Corrections and improvements to the 1.4 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17252 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
a0721a3017
commit
a976159db0
|
@ -50,7 +50,7 @@ What's new in Django 1.4
|
||||||
Support for in-browser testing frameworks
|
Support for in-browser testing frameworks
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.4 now supports the integration with in-browser testing frameworks such
|
Django 1.4 now supports integration with in-browser testing frameworks such
|
||||||
as Selenium_ or Windmill_ thanks to the :class:`django.test.LiveServerTestCase`
|
as Selenium_ or Windmill_ thanks to the :class:`django.test.LiveServerTestCase`
|
||||||
base class, allowing you to test the interactions between your site's front and
|
base class, allowing you to test the interactions between your site's front and
|
||||||
back ends more comprehensively. See the
|
back ends more comprehensively. See the
|
||||||
|
@ -90,56 +90,55 @@ Similar to :meth:`~django.db.models.query.QuerySet.select_related` but with a
|
||||||
different strategy and broader scope,
|
different strategy and broader scope,
|
||||||
:meth:`~django.db.models.query.QuerySet.prefetch_related` has been added to
|
:meth:`~django.db.models.query.QuerySet.prefetch_related` has been added to
|
||||||
:class:`~django.db.models.query.QuerySet`. This method returns a new
|
:class:`~django.db.models.query.QuerySet`. This method returns a new
|
||||||
``QuerySet`` that will prefetch in a single batch each of the specified related
|
``QuerySet`` that will prefetch each of the specified related lookups in a
|
||||||
lookups as soon as it begins to be evaluated. Unlike ``select_related``, it does
|
single batch as soon as the query begins to be evaluated. Unlike
|
||||||
the joins in Python, not in the database, and supports many-to-many
|
``select_related``, it does the joins in Python, not in the database, and
|
||||||
relationships, :class:`~django.contrib.contenttypes.generic.GenericForeignKey`
|
supports many-to-many relationships,
|
||||||
and more. This enables you to fix many instances of a very common performance
|
:class:`~django.contrib.contenttypes.generic.GenericForeignKey` and more. This
|
||||||
problem, in which your code ends up doing O(n) database queries (or worse) if
|
allows you to fix a very common performance problem in which your code ends up
|
||||||
objects on your primary ``QuerySet`` each have many related objects that you
|
doing O(n) database queries (or worse) if objects on your primary ``QuerySet``
|
||||||
also need.
|
each have many related objects that you also need.
|
||||||
|
|
||||||
HTML5
|
HTML5 Doctype
|
||||||
~~~~~
|
~~~~~~~~~~~~~
|
||||||
|
|
||||||
We've switched the admin and other bundled templates to use the HTML5
|
We've switched the admin and other bundled templates to use the HTML5
|
||||||
doctype. While Django will be careful in its use of HTML5 features, to maintain
|
doctype. While Django will be careful to maintain compatibility with older
|
||||||
compatibility with older browsers, this change means that you can use any HTML5
|
browsers, this change means that you can use any HTML5 features you need in
|
||||||
features you need in admin pages without having to lose HTML validity or
|
admin pages without having to lose HTML validity or override the provided
|
||||||
override the provided templates to change the doctype.
|
templates to change the doctype.
|
||||||
|
|
||||||
List filters in admin interface
|
List filters in admin interface
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Prior to Django 1.4, the Django admin app allowed specifying change list
|
Prior to Django 1.4, the :mod:`~django.contrib.admin` app allowed you to specify
|
||||||
filters by specifying a field lookup (including spanning relations), and
|
change list filters by specifying a field lookup, but didn't allow you to create
|
||||||
not custom filters. This has been rectified with a simple API previously
|
custom filters. This has been rectified with a simple API (previously used
|
||||||
known as "FilterSpec" which was used internally. For more details, see the
|
internally and known as "FilterSpec"). For more details, see the documentation
|
||||||
documentation for :attr:`~django.contrib.admin.ModelAdmin.list_filter`.
|
for :attr:`~django.contrib.admin.ModelAdmin.list_filter`.
|
||||||
|
|
||||||
Multiple sort in admin interface
|
Multiple sort in admin interface
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The admin change list now supports sorting on multiple columns. It respects
|
The admin change list now supports sorting on multiple columns. It respects all
|
||||||
all elements of the :attr:`~django.contrib.admin.ModelAdmin.ordering`
|
elements of the :attr:`~django.contrib.admin.ModelAdmin.ordering` attribute, and
|
||||||
attribute, and sorting on multiple columns by clicking on headers is designed
|
sorting on multiple columns by clicking on headers is designed to mimic the
|
||||||
to work similarly to how desktop GUIs do it. The new hook
|
behavior of desktop GUIs. The
|
||||||
:meth:`~django.contrib.admin.ModelAdmin.get_ordering` for specifying the
|
:meth:`~django.contrib.admin.ModelAdmin.get_ordering` method for specifying the
|
||||||
ordering dynamically (e.g. depending on the request) has also been added.
|
ordering dynamically (e.g. depending on the request) has also been added.
|
||||||
|
|
||||||
New ``ModelAdmin`` methods
|
New ``ModelAdmin`` methods
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
A new :meth:`~django.contrib.admin.ModelAdmin.save_related` method was added to
|
A new :meth:`~django.contrib.admin.ModelAdmin.save_related` method was added to
|
||||||
:mod:`~django.contrib.admin.ModelAdmin` to ease the customization of how
|
:mod:`~django.contrib.admin.ModelAdmin` to ease customization of how
|
||||||
related objects are saved in the admin.
|
related objects are saved in the admin.
|
||||||
|
|
||||||
Two other new methods,
|
Two other new methods,
|
||||||
:meth:`~django.contrib.admin.ModelAdmin.get_list_display` and
|
:meth:`~django.contrib.admin.ModelAdmin.get_list_display` and
|
||||||
:meth:`~django.contrib.admin.ModelAdmin.get_list_display_links`
|
:meth:`~django.contrib.admin.ModelAdmin.get_list_display_links`
|
||||||
were added to :class:`~django.contrib.admin.ModelAdmin` to enable the dynamic
|
were added to :class:`~django.contrib.admin.ModelAdmin` to enable the dynamic
|
||||||
customization of fields and links to display on the admin
|
customization of fields and links displayed on the admin change list.
|
||||||
change list.
|
|
||||||
|
|
||||||
Admin inlines respect user permissions
|
Admin inlines respect user permissions
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -157,30 +156,31 @@ Django 1.4 adds both a low-level API for signing values and a high-level API
|
||||||
for setting and reading signed cookies, one of the most common uses of
|
for setting and reading signed cookies, one of the most common uses of
|
||||||
signing in Web applications.
|
signing in Web applications.
|
||||||
|
|
||||||
See :doc:`cryptographic signing </topics/signing>` docs for more information.
|
See the :doc:`cryptographic signing </topics/signing>` docs for more
|
||||||
|
information.
|
||||||
|
|
||||||
Cookie-based session backend
|
Cookie-based session backend
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.4 introduces a new cookie based backend for the session framework
|
Django 1.4 introduces a new cookie-based backend for the session framework
|
||||||
which uses the tools for :doc:`cryptographic signing </topics/signing>` to
|
which uses the tools for :doc:`cryptographic signing </topics/signing>` to
|
||||||
store the session data in the client's browser.
|
store the session data in the client's browser.
|
||||||
|
|
||||||
See the :ref:`cookie-based backend <cookie-session-backend>` docs for
|
See the :ref:`cookie-based session backend <cookie-session-backend>` docs for
|
||||||
more information.
|
more information.
|
||||||
|
|
||||||
New form wizard
|
New form wizard
|
||||||
~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The previously shipped ``FormWizard`` of the formtools contrib app has been
|
The previous ``FormWizard`` from the formtools contrib app has been
|
||||||
replaced with a new implementation that is based on the class based views
|
replaced with a new implementation based on the class-based views
|
||||||
introduced in Django 1.3. It features a pluggable storage API and doesn't
|
introduced in Django 1.3. It features a pluggable storage API and doesn't
|
||||||
require the wizard to pass around hidden fields for every previous step.
|
require the wizard to pass around hidden fields for every previous step.
|
||||||
|
|
||||||
Django 1.4 ships with a session based storage backend and a cookie based
|
Django 1.4 ships with a session-based storage backend and a cookie-based
|
||||||
storage backend. The latter uses the tools for
|
storage backend. The latter uses the tools for
|
||||||
:doc:`cryptographic signing </topics/signing>` also introduced in
|
:doc:`cryptographic signing </topics/signing>` also introduced in
|
||||||
Django 1.4 to store the wizard state in the user's cookies.
|
Django 1.4 to store the wizard's state in the user's cookies.
|
||||||
|
|
||||||
See the :doc:`form wizard </ref/contrib/formtools/form-wizard>` docs for
|
See the :doc:`form wizard </ref/contrib/formtools/form-wizard>` docs for
|
||||||
more information.
|
more information.
|
||||||
|
@ -195,7 +195,7 @@ Translating URL patterns
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.4 gained the ability to look for a language prefix in the URL pattern
|
Django 1.4 gained the ability to look for a language prefix in the URL pattern
|
||||||
when using the new :func:`django.conf.urls.i18n.i18n_patterns` helper function.
|
when using the new :func:`~django.conf.urls.i18n.i18n_patterns` helper function.
|
||||||
Additionally, it's now possible to define translatable URL patterns using
|
Additionally, it's now possible to define translatable URL patterns using
|
||||||
:func:`~django.utils.translation.ugettext_lazy`. See
|
:func:`~django.utils.translation.ugettext_lazy`. See
|
||||||
:ref:`url-internationalization` for more information about the language prefix
|
:ref:`url-internationalization` for more information about the language prefix
|
||||||
|
@ -204,34 +204,35 @@ and how to internationalize URL patterns.
|
||||||
Contextual translation support for ``{% trans %}`` and ``{% blocktrans %}``
|
Contextual translation support for ``{% trans %}`` and ``{% blocktrans %}``
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.3 introduced :ref:`contextual translation<contextual-markers>` support
|
The :ref:`contextual translation<contextual-markers>` support introduced in
|
||||||
in Python files via the ``pgettext`` function. This is now also supported by
|
Django 1.3 via the ``pgettext`` function has been extended to the
|
||||||
the :ttag:`trans` and :ttag:`blocktrans` template tags using the new
|
:ttag:`trans` and :ttag:`blocktrans` template tags using the new ``context``
|
||||||
``context`` keyword.
|
keyword.
