Commit Graph

15893 Commits

Author SHA1 Message Date
Tim Graham 8d29005524 Cleaned up 1.5.4/1.4.8 release notes 2013-09-15 14:14:26 -04:00
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Florian Apolloner 351a061497 Fixed a timing edge case in the RelatedFieldWidgetSeleniumFirefoxTests.
By settings an implicit wait timeout for the find_* methods we can wait
till the javascript code add the new option to the DOM.

See http://ci.djangoproject.com/job/Django/database=mysql_gis,python=python3.3/3174/testReport/junit/admin_widgets.tests/RelatedFieldWidgetSeleniumFirefoxTests/test_foreign_key_using_to_field/

Stacktrace:
Traceback (most recent call last):
  File "/var/lib/jenkins/jobs/Django/workspace/database/mysql_gis/python/python3.3/tests/admin_widgets/tests.py", line 1060, in test_foreign_key_using_to_field
      self.assertEqual(username_value, new_option.get_attribute('value'))
      AssertionError: 'newuser' != 'testser'
      - newuser
      + testser
2013-09-15 01:11:07 +02:00
Florian Apolloner 2fa0dd73b1 Fixed error handling in 3c5775d36f for non-operational webdrivers. 2013-09-14 23:24:48 +02:00
Florian Apolloner 3c5775d36f Delayed initialization of Selenium webdrivers.
If setUpClass throws an exception (in this case "Address already in use" if the
super call can't find any open port to bind too) tearDownClass is not called.
This results in open browser windows from the webdriver, hence we only construct
it once we are sure there is no code afterwards which could error out.
2013-09-14 22:58:30 +02:00
Alex Gaynor bac86ad1a3 REmoved some unused imports 2013-09-14 12:34:57 -07:00
Alex Gaynor 5c645ec81a Merge branch 'master' of https://github.com/django/django 2013-09-14 12:32:45 -07:00
Alex Gaynor 496b4d0331 Removed an import * that was masking importing stuff from the wrong location 2013-09-14 12:32:25 -07:00
Anssi Kääriäinen ff723d894d Fixed #20950 -- Instantiate OrderedDict() only when needed
The use of OrderedDict (even an empty one) was surprisingly slow. By
initializing OrderedDict only when needed it is possible to save
non-trivial amount of computing time (Model.save() is around 30% faster
for example).

This commit targetted sql.Query only, there are likely other places
which could use similar optimizations.
2013-09-14 20:52:17 +03:00
Tim Graham 886bb9d878 Revert "Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique"
This reverts commit c1ec08998d.

There are backwards compatability concerns with this.
2013-09-14 07:19:32 -04:00
Anssi Kääriäinen 74b91b3888 Added tests for double-pickling a QuerySet
Refs #21102.
2013-09-14 10:33:15 +03:00
Michael Manfre c89d80e2cc Fixed #21097 - Added DatabaseFeature.can_introspect_autofield 2013-09-14 09:48:59 +03:00
Juan Catalano 6feb75129f Fixed #21060 -- Refactored admin's autodiscover method to make it reusable.
We want to be able to use it for instance for discovering `tasks.py` modules
inside the INSTALLED_APPS.

