innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
27,194 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

16433 Commits

Author SHA1 Message Date
Min ho Kim 65e86948b8 Corrected several typos in string literals and test names. 2019-08-07 11:23:14 +02:00
Andrew Godwin 052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak 05964b2198 Moved indexes in ArrayField's Index and Slice transforms to SQL params. 
Follow up to 7deeabc7c7.

These lookups aren't vulnerable to SQL injection because both accept
only integer indexes. It is a part of good practices.
 2019-08-05 14:16:35 +02:00
Diederik van der Boor 25f21bd237 Fixed #28393 -- Added helpful error messages for invalid AutoField/FloatField/IntegerField values. 
Co-authored-by: Diederik van der Boor <vdboor@edoburu.nl>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
 2019-08-05 08:41:29 +02:00
Nick Pope 4cf1f2f13e Simplified AlterModelTable by making it subclass ModelOptionOperation. 2019-08-02 18:19:55 +02:00
aaktsipetrov 4edad1ddf6 Fixed #30668 -- Made QuerySet.filter() raise NotSupportedError if any of source expressions is not filterable. 2019-08-02 15:06:00 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
zeyneloz 955b382600 Fixed #30599 -- Prevented ManifestFilesMixin.read_manifest() from silencing errors other than FileNotFoundError. 2019-08-02 08:35:28 +02:00
Mariusz Felisiak d14fa04ab3 Removed obsolete mentions of a check constraint in BaseDatabaseSchemaEditor.add_constraint()/remove_constraint() docstrings. 2019-08-02 07:09:37 +02:00
Jon Dufresne e8d0d2a5ef Removed unneeded ValueError catching in django.utils.text._replace_entity(). 
The html.entities.name2codepoint dict contains only valid Unicode
codepoints. Either the key exists and chr() will succeed or the key does
not exist.
 2019-08-01 14:30:20 +02:00
Mariusz Felisiak ff111ea5e3 Refs #30664 -- Fixed migrations crash when altering AutoField/BigAutoField with quoted db_column on PostgreSQL. 2019-08-01 12:06:32 +02:00
Ngalim Siregar e4684220af Fixed #30664 -- Fixed migrations crash when altering table on SQLite or altering AutoField/BigAutoField on PostgreSQL for models with quoted db_table. 2019-08-01 12:06:32 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection. 
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
 2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Carlton Gibson eea0bf7bd5 Refs #30669 -- Removed incorrect branch in ASGIHander.read_body(). 
None is not valid for settings.FILE_UPLOAD_MAX_MEMORY_SIZE.
Always use SpooledTemporaryFile.
 2019-07-31 13:33:01 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope 69a30f620e Refs #30160 -- Simplified archive extension map and added other aliases. 2019-07-31 09:46:17 +02:00
Hasan Ramezani e3fc9af4ab Refs #30593 -- Fixed introspection of check constraints columns on MariaDB. 2019-07-30 16:32:13 +02:00
Hasan Ramezani b2aad9ad4d Refs #30593 -- Added _parse_constraint_columns() hook to introspection on MariaDB. 2019-07-30 16:32:13 +02:00
Nick Pope 0509148c24 Refs #30160 -- Made destination path a required argument of extract(). 2019-07-30 11:27:56 +02:00
Jerrod Martin c7bef16a74 Fixed #30411 -- Improved formatting of text tracebacks in technical 500 templates. 
Co-Authored-By: Daniel Hahler <git@thequod.de>
 2019-07-29 11:09:54 +02:00
Claude Paroz 3c6d32e0b2 Fixed #30552 -- Fixed loss of SRID when calling reverse() on LineString/Point. 
Thanks Mariusz Felisiak for contributing the Point part.
 2019-07-27 20:12:46 +02:00
Jon Dufresne 4122d9d3f1 Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames. 
Regression in 519016e5f2.
 2019-07-27 12:04:56 +02:00
Piotr Domanski 4b4e68a7a6 Fixed #30567 -- Made WSGIHandler pass FileResponse.block_size to wsgi.file_wrapper. 2019-07-26 07:31:51 +02:00
Mariusz Felisiak 806ba19bbf
Added Query.is_sliced property. 
Previously, we used Query.can_filter() mainly to check if a query is
sliced what was confusing.
 2019-07-25 20:45:55 +02:00
Hasan Ramezani 1853383969 Fixed #27995 -- Added error messages on unsupported operations following union(), intersection(), and difference(). 2019-07-25 12:39:55 +02:00
Jon Dufresne 5ed20b3aa3 Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute. 
Allows model fields to override the descriptor class used on the model
instance attribute.
 2019-07-25 08:15:20 +02:00
Jon Dufresne 93ffa81bc5 Refs #30657 -- Made DeferredAttribute.__init__() to take a field instance instead of a field name. 2019-07-25 07:24:52 +02:00
Tom Forbes fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
Mariusz Felisiak fed5e19369
Removed unused BaseReloader.watch_file(). 
Unused since its introduction in c8720e7696.
 2019-07-24 13:32:02 +02:00
Jon Dufresne d89053585e Improved error message when index in __getitem__() is invalid. 2019-07-23 20:12:08 +02:00
Mariusz Felisiak 8d52a525c8
Refs #29548 -- Fixed DatabaseWrapper.display_name on MariaDB. 2019-07-23 13:34:06 +02:00
Tom Forbes 2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Jon Dufresne 60dc957a82 Removed unnecessary code in Model.__init__(). 
As is_related_object is True, the val variable is unused for the
remainder of the method.

Unnecessary since 53da1e4794.
 2019-07-23 07:45:07 +02:00
Georgi Yanchev c6581a40be Fixed #30644 -- Made introspection use pg_table_is_visible() instead of filtering by public schema on PostgreSQL. 2019-07-22 08:14:53 +02:00
Mariusz Felisiak 842fd620ff
Simplified get_key_columns()/get_relations() introspection methods for PostgreSQL. 2019-07-20 15:15:41 +02:00
Min ho Kim 9f11939dd1 Fixed typos in comments and a test name. 2019-07-19 18:24:06 +02:00
Hasan Ramezani 1fc2c70f76 Fixed #30593 -- Added support for check constraints on MariaDB 10.2+. 2019-07-19 11:05:06 +02:00
Mads Jensen a3417282ac Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL. 
Thanks to Nick Pope and Mariusz Felisiak for review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-07-16 18:04:41 +02:00
Mads Jensen 7174cf0b00 Refs #29824 -- Added RangeOperators helper class. 2019-07-16 16:57:46 +02:00
Yann Sionneau e47b8293a7 Fixed #30636 -- Fixed options ordering when cloning test database on MySQL. 
--defaults-file must be given before other options.
 2019-07-16 07:25:43 +02:00
Mariusz Felisiak 858cfd74e9
Simplified RangeContainedBy by making it subclass PostgresSimpleLookup. 2019-07-13 10:55:19 +02:00
Mariusz Felisiak 70c2b90d95
Simplified DateTimeRangeContains by making it subclass PostgresSimpleLookup. 2019-07-12 17:27:49 +02:00
Hasan Ramezani 402e6d292f Fixed #30602 -- Made Extract raise ValueError when using unsupported lookups for DurationField. 2019-07-12 08:08:35 +02:00
Mariusz Felisiak 7a42cfcfdc
Refs #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains F() expressions. 
Thanks Can Sarıgöl for the report.

Follow up to 8c5f9906c5.
 2019-07-11 13:40:36 +02:00
Hasan Ramezani 8c5f9906c5 Fixed #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains expressions. 2019-07-11 11:24:59 +02:00