|
||||||
|
|
||||||
Customizable ``SingleObjectMixin`` URLConf kwargs
|
Customizable ``SingleObjectMixin`` URLConf kwargs
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Two new attributes,
|
Two new attributes,
|
||||||
:attr:`pk_url_kwarg<django.views.generic.detail.SingleObjectMixin.pk_url_kwarg>` and
|
:attr:`pk_url_kwarg<django.views.generic.detail.SingleObjectMixin.pk_url_kwarg>`
|
||||||
|
and
|
||||||
:attr:`slug_url_kwarg<django.views.generic.detail.SingleObjectMixin.slug_url_kwarg>`,
|
:attr:`slug_url_kwarg<django.views.generic.detail.SingleObjectMixin.slug_url_kwarg>`,
|
||||||
have been added to :class:`django.views.generic.detail.SingleObjectMixin` to
|
have been added to :class:`~django.views.generic.detail.SingleObjectMixin` to
|
||||||
enable the customization of URLConf keyword arguments used for single
|
enable the customization of URLConf keyword arguments used for single
|
||||||
object generic views.
|
object generic views.
|
||||||
|
|
||||||
Assignment template tags
|
Assignment template tags
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
A new helper function,
|
A new :ref:`assignment_tag<howto-custom-template-tags-assignment-tags>` helper
|
||||||
:ref:`assignment_tag<howto-custom-template-tags-assignment-tags>`, was added to
|
function was added to ``template.Library`` to ease the creation of template
|
||||||
``template.Library`` to ease the creation of template tags that store some
|
tags that store data in a specified context variable.
|
||||||
data in a specified context variable.
|
|
||||||
|
|
||||||
``*args`` and ``**kwargs`` support for template tag helper functions
|
``*args`` and ``**kwargs`` support for template tag helper functions
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
:ref:`simple_tag<howto-custom-template-tags-simple-tags>`, :ref:`inclusion_tag
|
The :ref:`simple_tag<howto-custom-template-tags-simple-tags>`,
|
||||||
<howto-custom-template-tags-inclusion-tags>` and the newly introduced
|
:ref:`inclusion_tag <howto-custom-template-tags-inclusion-tags>` and
|
||||||
|
newly introduced
|
||||||
:ref:`assignment_tag<howto-custom-template-tags-assignment-tags>` template
|
:ref:`assignment_tag<howto-custom-template-tags-assignment-tags>` template
|
||||||
helper functions may now accept any number of positional or keyword arguments.
|
helper functions may now accept any number of positional or keyword arguments.
|
||||||
For example:
|
For example:
|
||||||
|
@ -272,25 +273,25 @@ exceptions from template rendering is now consistent regardless of the value of
|
||||||
|
|
||||||
Added a filter which truncates a string to be no longer than the specified
|
Added a filter which truncates a string to be no longer than the specified
|
||||||
number of characters. Truncated strings end with a translatable ellipsis
|
number of characters. Truncated strings end with a translatable ellipsis
|
||||||
sequence ("..."). See the :tfilter:`truncatechars docs <truncatechars>` for
|
sequence ("..."). See the documentation for :tfilter:`truncatechars` for
|
||||||
more details.
|
more details.
|
||||||
|
|
||||||
``static`` template tag
|
``static`` template tag
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The :mod:`staticfiles<django.contrib.staticfiles>` contrib app has now a new
|
The :mod:`staticfiles<django.contrib.staticfiles>` contrib app has a new
|
||||||
:ttag:`static template tag<staticfiles-static>` to refer to files saved with
|
:ttag:`static<staticfiles-static>` template tag to refer to files saved with
|
||||||
the :setting:`STATICFILES_STORAGE` storage backend. It'll use the storage
|
the :setting:`STATICFILES_STORAGE` storage backend. It uses the storage
|
||||||
``url`` method and therefore supports advanced features such as
|
backend's ``url`` method and therefore supports advanced features such as
|
||||||
:ref:`serving files from a cloud service<staticfiles-from-cdn>`.
|
:ref:`serving files from a cloud service<staticfiles-from-cdn>`.
|
||||||
|
|
||||||
``CachedStaticFilesStorage`` storage backend
|
``CachedStaticFilesStorage`` storage backend
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Additional to the `static template tag`_ the
|
In addition to the `static template tag`_, the
|
||||||
:mod:`staticfiles<django.contrib.staticfiles>` contrib app now has a
|
:mod:`staticfiles<django.contrib.staticfiles>` contrib app now has a
|
||||||
:class:`~django.contrib.staticfiles.storage.CachedStaticFilesStorage` which
|
:class:`~django.contrib.staticfiles.storage.CachedStaticFilesStorage` backend
|
||||||
caches the files it saves (when running the :djadmin:`collectstatic`
|
which caches the files it saves (when running the :djadmin:`collectstatic`
|
||||||
management command) by appending the MD5 hash of the file's content to the
|
management command) by appending the MD5 hash of the file's content to the
|
||||||
filename. For example, the file ``css/styles.css`` would also be saved as
|
filename. For example, the file ``css/styles.css`` would also be saved as
|
||||||
``css/styles.55e7cbb9ba48.css``
|
``css/styles.55e7cbb9ba48.css``
|
||||||
|
@ -302,7 +303,7 @@ Simple clickjacking protection
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
We've added a middleware to provide easy protection against `clickjacking
|
We've added a middleware to provide easy protection against `clickjacking
|
||||||
<http://en.wikipedia.org/wiki/Clickjacking>`_ using the X-Frame-Options
|
<http://en.wikipedia.org/wiki/Clickjacking>`_ using the ``X-Frame-Options``
|
||||||
header. It's not enabled by default for backwards compatibility reasons, but
|
header. It's not enabled by default for backwards compatibility reasons, but
|
||||||
you'll almost certainly want to :doc:`enable it </ref/clickjacking/>` to help
|
you'll almost certainly want to :doc:`enable it </ref/clickjacking/>` to help
|
||||||
plug that security hole for browsers that support the header.
|
plug that security hole for browsers that support the header.
|
||||||
|
@ -312,28 +313,27 @@ CSRF improvements
|
||||||
|
|
||||||
We've made various improvements to our CSRF features, including the
|
We've made various improvements to our CSRF features, including the
|
||||||
:func:`~django.views.decorators.csrf.ensure_csrf_cookie` decorator which can
|
:func:`~django.views.decorators.csrf.ensure_csrf_cookie` decorator which can
|
||||||
help with AJAX heavy sites, protection for PUT and DELETE, and settings
|
help with AJAX heavy sites, protection for PUT and DELETE requests, and the
|
||||||
:setting:`CSRF_COOKIE_SECURE` and :setting:`CSRF_COOKIE_PATH` which can improve
|
:setting:`CSRF_COOKIE_SECURE` and :setting:`CSRF_COOKIE_PATH` settings which can
|
||||||
the security and usefulness of the CSRF protection. See the :doc:`CSRF docs
|
improve the security and usefulness of the CSRF protection. See the :doc:`CSRF
|
||||||
</ref/contrib/csrf>` for more information.
|
docs </ref/contrib/csrf>` for more information.
|
||||||
|
|
||||||
Error report filtering
|
Error report filtering
|
||||||
~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Two new function decorators, :func:`sensitive_variables` and
|
Two new function decorators, :func:`sensitive_variables` and
|
||||||
:func:`sensitive_post_parameters`, were added to allow designating the
|
:func:`sensitive_post_parameters`, were added to allow designating the
|
||||||
traceback frames' local variables and request's POST parameters susceptible
|
local variables and POST parameters which may contain sensitive
|
||||||
to contain sensitive information and that should be filtered out of error
|
information and should be filtered out of error reports.
|
||||||
reports.
|
|
||||||
|
|
||||||
All POST parameters are now systematically filtered out of error reports for
|
All POST parameters are now systematically filtered out of error reports for
|
||||||
certain :mod:`contrib.views.auth` views (``login``, ``password_reset_confirm``,
|
certain views (``login``, ``password_reset_confirm``, ``password_change``, and
|
||||||
``password_change``, and ``add_view`` and ``user_change_password`` in the
|
``add_view`` in :mod:`django.contrib.auth.views`, as well as
|
||||||
``auth`` admin) to prevent the leaking of sensitive information such as user
|
``user_change_password`` in the admin app) to prevent the leaking of sensitive
|
||||||
passwords.
|
information such as user passwords.
|
||||||
|
|
||||||
You may override or customize the default filtering by writing a
|
You may override or customize the default filtering by writing a :ref:`custom
|
||||||
:ref:`custom filter<custom-error-reports>`. Learn more on
|
filter<custom-error-reports>`. For more information see the docs on
|
||||||
:ref:`Filtering error reports<filtering-error-reports>`.
|
:ref:`Filtering error reports<filtering-error-reports>`.
|
||||||
|
|
||||||
Extended IPv6 support
|
Extended IPv6 support
|
||||||
|
@ -355,7 +355,7 @@ the previous ``manage.py`` handling of Python import paths that caused double
|
||||||
imports, trouble moving from development to deployment, and other
|
imports, trouble moving from development to deployment, and other
|
||||||
difficult-to-debug path issues.
|
difficult-to-debug path issues.
|
||||||
|
|
||||||
The previous ``manage.py`` calls functions that are now deprecated, and thus
|
The previous ``manage.py`` called functions that are now deprecated, and thus
|
||||||
projects upgrading to Django 1.4 should update their ``manage.py``. (The
|
projects upgrading to Django 1.4 should update their ``manage.py``. (The
|
||||||
old-style ``manage.py`` will continue to work as before until Django 1.6; in
|
old-style ``manage.py`` will continue to work as before until Django 1.6; in
|
||||||
1.5 it will raise ``DeprecationWarning``).
|
1.5 it will raise ``DeprecationWarning``).
|
||||||
|
@ -375,8 +375,8 @@ The new recommended ``manage.py`` file should look like this::
|
||||||
``{{ project_name }}`` should be replaced with the Python package name of the
|
``{{ project_name }}`` should be replaced with the Python package name of the
|
||||||
actual project.
|
actual project.
|
||||||
|
|
||||||
If settings, URLconf, and apps within the project are imported or referenced
|
If settings, URLconfs, and apps within the project are imported or referenced
|
||||||
using the project-name prefix (e.g. ``myproject.settings``, ``ROOT_URLCONF =
|
using the project name prefix (e.g. ``myproject.settings``, ``ROOT_URLCONF =
|
||||||
"myproject.urls"``, etc), the new ``manage.py`` will need to be moved one
|
"myproject.urls"``, etc), the new ``manage.py`` will need to be moved one
|
||||||
directory up, so it is outside the project package rather than adjacent to
|
directory up, so it is outside the project package rather than adjacent to
|
||||||
``settings.py`` and ``urls.py``.
|
``settings.py`` and ``urls.py``.
|
||||||
|
@ -433,8 +433,8 @@ Custom project and app templates
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The :djadmin:`startapp` and :djadmin:`startproject` management commands
|
The :djadmin:`startapp` and :djadmin:`startproject` management commands
|
||||||
got a ``--template`` option for specifying paths or URL to custom app or
|
got a ``--template`` option for specifying a path or URL to a custom app or
|
||||||
project templates.
|
project template.
