innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
30,354 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

12685 Commits

Author SHA1 Message Date
Florian Apolloner 761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. 
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-01-04 10:03:56 +01:00
Florian Apolloner 968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator. 
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-01-04 10:02:05 +01:00
Luke Plant ccafad2e42
Avoided suggestion of plain text database password in sessions topic. 2022-01-04 06:47:24 +01:00
Mariusz Felisiak 4400d8568a
Fixed #33391 -- Clarified Aggregate.empty_result_set_value docs. 2021-12-31 06:49:10 +01:00
mangelozzi eb901681ab
Improved @display(empty_value) example in ModelAdmin.empty_value_display docs. 2021-12-30 11:39:04 +01:00
Jacob Walls 6174814dbe Fixed #27936 -- Rewrote spanning multi-valued relationships docs. 2021-12-30 08:38:04 +01:00
Mariusz Felisiak 1283458baa Added default values to Entry's fields in making queries docs. 
This makes it easier to create a data in examples.
 2021-12-30 08:38:04 +01:00
Sergey Fursov feeb0685c6 Updated example of YAML serialization format in docs. 2021-12-28 12:44:41 +01:00
Mariusz Felisiak ad6bb20557
Avoided counting attributes and methods in docs. 2021-12-28 12:36:57 +01:00
Carlton Gibson b13d920b7b Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases. 2021-12-28 08:47:33 +01:00
Hannes Ljungberg 59a66f0512 Refs #33342 -- Deprecated ExclusionConstraint.opclasses. 2021-12-27 08:55:18 +01:00
Hannes Ljungberg 0e656c02fe Fixed #33342 -- Added support for using OpClass() in exclusion constraints. 2021-12-24 11:39:00 +01:00
Mariusz Felisiak ca04659b4b
Refs #32355 -- Bumped required psycopg2 version to 2.8.4. 
psycopg2 2.8.4 is the first release to support Python 3.8.
 2021-12-22 20:32:55 +01:00
David Smith 78f062f63e Refs #31026 -- Updated TemplatesSetting docs to refer to forms. 2021-12-22 08:03:47 +01:00
Adam Johnson fde425051c
Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs. 2021-12-22 07:59:24 +01:00
Brenton Partridge 19fb838803 Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64. 2021-12-21 13:00:09 +01:00
Adam Johnson b0d16d0129 Changed signatures of setting_changed signal receivers. 2021-12-17 13:07:04 +01:00
Simon Charette 4328970780 Fixed #33366 -- Fixed case handling with swappable setting detection in migrations autodetector. 
The migration framework uniquely identifies models by case insensitive
labels composed of their app label and model names and so does the app
registry in most of its methods (e.g. AppConfig.get_model) but it
wasn't the case for get_swappable_settings_name() until this change.

This likely slipped under the radar for so long and only regressed in
b9df2b74b9 because prior to the changes
related to the usage of model states instead of rendered models in the
auto-detector the exact value settings value was never going through a
case folding hoop.

Thanks Andrew Chen Wang for the report and Keryn Knight for the
investigation.
 2021-12-17 07:46:58 +01:00
Mariusz Felisiak 40165eecc4
Fixed #33350 -- Reallowed using cache decorators with duck-typed HttpRequest. 
Regression in 3fd82a6241.

