Commit Graph

18016 Commits

Author SHA1 Message Date
Carlton Gibson 4af162d4de Refs #32144 -- Made makemessages remove temporary files on preprocessing error.
Co-authored-by: Anders Hovmöller <anders.hovmoller@dryft.se>
2021-07-01 10:11:10 +02:00
Carlton Gibson dfa7781033 Fixed #32144 -- Made makemessages remove temporary files when locale path doesn't exist. 2021-07-01 10:11:10 +02:00
Hannes Ljungberg d8c90d4c22 Fixed #32786 -- Moved subquery ordering clearing optimization to the _in lookup.
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2021-06-30 10:08:55 +02:00
Hannes Ljungberg 053141d31f Refs #32786 -- Made Query.clear_ordering() not to cause side effects by default. 2021-06-30 08:52:27 +02:00
Daniele Procida e3d55eeb14 Refs #32880 -- Moved logging reference to new document.
Completed a first step in moving reference and how-to material out of
the topic document.
2021-06-30 07:21:52 +02:00
Chris Jerdonek 8bca838f4a Refs #32655 -- Improved error if iter_test_cases() is passed a string. 2021-06-29 20:41:40 +02:00
manav014 503ee41497 Refs #29898 -- Moved state_forwards()'s logic from migration operations to ProjectState.
Thanks Simon Charette and Markus Holtermann for reviews.
2021-06-29 12:03:30 +02:00
Lou Huang 7ba9da815d
Fixed #32884 -- Fixed centering of the header on admin login page. 2021-06-29 07:41:52 +02:00
abhiabhi94 cd124295d8 Fixed #32381 -- Made QuerySet.bulk_update() return the number of objects updated.
Co-authored-by: Diego Lima <diego.lima@lais.huol.ufrn.br>
2021-06-29 06:58:46 +02:00
Dan Strokirk f5ea9aa2f3 Fixed #32807 -- Fixed JSONField crash when redisplaying None values.
Thanks to Alex Hill for the initial patch.
2021-06-28 11:02:08 +02:00
Claude Paroz 495083e3e1 Updated translations from Transifex.
Forwardport of 04b744050f from stable/3.2.x.
2021-06-28 07:08:39 +02:00
Mateo Radman 8a7ac78b70 Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code. 2021-06-25 06:55:47 +02:00
Ben Wilber fff4870bfa Fixed #32727 -- Allowed spaces before time zone offset in parse_datetime(). 2021-06-24 10:07:55 +02:00
Chris Jerdonek fcb75651f9 Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages. 2021-06-23 16:07:15 +02:00
Peter Inglesby 1bbb98d9a4 Fixed #32363 -- Ensured sys.__interactivehook__ is called in shell
By default, this means that readline is properly registered, so that
.python_history is used.

sys.__interactivehook__ may be set by a $PYTHONSTARTUP file.
2021-06-23 14:53:41 +02:00
tomhamiltonstubber 1e5aa8e1c7 Fixed #32790 -- Ensured test Client handles redirects to domain indexes without a specified trailing slash. 2021-06-23 12:32:29 +02:00
Adam Johnson d54059ebce
Removed options parameter from djangoAdminSelect2.
It seems this parameter has never been used internally, so to avoid
exposing a large surface area in the admin, remove it. As discussed in:
https://groups.google.com/g/django-developers/c/G-fDkNxhxsE/m/--RtGwmtAQAJ
2021-06-23 06:08:10 +02:00
Nicolas Restrepo bbb3965826 Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses. 2021-06-22 21:28:48 +02:00
Hasan Ramezani 7a9745fed4 Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
Regression in b5e12d490a.

Thanks Iuri de Silvio for the report.
2021-06-22 20:47:15 +02:00
David Smith b9e872b593 Refs #32338 -- Removed 'for ="..."' from RadioSelect's <label>.
This improves accessibility for screen reader users.