|
||||||
|
|
||||||
For example, Django will use the ``/path/to/my_project_template``
|
For example, Django will use the ``/path/to/my_project_template``
|
||||||
directorywhen running the following command::
|
directorywhen running the following command::
|
||||||
|
@ -466,7 +466,7 @@ Reasons for using this feature include:
|
||||||
timestamps with time zone information in Django 1.3.)
|
timestamps with time zone information in Django 1.3.)
|
||||||
- Avoiding data corruption problems around DST transitions.
|
- Avoiding data corruption problems around DST transitions.
|
||||||
|
|
||||||
Time zone support in enabled by default in new projects created with
|
Time zone support is enabled by default in new projects created with
|
||||||
:djadmin:`startproject`. If you want to use this feature in an existing
|
:djadmin:`startproject`. If you want to use this feature in an existing
|
||||||
project, there is a :ref:`migration guide <time-zones-migration-guide>`.
|
project, there is a :ref:`migration guide <time-zones-migration-guide>`.
|
||||||
|
|
||||||
|
@ -487,7 +487,7 @@ Django 1.4 also includes several smaller improvements worth noting:
|
||||||
* In the documentation, a helpful :doc:`security overview </topics/security>`
|
* In the documentation, a helpful :doc:`security overview </topics/security>`
|
||||||
page.
|
page.
|
||||||
|
|
||||||
* Function :func:`django.contrib.auth.models.check_password` has been moved
|
* The :func:`django.contrib.auth.models.check_password` function has been moved
|
||||||
to the :mod:`django.contrib.auth.utils` module. Importing it from the old
|
to the :mod:`django.contrib.auth.utils` module. Importing it from the old
|
||||||
location will still work, but you should update your imports.
|
location will still work, but you should update your imports.
|
||||||
|
|
||||||
|
@ -528,12 +528,13 @@ Django 1.4 also includes several smaller improvements worth noting:
|
||||||
``pickle.HIGHEST_PROTOCOL`` for better compatibility with the other
|
``pickle.HIGHEST_PROTOCOL`` for better compatibility with the other
|
||||||
cache backends.
|
cache backends.
|
||||||
|
|
||||||
* Support in the ORM for generating ``SELECT`` queries containing ``DISTINCT ON``
|
* Added support in the ORM for generating ``SELECT`` queries containing
|
||||||
|
``DISTINCT ON``.
|
||||||
|
|
||||||
The ``distinct()`` ``Queryset`` method now accepts an optional list of model
|
The ``distinct()`` ``Queryset`` method now accepts an optional list of model
|
||||||
field names. If specified, then the ``DISTINCT`` statement is limited to these
|
field names. If specified, then the ``DISTINCT`` statement is limited to these
|
||||||
fields. The PostgreSQL is the only of the database backends shipped with
|
fields. PostgreSQL is the only database backend shipped with Django that
|
||||||
Django that supports this new functionality.
|
supports this new functionality.
|
||||||
|
|
||||||
For more details, see the documentation for
|
For more details, see the documentation for
|
||||||
:meth:`~django.db.models.query.QuerySet.distinct`.
|
:meth:`~django.db.models.query.QuerySet.distinct`.
|
||||||
|
@ -550,9 +551,9 @@ stylesheets. Django 1.3 added a new contrib app ``django.contrib.staticfiles``
|
||||||
to handle such files in a generic way and defined conventions for static
|
to handle such files in a generic way and defined conventions for static
|
||||||
files included in apps.
|
files included in apps.
|
||||||
|
|
||||||
Starting in Django 1.4 the admin's static files are now also following this
|
Starting in Django 1.4 the admin's static files also follow this
|
||||||
convention to make it easier to deploy the included files. In previous
|
convention to make it easier to deploy the included files. In previous
|
||||||
versions of Django, it was also common to define a ``ADMIN_MEDIA_PREFIX``
|
versions of Django, it was also common to define an ``ADMIN_MEDIA_PREFIX``
|
||||||
setting to point to the URL where the admin's static files are served by a
|
setting to point to the URL where the admin's static files are served by a
|
||||||
web server. This setting has now been deprecated and replaced by the more
|
web server. This setting has now been deprecated and replaced by the more
|
||||||
general setting :setting:`STATIC_URL`. Django will now expect to find the
|
general setting :setting:`STATIC_URL`. Django will now expect to find the
|
||||||
|
@ -565,7 +566,7 @@ server continues to serve the admin files just like before. Don't hesitate to
|
||||||
consult the :doc:`static files howto </howto/static-files>` for further
|
consult the :doc:`static files howto </howto/static-files>` for further
|
||||||
details.
|
details.
|
||||||
|
|
||||||
In case your ``ADMIN_MEDIA_PREFIX`` is set to an own domain (e.g.
|
In case your ``ADMIN_MEDIA_PREFIX`` is set to an specific domain (e.g.
|
||||||
``http://media.example.com/admin/``) make sure to also set your
|
``http://media.example.com/admin/``) make sure to also set your
|
||||||
:setting:`STATIC_URL` setting to the correct URL, for example
|
:setting:`STATIC_URL` setting to the correct URL, for example
|
||||||
``http://media.example.com/``.
|
``http://media.example.com/``.
|
||||||
|
@ -601,13 +602,16 @@ As part of an effort to improve the performance and usability of the admin's
|
||||||
changelist sorting interface and of the admin's :attr:`horizontal
|
changelist sorting interface and of the admin's :attr:`horizontal
|
||||||
<django.contrib.admin.ModelAdmin.filter_horizontal>` and :attr:`vertical
|
<django.contrib.admin.ModelAdmin.filter_horizontal>` and :attr:`vertical
|
||||||
<django.contrib.admin.ModelAdmin.filter_vertical>` "filter" widgets, some icon
|
<django.contrib.admin.ModelAdmin.filter_vertical>` "filter" widgets, some icon
|
||||||
files were removed and grouped into two sprite files, respectively:
|
files were removed and grouped into two sprite files.
|
||||||
``selector-add.gif``, ``selector-addall.gif``, ``selector-remove.gif``,
|
|
||||||
``selector-removeall.gif``, ``selector_stacked-add.gif`` and
|
Specifically: ``selector-add.gif``, ``selector-addall.gif``,
|
||||||
``selector_stacked-remove.gif`` into ``selector-icons.gif``; and
|
``selector-remove.gif``, ``selector-removeall.gif``,
|
||||||
``arrow-up.gif`` and ``arrow-down.gif`` into ``sorting-icons.gif``. If you used
|
``selector_stacked-add.gif`` and ``selector_stacked-remove.gif`` were
|
||||||
those icons to customize the admin then you will want to replace them with your
|
combined into ``selector-icons.gif``; and ``arrow-up.gif`` and
|
||||||
own icons or retrieve them from a previous release.
|
``arrow-down.gif`` were combined into ``sorting-icons.gif``.
|
||||||
|
|
||||||
|
If you used those icons to customize the admin then you will want to replace
|
||||||
|
them with your own icons or retrieve them from a previous release.
|
||||||
|
|
||||||
CSS class names in admin forms
|
CSS class names in admin forms
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -628,39 +632,39 @@ produced by the previous methods, these fallbacks are removed in Django 1.4.
|
||||||
|
|
||||||
So, if you upgrade to Django 1.4 directly from 1.2 or earlier, you may
|
So, if you upgrade to Django 1.4 directly from 1.2 or earlier, you may
|
||||||
lose/invalidate certain pieces of data that have been cryptographically signed
|
lose/invalidate certain pieces of data that have been cryptographically signed
|
||||||
using an old method. To avoid this, use Django 1.3 first, for a period of time,
|
using an old method. To avoid this, use Django 1.3 first for a period of time
|
||||||
to allow the signed data to expire naturally. The affected parts are detailed
|
to allow the signed data to expire naturally. The affected parts are detailed
|
||||||
below, with 1) the consequences of ignoring this advice and 2) the amount of
|
below, with 1) the consequences of ignoring this advice and 2) the amount of
|
||||||
time you need to run Django 1.3 for the data to expire or become irrelevant.
|
time you need to run Django 1.3 for the data to expire or become irrelevant.
|
||||||
|
|
||||||
* contrib.sessions data integrity check
|
* ``contrib.sessions`` data integrity check
|
||||||
|
|
||||||
* consequences: the user will be logged out, and session data will be lost.
|
* consequences: the user will be logged out, and session data will be lost.
|
||||||
|
|
||||||
* time period: defined by SESSION_COOKIE_AGE.
|
* time period: defined by :setting:`SESSION_COOKIE_AGE`.
|
||||||
|
|
||||||
* contrib.auth password reset hash
|
* ``contrib.auth`` password reset hash
|
||||||
|
|
||||||
* consequences: password reset links from before the upgrade will not work.
|
* consequences: password reset links from before the upgrade will not work.
|
||||||
|
|
||||||
* time period: defined by PASSWORD_RESET_TIMEOUT_DAYS.
|
* time period: defined by :setting:`PASSWORD_RESET_TIMEOUT_DAYS`.
|
||||||
|
|
||||||
Form related hashes — these are much shorter lifetime, and are relevant only for
|
Form-related hashes — these are much shorter lifetime, and are relevant only for
|
||||||
the short window where a user might fill in a form generated by the pre-upgrade
|
the short window where a user might fill in a form generated by the pre-upgrade
|
||||||
Django instance, and try to submit it to the upgraded Django instance:
|
Django instance, and try to submit it to the upgraded Django instance:
|
||||||
|
|
||||||
* contrib.comments form security hash
|
* ``contrib.comments`` form security hash
|
||||||
|
|
||||||
* consequences: the user will see a validation error "Security hash failed".
|
* consequences: the user will see a validation error "Security hash failed".
|
||||||
|
|
||||||
* time period: the amount of time you expect users to take filling out comment
|
* time period: the amount of time you expect users to take filling out comment
|
||||||
forms.
|
forms.
|
||||||
|
|
||||||
* FormWizard security hash
|
* ``FormWizard`` security hash
|
||||||
|
|
||||||
* consequences: the user will see an error about the form having expired,
|
* consequences: the user will see an error about the form having expired,
|
||||||
and will be sent back to the first page of the wizard, losing the data
|
and will be sent back to the first page of the wizard, losing the data
|
||||||
they have inputted so far.
|
they have entered so far.
|
||||||
|
|
||||||
* time period: the amount of time you expect users to take filling out the
|
* time period: the amount of time you expect users to take filling out the
|
||||||
affected forms.
|
affected forms.
|
||||||
|
@ -702,9 +706,9 @@ specification, some changes were made to the JSON serializer:
|
||||||
only supports milliseconds (3 digits). However, it's better than discarding
|
only supports milliseconds (3 digits). However, it's better than discarding
|
||||||
microseconds entirely.
|
microseconds entirely.
