
{'sitemaps': sitemaps}, name='django.contrib.sitemaps.views.sitemap')
|
|
|
|
to ensure compatibility when reversing by Python path is removed in Django 2.0.
|
|
|
|
Similarly for GIS sitemaps, add ``name='django.contrib.gis.sitemaps.views.kml'``
|
|
or ``name='django.contrib.gis.sitemaps.views.kmz'``.
|
|
|
|
.. _security issue: https://www.djangoproject.com/weblog/2014/apr/21/security/#s-issue-unexpected-code-execution-using-reverse
|