Co-authored-by: Thibaud Colas <thibaudcolas@gmail.com>
2021-06-22 10:59:29 +02:00
manav014 d718d99017 Refs #29898 -- Moved django.db.migrations.operations.utils to django.db.migrations.utils. 2021-06-22 09:26:18 +02:00
Igor Fernandes e85d9c02ad Fixed #32870 -- Improved error message when URLconf is empty. 2021-06-22 08:09:53 +02:00
Chris Jerdonek ee408309d2
Fixed #32842 -- Refactored out CsrfViewMiddleware._check_token(). 2021-06-22 07:42:28 +02:00
Mariusz Felisiak e07609a0d1 Refs #32858, Refs #32392 -- Restored using :: shortcut syntax in Cast() on PostgreSQL.
This partly reverts commit fdfbc66331
unnecessary since b69b0c3fe8.
2021-06-22 06:28:42 +02:00
Lucidiot b69b0c3fe8 Fixed #32858 -- Fixed ExclusionConstraint crash with index transforms in expressions. 2021-06-22 06:09:16 +02:00
Jacob Walls 501a371411 Fixed typo in makemessages error message. 2021-06-21 21:23:59 +02:00
Illia Volochii 5a468b4c08 Fixed #32859 -- Simplified compress_string() by using gzip.compress(). 2021-06-21 13:19:11 +02:00
Carlton Gibson 225d96533a Fixed #30427, Fixed #16176 -- Corrected setting descriptor in Field.contribute_to_class().
Co-authored-by: Jarek Glowacki <jarekwg@gmail.com>
2021-06-15 12:01:28 +02:00
Chris Jerdonek 316cc34d04 Fixed comment in CsrfViewMiddleware to say _reject instead of reject. 2021-06-12 16:46:42 +02:00
Keryn Knight 854e9b0668 Fixed #32824 -- Improved performance of NodeList.render().
This avoids the following:
 - checking that each item in the nodelist is a subclass of Node,
 - calling str() on the render_annotated() output, because it's
   documented that Node.render() must return a string,
 - calling mark_safe() on the output, when the value to be wrapped is
   definitively known to be a string because the result of ''.join()
   is always of that type,
 - using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
Jacob Walls 2dfc1066a0 Fixed #25250 -- Clarified partially recorded state of squashed migrations in showmigrations --list. 2021-06-11 09:35:42 +02:00
Chris Jerdonek de4f620183 Fixed #32609 -- Updated runtests.py to support directory path test labels.
For example, with this change, the following now works from the tests
directory:

    $ ./runtests.py view_tests/tests/
2021-06-10 20:19:30 +02:00
Mariusz Felisiak fa0433d05f Fixed #32832 -- Fixed adding BLOB/TEXT nullable field with default on MySQL 8.0.13+.
Regression in d4ac23bee1.

Thanks Omkar Deshpande for the report.
2021-06-10 20:03:43 +02:00
saeedblanchette 66ed03e7c9 Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode. 2021-06-10 12:47:53 +02:00
Ceesjan Luiten cb6c19749d Refs #27734 -- Prevented creation of more parallel workers than TestCases.
The parallel test runner uses multiple workers to distribute the
workload. These workers are assigned a worker ID using a globally
incremented variable, which determines what test database to connect
to. When the worker ID surpasses the test database IDs Django will
crash.

This reduce likelihood of crashing parallel tests because
ParallelTestSuite will no longer create more workers than TestCases.

It won't eliminate the problem completely though because there are
other circumstances in which new workers can be created which can then
be assigned an "illegal" worker ID.
2021-06-10 07:32:15 +02:00
Hasan Ramezani ed3af3ff4b
Fixed #32829 -- Updated help text for clearsessions management command.
Obsolete since 5fec97b9df.
2021-06-09 12:08:59 +02:00
Angus Holder 3e73c65ffc Fixed #32195 -- Added system check for invalid view in path() and improved error messages. 2021-06-09 09:06:42 +02:00
Mariusz Felisiak faba5b702a
Refs #32355 -- Used addClassCleanup() in SimpleTestCase and SerializeMixin. 2021-06-08 11:35:05 +02:00
Jacob Walls c0e29cec83 Fixed #25255 -- Recorded unapplied squashed migrations. 2021-06-08 08:40:34 +02:00
Sanskar Jaiswal 8c3bd0b708 Fixed #31653 -- Added AddConstraintNotValid()/ValidateConstraint() operations for PostgreSQL. 2021-06-08 07:46:51 +02:00
Keryn Knight 7f6a41d3d9
Fixed #32814 -- Improved performance of TextNode.
This avoids calling render() and handling exceptions, which is not
necessary for text nodes.
2021-06-07 21:02:00 +02:00
aryabartar 651e527f9b Fixed #32716 -- Fixed ManifestStaticFilesStorage crash when max_post_process_passes is 0. 2021-06-07 07:56:20 +02:00
Chris Jerdonek 7272e1963f Fixed #32821 -- Updated os.scandir() uses to use a context manager. 2021-06-07 06:52:42 +02:00
saeedblanchette 7dd502b0e1 Refs #24121 -- Added __repr__() to ChangeList and BaseStorage. 2021-06-07 06:31:50 +02:00
Mateo Radman d6f3b58589 Fixed #32810 -- Optimized django.utils.formats.number_format() a bit.
Pre-calculate use_l10n for get_format() calls.
2021-06-05 13:48:26 +02:00
Adam Johnson 2e4711c611 Made SerializeMixin check lockfile attr at import time. 2021-06-04 12:29:09 +02:00
Takayuki Hirayama 0393b9262d Fixed #32812 -- Restored immutability of named values from QuerySet.values_list().
Regression in 981a072dd4.

Thanks pirelle for the report.
2021-06-04 07:23:16 +02:00
Mariusz Felisiak 62e8f369c3
Fixed #32808 -- Prevented DiscoverRunner.build_suite() from mutating test loader patterns.
Thanks Chris Jerdonek for the report and reviews.
2021-06-03 08:59:37 +02:00
Chris Jerdonek 1b4d1675b2
Refs #32641 -- Made DiscoverRunner's "Found X tests" message work for finding one test.
This also removes passing level to log() as logging.INFO is the default.
2021-06-02 12:53:09 +02:00
Jacob Walls ec2727efef Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists. 2021-06-02 12:20:22 +02:00
Mariusz Felisiak e1d787f1b3 Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.