|
||||||
|
|
||||||
The XML serializer was also changed to use ISO8601 for datetimes. The letter
|
The XML serializer was also changed to use the ISO8601 format for datetimes.
|
||||||
``T`` is used to separate the date part from the time part, instead of a
|
The letter ``T`` is used to separate the date part from the time part, instead
|
||||||
space. Time zone information is included in the ``[+-]HH:MM`` format.
|
of a space. Time zone information is included in the ``[+-]HH:MM`` format.
|
||||||
|
|
||||||
The serializers will dump datetimes in fixtures with these new formats. They
|
The serializers will dump datetimes in fixtures with these new formats. They
|
||||||
can still load fixtures that use the old format.
|
can still load fixtures that use the old format.
|
||||||
|
@ -733,7 +737,7 @@ global, the ``django.db.connections`` dictionary referencing those objects is
|
||||||
still thread-local. Therefore if you just use the ORM or
|
still thread-local. Therefore if you just use the ORM or
|
||||||
``DatabaseWrapper.cursor()`` then the behavior is still the same as before.
|
``DatabaseWrapper.cursor()`` then the behavior is still the same as before.
|
||||||
Note, however, that ``django.db.connection`` does not directly reference the
|
Note, however, that ``django.db.connection`` does not directly reference the
|
||||||
default ``DatabaseWrapper`` object any more and is now a proxy to access that
|
default ``DatabaseWrapper`` object anymore and is now a proxy to access that
|
||||||
object's attributes. If you need to access the actual ``DatabaseWrapper``
|
object's attributes. If you need to access the actual ``DatabaseWrapper``
|
||||||
object, use ``django.db.connections[DEFAULT_DB_ALIAS]`` instead.
|
object, use ``django.db.connections[DEFAULT_DB_ALIAS]`` instead.
|
||||||
|
|
||||||
|
@ -754,7 +758,7 @@ Check their documentation for details.
|
||||||
Django's :doc:`comments app </ref/contrib/comments/index>` has historically
|
Django's :doc:`comments app </ref/contrib/comments/index>` has historically
|
||||||
supported excluding the comments of a special user group, but we've never
|
supported excluding the comments of a special user group, but we've never
|
||||||
documented the feature properly and didn't enforce the exclusion in other parts
|
documented the feature properly and didn't enforce the exclusion in other parts
|
||||||
of the app, e.g., the template tags. To fix this problem, we removed the code
|
of the app such as the template tags. To fix this problem, we removed the code
|
||||||
from the feed class.
|
from the feed class.
|
||||||
|
|
||||||
If you rely on the feature and want to restore the old behavior, simply use
|
If you rely on the feature and want to restore the old behavior, simply use
|
||||||
|
@ -792,10 +796,9 @@ For more details, see the documentation about
|
||||||
`IGNORABLE_404_STARTS` and `IGNORABLE_404_ENDS` settings
|
`IGNORABLE_404_STARTS` and `IGNORABLE_404_ENDS` settings
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django can report 404 errors: see :doc:`/howto/error-reporting`.
|
Until Django 1.3, it was possible to exclude some URLs from Django's
|
||||||
Until Django 1.3, it was possible to exclude some URLs from the reporting
|
:doc:`404 error reporting</howto/error-reporting>` by adding prefixes to
|
||||||
by adding prefixes to :setting:`IGNORABLE_404_STARTS` and suffixes to
|
:setting:`IGNORABLE_404_STARTS` and suffixes to :setting:`IGNORABLE_404_ENDS`.
|
||||||
:setting:`IGNORABLE_404_ENDS`.
|
|
||||||
|
|
||||||
In Django 1.4, these two settings are superseded by
|
In Django 1.4, these two settings are superseded by
|
||||||
:setting:`IGNORABLE_404_URLS`, which is a list of compiled regular expressions.
|
:setting:`IGNORABLE_404_URLS`, which is a list of compiled regular expressions.
|
||||||
|
@ -905,7 +908,7 @@ Support for PostgreSQL versions older than 8.2
|
||||||
Django 1.3 dropped support for PostgreSQL versions older than 8.0 and the
|
Django 1.3 dropped support for PostgreSQL versions older than 8.0 and the
|
||||||
relevant documents suggested to use a recent version because of performance
|
relevant documents suggested to use a recent version because of performance
|
||||||
reasons but more importantly because end of the upstream support periods for
|
reasons but more importantly because end of the upstream support periods for
|
||||||
releases 8.0 and 8.1 was near (November 2010.)
|
releases 8.0 and 8.1 was near (November 2010).
|
||||||
|
|
||||||
Django 1.4 takes that policy further and sets 8.2 as the minimum PostgreSQL
|
Django 1.4 takes that policy further and sets 8.2 as the minimum PostgreSQL
|
||||||
version it officially supports.
|
version it officially supports.
|
||||||
|
@ -918,13 +921,13 @@ admin error email support was moved into the
|
||||||
:class:`django.utils.log.AdminEmailHandler`, attached to the
|
:class:`django.utils.log.AdminEmailHandler`, attached to the
|
||||||
``'django.request'`` logger. In order to maintain the established behavior of
|
``'django.request'`` logger. In order to maintain the established behavior of
|
||||||
error emails, the ``'django.request'`` logger was called only when
|
error emails, the ``'django.request'`` logger was called only when
|
||||||
:setting:`DEBUG` was `False`.
|
:setting:`DEBUG` was ``False``.
|
||||||
|
|
||||||
To increase the flexibility of request-error logging, the ``'django.request'``
|
To increase the flexibility of error logging for requests, the
|
||||||
logger is now called regardless of the value of :setting:`DEBUG`, and the
|
``'django.request'`` logger is now called regardless of the value of
|
||||||
default settings file for new projects now includes a separate filter attached
|
:setting:`DEBUG`, and the default settings file for new projects now includes a
|
||||||
to :class:`django.utils.log.AdminEmailHandler` to prevent admin error emails in
|
separate filter attached to :class:`django.utils.log.AdminEmailHandler` to
|
||||||
`DEBUG` mode::
|
prevent admin error emails in ``DEBUG`` mode::
|
||||||
|
|
||||||
'filters': {
|
'filters': {
|
||||||
'require_debug_false': {
|
'require_debug_false': {
|
||||||
|
@ -963,13 +966,13 @@ Starting with Django 1.4 they are now available in :mod:`django.conf.urls`.
|
||||||
``django.contrib.databrowse``
|
``django.contrib.databrowse``
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Databrowse has not seen active development for some time, and this does not
|
Databrowse has not seen active development for some time, and this does not show
|
||||||
show any sign of changing. There had been a suggestion for a GSOC project to
|
any sign of changing. There had been a suggestion for a `GSOC project`_ to
|
||||||
integrate the functionality of databrowse into the admin, but no progress was
|
integrate the functionality of databrowse into the admin, but no progress was
|
||||||
made. While Databrowse has been deprecated, an enhancement of
|
made. While Databrowse has been deprecated, an enhancement of
|
||||||
django.contrib.admin providing a similar feature set is still possible.
|
``django.contrib.admin`` providing a similar feature set is still possible.
|
||||||
|
|
||||||
.. _GSOC Proposal: https://code.djangoproject.com/wiki/SummerOfCode2011#Integratedatabrowseintotheadmin
|
.. _GSOC project: https://code.djangoproject.com/wiki/SummerOfCode2011#Integratedatabrowseintotheadmin
|
||||||
|
|
||||||
The code that powers Databrowse is licensed under the same terms as Django
|
The code that powers Databrowse is licensed under the same terms as Django
|
||||||
itself, and so is available to be adopted by an individual or group as
|
itself, and so is available to be adopted by an individual or group as
|
||||||
|
@ -983,10 +986,10 @@ This function temporarily modified ``sys.path`` in order to make the parent
|
||||||
layout. This function is now deprecated, as its path workarounds are no longer
|
layout. This function is now deprecated, as its path workarounds are no longer
|
||||||
needed with the new ``manage.py`` and default project layout.
|
needed with the new ``manage.py`` and default project layout.
|
||||||
|
|
||||||
This function was never documented or public API, but was widely recommended
|
This function was never documented or part of the public API, but was widely
|
||||||
for use in setting up a "Django environment" for a user script. These uses
|
recommended for use in setting up a "Django environment" for a user script.
|
||||||
should be replaced by setting the ``DJANGO_SETTINGS_MODULE`` environment
|
These uses should be replaced by setting the ``DJANGO_SETTINGS_MODULE``
|
||||||
variable or using :func:`django.conf.settings.configure`.
|
environment variable or using :func:`django.conf.settings.configure`.
|
||||||
|
|
||||||
``django.core.management.execute_manager``
|
``django.core.management.execute_manager``
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -994,10 +997,10 @@ variable or using :func:`django.conf.settings.configure`.
|
||||||
This function was previously used by ``manage.py`` to execute a management
|
This function was previously used by ``manage.py`` to execute a management
|
||||||
command. It is identical to
|
command. It is identical to
|
||||||
``django.core.management.execute_from_command_line``, except that it first
|
``django.core.management.execute_from_command_line``, except that it first
|
||||||
calls ``setup_environ``, which is now deprecated. ``execute_manager`` is also
|
calls ``setup_environ``, which is now deprecated. As such, ``execute_manager``
|
||||||
deprecated; ``execute_from_command_line`` can be used instead. (Neither of
|
is also deprecated; ``execute_from_command_line`` can be used instead. Neither
|
||||||
these functions is documented public API, but a deprecation path is needed due
|
of these functions is documented as part of the public API, but a deprecation
|
||||||
to use in existing ``manage.py`` files.)
|
path is needed due to use in existing ``manage.py`` files.
|
||||||
|
|
||||||
``is_safe`` and ``needs_autoescape`` attributes of template filters
|
``is_safe`` and ``needs_autoescape`` attributes of template filters
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -1027,7 +1030,7 @@ Session cookies now have the ``httponly`` flag by default
|
||||||
|
|
||||||
Session cookies now include the ``httponly`` attribute by default to
|
Session cookies now include the ``httponly`` attribute by default to
|
||||||
help reduce the impact of potential XSS attacks. For strict backwards
|
help reduce the impact of potential XSS attacks. For strict backwards
|
||||||
compatibility, use ``SESSION_COOKIE_HTTPONLY = False`` in settings.
|
compatibility, use ``SESSION_COOKIE_HTTPONLY = False`` in your settings file.
