Commit Graph

4131 Commits

Author SHA1 Message Date
Carlton Gibson 0802b404a2 Added release date for Django 3.2.
Adjusted wrapping in release notes where needed.
2021-04-06 11:20:59 +02:00
Carlton Gibson 5aea50e57f Updated asgiref dependency for 3.2 release series. 2021-04-06 10:38:43 +02:00
Mariusz Felisiak 1eac8468cb Added CVE-2021-28658 to security archive. 2021-04-06 09:42:31 +02:00
Mariusz Felisiak d4d800ca1a Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
Adam Johnson e32722d160 Fixed #32383 -- Added source map support to ManifestStaticFilesStorage. 2021-04-02 12:21:21 +02:00
Maxim Milovanov d915dd1c58 Fixed #32204 -- Added quick filter to admin's navigation sidebar. 2021-03-31 09:31:37 +02:00
William Schwartz 7248afe12f Refs #32105 -- Moved ExceptionReporter template paths to properties.
Refs #32316.
2021-03-31 08:41:57 +02:00
bankc db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Chris Jerdonek 038940cf55 Fixed #29127 -- Prevented DiscoverRunner from hiding tagged test with syntax errors.
This mades _FailedTest objects always match tags in DiscoverRunner.
2021-03-30 10:26:20 +02:00
Nick Pope 2f13c476ab Fixed #31487 -- Added precision argument to Round(). 2021-03-29 09:43:08 +02:00
Florian Demmer 3a185cee2a Fixed #32573 -- Fixed bounds in __iso_year lookup optimization. 2021-03-23 21:27:55 +01:00
Baptiste Mispelon 41e6b2a3c5 Fixed #32556 -- Fixed handling empty string as non-boolean attributes value by assertHTMLEqual(). 2021-03-19 20:41:57 +01:00
Daniyal 474cc420bf Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.core. 2021-03-19 08:04:37 +01:00
Tim Graham 2411b8b5eb Fixed #16010 -- Added Origin header checking to CSRF middleware.
Thanks David Benjamin for the original patch, and Florian
Apolloner, Chris Jerdonek, and Adam Johnson for reviews.
2021-03-18 20:25:20 +01:00
Tim Graham dba44a7a7a Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme. 2021-03-18 20:00:22 +01:00
Adam Johnson f6713cda89 Fixed #31370 -- Added support for parallel tests with --buffer. 2021-03-18 15:30:47 +01:00
Adam Johnson 45814af619 Fixed #32560 -- Fixed test runner with --pdb and --buffer on fail/error. 2021-03-17 20:56:09 +01:00
Chris Jerdonek d828beb68f Fixed #32529 -- Delayed creating a test suite in build_suite(). 2021-03-11 10:02:06 +01:00
Mariusz Felisiak ba9a2b7544
Refs #32508 -- Raised TypeError instead of using "assert" on unsupported operations for sliced querysets. 2021-03-10 09:16:28 +01:00
Johan Schiff d01709aae2 Fixed #24141 -- Added QuerySet.contains(). 2021-03-06 20:40:29 +01:00
tim-mccurrach f55f3ce831
Fixed #32493 -- Removed redundant never_cache uses from admin views.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2021-03-03 09:13:07 +01:00
Hasan Ramezani 8380fe08a0 Fixed #32456 -- Added dbshell support for specifying a password file on PostgreSQL. 2021-03-01 09:33:49 +01:00
Jacob Walls 0c7e880e13
Fixed typos in assertQuerysetEqual() docs and 1.6 release notes. 2021-02-26 09:10:52 +01:00
Mariusz Felisiak e0f82d7992 Added stub release notes for 3.1.8. 2021-02-25 20:27:10 +01:00
Markus Holtermann 7cc6899d41 Updated links to DEPs. 2021-02-25 17:22:07 +01:00
Simon Charette 3089018e95 Fixed #32446 -- Deprecated SERIALIZE test database setting.
Whether or not the state of a test database should be serialized can be
inferred from the set of databases allowed to be access from discovered
TestCase/TransactionTestCase enabling the serialized_rollback feature
which makes this setting unnecessary.