[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
Florian Apolloner 46572de2e9 Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs' TemplateDetailView. 2021-06-02 10:58:39 +02:00
Mariusz Felisiak e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
Regression in 1e38f1191d.

Thanks Mohsen Tamiz for the report.
2021-06-01 15:11:42 +02:00
Daniyal a0410ffe8f Refs #32552 -- Added DiscoverRunner.log() to allow customization.
Thanks Carlton Gibson, Chris Jerdonek, and David Smith for reviews.
2021-06-01 13:31:44 +02:00
Chris Jerdonek cd19db10df Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted cookie tokens. 2021-06-01 09:02:27 +02:00
abhiabhi94 c609d5149c Refs #24121 -- Added __repr__() to Engine 2021-06-01 07:44:36 +02:00
Chris Jerdonek 55775891fb Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted tokens. 2021-05-31 21:12:21 +02:00
Gildardo Adrian Maravilla Jacome 91e21836f6 Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage. 2021-05-31 11:09:48 +02:00
Gildardo Adrian Maravilla Jacome 781b44240a Refs #32319 -- Changed HashedFilesMixin to use named groups in patterns. 2021-05-31 10:40:21 +02:00
Chris Jerdonek d270dd584e
Refs #32778 -- Improved the name of the regex object detecting invalid CSRF token characters.
This also improves the comments near where the variable is used.
2021-05-29 12:53:50 +02:00
David Sanders 5685b7cd73
Fixed typos in comments and docs. 2021-05-29 12:51:14 +02:00
David Wobrock b9df2b74b9 Fixed #32676 -- Prevented migrations from rendering related field attributes when not passed during initialization.
Thanks Simon Charette for the implementation idea.
2021-05-28 20:25:59 +02:00
Hannes Ljungberg b746596f5f Refs #32779 -- Changed DatabaseSchemaEditor._unique_sql()/_create_unique_sql() to take fields as second parameter. 2021-05-28 10:50:27 +02:00
abhiabhi94 22da686ca9 Refs #24121 -- Added __repr__() to PermWrapper. 2021-05-28 08:03:23 +02:00
Chris Jerdonek 214b36f50a Refs #32596 -- Added early return on safe methods in CsrfViewMiddleware.process_view(). 2021-05-28 07:32:01 +02:00
Chris Jerdonek cfd8c91839 Refs #32596 -- Optimized CsrfViewMiddleware._check_referer() to delay computing good_referer. 2021-05-28 07:32:01 +02:00
Chris Jerdonek 71179a6124 Fixed #32596 -- Added CsrfViewMiddleware._check_referer().
This encapsulates CsrfViewMiddleware's referer logic into a method and
updates existing tests to check the "seam" introduced by the refactor,
when doing so would improve the test.
2021-05-28 07:31:56 +02:00
Mohammadreza Varasteh e93eb3d971 Fixed #32789 -- Made feeds emit elements with no content as self-closing tags. 2021-05-27 21:05:28 +02:00
Moriyoshi Koizumi 9e4780deda Fixed #32669 -- Fixed detection when started non-django modules which aren't packages with "python -m" in autoreloader. 2021-05-26 12:29:43 +02:00
Michael Lissner 5a8e8f80bb Fixed #32772 -- Made database cache count size once per set. 2021-05-26 11:21:11 +02:00
Mariusz Felisiak 12b19a1d76
Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute.
Regression in ec6d2531c5.

Thanks JonathanNickelson for the report.
2021-05-26 11:19:47 +02:00
Hasan Ramezani 1143f3bb5e Fixed #32543 -- Added search_help_text to ModelAdmin. 2021-05-26 10:20:13 +02:00
Hasan Ramezani 68357b2ca9 Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes. 2021-05-26 09:41:29 +02:00
Hannes Ljungberg 3e0fdf5546
Fixed #32780 -- Made Add/RemoveConstraint operations a noop for covering/deferrable unique constraints on SQLite. 2021-05-25 11:34:25 +02:00
abhiabhi94 866dccb650 Fixed #32778 -- Avoided unnecessary recompilation of token regex in _sanitize_token(). 2021-05-25 09:56:09 +02:00
saeedblanchette d3d95d645f Refs #24121 -- Added __repr__() to Lookup. 2021-05-24 07:32:25 +02:00
Mariusz Felisiak f0a9413bd2 Refs #24121 -- Improved Value.__repr__(). 2021-05-24 07:26:53 +02:00
Hannes Ljungberg 7ef2398e81 Fixed #32777 -- Passed table reference as a string to DatabaseSchemaEditor._index_columns(). 2021-05-24 06:31:48 +02:00
Yuekui Li 5e04e84d67 Fixed #32503 -- Fixed altering BLOB/TEXT field to non-nullable with default on MySQL 8.0.13+.
MySQL 8.0.13+ supports defaults for BLOB/TEXT but not in the
ALTER COLUMN statement.

Regression in 6b16c91157.

