Mariusz Felisiak 41b43c74bd Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB. ...

Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f.

2025-10-01 08:11:45 -04:00

..

__init__.py

Merged regressiontests and modeltests into the test root.

2013-02-26 14:36:57 +01:00

models.py

Applied Black's 2024 stable style.

2024-01-26 12:45:07 +01:00

test_bulk_update.py

Refs #36419 -- Fixed BulkUpdateTests.test_json_field_sql_null() crash on Oracle.

2025-06-10 08:40:47 +02:00

test_contains.py

Refs #33476 -- Reformatted code with Black.

2022-02-07 20:37:05 +01:00

test_db_returning.py

Refs #27222 -- Restored Model.save()'s refreshing of db_returning fields even if a value is set.

2025-09-17 07:50:08 -04:00

test_explain.py

Fixed #35856 -- Added QuerySet.explain() support for MEMORY/SERIALIZE option on PostgreSQL 17+.

2024-10-30 15:54:48 +01:00

test_iterator.py

Refs #33476 -- Reformatted code with Black.

2022-02-07 20:37:05 +01:00

test_q.py

Fixed #34871, #36518 -- Implemented unresolved lookups expression replacement.

2025-08-04 09:22:53 +02:00

test_qs_combinators.py

Fixed #36388 -- Made QuerySet.union() return self when called with no arguments.

2025-05-19 10:34:14 +02:00

test_query.py

Refs #33308 -- Avoided passing None to RawSQL's params.

2022-12-02 10:56:09 +01:00

test_sqlcompiler.py

Refs #33476 -- Reformatted code with Black.

2022-02-07 20:37:05 +01:00

tests.py

Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB.

2025-10-01 08:11:45 -04:00