This should make a significant test suite bootstraping time difference
on large projects that didn't explicitly disable test database
serialization.
2021-02-24 20:31:11 +01:00
Hannes Ljungberg 3aa545281e Fixed #30916 -- Added support for functional unique constraints.
Thanks Ian Foote and Mariusz Felisiak for reviews.
2021-02-23 20:19:53 +01:00
Carlton Gibson ab58f07250 Added CVE-2021-23336 to security archive. 2021-02-19 11:02:32 +01:00
Nick Pope 0ad9fa02e0 Refs CVE-2021-23336 -- Updated tests and release notes for affected versions. 2021-02-19 09:03:06 +01:00
Nick Pope d02d60eb0f Added documentation extlink for bugs.python.org. 2021-02-17 14:24:42 +01:00
manav014 3119a6deca Fixed #26607 -- Allowed customizing formset kwargs with ModelAdmin.get_formset_kwargs().
Thanks Nick Pope for reviews.
2021-02-15 11:37:35 +01:00
Tim Graham 3fa1ed53be
Refs #32394 -- Rephrased release note for STATIC_URL change. 2021-02-13 20:07:55 +01:00
Ramon Saraiva dcb094abe8 Fixed #32421 -- Made admindocs ModelDetailView show model cached properties. 2021-02-11 06:50:50 +01:00
Hasan Ramezani 17a5e2cff6 Fixed #32431 -- Reversed order of security issues history. 2021-02-10 16:02:35 +01:00
Mariusz Felisiak ec0ff40631 Fixed #32355 -- Dropped support for Python 3.6 and 3.7 2021-02-10 10:20:54 +01:00
ThinkChaos b99d6c9cbc Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView. 2021-02-08 21:08:05 +01:00
Markus Holtermann 9d05add447 Fixed #32394 -- Changed project template settings to use relative STATIC_URL.
Refs #25598 which added original support for relative STATIC_URL and
MEDIA_URL.
2021-02-06 13:34:00 +01:00
Simon Charette f23b05696e Fixed #32395 -- Allowed capturing stdout of migration signals. 2021-02-04 11:19:49 +01:00
Jim Xie ce60d28929 Fixed #31527 -- Allowed admindocs index to handle non-string URLconfs. 2021-02-04 10:11:58 +01:00
Dan Swain e17bdb953a Fix typos 2021-02-04 09:48:40 +01:00
Mariusz Felisiak f39634ff22 Refs #32390 -- Bumped required cx_Oracle to 7.0. 2021-02-03 10:03:33 +01:00
Mariusz Felisiak 84283ab9cd Fixed #32390 -- Dropped support for Oracle 12.2 and 18c. 2021-02-03 10:03:33 +01:00
Mariusz Felisiak f131841c60
Fixed #32403 -- Fixed re-raising DatabaseErrors when using only 'postgres' database.
Thanks Kazantcev Andrey for the report.

Regression in f48f671223.
2021-02-02 21:34:36 +01:00
Mariusz Felisiak 8d3c3a5717 Added stub release notes for 3.1.7. 2021-02-01 10:51:16 +01:00
Mariusz Felisiak f749148d62 Added CVE-2021-3281 to security archive. 2021-02-01 10:24:22 +01:00
Mariusz Felisiak 05413afa8c Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.
2021-02-01 09:07:36 +01:00
Denis Skulimovskiy 269a767146 Fixed #32391 -- Used CSS flex properties for changelist filter.
Matched layout adjustment using flex from admin sidebar added in
d24ba1be7a.

Filters would become squashed when viewport was
constrained or list display table became too wide.
2021-01-28 15:51:05 +01:00
Carlton Gibson f4272d000a Fixed #32348, Refs #29087 -- Corrected tutorial for updated deleting inlines UI.
Updated tutorial to match change in 24e540fbd7
allowing deletion of original extra inlines.
2021-01-27 08:44:36 +01:00
Jerin Peter George 1adc09064f Fixed #32347 -- Made ModelChoiceField include the value in ValidationError for invalid_choice. 2021-01-26 09:31:53 +01:00
Hasan Ramezani dcb3ad3319 Fixed #32292 -- Added support for connection by service name to PostgreSQL. 2021-01-20 17:30:37 +01:00
muskanvaswan ab7478d1d4 Fixed #32324 -- Added template block to override the admin site header. 2021-01-19 12:27:07 +01:00
Mariusz Felisiak 5371342ed6
Fixed #32357 -- Dropped support for PostgreSQL 9.6 and PostGIS 2.3. 2021-01-19 12:25:20 +01:00
Paul Ganssle 10d1261984 Refs #32365 -- Allowed use of non-pytz timezone implementations. 2021-01-19 11:59:37 +01:00
Hasan Ramezani 34aa4f1997 Fixed #32296 -- Added --skip-checks option to runserver command. 2021-01-18 12:51:35 +01:00
Mariusz Felisiak a948d9df39 Increased the default PBKDF2 iterations for Django 4.0. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 0aa6a602b2 Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak e7208f13c0 Refs #25236 -- Removed {% ifequal %} and {% ifnotequal %} template tags per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 2dd6a83d2d Refs #12990 -- Removed django.contrib.postgres.forms.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 8fdb5a656a Refs #12990 -- Removed django.contrib.postgres.fields.jsonb.KeyTransform/KeyTextTransform.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 7cb5712edc Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 98ae3925e5 Refs #31534 -- Removed django.conf.urls.url() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak be6e468130 Refs #31359 -- Made get_random_string()'s length argument required.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d992f4e3c2 Refs #31369 -- Removed models.NullBooleanField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 06eec31970 Refs #7098 -- Removed support for passing raw column aliases to order_by().
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak bf770cc825 Refs #8760 -- Removed "list" message for ModelMultipleChoiceField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 1adcf20385 Refs #31327 -- Removed providing_args argument for Signal per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 4bb30fe5d5 Refs #26601 -- Made get_response argument required and don't accept None in middleware classes.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 6b4941dd57 Refs #27468 -- Removed support for the pre-Django 3.1 user sessions.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d32a232fe9 Refs #27468 -- Removed support for the pre-Django 3.1 signatures in Signer and signing.dumps()/loads().
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 8250145a0c Refs #31274 -- Removed support for the pre-Django 3.1 encoding format of sessions.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 66b4046d68 Refs #27468 -- Removed support for the pre-Django 3.1 password reset tokens.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 831a05b185 Refs #27604 -- Removed support for the pre-Django 3.1 encoding format in CookieStorage.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d08977a0f0 Refs #30997 -- Removed HttpRequest.is_ajax() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 90c59b4e12 Refs #23433 -- Removed django-admin.py entry point per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 68e3ca13d7 Refs #30988 -- Removed InvalidQuery exception per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 396da8b94c Refs #30841 -- Made isnull lookup raise ValueError for non-boolean values.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 12ac4916af Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 9e456f3166 Refs #30747 -- Removed django.utils.http.is_safe_url() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 157ab32f34 Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 5e33ec80d1 Refs #30158 -- Made alias argument required in signature of Expression.get_group_by_cols() subclasses.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d134b0b93e Refs #15902 -- Stopped set_language() storing user's language in the session.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 52a238ddf2 Refs #30165 -- Removed ugettext(), ugettext_lazy(), ugettext_noop(), ungettext(), and ungettext_lazy() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 810f037b29 Refs #27753 -- Removed django.utils.encoding.force_text() and smart_text() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 88ed1c8d08 Refs #27753 -- Removed django.utils.http urllib aliases per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 8774b1144c Added stub release notes for 4.0. 2021-01-14 17:50:04 +01:00
Carlton Gibson 75182a800a Removed empty sections and adjusted 3.2 release notes. 2021-01-14 14:58:28 +01:00
Jon Moroney 76ae6ccf85 Fixed #31358 -- Increased salt entropy of password hashers.
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2021-01-14 11:20:28 +01:00
Hannes Ljungberg ffe756d624 Refs #26167 -- Changed default value of DatabaseFeatures.supports_expression_indexes to True. 2021-01-14 08:32:26 +01:00
mimi89999 b5cef91a91 Fixed #31259 -- Added admin dark theme. 2021-01-14 08:27:29 +01:00
Nick Pope 9204485396
Fixed #16117 -- Added decorators for admin action and display functions.
Refs #25134, #32099.
2021-01-13 17:19:22 +01:00
Hannes Ljungberg 83fcfc9ec8 Fixed #26167 -- Added support for functional indexes.
Thanks Simon Charette, Mads Jensen, and Mariusz Felisiak for reviews.