Thanks Matt Westcott for the report.
2021-05-21 13:34:37 +02:00
Rohith PR 7cca22964c Fixed #32375 -- Started deprecation toward changing the default sitemap protocol to https.
The default sitemap protocol, when it is built outside the context of
a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-21 11:00:54 +02:00
David Sanders 736bb9868a Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods. 2021-05-20 07:29:16 +02:00
David Sanders 2978c63a34 Fixed #32771 -- Used IS_POPUP_VAR constant instead of hard-coded value. 2021-05-20 07:04:26 +02:00
David Sanders 536c155e67 Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget.
ReadOnlyPasswordHashWidget doesn't have any labelable elements.
2021-05-19 20:34:57 +02:00
Carlton Gibson c2e6047c72 Fixed #32740 -- Caught possible exception when initializing colorama. 2021-05-19 10:33:15 +02:00
David Sanders 127fd927d0
Fixed #32766 -- Removed unused ORDER_TYPE_VAR.
Unused since 5434ce231d.
2021-05-19 07:51:13 +02:00
Claude Paroz 8cd55021bc Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
Mariusz Felisiak 958cdf65ae Fixed #32747 -- Prevented initialization of unused caches.
Thanks Alexander Ebral for the report.

Regression in 98e05ccde4.
2021-05-18 18:24:19 +02:00
Rust Saiargaliev a24fed399c Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
Regression in b5e12d490a.
2021-05-18 13:02:33 +02:00
Slava Skvortsov f7691d4812 Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
Regression in ba31b01034.
2021-05-18 09:14:05 +02:00
William Schwartz de32fe83a2 Fixed #32317 -- Refactored loaddata command to make it extensible.
Moved deeply nested blocks out of inner loops to improve readability
and maintainability.

Thanks to Mariusz Felisiak, Shreyas Ravi, and Paolo Melchiorre for
feedback.
2021-05-18 07:05:33 +02:00
Artur Beltsov 3954bf50fb Fixed #32750 -- Fixed crash of Extract() transform on OuterRef() expressions.
Thanks Simon Charette for the review.
2021-05-17 17:51:39 +02:00
William Schwartz 1557778121 Refs #32317 -- Simplified find_fixtures() in loaddata command.
This always replaces 'fixture_name' with its base name, which preserves
the previous behavior, because os.path.basename() was not called only on
relative paths without os.path.sep i.e. when base name was equal to the
file name.

This also changes os.path.dirname() and os.path.basename() calls to the
equivalent os.path.split() call.
2021-05-14 20:45:04 +02:00
William Schwartz 1e655d35ad Refs #32317 -- Cleaned up try/except blocks in loaddata command.
This moves code unable to trigger relevant exceptions outside of
try/except blocks, and changes 'objects' to 'objects_in_fixture'
which is equal to the length of 'objects'.
2021-05-14 20:45:04 +02:00
Rohith PR 530f58caaa Fixed #32734 -- Fixed validation of startapp's directory with trailing slash.
Regression in fc9566d42d.
2021-05-14 12:45:00 +02:00
snowman2 29345aecf6 Fixed #32721 -- Fixed migrations crash when adding namespaced spatial indexes on PostGIS. 2021-05-14 07:10:28 +02:00
snowman2 99bc67a9e7 Refs #32721 -- Made PostGISSchemaEditor._create_index_sql() call super()._create_index_sql(). 2021-05-13 13:13:16 +02:00
Mariusz Felisiak b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
- Validate filename returned by FileField.upload_to() not a filename
  passed to the FileField.generate_filename() (upload_to() may
  completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.

Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.

Regression in 0b79eb3691.
2021-05-13 08:53:44 +02:00
Simon Charette b81c7562fc Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc.

Thanks Shaheed Haque for the report.
2021-05-13 07:26:52 +02:00
Raffaele Salmaso 3733ae8957 Fixed #32031 -- Added model class for each model to AdminSite.each_context(). 2021-05-13 06:57:09 +02:00
Nick Pope 29e4ccb1a2 Fixed #32738 -- Deprecated django.utils.datetime_safe module. 2021-05-12 14:42:17 +02:00
Nick Pope 46346f8ea0 Refs #32738 -- Added sanitize_strftime_format() to replace datetime_safe. 2021-05-12 14:42:17 +02:00
Nick Pope 44accb066a Refs #32738, Refs #29600, Refs #29595 -- Removed unused django.utils.datetime_safe.time().
Unused since c72dde41e6.
2021-05-12 14:42:17 +02:00
Nick Pope 1061f52436 Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).

This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
Nick Pope d06c5b3581 Fixed #32366 -- Updated datetime module usage to recommended approach.
- Replaced datetime.utcnow() with datetime.now().
- Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp().
- Replaced datetime.utctimetuple() with datetime.timetuple().
- Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
2021-05-12 11:08:41 +02:00
saeedblanchette e6406853c3 Refs #24121 -- Added__repr__() to StaticNode. 2021-05-12 08:41:52 +02:00
Nick Pope 34363a391b Fixed #32735 -- Made DateFormat.Y() return a zero-padded year. 2021-05-12 08:17:06 +02:00
Mariusz Felisiak b1a4b1f0bd Fixed #32722 -- Fixed comparing to TruncTime() on Oracle. 2021-05-11 09:19:25 +02:00
Jordi Castells 205c36b58f Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem. 2021-05-07 20:03:46 +02:00
Hasan Ramezani 028f10fac6 Fixed #32712 -- Deprecated django.utils.baseconv module. 2021-05-07 11:57:40 +02:00
Alex Hill c4ee3b208a Fixed #32699 -- Fixed comparing to TruncTime() with 0 microseconds on MySQL. 2021-05-07 08:13:40 +02:00
Mariusz Felisiak e1e81aa1c4
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.