This commit therefore moves the logic to `autodiscover_modules` method in
django.utils.module_loading.
2013-09-13 20:09:41 -04:00
Goetz 39b49fd339 Fixed #21101 -- Updated urlize documentation to mention email addresses 2013-09-13 12:42:06 -04:00
Tim Graham ec89e1725a Fixed #21100 -- Noted that Create/UpdateViews.fields is new in 1.6
Thanks AndrewIngram for the suggestion.
2013-09-13 09:34:12 -04:00
Tim Graham e4aab1bb8d Fixed #21094 -- Updated reuseable apps tutorial to use pip for installation.
Thanks ylb415 at gmail.com for the suggestion.
2013-09-13 09:29:21 -04:00
Kevin Christopher Henry 990ce9aab9 Documentation -- added instructions on working with pull requests
Since non-core contributors are asked to review patches, instructions
on working with pull requests were added to the Working with Git and
GitHub page (based on the existing instructions in the core
committers page).
2013-09-13 08:26:46 -04:00
e0ne c1ec08998d Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique 2013-09-13 08:09:21 -04:00
Daniel Sokolowski ad6fcdb8d2 Fixed #20844 -- Made AdminEmailHandler respect LOGGING 'formatter' setting. 2013-09-13 07:27:54 -04:00
Matt Austin 9451d8d558 Fixed #21095 -- Documented new requirement for dates lookups.
Day, month, and week_day lookups now require time zone definitions in the database.
2013-09-13 09:56:19 +02:00
Ramiro Morales 8b366a50f4 Fixed a couple of typos in GeoDjango docs. 2013-09-12 19:36:45 -03:00
Claude Paroz e4c6fca6d2 Merge pull request #1622 from manfre/ticket-21099
Fixed #21099 - Skip DistinctOnTests unless backend can_distinct_on_field...
2013-09-12 12:53:24 -07:00
Michael Manfre 018037736f Fixed #21099 - Skip DistinctOnTests unless backend can_distinct_on_fields 2013-09-12 14:32:23 -04:00
Claude Paroz 4c5641dd92 Fixed inspectdb test for spatialite >=4 2013-09-12 11:14:16 +02:00
Claude Paroz c82f6c2227 Add a test for the geo-enabled inspectdb command 2013-09-12 10:30:45 +02:00
Simon Charette 37faf12e66 Merge pull request #1618 from pcx/minor_typo_fix
Minor typo fix in django.contrib.auth.models.User docs
2013-09-11 15:03:10 -07:00
Phaneendra Chiruvella bd72c2acb6 Minor typo fix in django.contrib.auth.models.User docs 2013-09-12 03:15:00 +05:30
Michael Manfre e61cc87129 Fixed #21090 -- Allowed backends to provide dotted field path to inspectdb. 2013-09-11 13:35:26 -04:00
Baptiste Mispelon abb10db06f Fixed #21089 -- Allow TransactionTestcase subclasses to define an empty list of fixtures.
Thanks to lgs for the report and initial patch.
2013-09-11 15:28:04 +02:00
Keryn Knight 170f721367 Fixed #21056 -- AdminSite.app_index no longer blindly accepts any app-labelish input. 2013-09-11 08:48:32 -04:00
Tim Graham da843e7dba Fixed #20887 -- Added a warning to GzipMiddleware in light of BREACH.
Thanks EvilDMP for the report and Russell Keith-Magee
for the draft text.
2013-09-11 08:17:15 -04:00
Kevin Christopher Henry 5eca021d48 Documentation -- Improved description of cache arguments
- Fixed some grammar and formatting mistakes
- Added the type and default for CULL_FREQUENCY
- Made the note on culling the entire cache more precise. (It's actually
  slower on the filesystem backend.)
2013-09-11 07:42:49 -04:00
Tim Graham baec6a26dd Added 1.4.7/1.5.3 release notes 2013-09-10 21:07:22 -04:00
Tim Graham 7fe5b656c9 Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.
Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.
2013-09-10 21:02:48 -04:00
Alex Gaynor 1278ee3ca7 Merge pull request #1611 from thusoy/patch-1
Fix broken sphinx reference to staticfiles.
2013-09-10 13:11:11 -07:00
Tarjei Husøy 751dc0a36b Fix broken sphinx reference to staticfiles. 2013-09-10 22:10:00 +02:00
Tim Graham 8165c2cfd1 Improved deprecation warning for change in form boolean values.
refs #20684

Thanks jacob, jcd, and shai for the suggestions.
2013-09-10 14:24:34 -04:00
Tim Graham 4e96dac450 Fixed #19298 -- Added MultiValueField.__deepcopy__
Thanks nick.phillips at otago.ac.nz for the report.
2013-09-10 13:56:49 -04:00
Florian Apolloner d5d0e03ec8 Fixed test errors from 053de6131a on py3.2. 2013-09-10 19:17:01 +02:00
e0ne 053de6131a Fixed #5749 -- Added field_name as a key in the _html_output dict
Thanks SmileyChris for the suggestion.
2013-09-10 13:00:10 -04:00
Juan Catalano 4840fd9cbc Fixed #20919 -- Extended assertRedirects to be able to avoid fetching redirect's response.
Thanks mjtamlyn for the suggestion.
2013-09-10 12:22:55 -04:00
Aymeric Augustin 79ccd1a101 Fixed test that fails when pytz is installed.
pytz' localize() method is the bane of my life.
2013-09-10 18:07:29 +02:00
Gregor MacGregor b2b763448f Fixed #20841 -- Added messages to NotImplementedErrors
Thanks joseph at vertstudios.com for the suggestion.
2013-09-10 11:09:59 -04:00
Loic Bistuer d59f1993f1 Made MigrationWriter look for a "deconstruct" attribute on functions.
Refs #20978.
2013-09-10 10:12:23 -04:00
Loic Bistuer 5df8f749e6 Fixed #20978 -- Made deletion.SET_NULL more friendly for MigrationWriter.serialize. 2013-09-10 10:12:23 -04:00
Tim Graham 0ac7cc3265 Fixed #21083 - Fixed spelling in tutorial.
Thanks jimmy.kjaersgaard at gmail.com for the report.
2013-09-10 09:54:26 -04:00
Tim Graham 4ba373840a Fixed #16534 -- Improved ability to customize DiscoverRunner
Added DiscoverRunner.test_suite and .test_runner attributes.

Thanks tomchristie for the suggestion and jcd for the patch.
2013-09-10 09:49:39 -04:00
oz123 fca4c4826e Fixed #21075 - Improved doc for calling call_command with arguments. 2013-09-10 09:17:47 -04:00
Roberto Aguilar af67ce5e18 Fixed #4574 -- Added CSS classes to the admin calendar widget for better control over styling. 2013-09-10 08:07:17 -05:00
Tim Graham 2bc5143866 Fixed #7467 -- Added a template block to override the admin welcome message.
Thanks Jeff Kowalczyk for the suggestion and rctay for the patch.
2013-09-10 08:48:03 -04:00