Co-authored-by: Markus Holtermann <info@markusholtermann.eu>
2021-01-13 11:47:50 +01:00
Paolo Melchiorre c412d9af7e
Fixed #32291 -- Added fixtures compression support to dumpdata. 2021-01-12 15:47:58 +01:00
Jon Dufresne ba31b01034
Fixed #31747 -- Fixed model enumeration via admin URLs.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2021-01-12 14:37:56 +01:00
Johannes Maron 3071660acf
Fixed #29010, Fixed #29138 -- Added limit_choices_to and to_field support to autocomplete fields.
* Fixed #29010 -- Added limit_choices_to support to autocomplete fields.
* Fixed #29138 -- Allowed autocomplete fields to target a custom
  to_field rather than the PK.
2021-01-12 11:37:38 +01:00
Florian Apolloner 2d6179c819 Fixed #32191 -- Made CookieStorage use RFC 6265 compliant format.
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
2021-01-07 13:00:53 +01:00
Matthias Kestenholz 0a802233ec
Fixed #32018 -- Extracted admin colors into CSS variables.
Defined all colors used in the admin CSS as variables. Implemented the
following standardizations and accessibility improvements while at it:

- Improved the contrast of text to not use ratios of less than 3:1 anymore.
- Most hover states already used desaturated and darkened colors.
  Changed object tools to follow the same rule instead of showing the
  primary color on hover.

Various places used similar colors; those have been merged with the goal
of reducing the count of CSS variables. Contrasts have been improved in
a few places.

- Many borders used slightly different colors (e.g. #eaeaea vs. #eee)
- Help texts used #999, this has been changed to --body-quiet-color
  (#666) which has a better contrast.

Introduced fast color transitions on links and buttons.
2021-01-07 10:07:19 +01:00
Florian Apolloner 102d92fc09 Refs #32191 -- Added Signer.sign_object()/unsign_object().
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
2021-01-06 20:16:47 +01:00
Carlton Gibson 966ed414b2 Added stub release notes for 3.1.6. 2021-01-04 08:58:03 +01:00
Carlton Gibson 767917ed49 Added release date for 3.1.5. 2021-01-04 08:31:51 +01:00
Mariusz Felisiak e13b71403b
Fixed #32304 -- Fixed prefixing STATIC_URL and MEDIA_URL by SCRIPT_NAME for absolute URLs with no domain.
Thanks Adam Hooper for the report.

Regression in c574bec092.
2020-12-31 13:18:57 +01:00
Mariusz Felisiak 74fd233b14
Fixed #32303 -- Bumped minimum supported SQLite to 3.9.0. 2020-12-30 09:01:56 +01:00
Mariusz Felisiak 98ad327864
Fixed #32299 -- Prevented mutating handlers when processing middlewares marking as unused in an async context.
Thanks Hubert Bielenia for the report.
2020-12-29 09:04:35 +01:00
Nick Pope bb64b99b78 Fixed #29867 -- Added support for storing None value in caches.
Many of the cache operations make use of the default argument to the
.get() operation to determine whether the key was found in the cache.
The default value of the default argument is None, so this results in
these operations assuming that None is not stored in the cache when it
actually is. Adding a sentinel object solves this issue.