[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
ecogels a0a5e0f4c8 Fixed #32705 -- Prevented database cache backend from checking .rowcount on closed cursor.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-05 12:41:59 +02:00
Simon Charette 136ff592ad Fixed #32690 -- Fixed __in lookup crash when combining with filtered aggregates.
Having lookups group by subquery right-hand-sides is likely unnecessary
in the first place but relatively large amount of work would be needed
to achieve that such as making Lookup instances proper resolvable
expressions.

Regression in 3543129822.

Thanks James A. Munsch for the report.
2021-05-05 11:41:35 +02:00
Maxim Beder 06fd4df41a Fixed #32479 -- Added fallbacks to subsequent language codes in translations.
Thanks Claude Paroz and Nick Pope for reviews.
2021-05-05 09:37:54 +02:00
Simon Charette 96f55ccf79 Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
Regression in c8b6594305.

Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Karthikeyan Singaravelan f9f6bd63c9 Refs #32074 -- Removed usage of deprecated Thread.setDaemon().
Thread.setDaemon() was deprecated in Python 3.10 and will be removed in
Python 3.12.
2021-05-04 12:07:18 +02:00
Mariusz Felisiak 623c8cd8f4
Refs #32074 -- Used asyncio.get_running_loop() instead of get_event_loop().
Using asyncio.get_event_loop() when there is no running event loop was
deprecated in Python 3.10, see https://bugs.python.org/issue39529.
2021-05-04 11:29:23 +02:00
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Hasan Ramezani 8de4ca74ba Fixed #32693 -- Quoted and lowercased generated column aliases. 2021-05-04 07:36:56 +02:00
pythonwood 071cf68630
Fixed #32709 -- Corrected examples in django/utils/baseconv.py docstring. 2021-05-04 07:09:09 +02:00
Mariusz Felisiak 1f643c28b5
Fixed #32653 -- Made quoting names in the Oracle backend consistent with db_table. 2021-04-30 12:59:07 +02:00
Tim Graham 54da6e2ac2 Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. 2021-04-30 12:32:52 +02:00
Hasan Ramezani 8bcb00858e Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri(). 2021-04-30 08:05:42 +02:00
Nick Pope 2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript". 2021-04-29 20:29:08 +02:00
Mariusz Felisiak baba733dcc
Refs #32682 -- Renamed lookup_needs_distinct() to lookup_spawns_duplicates().
Follow up to 1871182031.
2021-04-29 12:04:30 +02:00
David Wobrock ee3b719a81 Refs #32675 -- Removed to_field from ForeignKeys in contrib apps' migrations.
Refs #22889.
2021-04-29 07:46:22 +02:00
Nick Pope 0c71e0f9cf Removed unnecessary reuse_with_filtered_relation argument from Query methods.
In Query.join() the argument reuse_with_filtered_relation was used to
determine whether to use == or .equals(). As this area of code is
related to aliases, we only expect an instance of Join or BaseTable to
be provided - the only two classes that provide .equals().

In both cases, the implementations of __eq__() and equals() are based
on use of the "identity" property. __eq__() performs an isinstance()
check first, returning NotImplemented if required. BaseTable.equals()
then does a straightforward equality check on "identity". Join.equals()
is a little bit different as it skips checking the last element of the
"identity" property: filtered_relation. This was only included
previously when the with_filtered_relation argument was True, impossible
since bbf141bcdc.
2021-04-28 21:19:42 +02:00
Nick Pope a6c79f4987 Removed unused with_filtered_relation argument from .equals()
Unused since bbf141bcdc.
2021-04-28 20:42:20 +02:00
Simon Charette c8b6594305 Fixed #32632, Fixed #32657 -- Removed flawed support for Subquery deconstruction.
Subquery deconstruction support required implementing complex and
expensive equality rules for sql.Query objects for little benefit as
the latter cannot themselves be made deconstructible to their reference
to model classes.

Making Expression @deconstructible and not BaseExpression allows
interested parties to conform to the "expression" API even if they are
not deconstructible as it's only a requirement for expressions allowed
in Model fields and meta options (e.g. constraints, indexes).

Thanks Phillip Cutter for the report.

This also fixes a performance regression in bbf141bcdc.
2021-04-28 12:13:55 +02:00
Konstantin Alekseev 6e742dabc9 Fixed #32687 -- Restored passing process’ environment to underlying tool in dbshell on PostgreSQL.
Regression in bbe6fbb876.
2021-04-27 10:43:35 +02:00
Mariusz Felisiak 1871182031 Fixed #32682 -- Made admin changelist use Exists() instead of distinct() for preventing duplicates.
Thanks Zain Patel for the report and Simon Charette for reviews.