|
||||||
|
|
||||||
Wildcard expansion of application names in `INSTALLED_APPS`
|
Wildcard expansion of application names in `INSTALLED_APPS`
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
|
@ -41,7 +41,7 @@ What's new in Django 1.4
|
||||||
Support for in-browser testing frameworks
|
Support for in-browser testing frameworks
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.4 now supports the integration with in-browser testing frameworks such
|
Django 1.4 now supports integration with in-browser testing frameworks such
|
||||||
as Selenium_ or Windmill_ thanks to the :class:`django.test.LiveServerTestCase`
|
as Selenium_ or Windmill_ thanks to the :class:`django.test.LiveServerTestCase`
|
||||||
base class, allowing you to test the interactions between your site's front and
|
base class, allowing you to test the interactions between your site's front and
|
||||||
back ends more comprehensively. See the
|
back ends more comprehensively. See the
|
||||||
|
@ -81,56 +81,55 @@ Similar to :meth:`~django.db.models.query.QuerySet.select_related` but with a
|
||||||
different strategy and broader scope,
|
different strategy and broader scope,
|
||||||
:meth:`~django.db.models.query.QuerySet.prefetch_related` has been added to
|
:meth:`~django.db.models.query.QuerySet.prefetch_related` has been added to
|
||||||
:class:`~django.db.models.query.QuerySet`. This method returns a new
|
:class:`~django.db.models.query.QuerySet`. This method returns a new
|
||||||
``QuerySet`` that will prefetch in a single batch each of the specified related
|
``QuerySet`` that will prefetch each of the specified related lookups in a
|
||||||
lookups as soon as it begins to be evaluated. Unlike ``select_related``, it does
|
single batch as soon as the query begins to be evaluated. Unlike
|
||||||
the joins in Python, not in the database, and supports many-to-many
|
``select_related``, it does the joins in Python, not in the database, and
|
||||||
relationships, :class:`~django.contrib.contenttypes.generic.GenericForeignKey`
|
supports many-to-many relationships,
|
||||||
and more. This enables you to fix many instances of a very common performance
|
:class:`~django.contrib.contenttypes.generic.GenericForeignKey` and more. This
|
||||||
problem, in which your code ends up doing O(n) database queries (or worse) if
|
allows you to fix a very common performance problem in which your code ends up
|
||||||
objects on your primary ``QuerySet`` each have many related objects that you
|
doing O(n) database queries (or worse) if objects on your primary ``QuerySet``
|
||||||
also need.
|
each have many related objects that you also need.
|
||||||
|
|
||||||
HTML5
|
HTML5 Doctype
|
||||||
~~~~~
|
~~~~~~~~~~~~~
|
||||||
|
|
||||||
We've switched the admin and other bundled templates to use the HTML5
|
We've switched the admin and other bundled templates to use the HTML5
|
||||||
doctype. While Django will be careful in its use of HTML5 features, to maintain
|
doctype. While Django will be careful to maintain compatibility with older
|
||||||
compatibility with older browsers, this change means that you can use any HTML5
|
browsers, this change means that you can use any HTML5 features you need in
|
||||||
features you need in admin pages without having to lose HTML validity or
|
admin pages without having to lose HTML validity or override the provided
|
||||||
override the provided templates to change the doctype.
|
templates to change the doctype.
|
||||||
|
|
||||||
List filters in admin interface
|
List filters in admin interface
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Prior to Django 1.4, the Django admin app allowed specifying change list
|
Prior to Django 1.4, the :mod:`~django.contrib.admin` app allowed you to specify
|
||||||
filters by specifying a field lookup (including spanning relations), and
|
change list filters by specifying a field lookup, but didn't allow you to create
|
||||||
not custom filters. This has been rectified with a simple API previously
|
custom filters. This has been rectified with a simple API (previously used
|
||||||
known as "FilterSpec" which was used internally. For more details, see the
|
internally and known as "FilterSpec"). For more details, see the documentation
|
||||||
documentation for :attr:`~django.contrib.admin.ModelAdmin.list_filter`.
|
for :attr:`~django.contrib.admin.ModelAdmin.list_filter`.
|
||||||
|
|
||||||
Multiple sort in admin interface
|
Multiple sort in admin interface
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The admin change list now supports sorting on multiple columns. It respects
|
The admin change list now supports sorting on multiple columns. It respects all
|
||||||
all elements of the :attr:`~django.contrib.admin.ModelAdmin.ordering`
|
elements of the :attr:`~django.contrib.admin.ModelAdmin.ordering` attribute, and
|
||||||
attribute, and sorting on multiple columns by clicking on headers is designed
|
sorting on multiple columns by clicking on headers is designed to mimic the
|
||||||
to work similarly to how desktop GUIs do it. The new hook
|
behavior of desktop GUIs. The
|
||||||
:meth:`~django.contrib.admin.ModelAdmin.get_ordering` for specifying the
|
:meth:`~django.contrib.admin.ModelAdmin.get_ordering` method for specifying the
|
||||||
ordering dynamically (e.g. depending on the request) has also been added.
|
ordering dynamically (e.g. depending on the request) has also been added.
|
||||||
|
|
||||||
New ``ModelAdmin`` methods
|
New ``ModelAdmin`` methods
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
A new :meth:`~django.contrib.admin.ModelAdmin.save_related` method was added to
|
A new :meth:`~django.contrib.admin.ModelAdmin.save_related` method was added to
|
||||||
:mod:`~django.contrib.admin.ModelAdmin` to ease the customization of how
|
:mod:`~django.contrib.admin.ModelAdmin` to ease customization of how
|
||||||
related objects are saved in the admin.
|
related objects are saved in the admin.
|
||||||
|
|
||||||
Two other new methods,
|
Two other new methods,
|
||||||
:meth:`~django.contrib.admin.ModelAdmin.get_list_display` and
|
:meth:`~django.contrib.admin.ModelAdmin.get_list_display` and
|
||||||
:meth:`~django.contrib.admin.ModelAdmin.get_list_display_links`
|
:meth:`~django.contrib.admin.ModelAdmin.get_list_display_links`
|
||||||
were added to :class:`~django.contrib.admin.ModelAdmin` to enable the dynamic
|
were added to :class:`~django.contrib.admin.ModelAdmin` to enable the dynamic
|
||||||
customization of fields and links to display on the admin
|
customization of fields and links displayed on the admin change list.
|
||||||
change list.
|
|
||||||
|
|
||||||
Admin inlines respect user permissions
|
Admin inlines respect user permissions
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -148,30 +147,31 @@ Django 1.4 adds both a low-level API for signing values and a high-level API
|
||||||
for setting and reading signed cookies, one of the most common uses of
|
for setting and reading signed cookies, one of the most common uses of
|
||||||
signing in Web applications.
|
signing in Web applications.
|
||||||
|
|
||||||
See :doc:`cryptographic signing </topics/signing>` docs for more information.
|
See the :doc:`cryptographic signing </topics/signing>` docs for more
|
||||||
|
information.
|
||||||
|
|
||||||
Cookie-based session backend
|
Cookie-based session backend
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.4 introduces a new cookie based backend for the session framework
|
Django 1.4 introduces a new cookie-based backend for the session framework
|
||||||
which uses the tools for :doc:`cryptographic signing </topics/signing>` to
|
which uses the tools for :doc:`cryptographic signing </topics/signing>` to
|
||||||
store the session data in the client's browser.
|
store the session data in the client's browser.
|
||||||
|
|
||||||
See the :ref:`cookie-based backend <cookie-session-backend>` docs for
|
See the :ref:`cookie-based session backend <cookie-session-backend>` docs for
|
||||||
more information.
|
more information.
|
||||||
|
|
||||||
New form wizard
|
New form wizard
|
||||||
~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The previously shipped ``FormWizard`` of the formtools contrib app has been
|
The previous ``FormWizard`` from the formtools contrib app has been
|
||||||
replaced with a new implementation that is based on the class based views
|
replaced with a new implementation based on the class-based views
|
||||||
introduced in Django 1.3. It features a pluggable storage API and doesn't
|
introduced in Django 1.3. It features a pluggable storage API and doesn't
|
||||||
require the wizard to pass around hidden fields for every previous step.
|
require the wizard to pass around hidden fields for every previous step.
|
||||||
|
|
||||||
Django 1.4 ships with a session based storage backend and a cookie based
|
Django 1.4 ships with a session-based storage backend and a cookie-based
|
||||||
storage backend. The latter uses the tools for
|
storage backend. The latter uses the tools for
|
||||||
:doc:`cryptographic signing </topics/signing>` also introduced in
|
:doc:`cryptographic signing </topics/signing>` also introduced in
|
||||||
Django 1.4 to store the wizard state in the user's cookies.
|
Django 1.4 to store the wizard's state in the user's cookies.
|
||||||
|
|
||||||
See the :doc:`form wizard </ref/contrib/formtools/form-wizard>` docs for
|
See the :doc:`form wizard </ref/contrib/formtools/form-wizard>` docs for
|
||||||
more information.
|
more information.
|
||||||
|
@ -186,7 +186,7 @@ Translating URL patterns
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.4 gained the ability to look for a language prefix in the URL pattern
|
Django 1.4 gained the ability to look for a language prefix in the URL pattern
|
||||||
when using the new :func:`django.conf.urls.i18n.i18n_patterns` helper function.
|
when using the new :func:`~django.conf.urls.i18n.i18n_patterns` helper function.
|
||||||
Additionally, it's now possible to define translatable URL patterns using
|
Additionally, it's now possible to define translatable URL patterns using
|
||||||
:func:`~django.utils.translation.ugettext_lazy`. See
|
:func:`~django.utils.translation.ugettext_lazy`. See
|
||||||
:ref:`url-internationalization` for more information about the language prefix
|
:ref:`url-internationalization` for more information about the language prefix
|
||||||
|
@ -195,34 +195,35 @@ and how to internationalize URL patterns.
|
||||||
Contextual translation support for ``{% trans %}`` and ``{% blocktrans %}``
|
Contextual translation support for ``{% trans %}`` and ``{% blocktrans %}``
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django 1.3 introduced :ref:`contextual translation<contextual-markers>` support
|
The :ref:`contextual translation<contextual-markers>` support introduced in
|
||||||
in Python files via the ``pgettext`` function. This is now also supported by
|
Django 1.3 via the ``pgettext`` function has been extended to the
|
||||||
the :ttag:`trans` and :ttag:`blocktrans` template tags using the new
|
:ttag:`trans` and :ttag:`blocktrans` template tags using the new ``context``
|
||||||
``context`` keyword.
|
keyword.
|
||||||
|
|
||||||
Customizable ``SingleObjectMixin`` URLConf kwargs
|
Customizable ``SingleObjectMixin`` URLConf kwargs
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Two new attributes,
|
Two new attributes,
|
||||||
:attr:`pk_url_kwarg<django.views.generic.detail.SingleObjectMixin.pk_url_kwarg>` and
|
:attr:`pk_url_kwarg<django.views.generic.detail.SingleObjectMixin.pk_url_kwarg>`
|
||||||
|
and
|
||||||
:attr:`slug_url_kwarg<django.views.generic.detail.SingleObjectMixin.slug_url_kwarg>`,
|
:attr:`slug_url_kwarg<django.views.generic.detail.SingleObjectMixin.slug_url_kwarg>`,
|
||||||
have been added to :class:`django.views.generic.detail.SingleObjectMixin` to
|
have been added to :class:`~django.views.generic.detail.SingleObjectMixin` to
|
||||||
enable the customization of URLConf keyword arguments used for single
|
enable the customization of URLConf keyword arguments used for single
|
||||||
object generic views.