Unfortunately the unmaintained python-memcached library does not support
a default argument to .get(), so the previous behavior is preserved for
the deprecated MemcachedCache backend.
2020-12-17 09:57:21 +01:00
Tom Forbes b5e12d490a Fixed #31007 -- Allowed specifying type of auto-created primary keys.
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
2020-12-15 11:25:46 +01:00
Ayush Bansal b960e4ed72 Fixed #32261 -- Added error logging to Signal.send_robust(). 2020-12-15 11:00:26 +01:00
Jon Dufresne 550297d20d
Added backticks to code literals in various docs. 2020-12-15 07:19:00 +01:00
sage 8d7085e0fd Fixed #32252 -- Fixed __isnull=True on key transforms on SQLite and Oracle.
__isnull=True on key transforms should not match keys with NULL values.
2020-12-11 09:15:42 +01:00
Hasan Ramezani 275dd4ebba
Fixed #32178 -- Allowed database backends to skip tests and mark expected failures.
Co-authored-by: Tim Graham <timograham@gmail.com>
2020-12-10 18:00:57 +01:00
Mariusz Felisiak 5ce31d6a71
Fixed #32193 -- Deprecated MemcachedCache. 2020-12-09 21:27:32 +01:00
Timo Ludwig d8dfff2ab0 Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default. 2020-12-03 09:32:08 +01:00
Artur Beltsov 48b4bae983 Fixed #32179 -- Added JSONObject database function. 2020-12-02 09:30:50 +01:00
Mariusz Felisiak adb40d217e Added stub release notes for 3.1.5. 2020-12-01 07:12:49 +01:00
Mariusz Felisiak 670261b8d6 Added release date for 3.1.4. 2020-12-01 06:24:16 +01:00
Mariusz Felisiak 931c6e982c Refs #32230 -- Made LayerMapping support pathlib.Path. 2020-11-28 07:41:54 +01:00
Hasan Ramezani b37be072a2 Fixed #32230 -- Made DataSource support pathlib.Path. 2020-11-28 07:36:19 +01:00
Ian Foote 3828879eee Fixed #32220 -- Added durable argument to transaction.atomic(). 2020-11-27 21:43:15 +01:00
Ian Foote 8b040e3cbb Fixed #25534, Fixed #31639 -- Added support for transform references in expressions.
Thanks Mariusz Felisiak and Simon Charette for reviews.
2020-11-27 20:42:04 +01:00
Hannes Ljungberg 33403bf80f Refs #27095 -- Allowed (non-nested) arrays containing expressions for ArrayField lookups. 2020-11-26 10:57:58 +01:00
sage fe6e582421 Fixed #32203 -- Fixed QuerySet.values()/values_list() crash on key transforms with non-string values on SQLite.
Thanks Gordon Wrigley for the report.
2020-11-25 14:51:35 +01:00
Mariusz Felisiak f5e5aac59e
Fixed #32224 -- Avoided suppressing connection errors in supports_json_field on SQLite.`
Regression in 6789ded0a6.

Thanks Juan Garcia Alvite for the report.
2020-11-25 12:19:45 +01:00
Hasan Ramezani fe9c7ded29 Fixed #32200 -- Fixed grouping by ExpressionWrapper() with Q objects.
Thanks Gordon Wrigley for the report.

Regression in df32fd42b8.
2020-11-19 21:00:04 +01:00
Carlton Gibson ead37dfb58
Fixed #32202 -- Fixed autoreloader argument generation for Windows with Python 3.7-. 2020-11-19 12:07:15 +01:00
Nick Pope 477c800443
Changed docs and a code comment to use gender-neutral pronouns.
Follow up to e1b7723817.
2020-11-13 22:26:30 +01:00
manav014 f63f3cdf09 Fixed #29712 -- Made makemessages warn if locales have hyphens and skip them. 2020-11-13 09:25:42 +01:00
MinchinWeb f1585c54d0
Fixed #31216 -- Added support for colorama terminal colors on Windows.
Modern setups on Windows support terminal colors.
The colorama library may also be used, as an
alternative to the ANSICON library.
2020-11-11 14:27:10 +01:00
Hannes Ljungberg 0773837e15 Fixed #32182 -- Fixed crash of JSONField nested key transforms with subquery annotations on PostgreSQL. 2020-11-10 07:09:58 +01:00
Hasan Ramezani 3f7b327562 Fixed #31235 -- Made assertQuerysetEqual() compare querysets directly.
This also replaces assertQuerysetEqual() to
assertSequenceEqual()/assertCountEqual() where appropriate.

Co-authored-by: Peter Inglesby <peter.inglesby@gmail.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-11-06 09:24:50 +01:00
Tom Forbes 658bcc16f1 Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
Jon Dufresne 859cd7c6b4
Fixed #22276 -- Fixed crash when formset management form is invalid.
Co-authored-by: Patryk Zawadzki <patrys@room-303.com>
2020-11-05 10:40:41 +01:00
Artur Beltsov 18c8ced81e Fixed #32169 -- Added distinct support to JSONBAgg. 2020-11-04 21:22:54 +01:00
Carlton Gibson ebb08d1942
Fixed #32159 -- Ensured AsyncRequestFactory correctly sets headers. 2020-11-04 11:07:15 +01:00
Patrick Arminio 542b4b3ab4 Fixed #32162 -- Fixed setting Content-Length header in AsyncRequestFactory. 2020-11-03 10:12:40 +01:00
Carlton Gibson c8785b473f Added stub release notes for 3.1.4. 2020-11-02 09:20:53 +01:00
Carlton Gibson 7fc07b9b2b Set release date for 3.1.3, 3.0.11, and 2.2.17. 2020-11-02 08:35:24 +01:00
Simon Charette bbe6fbb876 Refs #32061 -- Unified DatabaseClient.runshell() in db backends. 2020-10-29 22:22:58 +01:00
Christian Klus 4ac2d4fa42 Fixed #32152 -- Fixed grouping by subquery aliases.
Regression in 42c08ee465.