The exception introduced in 6307c3f1a1
revealed a possible data loss issue in the admin.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak cd74aad90e Refs #32682 -- Renamed use_distinct variable to may_have_duplicates.
QuerySet.distinct() is not the only way to avoid duplicate, it's also
not preferred.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak 4074f38e1d Refs #32682 -- Fixed QuerySet.delete() crash on querysets with self-referential subqueries on MySQL. 2021-04-27 10:34:47 +02:00
Mariusz Felisiak d68be0494b
Refs 32637 -- Made technical 404 debug page display exception message when URL is resolved.
Follow up to 3b8527e32b.
2021-04-27 08:40:52 +02:00
Hannes Ljungberg eab71f7690 Fixed #32686 -- Removed unnecessary semicolon on collected multiline SQL for RunSQL. 2021-04-27 08:01:07 +02:00
Zain Patel 4e5bbb6ef2 Fixed #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
Regression in 84609b3205.
2021-04-26 07:08:16 +02:00
Mariusz Felisiak 0aacbdcf27
Refs #32673 -- Fixed lookups crash when comparing against lookups on Oracle.
Follow up to 170b006ce8.
2021-04-23 16:32:53 +02:00
Simon Charette 170b006ce8 Fixed #32673 -- Fixed lookups crash when comparing against lookups on PostgreSQL.
Regression in 3a505c70e7.

Nonlitteral right-hand-sides of lookups need to be wrapped in
parentheses to avoid operator precedence ambiguities.

Thanks Charles Lirsac for the detailed report.
2021-04-23 15:38:32 +02:00
Chris Jerdonek 0461b7a6b6 Fixed #32662 -- Refactored a generator out of SQLCompiler.get_order_by().
This also renames the `asc` variable to `default_order`, markes the
`desc` variable as unused, fixes a typo in SQLCompiler.get_order_by()
docstring, and reorders some blocks in SQLCompiler._order_by_pairs().
2021-04-21 12:35:49 +02:00
Simon Charette 6d0cbe42c3 Fixed #32650 -- Fixed handling subquery aliasing on queryset combination.
This issue started manifesting itself when nesting a combined subquery
relying on exclude() since 8593e162c9 but
sql.Query.combine never properly handled subqueries outer refs in the
first place, see QuerySetBitwiseOperationTests.test_subquery_aliases()
(refs #27149).

Thanks Raffaele Salmaso for the report.
2021-04-21 09:49:15 +02:00
Mariusz Felisiak 34d1905712
Fixed #32665 -- Fixed caches system check crash when STATICFILES_DIRS is a list of 2-tuples.
Thanks Jared Lockhart for the report.

Regression in c36075ac1d.
2021-04-21 09:41:37 +02:00
Carlton Gibson 5c73fbb6a9 Fixed #32647 -- Restored multi-row select with shift-modifier in admin changelist.
Regression in 30e59705fc.
2021-04-21 08:31:06 +02:00
Tobias Bengfort 54e94640ac Refs #25287 -- Added support for multiplying and dividing DurationField by scalar values on SQLite. 2021-04-20 11:44:41 +02:00
Tobias Bengfort 9e1ccd7283 Refs #25287 -- Added _sqlite_prepare_dtdelta_param() hook. 2021-04-20 10:07:42 +02:00
David Beitey 4bb27c8719
Removed unnecessary line in OrderBy.as_sql().
Unnecessary since 7286eaf681.
2021-04-20 09:47:11 +02:00
François Freitag 6b0b3eafd6 Fixed #32664 -- Made PasswordResetTokenGenerator.secret validation lazy.
Django apps initialization to run management command triggers the admin
autodiscovery. Importing django.contrib.auth.tokens creates an instance
of PasswordResetTokenGenerator which required a SECRET_KEY.

For several management commands, the token generator is unused. It
should only complain about a missing SECRET_KEY when it is used.
2021-04-20 07:34:53 +02:00
David Wobrock aa4acc164d Fixed #29899 -- Made autodetector use model states instead of model classes.
Thanks Simon Charette and Markus Holtermann for reviews.
2021-04-16 11:18:10 +02:00
David Wobrock a67849499a Refs #29899 -- Improved variable names in MigrationAutodetector._detect_changes(). 2021-04-16 10:33:42 +02:00
David Wobrock fd325b9dee Refs #29899 -- Moved resolve_relation() to django.db.migrations.utils. 2021-04-16 10:33:42 +02:00
girishsontakke a815a6a315 Fixed #32641 -- Made DiscoverRunner print the number of found tests.
Thanks Chris Jerdonek for reviews.
2021-04-15 11:42:46 +02:00
Florian Apolloner 4511d14598 Fixed #32643 -- Fixed decoding of messages in the pre-Django 3.2 format.
Thanks Jan Pieter Waagmeester for the report.

Regression in 2d6179c819.
2021-04-14 22:52:59 +02:00
Mariusz Felisiak ca98729055
Fixed #32645 -- Fixed QuerySet.update() crash when ordered by joined fields on MySQL/MariaDB.
Thanks Matt Westcott for the report.