|
object generic views.
|
||||||
|
|
||||||
Assignment template tags
|
Assignment template tags
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
A new helper function,
|
A new :ref:`assignment_tag<howto-custom-template-tags-assignment-tags>` helper
|
||||||
:ref:`assignment_tag<howto-custom-template-tags-assignment-tags>`, was added to
|
function was added to ``template.Library`` to ease the creation of template
|
||||||
``template.Library`` to ease the creation of template tags that store some
|
tags that store data in a specified context variable.
|
||||||
data in a specified context variable.
|
|
||||||
|
|
||||||
``*args`` and ``**kwargs`` support for template tag helper functions
|
``*args`` and ``**kwargs`` support for template tag helper functions
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
:ref:`simple_tag<howto-custom-template-tags-simple-tags>`, :ref:`inclusion_tag
|
The :ref:`simple_tag<howto-custom-template-tags-simple-tags>`,
|
||||||
<howto-custom-template-tags-inclusion-tags>` and the newly introduced
|
:ref:`inclusion_tag <howto-custom-template-tags-inclusion-tags>` and
|
||||||
|
newly introduced
|
||||||
:ref:`assignment_tag<howto-custom-template-tags-assignment-tags>` template
|
:ref:`assignment_tag<howto-custom-template-tags-assignment-tags>` template
|
||||||
helper functions may now accept any number of positional or keyword arguments.
|
helper functions may now accept any number of positional or keyword arguments.
|
||||||
For example:
|
For example:
|
||||||
|
@ -263,25 +264,25 @@ exceptions from template rendering is now consistent regardless of the value of
|
||||||
|
|
||||||
Added a filter which truncates a string to be no longer than the specified
|
Added a filter which truncates a string to be no longer than the specified
|
||||||
number of characters. Truncated strings end with a translatable ellipsis
|
number of characters. Truncated strings end with a translatable ellipsis
|
||||||
sequence ("..."). See the :tfilter:`truncatechars docs <truncatechars>` for
|
sequence ("..."). See the documentation for :tfilter:`truncatechars` for
|
||||||
more details.
|
more details.
|
||||||
|
|
||||||
``static`` template tag
|
``static`` template tag
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The :mod:`staticfiles<django.contrib.staticfiles>` contrib app has now a new
|
The :mod:`staticfiles<django.contrib.staticfiles>` contrib app has a new
|
||||||
:ttag:`static template tag<staticfiles-static>` to refer to files saved with
|
:ttag:`static<staticfiles-static>` template tag to refer to files saved with
|
||||||
the :setting:`STATICFILES_STORAGE` storage backend. It'll use the storage
|
the :setting:`STATICFILES_STORAGE` storage backend. It uses the storage
|
||||||
``url`` method and therefore supports advanced features such as
|
backend's ``url`` method and therefore supports advanced features such as
|
||||||
:ref:`serving files from a cloud service<staticfiles-from-cdn>`.
|
:ref:`serving files from a cloud service<staticfiles-from-cdn>`.
|
||||||
|
|
||||||
``CachedStaticFilesStorage`` storage backend
|
``CachedStaticFilesStorage`` storage backend
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Additional to the `static template tag`_ the
|
In addition to the `static template tag`_, the
|
||||||
:mod:`staticfiles<django.contrib.staticfiles>` contrib app now has a
|
:mod:`staticfiles<django.contrib.staticfiles>` contrib app now has a
|
||||||
:class:`~django.contrib.staticfiles.storage.CachedStaticFilesStorage` which
|
:class:`~django.contrib.staticfiles.storage.CachedStaticFilesStorage` backend
|
||||||
caches the files it saves (when running the :djadmin:`collectstatic`
|
which caches the files it saves (when running the :djadmin:`collectstatic`
|
||||||
management command) by appending the MD5 hash of the file's content to the
|
management command) by appending the MD5 hash of the file's content to the
|
||||||
filename. For example, the file ``css/styles.css`` would also be saved as
|
filename. For example, the file ``css/styles.css`` would also be saved as
|
||||||
``css/styles.55e7cbb9ba48.css``
|
``css/styles.55e7cbb9ba48.css``
|
||||||
|
@ -293,7 +294,7 @@ Simple clickjacking protection
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
We've added a middleware to provide easy protection against `clickjacking
|
We've added a middleware to provide easy protection against `clickjacking
|
||||||
<http://en.wikipedia.org/wiki/Clickjacking>`_ using the X-Frame-Options
|
<http://en.wikipedia.org/wiki/Clickjacking>`_ using the ``X-Frame-Options``
|
||||||
header. It's not enabled by default for backwards compatibility reasons, but
|
header. It's not enabled by default for backwards compatibility reasons, but
|
||||||
you'll almost certainly want to :doc:`enable it </ref/clickjacking/>` to help
|
you'll almost certainly want to :doc:`enable it </ref/clickjacking/>` to help
|
||||||
plug that security hole for browsers that support the header.
|
plug that security hole for browsers that support the header.
|
||||||
|
@ -303,28 +304,27 @@ CSRF improvements
|
||||||
|
|
||||||
We've made various improvements to our CSRF features, including the
|
We've made various improvements to our CSRF features, including the
|
||||||
:func:`~django.views.decorators.csrf.ensure_csrf_cookie` decorator which can
|
:func:`~django.views.decorators.csrf.ensure_csrf_cookie` decorator which can
|
||||||
help with AJAX heavy sites, protection for PUT and DELETE, and settings
|
help with AJAX heavy sites, protection for PUT and DELETE requests, and the
|
||||||
:setting:`CSRF_COOKIE_SECURE` and :setting:`CSRF_COOKIE_PATH` which can improve
|
:setting:`CSRF_COOKIE_SECURE` and :setting:`CSRF_COOKIE_PATH` settings which can
|
||||||
the security and usefulness of the CSRF protection. See the :doc:`CSRF docs
|
improve the security and usefulness of the CSRF protection. See the :doc:`CSRF
|
||||||
</ref/contrib/csrf>` for more information.
|
docs </ref/contrib/csrf>` for more information.
|
||||||
|
|
||||||
Error report filtering
|
Error report filtering
|
||||||
~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Two new function decorators, :func:`sensitive_variables` and
|
Two new function decorators, :func:`sensitive_variables` and
|
||||||
:func:`sensitive_post_parameters`, were added to allow designating the
|
:func:`sensitive_post_parameters`, were added to allow designating the
|
||||||
traceback frames' local variables and request's POST parameters susceptible
|
local variables and POST parameters which may contain sensitive
|
||||||
to contain sensitive information and that should be filtered out of error
|
information and should be filtered out of error reports.
|
||||||
reports.
|
|
||||||
|
|
||||||
All POST parameters are now systematically filtered out of error reports for
|
All POST parameters are now systematically filtered out of error reports for
|
||||||
certain :mod:`contrib.views.auth` views (``login``, ``password_reset_confirm``,
|
certain views (``login``, ``password_reset_confirm``, ``password_change``, and
|
||||||
``password_change``, and ``add_view`` and ``user_change_password`` in the
|
``add_view`` in :mod:`django.contrib.auth.views`, as well as
|
||||||
``auth`` admin) to prevent the leaking of sensitive information such as user
|
``user_change_password`` in the admin app) to prevent the leaking of sensitive
|
||||||
passwords.
|
information such as user passwords.
|
||||||
|
|
||||||
You may override or customize the default filtering by writing a
|
You may override or customize the default filtering by writing a :ref:`custom
|
||||||
:ref:`custom filter<custom-error-reports>`. Learn more on
|
filter<custom-error-reports>`. For more information see the docs on
|
||||||
:ref:`Filtering error reports<filtering-error-reports>`.
|
:ref:`Filtering error reports<filtering-error-reports>`.
|
||||||
|
|
||||||
Extended IPv6 support
|
Extended IPv6 support
|
||||||
|
@ -346,7 +346,7 @@ the previous ``manage.py`` handling of Python import paths that caused double
|
||||||
imports, trouble moving from development to deployment, and other
|
imports, trouble moving from development to deployment, and other
|
||||||
difficult-to-debug path issues.
|
difficult-to-debug path issues.
|
||||||
|
|
||||||
The previous ``manage.py`` calls functions that are now deprecated, and thus
|
The previous ``manage.py`` called functions that are now deprecated, and thus
|
||||||
projects upgrading to Django 1.4 should update their ``manage.py``. (The
|
projects upgrading to Django 1.4 should update their ``manage.py``. (The
|
||||||
old-style ``manage.py`` will continue to work as before until Django 1.6; in
|
old-style ``manage.py`` will continue to work as before until Django 1.6; in
|
||||||
1.5 it will raise ``DeprecationWarning``).
|
1.5 it will raise ``DeprecationWarning``).
|
||||||
|
@ -366,8 +366,8 @@ The new recommended ``manage.py`` file should look like this::
|
||||||
``{{ project_name }}`` should be replaced with the Python package name of the
|
``{{ project_name }}`` should be replaced with the Python package name of the
|
||||||
actual project.
|
actual project.
|
||||||
|
|
||||||
If settings, URLconf, and apps within the project are imported or referenced
|
If settings, URLconfs, and apps within the project are imported or referenced
|
||||||
using the project-name prefix (e.g. ``myproject.settings``, ``ROOT_URLCONF =
|
using the project name prefix (e.g. ``myproject.settings``, ``ROOT_URLCONF =
|
||||||
"myproject.urls"``, etc), the new ``manage.py`` will need to be moved one
|
"myproject.urls"``, etc), the new ``manage.py`` will need to be moved one
|
||||||
directory up, so it is outside the project package rather than adjacent to
|
directory up, so it is outside the project package rather than adjacent to
|
||||||
``settings.py`` and ``urls.py``.
|
``settings.py`` and ``urls.py``.
|
||||||
|
@ -424,8 +424,8 @@ Custom project and app templates
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
The :djadmin:`startapp` and :djadmin:`startproject` management commands
|
The :djadmin:`startapp` and :djadmin:`startproject` management commands
|
||||||
got a ``--template`` option for specifying paths or URL to custom app or
|
got a ``--template`` option for specifying a path or URL to a custom app or
|
||||||
project templates.
|
project template.
|
||||||
|
|
||||||
For example, Django will use the ``/path/to/my_project_template``
|
For example, Django will use the ``/path/to/my_project_template``
|
||||||
directorywhen running the following command::
|
directorywhen running the following command::
|
||||||
|
@ -457,7 +457,7 @@ Reasons for using this feature include:
|
||||||
timestamps with time zone information in Django 1.3.)
|
timestamps with time zone information in Django 1.3.)
|
||||||
- Avoiding data corruption problems around DST transitions.