Thanks Simon Charette for the review.
2020-10-29 09:56:09 +01:00
Josh Santos 36bc47069c Fixed #32127 -- Fixed admin change-form textarea layout for mid-sized displays. 2020-10-27 16:06:11 +01:00
Carlton Gibson e17ee44688 Fixed #32128 -- Added asgiref 3.3 compatibility.
Thread sensitive parameter is True by default from asgiref v3.3.0.
Added an explicit thread_sensitive=False to previously implicit uses.
2020-10-27 11:24:07 +01:00
Tim Graham 7734337bcb Made OracleSpatialAdapter clone geometries rather than mutate them. 2020-10-27 07:14:16 +01:00
Carlton Gibson ad11f5b8c9 Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior. 2020-10-22 14:15:19 +02:00
Mariusz Felisiak 3418092238
Fixed #32130 -- Fixed pre-Django 3.1 password reset tokens validation.
Thanks Gordon Wrigley for the report and implementation idea.

Regression in 226ebb1729.
2020-10-22 13:21:14 +02:00
Carlton Gibson 257f8495d6 Fixed #32069 -- Fixed admin change-form layout on small screens.
Restored flex-wrap CSS declaration to form elements at smallest breakpoint.
This was present since the responsive admin was introduced in dc37e8846e.
Regression in 8ee4bb6ffc, where it was accidentally removed.
2020-10-21 15:06:43 +02:00
Tom Carrick f5e07601b2 Fixed #32046 -- Added CreateCollation/RemoveCollation operations for PostgreSQL. 2020-10-21 10:53:44 +02:00
Jacob Walls 0362b0e986 Fixed #26615 -- Made password reset token invalidate when changing email.
Co-Authored-By: Silas Barta <sbarta@gmail.com>
2020-10-21 09:29:53 +02:00
Jacob Walls 7f9e4524d6
Fixed typo in docs/releases/3.2.txt. 2020-10-21 08:06:24 +02:00
Hasan Ramezani 3b1746d519 Fixed #32107 -- Fixed ProtectedError.protected_objects and RestrictedError.restricted_objects.
Regression in 4ca5c565f4 and
ab3cbd8b9a.

Thanks Vitaliy Yelnik for the report.
2020-10-19 12:43:32 +02:00
Aarni Koskela 68e33b347d Fixed #32105 -- Added template paths as ExceptionReporter class attributes.
This allows replacement of the debugging templates without having to
copy-paste the `get_traceback_html` and `get_traceback_text` functions
into a subclass.

Thanks to Nick Pope for review.
2020-10-15 13:56:15 +02:00
Mariusz Felisiak 220c4d5c05
Refs #32096 -- Removed JSONBAgg from 3.1.3 release notes.
JSONBAgg doesn't support ordering in Django 3.1.

Follow up to 1f31027bb3.
2020-10-15 07:11:11 +02:00
Mariusz Felisiak ee0abac169 Refs #32096 -- Fixed ExclusionConstraint crash with JSONField key transforms in expressions.
Regression in 6789ded0a6.
2020-10-14 20:56:04 +02:00
Mariusz Felisiak bbd55e5863 Refs #32096 -- Fixed ExpressionWrapper crash with JSONField key transforms.
Regression in 6789ded0a6.

Thanks Simon Charette and Igor Jerosimić for the report.
2020-10-14 20:56:04 +02:00
Mariusz Felisiak 7e1e198494 Refs #32096 -- Fixed __in lookup crash against key transforms for JSONField.
Regression in 6789ded0a6 and
1251772cb8.

Thanks Simon Charette and Igor Jerosimić for the report.
2020-10-14 20:56:04 +02:00
Mariusz Felisiak 1f31027bb3 Refs #32096 -- Fixed crash of ArrayAgg/StringAgg/JSONBAgg with ordering over JSONField key transforms.
Regression in 6789ded0a6.

Thanks Igor Jerosimić for the report.
2020-10-14 20:56:04 +02:00
David-Wobrock ee005328c8 Fixed #31640 -- Made Trunc() truncate datetimes to Date/TimeField in a specific timezone. 2020-10-14 20:06:26 +02:00
Jacob Walls ac6c426007 Fixed #20601 -- Allowed forcing format with thousand separators in floatformat filter.
Thanks Claude Paroz and Nick Pope for reviews.
2020-10-13 10:36:46 +02:00
Mariusz Felisiak e18156b6c3
Refs #31040 -- Doc'd Python 3.9 compatibility. 2020-10-13 08:35:01 +02:00
Tim Schilling b7da588e88 Fixed #32091 -- Fixed admin search bar width on filtered admin page. 2020-10-09 11:39:22 +02:00
Qi Zhao de81676b51 Fixed #32080 -- Fixed displaying Unicode chars in forms.JSONField and read-only JSONField values in admin. 2020-10-09 08:14:17 +02:00
Julien Rebetez b790883065 Fixed #31181 -- Added links to related models for admin's readonly fields. 2020-10-08 19:53:49 +02:00
Tom Carrick dcb69043d0 Fixed #32002 -- Added headers parameter to HttpResponse and subclasses. 2020-10-07 09:19:57 +02:00
Tom Carrick 342a41740d Fixed #32072 -- Fixed admin search bar height.
Thanks şuayip üzülmez for the report.