Regression in 779e615e36.
2021-04-14 21:11:17 +02:00
Arthur Jovart 08c60cce3b Fixed #32648 -- Fixed VariableDoesNotExist rendering sitemaps template. 2021-04-14 16:50:47 +02:00
Mariusz Felisiak 23fa29f6a6
Fixed #32649 -- Fixed ModelAdmin.search_fields crash when searching against phrases with unbalanced quotes.
Thanks Dlis for the report.

Regression in 26a413507a.
2021-04-14 12:23:47 +02:00
Hasan Ramezani a77c9a4229 Fixed #32635 -- Fixed system check crash for reverse o2o relations in CheckConstraint.check and UniqueConstraint.condition.
Regression in b7b7df5fbc.

Thanks Szymon Zmilczak for the report.
2021-04-14 10:06:18 +02:00
Daniel Hahler 59552bea57 Corrected typo in Field.deconstruct docstring. 2021-04-13 11:44:44 +02:00
Mariusz Felisiak 3b8527e32b
Fixed #32637 -- Restored exception message on technical 404 debug page.
Thanks Atul Varma for the report.
2021-04-13 09:15:04 +02:00
Iuri de Silvio 9760e262f8 Fixed #32627 -- Fixed QuerySet.values()/values_list() crash on combined querysets ordered by unannotated columns. 2021-04-12 21:11:40 +02:00
Chris Jerdonek 823a9e6bac Fixed #32416 -- Made ThreadedWSGIServer close connections after each thread.
ThreadedWSGIServer is used by LiveServerTestCase.
2021-04-12 10:23:56 +02:00
Chris Jerdonek 71a936f9d8 Refs #32416 -- Added LiveServerTestCase._make_connections_override() hook. 2021-04-12 08:54:03 +02:00
Claude Paroz e4430f22c8 Fixed #31937 -- Eased translation of time strings in some languages. 2021-04-10 20:23:12 +02:00
Mariusz Felisiak b8c9e9fae1
Refs #32074 -- Removed usage of Python's deprecated distutils.version package.
The distutils package was formally deprecated in Python 3.10 and will
be removed in Python 3.12.
2021-04-09 12:56:27 +02:00
Raymond Nunez e84b054325
Added missing "event" argument to addEventListener() call in actions.js. 2021-04-09 09:03:17 +02:00
Collin Anderson 1c004939d5 Fixed #32624 -- Avoided using JavaScript for "Local vars" show/hide in technical 500 debug page. 2021-04-09 06:33:53 +02:00
Adam Johnson 45a58c31e6 Fixed #32620 -- Allowed subclasses of Big/SmallAutoField for DEFAULT_AUTO_FIELD. 2021-04-08 13:17:08 +02:00
Claude Paroz 30e123ed35 Fixed #32575 -- Added support for SpatiaLite 5. 2021-04-08 09:36:29 +02:00
Mariusz Felisiak dc824e2668
Refs #27488 -- Corrected detection of IsValid() support on SpatiaLite.
LWGEOM is not required for IsValid().
2021-04-08 09:31:16 +02:00
Claude Paroz 3ae4344bbd Dropped support for GEOS 3.5 and GDAL 2.0. 2021-04-07 20:39:30 +02:00
girishsontakke 98abc0c90e Fixed #32501 -- Added support for returning fields from INSERT statements on SQLite 3.35+. 2021-04-07 20:09:56 +02:00
Adam Johnson d9de74141e Fixed #32442 -- Used converters on returning fields from INSERT statements. 2021-04-07 17:10:00 +02:00
Mariusz Felisiak 619f26d289
Refs #32074 -- Made ExclusionConstraint.__repr__() use Deferrable.__repr__().
Follow up to c6859f1a68.
2021-04-07 17:07:53 +02:00
Claude Paroz e3cfba0029 Fixed #32544 -- Confirmed support for GDAL 3.2 and GEOS 3.9. 2021-04-07 15:54:24 +02:00
Mariusz Felisiak c6859f1a68
Refs #32074 -- Backported Enum.__repr__() from Python 3.10.
Enum.__repr__() was changed in [1], we should use the same format in
Python < 3.10.

[1] https://bugs.python.org/issue40066
2021-04-07 10:28:40 +02:00
Mariusz Felisiak d4d800ca1a Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
Claude Paroz 90b95d2959 Updated translations from Transifex.
Forwardport of 1ea5e98315 from stable/3.2.x.
2021-04-06 06:19:31 +02:00
Chris Jerdonek a89e975caf Fixed #32532 -- Made DiscoverRunner raise RuntimeError when a test label is a file path. 2021-04-02 12:54:08 +02:00
Chris Jerdonek 0af81b22b5 Refs #32532 -- Replaced is_discoverable() with try_importing(). 2021-04-02 12:54:08 +02:00
Adam Johnson e32722d160 Fixed #32383 -- Added source map support to ManifestStaticFilesStorage. 2021-04-02 12:21:21 +02:00
William Schwartz 9ee693bd6c Fixed #32316 -- Deferred accessing __file__.
Deferred accessing the module-global variable __file__ because the
Python import API does not guarantee it always exists—in particular, it
does not exist in certain "frozen" environments. The following changes
advanced this goal.