|
- Avoiding data corruption problems around DST transitions.
|
||||||
|
|
||||||
Time zone support in enabled by default in new projects created with
|
Time zone support is enabled by default in new projects created with
|
||||||
:djadmin:`startproject`. If you want to use this feature in an existing
|
:djadmin:`startproject`. If you want to use this feature in an existing
|
||||||
project, there is a :ref:`migration guide <time-zones-migration-guide>`.
|
project, there is a :ref:`migration guide <time-zones-migration-guide>`.
|
||||||
|
|
||||||
|
@ -478,7 +478,7 @@ Django 1.4 also includes several smaller improvements worth noting:
|
||||||
* In the documentation, a helpful :doc:`security overview </topics/security>`
|
* In the documentation, a helpful :doc:`security overview </topics/security>`
|
||||||
page.
|
page.
|
||||||
|
|
||||||
* Function :func:`django.contrib.auth.models.check_password` has been moved
|
* The :func:`django.contrib.auth.models.check_password` function has been moved
|
||||||
to the :mod:`django.contrib.auth.utils` module. Importing it from the old
|
to the :mod:`django.contrib.auth.utils` module. Importing it from the old
|
||||||
location will still work, but you should update your imports.
|
location will still work, but you should update your imports.
|
||||||
|
|
||||||
|
@ -519,18 +519,17 @@ Django 1.4 also includes several smaller improvements worth noting:
|
||||||
``pickle.HIGHEST_PROTOCOL`` for better compatibility with the other
|
``pickle.HIGHEST_PROTOCOL`` for better compatibility with the other
|
||||||
cache backends.
|
cache backends.
|
||||||
|
|
||||||
* Support in the ORM for generating ``SELECT`` queries containing ``DISTINCT ON``
|
* Added support in the ORM for generating ``SELECT`` queries containing
|
||||||
|
``DISTINCT ON``.
|
||||||
|
|
||||||
The ``distinct()`` ``Queryset`` method now accepts an optional list of model
|
The ``distinct()`` ``Queryset`` method now accepts an optional list of model
|
||||||
field names. If specified, then the ``DISTINCT`` statement is limited to these
|
field names. If specified, then the ``DISTINCT`` statement is limited to these
|
||||||
fields. The PostgreSQL is the only of the database backends shipped with
|
fields. PostgreSQL is the only database backend shipped with Django that
|
||||||
Django that supports this new functionality.
|
supports this new functionality.
|
||||||
|
|
||||||
For more details, see the documentation for
|
For more details, see the documentation for
|
||||||
:meth:`~django.db.models.query.QuerySet.distinct`.
|
:meth:`~django.db.models.query.QuerySet.distinct`.
|
||||||
|
|
||||||
.. _backwards-incompatible-changes-1.4:
|
|
||||||
|
|
||||||
Backwards incompatible changes in 1.4
|
Backwards incompatible changes in 1.4
|
||||||
=====================================
|
=====================================
|
||||||
|
|
||||||
|
@ -543,9 +542,9 @@ stylesheets. Django 1.3 added a new contrib app ``django.contrib.staticfiles``
|
||||||
to handle such files in a generic way and defined conventions for static
|
to handle such files in a generic way and defined conventions for static
|
||||||
files included in apps.
|
files included in apps.
|
||||||
|
|
||||||
Starting in Django 1.4 the admin's static files are now also following this
|
Starting in Django 1.4 the admin's static files also follow this
|
||||||
convention to make it easier to deploy the included files. In previous
|
convention to make it easier to deploy the included files. In previous
|
||||||
versions of Django, it was also common to define a ``ADMIN_MEDIA_PREFIX``
|
versions of Django, it was also common to define an ``ADMIN_MEDIA_PREFIX``
|
||||||
setting to point to the URL where the admin's static files are served by a
|
setting to point to the URL where the admin's static files are served by a
|
||||||
web server. This setting has now been deprecated and replaced by the more
|
web server. This setting has now been deprecated and replaced by the more
|
||||||
general setting :setting:`STATIC_URL`. Django will now expect to find the
|
general setting :setting:`STATIC_URL`. Django will now expect to find the
|
||||||
|
@ -558,7 +557,7 @@ server continues to serve the admin files just like before. Don't hesitate to
|
||||||
consult the :doc:`static files howto </howto/static-files>` for further
|
consult the :doc:`static files howto </howto/static-files>` for further
|
||||||
details.
|
details.
|
||||||
|
|
||||||
In case your ``ADMIN_MEDIA_PREFIX`` is set to an own domain (e.g.
|
In case your ``ADMIN_MEDIA_PREFIX`` is set to an specific domain (e.g.
|
||||||
``http://media.example.com/admin/``) make sure to also set your
|
``http://media.example.com/admin/``) make sure to also set your
|
||||||
:setting:`STATIC_URL` setting to the correct URL, for example
|
:setting:`STATIC_URL` setting to the correct URL, for example
|
||||||
``http://media.example.com/``.
|
``http://media.example.com/``.
|
||||||
|
@ -594,13 +593,16 @@ As part of an effort to improve the performance and usability of the admin's
|
||||||
changelist sorting interface and of the admin's :attr:`horizontal
|
changelist sorting interface and of the admin's :attr:`horizontal
|
||||||
<django.contrib.admin.ModelAdmin.filter_horizontal>` and :attr:`vertical
|
<django.contrib.admin.ModelAdmin.filter_horizontal>` and :attr:`vertical
|
||||||
<django.contrib.admin.ModelAdmin.filter_vertical>` "filter" widgets, some icon
|
<django.contrib.admin.ModelAdmin.filter_vertical>` "filter" widgets, some icon
|
||||||
files were removed and grouped into two sprite files, respectively:
|
files were removed and grouped into two sprite files.
|
||||||
``selector-add.gif``, ``selector-addall.gif``, ``selector-remove.gif``,
|
|
||||||
``selector-removeall.gif``, ``selector_stacked-add.gif`` and
|
Specifically: ``selector-add.gif``, ``selector-addall.gif``,
|
||||||
``selector_stacked-remove.gif`` into ``selector-icons.gif``; and
|
``selector-remove.gif``, ``selector-removeall.gif``,
|
||||||
``arrow-up.gif`` and ``arrow-down.gif`` into ``sorting-icons.gif``. If you used
|
``selector_stacked-add.gif`` and ``selector_stacked-remove.gif`` were
|
||||||
those icons to customize the admin then you will want to replace them with your
|
combined into ``selector-icons.gif``; and ``arrow-up.gif`` and
|
||||||
own icons or retrieve them from a previous release.
|
``arrow-down.gif`` were combined into ``sorting-icons.gif``.
|
||||||
|
|
||||||
|
If you used those icons to customize the admin then you will want to replace
|
||||||
|
them with your own icons or retrieve them from a previous release.
|
||||||
|
|
||||||
CSS class names in admin forms
|
CSS class names in admin forms
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -621,39 +623,39 @@ produced by the previous methods, these fallbacks are removed in Django 1.4.
|
||||||
|
|
||||||
So, if you upgrade to Django 1.4 directly from 1.2 or earlier, you may
|
So, if you upgrade to Django 1.4 directly from 1.2 or earlier, you may
|
||||||
lose/invalidate certain pieces of data that have been cryptographically signed
|
lose/invalidate certain pieces of data that have been cryptographically signed
|
||||||
using an old method. To avoid this, use Django 1.3 first, for a period of time,
|
using an old method. To avoid this, use Django 1.3 first for a period of time
|
||||||
to allow the signed data to expire naturally. The affected parts are detailed
|
to allow the signed data to expire naturally. The affected parts are detailed
|
||||||
below, with 1) the consequences of ignoring this advice and 2) the amount of
|
below, with 1) the consequences of ignoring this advice and 2) the amount of
|
||||||
time you need to run Django 1.3 for the data to expire or become irrelevant.
|
time you need to run Django 1.3 for the data to expire or become irrelevant.
|
||||||
|
|
||||||
* contrib.sessions data integrity check
|
* ``contrib.sessions`` data integrity check
|
||||||
|
|
||||||
* consequences: the user will be logged out, and session data will be lost.
|
* consequences: the user will be logged out, and session data will be lost.
|
||||||
|
|
||||||
* time period: defined by SESSION_COOKIE_AGE.
|
* time period: defined by :setting:`SESSION_COOKIE_AGE`.
|
||||||
|
|
||||||
* contrib.auth password reset hash
|
* ``contrib.auth`` password reset hash
|
||||||
|
|
||||||
* consequences: password reset links from before the upgrade will not work.
|
* consequences: password reset links from before the upgrade will not work.
|
||||||
|
|
||||||
* time period: defined by PASSWORD_RESET_TIMEOUT_DAYS.
|
* time period: defined by :setting:`PASSWORD_RESET_TIMEOUT_DAYS`.
|
||||||
|
|
||||||
Form related hashes — these are much shorter lifetime, and are relevant only for
|
Form-related hashes — these are much shorter lifetime, and are relevant only for
|
||||||
the short window where a user might fill in a form generated by the pre-upgrade
|
the short window where a user might fill in a form generated by the pre-upgrade
|
||||||
Django instance, and try to submit it to the upgraded Django instance:
|
Django instance, and try to submit it to the upgraded Django instance:
|
||||||
|
|
||||||
* contrib.comments form security hash
|
* ``contrib.comments`` form security hash
|
||||||
|
|
||||||
* consequences: the user will see a validation error "Security hash failed".
|
* consequences: the user will see a validation error "Security hash failed".
|
||||||
|
|
||||||
* time period: the amount of time you expect users to take filling out comment
|
* time period: the amount of time you expect users to take filling out comment
|
||||||
forms.
|
forms.
|
||||||
|
|
||||||
* FormWizard security hash
|
* ``FormWizard`` security hash
|
||||||
|
|
||||||
* consequences: the user will see an error about the form having expired,
|
* consequences: the user will see an error about the form having expired,
|
||||||
and will be sent back to the first page of the wizard, losing the data
|
and will be sent back to the first page of the wizard, losing the data
|
||||||
they have inputted so far.
|
they have entered so far.
|
||||||
|
|
||||||
* time period: the amount of time you expect users to take filling out the
|
* time period: the amount of time you expect users to take filling out the
|
||||||
affected forms.
|
affected forms.
|
||||||
|
@ -695,9 +697,9 @@ specification, some changes were made to the JSON serializer:
|
||||||
only supports milliseconds (3 digits). However, it's better than discarding
|
only supports milliseconds (3 digits). However, it's better than discarding
|
||||||
microseconds entirely.
|
microseconds entirely.
|
||||||
|
|
||||||
The XML serializer was also changed to use ISO8601 for datetimes. The letter
|
The XML serializer was also changed to use the ISO8601 format for datetimes.