Regression in 8ee4bb6ffc.
2020-10-06 11:33:48 +02:00
Nick Pope 06c5d3fafc Fixed #32060 -- Added Random database function. 2020-10-02 06:58:03 +02:00
Mariusz Felisiak 85fa24e3eb Added stub release notes for 3.1.3. 2020-10-01 07:52:45 +02:00
Mariusz Felisiak 5a1f0f1318 Added release date for 3.1.2. 2020-10-01 07:22:28 +02:00
Tom Carrick 8ee4bb6ffc Fixed #31986 -- Fixed admin filter sidebar scrolling.
Regression in 2bc38bc7ca.

Thanks haki for the report.
2020-09-30 20:35:16 +02:00
aryan 11c4a4412b Fixed #30422 -- Made TemporaryFileUploadHandler handle interrupted uploads.
This patch allows upload handlers to handle interrupted uploads.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-09-30 10:30:43 +02:00
David Smith 91669cc566 Fixed #28009 -- Doc'd empty_value for CharField subclasses. 2020-09-25 12:36:33 +02:00
Mariusz Felisiak e4ab44a4b2 Fixed #32038 -- Fixed EmptyFieldListFilter crash with GenericRelation.
Thanks Javier Matos Odut for the report.
2020-09-25 10:09:28 +02:00
Mariusz Felisiak 77caeaea88
Fixed #32012 -- Made test database creation sync apps models when migrations are disabled.
Thanks Jaap Roes for the report.
2020-09-23 10:54:04 +02:00
Tom Carrick e387f191f7 Fixed #31777 -- Added support for database collations to Char/TextFields.
Thanks Simon Charette and Mariusz Felisiak for reviews.
2020-09-21 18:24:56 +02:00
Mariusz Felisiak ba6b32e5ef
Refs #32013 -- Added backward incompatibility note about ModelChoiceIterator changes. 2020-09-21 06:25:23 +02:00
Nick Pope b4d46df5ca Fixed #29887 -- Added a cache backend for pymemcache. 2020-09-16 09:40:30 +02:00
Mariusz Felisiak eaf9764d3b
Fixed #32007 -- Fixed queryset crash with Q() annotation and aggregation.
Thanks Gordon Wrigley for the report.

Regression in 8a6df55f2d.
2020-09-15 11:40:59 +02:00
Hasan Ramezani 7be6a6a4d6 Fixed #31989 -- Fixed return value of django.core.files.locks.lock()/unlock() on POSIX systems. 2020-09-15 10:21:26 +02:00
Mariusz Felisiak e11d05e0b4
Fixed #31990 -- Fixed QuerySet.ordered for GROUP BY queries on models with Meta.ordering.
Regression in 0ddb4ebf7b.

Thanks Julien Dutriaux for the report.
2020-09-14 20:07:44 +02:00
Tom Carrick bcc2befd0e Fixed #31789 -- Added a new headers interface to HttpResponse. 2020-09-14 08:41:59 +02:00
Mariusz Felisiak 438b85dfab
Refs #31956 -- Doc'd consequences of disabling psycopg2's JSONB typecaster.
Follow up to 0be51d2226.
2020-09-10 11:00:13 +02:00
Hasan Ramezani 9369f0cebb Fixed #31967 -- Doc'd consequences of resolving an output_field for Value(). 2020-09-10 09:48:04 +02:00
Ryan Hiebert 502e75f9ed Fixed #31750 -- Made models.Field equality compare models for inherited fields. 2020-09-09 20:52:59 +02:00
Hasan Ramezani 2808cdc8fb Fixed #31962 -- Made SessionMiddleware raise SessionInterrupted when session destroyed while request is processing. 2020-09-09 09:04:28 +02:00
François Freitag 57dadfac3c Fixed #31944 -- Used addCleanup() to register TestContextDecorator cleanups.
Cleanups from addCleanup() are scheduled to happen in reverse order to
the order they are added (LIFO). Ensures each cleanup is executed from
the innermost to the outermost.
2020-09-07 08:07:26 +02:00
Nick Pope fd209f62f1 Refs #21231 -- Backport urllib.parse.parse_qsl() from Python 3.8. 2020-09-03 14:24:42 +02:00
Brian Helba 2d42e23b6d Fixed #31941 -- Corrected FileField.deconstruct() with a callable storage. 2020-09-02 11:06:18 +02:00
Joe Jackson 9d5d865fd6 Fixed #31948 -- Added tzinfo parameter to TruncDate() and TruncTime(). 2020-09-02 07:42:27 +02:00
007gzs 76e0151ea0 Added "Bugfixes" section to release notes for 3.1.2. 2020-09-02 06:32:47 +02:00
Carlton Gibson d5b526bf78 Added CVE-2020-24583 & CVE-2020-24584 to security archive. 2020-09-01 11:32:57 +02:00
Carlton Gibson 7a60670b78 Added stub release notes for 3.1.2. 2020-09-01 10:45:12 +02:00
Carlton Gibson 976e2b7420 Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
Mariusz Felisiak 1853724aca Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 2020-09-01 09:17:23 +02:00
Mariusz Felisiak 8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
007gzs 2bc38bc7ca Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar. 2020-09-01 07:51:22 +02:00
Federico Jaramillo Martínez 179d9dc0c2 Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
Simon Charette f6405c0b8e Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
The optimization introduced in 7acef095d7 did not properly handle
deletion involving filters against aggregate annotations.