Thanks to Carlton Gibson, Tom Forbes, Mariusz Felisiak, and Shreyas
Ravi for review and feedback.
2021-04-01 14:33:30 +02:00
Mariusz Felisiak cfe47b7686
Fixed #32610 -- Fixed get_git_changeset() on Linux.
shell=True is required on Windows. Unfortunately passing a sequence to
subprocess.run() behaves differently on Linux, i.e. the first item
specifies the command string, and any additional items are treated as
additional arguments to the shell itself.

https://docs.python.org/3.9/library/subprocess.html#subprocess.Popen
https://docs.python.org/3.9/library/subprocess.html#converting-an-argument-sequence-to-a-string-on-windows

Regression in a44d80f88e.
2021-04-01 11:11:07 +02:00
Mariusz Felisiak 548dce50cf
Removed unnecessary left/right in admin sidebar CSS. 2021-03-31 20:34:15 +02:00
Maxim Milovanov d915dd1c58 Fixed #32204 -- Added quick filter to admin's navigation sidebar. 2021-03-31 09:31:37 +02:00
William Schwartz 7248afe12f Refs #32105 -- Moved ExceptionReporter template paths to properties.
Refs #32316.
2021-03-31 08:41:57 +02:00
bankc db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Mariusz Felisiak f6018c1e63 Fixed #32595 -- Fixed SchemaEditor.quote_value() crash with bytes. 2021-03-30 11:42:15 +02:00
Chris Jerdonek 038940cf55 Fixed #29127 -- Prevented DiscoverRunner from hiding tagged test with syntax errors.
This mades _FailedTest objects always match tags in DiscoverRunner.
2021-03-30 10:26:20 +02:00
Daniyal 7c08f26bf0 Fixed #32260 -- Made View.as_view() do not use update_wrapper().
View.as_view() should not use update_wrapper() for copying attributes
it's unintended and have side-effects such as adding `self` to the
signature.

This also fixes system check for arguments of custom error handler
views with class-based views.

Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2021-03-30 07:58:09 +02:00
Adam Johnson 0c0b87725b Refs #32260 -- Made admindocs and technical 404 debug page use view_func.view_class.
Internals of admindocs and technical 404 debug page should use the
view_class attribute and do not rely on __name__.
2021-03-30 06:51:27 +02:00
Nick Pope 41850eec99 Fixed #32572 -- Improved ResolverMatch.__repr__().
When a partial function was passed as the view, the __repr__() would
show the `func` argument as `functools.partial` which isn't very
helpful, especially as it doesn't reveal the underlying function or
arguments provided.
2021-03-29 11:28:56 +02:00
Nick Pope 2f13c476ab Fixed #31487 -- Added precision argument to Round(). 2021-03-29 09:43:08 +02:00
Chris Jerdonek 61d5e57353
Simplified and optimized test_match_tags().
This simplifies and optimizes runner.py's test_match_tags() because it
(1) uses isdisjoint() instead of intersection(), which involves
constructing a new set, (2) eliminates a set operation when tags is
falsey, (3) eliminates the need for a matched_tags variable, and (4)
uses fewer not's, which should make it easier to parse and understand.
2021-03-29 09:21:20 +02:00
Hasan Ramezani ed0cc52dc3 Fixed #32585 -- Fixed Value() crash with DecimalField on SQLite. 2021-03-29 06:22:36 +02:00
Chris Jerdonek dcb06c2c68 Fixed #32591 -- Made DiscoverRunner order _FailedTest objects first.
Failures detected when loading tests are ordered before all of the
above for quicker feedback. This includes things like test modules that
couldn't be found or that couldn't be loaded due to syntax errors.
2021-03-26 12:18:27 +01:00
William Schwartz cecdec91cf Refs #32355 -- Corrected comments about Python's _NamespacePath.
_NamespacePath supports indexing in Python 3.8+.
2021-03-26 10:17:10 +01:00
Chris Jerdonek ff514309e1 Fixed #32578 -- Fixed crash in CsrfViewMiddleware when a request with Origin header has an invalid host. 2021-03-25 10:34:58 +01:00
Chris Jerdonek f3825248a2 Refs #32579 -- Fixed cookie domain comment in CsrfViewMiddleware.process_view(). 2021-03-25 06:48:36 +01:00
Chris Jerdonek 70332e6c43 Refs #32579 -- Optimized good_hosts creation in CsrfViewMiddleware.process_view(). 2021-03-25 06:39:35 +01:00
Girish Sontakke 5388ff2a52
Fixed #32582 -- Removed unnecessary dot in names of cloned test databases on SQLite. 2021-03-25 06:37:01 +01:00
Chris Jerdonek f5a2244217
Fixed typo in DiscoverRunner --reverse help text. 2021-03-24 13:39:06 +01:00
Chris Jerdonek 235d23cf99 Refs #32532 -- Added DiscoverRunner.load_tests_for_label(). 2021-03-24 13:03:53 +01:00