|
||||||
``T`` is used to separate the date part from the time part, instead of a
|
The letter ``T`` is used to separate the date part from the time part, instead
|
||||||
space. Time zone information is included in the ``[+-]HH:MM`` format.
|
of a space. Time zone information is included in the ``[+-]HH:MM`` format.
|
||||||
|
|
||||||
The serializers will dump datetimes in fixtures with these new formats. They
|
The serializers will dump datetimes in fixtures with these new formats. They
|
||||||
can still load fixtures that use the old format.
|
can still load fixtures that use the old format.
|
||||||
|
@ -726,7 +728,7 @@ global, the ``django.db.connections`` dictionary referencing those objects is
|
||||||
still thread-local. Therefore if you just use the ORM or
|
still thread-local. Therefore if you just use the ORM or
|
||||||
``DatabaseWrapper.cursor()`` then the behavior is still the same as before.
|
``DatabaseWrapper.cursor()`` then the behavior is still the same as before.
|
||||||
Note, however, that ``django.db.connection`` does not directly reference the
|
Note, however, that ``django.db.connection`` does not directly reference the
|
||||||
default ``DatabaseWrapper`` object any more and is now a proxy to access that
|
default ``DatabaseWrapper`` object anymore and is now a proxy to access that
|
||||||
object's attributes. If you need to access the actual ``DatabaseWrapper``
|
object's attributes. If you need to access the actual ``DatabaseWrapper``
|
||||||
object, use ``django.db.connections[DEFAULT_DB_ALIAS]`` instead.
|
object, use ``django.db.connections[DEFAULT_DB_ALIAS]`` instead.
|
||||||
|
|
||||||
|
@ -747,7 +749,7 @@ Check their documentation for details.
|
||||||
Django's :doc:`comments app </ref/contrib/comments/index>` has historically
|
Django's :doc:`comments app </ref/contrib/comments/index>` has historically
|
||||||
supported excluding the comments of a special user group, but we've never
|
supported excluding the comments of a special user group, but we've never
|
||||||
documented the feature properly and didn't enforce the exclusion in other parts
|
documented the feature properly and didn't enforce the exclusion in other parts
|
||||||
of the app, e.g., the template tags. To fix this problem, we removed the code
|
of the app such as the template tags. To fix this problem, we removed the code
|
||||||
from the feed class.
|
from the feed class.
|
||||||
|
|
||||||
If you rely on the feature and want to restore the old behavior, simply use
|
If you rely on the feature and want to restore the old behavior, simply use
|
||||||
|
@ -785,10 +787,9 @@ For more details, see the documentation about
|
||||||
`IGNORABLE_404_STARTS` and `IGNORABLE_404_ENDS` settings
|
`IGNORABLE_404_STARTS` and `IGNORABLE_404_ENDS` settings
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Django can report 404 errors: see :doc:`/howto/error-reporting`.
|
Until Django 1.3, it was possible to exclude some URLs from Django's
|
||||||
Until Django 1.3, it was possible to exclude some URLs from the reporting
|
:doc:`404 error reporting</howto/error-reporting>` by adding prefixes to
|
||||||
by adding prefixes to :setting:`IGNORABLE_404_STARTS` and suffixes to
|
:setting:`IGNORABLE_404_STARTS` and suffixes to :setting:`IGNORABLE_404_ENDS`.
|
||||||
:setting:`IGNORABLE_404_ENDS`.
|
|
||||||
|
|
||||||
In Django 1.4, these two settings are superseded by
|
In Django 1.4, these two settings are superseded by
|
||||||
:setting:`IGNORABLE_404_URLS`, which is a list of compiled regular expressions.
|
:setting:`IGNORABLE_404_URLS`, which is a list of compiled regular expressions.
|
||||||
|
@ -882,8 +883,6 @@ whose primary use is to load fixtures consisting of simple objects. Even though
|
||||||
fixtures are trusted data, for additional security, the YAML deserializer now
|
fixtures are trusted data, for additional security, the YAML deserializer now
|
||||||
uses ``yaml.safe_load``.
|
uses ``yaml.safe_load``.
|
||||||
|
|
||||||
.. _deprecated-features-1.4:
|
|
||||||
|
|
||||||
Features deprecated in 1.4
|
Features deprecated in 1.4
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
|
@ -900,7 +899,7 @@ Support for PostgreSQL versions older than 8.2
|
||||||
Django 1.3 dropped support for PostgreSQL versions older than 8.0 and the
|
Django 1.3 dropped support for PostgreSQL versions older than 8.0 and the
|
||||||
relevant documents suggested to use a recent version because of performance
|
relevant documents suggested to use a recent version because of performance
|
||||||
reasons but more importantly because end of the upstream support periods for
|
reasons but more importantly because end of the upstream support periods for
|
||||||
releases 8.0 and 8.1 was near (November 2010.)
|
releases 8.0 and 8.1 was near (November 2010).
|
||||||
|
|
||||||
Django 1.4 takes that policy further and sets 8.2 as the minimum PostgreSQL
|
Django 1.4 takes that policy further and sets 8.2 as the minimum PostgreSQL
|
||||||
version it officially supports.
|
version it officially supports.
|
||||||
|
@ -913,13 +912,13 @@ admin error email support was moved into the
|
||||||
:class:`django.utils.log.AdminEmailHandler`, attached to the
|
:class:`django.utils.log.AdminEmailHandler`, attached to the
|
||||||
``'django.request'`` logger. In order to maintain the established behavior of
|
``'django.request'`` logger. In order to maintain the established behavior of
|
||||||
error emails, the ``'django.request'`` logger was called only when
|
error emails, the ``'django.request'`` logger was called only when
|
||||||
:setting:`DEBUG` was `False`.
|
:setting:`DEBUG` was ``False``.
|
||||||
|
|
||||||
To increase the flexibility of request-error logging, the ``'django.request'``
|
To increase the flexibility of error logging for requests, the
|
||||||
logger is now called regardless of the value of :setting:`DEBUG`, and the
|
``'django.request'`` logger is now called regardless of the value of
|
||||||
default settings file for new projects now includes a separate filter attached
|
:setting:`DEBUG`, and the default settings file for new projects now includes a
|
||||||
to :class:`django.utils.log.AdminEmailHandler` to prevent admin error emails in
|
separate filter attached to :class:`django.utils.log.AdminEmailHandler` to
|
||||||
`DEBUG` mode::
|
prevent admin error emails in ``DEBUG`` mode::
|
||||||
|
|
||||||
'filters': {
|
'filters': {
|
||||||
'require_debug_false': {
|
'require_debug_false': {
|
||||||
|
@ -958,13 +957,13 @@ Starting with Django 1.4 they are now available in :mod:`django.conf.urls`.
|
||||||
``django.contrib.databrowse``
|
``django.contrib.databrowse``
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Databrowse has not seen active development for some time, and this does not
|
Databrowse has not seen active development for some time, and this does not show
|
||||||
show any sign of changing. There had been a suggestion for a GSOC project to
|
any sign of changing. There had been a suggestion for a `GSOC project`_ to
|
||||||
integrate the functionality of databrowse into the admin, but no progress was
|
integrate the functionality of databrowse into the admin, but no progress was
|
||||||
made. While Databrowse has been deprecated, an enhancement of
|
made. While Databrowse has been deprecated, an enhancement of
|
||||||
django.contrib.admin providing a similar feature set is still possible.
|
``django.contrib.admin`` providing a similar feature set is still possible.
|
||||||
|
|
||||||
.. _GSOC Proposal: https://code.djangoproject.com/wiki/SummerOfCode2011#Integratedatabrowseintotheadmin
|
.. _GSOC project: https://code.djangoproject.com/wiki/SummerOfCode2011#Integratedatabrowseintotheadmin
|
||||||
|
|
||||||
The code that powers Databrowse is licensed under the same terms as Django
|
The code that powers Databrowse is licensed under the same terms as Django
|
||||||
itself, and so is available to be adopted by an individual or group as
|
itself, and so is available to be adopted by an individual or group as
|
||||||
|
@ -978,10 +977,10 @@ This function temporarily modified ``sys.path`` in order to make the parent
|
||||||
layout. This function is now deprecated, as its path workarounds are no longer
|
layout. This function is now deprecated, as its path workarounds are no longer
|
||||||
needed with the new ``manage.py`` and default project layout.
|
needed with the new ``manage.py`` and default project layout.
|
||||||
|
|
||||||
This function was never documented or public API, but was widely recommended
|
This function was never documented or part of the public API, but was widely
|
||||||
for use in setting up a "Django environment" for a user script. These uses
|
recommended for use in setting up a "Django environment" for a user script.
|
||||||
should be replaced by setting the ``DJANGO_SETTINGS_MODULE`` environment
|
These uses should be replaced by setting the ``DJANGO_SETTINGS_MODULE``
|
||||||
variable or using :func:`django.conf.settings.configure`.
|
environment variable or using :func:`django.conf.settings.configure`.
|
||||||
|
|
||||||
``django.core.management.execute_manager``
|
``django.core.management.execute_manager``
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -989,10 +988,10 @@ variable or using :func:`django.conf.settings.configure`.
|
||||||
This function was previously used by ``manage.py`` to execute a management
|
This function was previously used by ``manage.py`` to execute a management
|
||||||
command. It is identical to
|
command. It is identical to
|
||||||
``django.core.management.execute_from_command_line``, except that it first
|
``django.core.management.execute_from_command_line``, except that it first
|
||||||
calls ``setup_environ``, which is now deprecated. ``execute_manager`` is also
|
calls ``setup_environ``, which is now deprecated. As such, ``execute_manager``
|
||||||
deprecated; ``execute_from_command_line`` can be used instead. (Neither of
|
is also deprecated; ``execute_from_command_line`` can be used instead. Neither
|
||||||
these functions is documented public API, but a deprecation path is needed due
|
of these functions is documented as part of the public API, but a deprecation
|
||||||
to use in existing ``manage.py`` files.)
|
path is needed due to use in existing ``manage.py`` files.
|
||||||
|
|
||||||
``is_safe`` and ``needs_autoescape`` attributes of template filters
|
``is_safe`` and ``needs_autoescape`` attributes of template filters
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
@ -1022,7 +1021,7 @@ Session cookies now have the ``httponly`` flag by default
|
||||||
|
|
||||||
Session cookies now include the ``httponly`` attribute by default to
|
Session cookies now include the ``httponly`` attribute by default to
|
||||||
help reduce the impact of potential XSS attacks. For strict backwards
|
help reduce the impact of potential XSS attacks. For strict backwards
|
||||||
compatibility, use ``SESSION_COOKIE_HTTPONLY = False`` in settings.
|
compatibility, use ``SESSION_COOKIE_HTTPONLY = False`` in your settings file.
|
||||||
|
|
||||||
Wildcard expansion of application names in `INSTALLED_APPS`
|
Wildcard expansion of application names in `INSTALLED_APPS`
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
Loading…
Reference in New Issue