It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031.

Thanks Anton Plotkin for the report.

Refs #23576.
2020-08-31 08:11:28 +02:00
Mariusz Felisiak 0be51d2226 Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
Kevin Michel 825ce75fae Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.

This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.

Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
Mariusz Felisiak e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator.
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
2020-08-28 05:57:36 +02:00
Mariusz Felisiak 1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.

Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
Kaustubh b9be11d442 Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field. 2020-08-26 09:43:39 +02:00
Michael Galler 547a07fa7e Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
Mariusz Felisiak 0b0658111c Removed trailing whitespace in 3.2 release notes. 2020-08-25 10:02:56 +02:00
Cleiton de Lima 9f8c7d2b4b
Moved CreateExtension release notes into django.contrib.postgres section. 2020-08-25 06:13:19 +02:00
Mariusz Felisiak bb8f66934d Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context."
This reverts commit 4ed534758c.
2020-08-24 11:37:59 +02:00
Mariusz Felisiak 04e87e79a0 Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning."
This reverts commit 20799cc0a6.
2020-08-24 11:37:59 +02:00
Kaustubh 3e753d3de3
Fixed #31925 -- Fixed typo in docs/releases/3.0.txt. 2020-08-21 09:47:37 +02:00
Mariusz Felisiak 4376c2c7f8
Fixed #31895 -- Fixed crash when decoding invalid session data.
Thanks Matt Hegarty for the report.
Regression in d4fff711d4.
2020-08-19 12:06:00 +02:00
Mariusz Felisiak 35b03788b0 Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms.
Follow up to 162765d6c3.
2020-08-18 09:37:15 +02:00
Mariusz Felisiak 3254991762 Refs #20347 -- Allowed customizing the maximum number of instantiated forms in generic_inlineformset_factory().
Follow up to 433dd737f9.
2020-08-18 09:37:15 +02:00
Jon Dufresne dd5173ca1b Fixed #31892 -- Added backward incompatibility note about Media <script> tags changes.
Refs 31080.
2020-08-17 10:13:18 +02:00
Ahmad A. Hussein 61a0ba43cf Refs #31811 -- Added optional timing outputs to the test runner. 2020-08-13 17:17:15 +02:00
Mariusz Felisiak 21768a99f4
Refs #31863 -- Added release notes for 94ea79be13. 2020-08-13 16:29:55 +02:00
Adam Johnson 20799cc0a6 Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning.
SimpleLazyObjects cause a crash when filtering.

Thanks Tim L. White for the report.
Regression in 4ed534758c.
2020-08-13 07:26:10 +02:00
Tom Carrick 63300f7e68 Fixed #21181 -- Added Collate database function.
Thanks Simon Charette for reviews.
2020-08-11 22:21:08 +02:00
Daniel Hillier 60626162f7 Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()). 2020-08-11 11:55:10 +02:00
Carlton Gibson 0aeb802cf0 Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging.
Thanks to Mariusz Felisiak for review.
2020-08-11 11:42:15 +02:00
Mariusz Felisiak 8a5683b6b2 Added stub release notes for 2.2.16 and 3.0.10. 2020-08-11 10:31:44 +02:00
Uri b2b0711b55 Refs #31864 -- Doc'd that DEFAULT_HASHING_ALGORITHM requires 3.1.1+ in release notes. 2020-08-08 17:32:28 +02:00
Mariusz Felisiak 99abfe8f4d
Fixed #31864 -- Fixed encoding session data during transition to Django 3.1.
Thanks אורי for the report.
2020-08-07 21:42:39 +02:00
Nick Pope 0a306f7da6 Fixed #25513 -- Extracted admin pagination to Paginator.get_elided_page_range(). 2020-08-06 12:38:56 +02:00
Nick Pope b203ec70fd Refs #25513 -- Adjusted admin pagination to be 1-indexed. 2020-08-06 12:38:56 +02:00
Mariusz Felisiak e70dc506d7 Fixed #31854 -- Fixed wrapping of long model names in admin's sidebar. 2020-08-05 10:54:25 +02:00
007gzs b0af56f639 Fixed #31853 -- Fixed wrapping of translated action labels in admin sidebar. 2020-08-05 10:24:16 +02:00
Jacob Walls c7e7f176c1 Fixed #26977 -- Made abstract models raise TypeError when instantiating. 2020-08-05 06:37:04 +02:00
Mariusz Felisiak 6c19230297 Added stub release notes for 3.1.1. 2020-08-04 10:34:38 +02:00
Mariusz Felisiak df37c2ec76 Finalized release notes for Django 3.1. 2020-08-04 09:47:34 +02:00
Mariusz Felisiak d907371ef9 Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.

Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Mariusz Felisiak b68b8cb89a Added release date for 2.2.15 and 3.0.9. 2020-08-03 08:52:28 +02:00
Mariusz Felisiak 1d6fdca557 Refs #27468 -- Added tests and release notes for signing.dumps()/loads() changes.
Follow up to 71c4fb7beb.
2020-07-31 22:05:02 +02:00
Alexandr Tatarinov f4ac167119 Fixed #27719 -- Added QuerySet.alias() to allow creating reusable aliases.
QuerySet.alias() allows creating reusable aliases for expressions that
don't need to be selected but are used for filtering, ordering, or as
a part of complex expressions.

Thanks Simon Charette for reviews.
2020-07-31 13:19:33 +02:00
Viktor Garske 1173db4a16 Fixed #31822 -- Added support for comments URL per feed item.
The item_comments hook returns a comments URL which is then used by the
feed builder.
2020-07-30 07:36:27 +02:00
David Smith 95da207bdb Fixed #28507 -- Made ValidationError.__eq__() ignore messages and params ordering.
Co-authored-by: caleb logan <clogan202@gmail.com>
2020-07-29 12:04:13 +02:00
Florian Demmer 16218c2060 Fixed #27395 -- Added sitemap 'alternates' generation.
Updated the sitemap generator and default template to optionally
include link elements with hreflang attribute to alternate language
URLs.
2020-07-29 11:48:29 +02:00
Florian Apolloner 948a874425
Fixed #29324 -- Made SECRET_KEY validation lazy (on first access). 2020-07-29 09:06:54 +02:00
Mariusz Felisiak ba691933ce
Fixed #31836 -- Dropped support for JSONField __contains and __contained_by lookups on SQLite.
The current implementation works only for basic examples without
supporting nested structures and doesn't follow "the general principle
that the contained object must match the containing object as to
structure and data contents, possibly after discarding some
non-matching array elements or object key/value pairs from the
containing object".
2020-07-28 13:06:52 +02:00
Jon Dufresne 83fbaa9231 Fixed #31806 -- Made validators include the value in ValidationErrors. 2020-07-27 13:03:26 +02:00
Tim Graham ff55adbd0d
Reverted "Fixed #30300 -- Allowed migrations to be loaded from directories without __init__.py file."
This reverts commit 3cd3bebe89.
2020-07-22 07:04:06 +02:00
Aymeric Augustin 3f2821af6b
Fixed #31180 -- Configured applications automatically. 2020-07-21 10:35:12 +02:00
Florian Apolloner 96a3ea39ef Fixed #31784 -- Fixed crash when sending emails on Python 3.6.11+, 3.7.8+, and 3.8.4+.
Fixed sending emails crash on email addresses with display names longer
then 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+.

Wrapped display names were passed to email.headerregistry.Address()
what caused raising an exception because address parts cannot contain
CR or LF.

See https://bugs.python.org/issue39073

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-07-20 07:10:40 +02:00
Mariusz Felisiak 3d16496037 Bumped asgiref requirement to >= 3.2.10.
Forwardported 3.1 release notes from 474f65406f.
2020-07-17 21:15:21 +02:00
Tim Park 8fa9a6d29e Fixed #31623 -- Allowed specifying number of adjacent time units in timesince()/timeuntil(). 2020-07-16 09:44:28 +02:00
Mariusz Felisiak 9bc8b1ad2d
Refs #31790 -- Removed incorrect item from 2.2.15 and 3.0.9 release notes.
Django 2.2 and 3.0 don't support settings samesite='None' in
HttpResponse.set_cookie() so fix is not necessary and will not be
backported.
2020-07-16 09:27:09 +02:00
Mariusz Felisiak 240cbb63bf
Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in HttpResponse.delete_cookie().
Cookies with the "SameSite" flag set to None and without the "secure"
flag will be soon rejected by latest browser versions.

This affects sessions and messages cookies.
2020-07-16 08:16:58 +02:00
Simon Charette 1e38f1191d Fixed #30446 -- Resolved Value.output_field for stdlib types.
This required implementing a limited form of dynamic dispatch to combine
expressions with numerical output. Refs #26355 should eventually provide
a better interface for that.
2020-07-15 10:58:29 +02:00
Kelechi Precious Nwachukwu 2cd3e7eeaf Added Igbo language. 2020-07-14 20:44:41 +02:00
Adam Johnson e906ff6fca Fixed #30457 -- Added TestCase.captureOnCommitCallbacks(). 2020-07-13 11:56:46 +02:00
Simon Charette ca6c5e5fc2 Fixed #31770 -- Allowed select_for_update(of) on MySQL 8.0.1+. 2020-07-13 10:15:43 +02:00
ovkulkarni b7a438c7e2 Fixed #31509 -- Made DiscoverRunner enable faulthandler by default. 2020-07-10 18:55:50 +02:00
matt ferrante 7d6916e827 Fixed #29789 -- Added support for nested relations to FilteredRelation. 2020-07-09 20:24:00 +02:00
davidchorpash 779e615e36 Fixed #31573 -- Made QuerySet.update() respect ordering on MariaDB/MySQL. 2020-07-08 11:43:50 +02:00
Resulkary af2b3fee08 Added Turkmen language. 2020-07-08 08:43:28 +02:00
rico-ci cb0da637a6 Fixed #31713 -- Added SpatialReference support to GDALRaster.transform(). 2020-07-07 09:26:44 +02:00
Tom Forbes 5d4b9c1cab Refs #12990 -- Added example to JSONField release notes. 2020-07-03 12:45:39 +02:00