Thanks Terence Honles for the report.
 2021-12-16 20:13:17 +01:00
mgaligniana 068b2c072b Fixed #30127 -- Deprecated name argument of cached_property(). 2021-12-16 18:52:27 +01:00
Mariusz Felisiak 5de12a369a
Refs #33365, Refs #30530 -- Doc'd re_path() behavior change in Django 2.2.25, 3.1.14, and 3.2.10. 
Follow up to d4dcd5b9dd.
 2021-12-15 18:54:02 +01:00
mgaligniana ac5cc6cf01 Fixed #33316 -- Added pagination to admin history view. 2021-12-15 10:54:08 +01:00
Jacob Walls 76ccce64cc Fixed #16063 -- Adjusted admin changelist searches spanning multi-valued relationships. 
This reduces the likelihood of admin searches issuing queries with
excessive joins.
 2021-12-15 08:14:19 +01:00
Jeremy Lainé 2f33217ea2 Fixed #33361 -- Fixed Redis cache backend crash on booleans. 2021-12-14 07:16:30 +01:00
Adam Johnson 41329b9852
Improved wording in password validators docs and docstrings. 2021-12-13 18:53:07 +01:00
mgaligniana 669dcefc04 Fixed #33338 -- Doc'd that never_cache() decorator set Expires header. 2021-12-13 15:34:19 +01:00
Beomsoo Kim 7e4a9a9f69
Corrected example in models.DecimalField docs. 2021-12-13 07:20:35 +01:00
Wayne Lambert 8a8c8797e8
Updated link to Microsoft SQL Server backend. 2021-12-13 07:17:05 +01:00
David Smith eba9a9b7f7 Refs #32338 -- Added Boundfield.legend_tag(). 2021-12-09 07:16:33 +01:00
Ömer Faruk Abacı f04b44bad4 Refs #33319 -- Added note about commutation of QuerySet's | operator. 2021-12-08 21:16:24 +01:00
Baptiste Mispelon cb383753c0 Fixed #33346 -- Fixed SimpleTestCase.assertFormsetError() crash on a formset named "form". 
Thanks OutOfFocus4 for the report.

Regression in 456466d932.
 2021-12-08 20:33:03 +01:00
Shreya Bamne 8a4e506760 Fixed #19721 -- Allowed admin filters to customize the list separator. 2021-12-08 15:25:52 +01:00
Shreya Bamne 2b76f45749 Refs #19721 -- Corrected list formatting in admin filters docs. 2021-12-08 14:27:53 +01:00
Nick Pope dfdf1c6864 Improved release notes wording for template-based form rendering. 2021-12-07 12:44:33 +01:00
Mariusz Felisiak adef3d975e Added stub release notes for 4.0.1. 2021-12-07 10:41:32 +01:00
Mariusz Felisiak d7bd9eb6cd Finalized release notes for Django 4.0. 2021-12-07 10:02:41 +01:00
Mariusz Felisiak 513441240f
Updated asgiref dependency for 4.0 release series. 2021-12-07 09:49:39 +01:00
Mariusz Felisiak 8747052411 Added CVE-2021-44420 to security archive. 2021-12-07 08:51:26 +01:00
Florian Apolloner d4dcd5b9dd Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths. 
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
 2021-12-07 06:28:08 +01:00
Hannes Ljungberg 1eaf38fa87 Fixed #33335 -- Made model validation ignore functional unique constraints. 
Regression in 3aa545281e.

Thanks Hervé Le Roy for the report.
 2021-12-06 07:59:11 +01:00
Maxim Piskunov d3f4c2b95d Fixed #33078 -- Added support for language regions in i18n_patterns(). 2021-12-03 12:57:06 +01:00
Mariusz Felisiak 2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL. 
This makes models.BinaryField pickleable on PostgreSQL.

Regression in 3cf80d3fcf.

Thanks Adam Zimmerman for the report.
 2021-12-03 11:56:22 +01:00
Shivam Durgbuns d75c387f46 Fixed #33334 -- Alphabetized form and model fields in reference docs. 2021-12-02 08:33:26 +01:00
Przemysław Suliga 4ce59f602e Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting. 
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.

Thanks Florian Apolloner for reviews.
 2021-12-01 07:44:48 +01:00
Mariusz Felisiak ae4077e13e Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25. 2021-11-30 11:25:00 +01:00
Chris Jerdonek 5d80843ebc Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret. 
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.

Thanks Florian Apolloner and Shai Berger for reviews.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2021-11-29 10:47:39 +01:00
Baptiste Mispelon 528691d1b6 Fixed #33301 -- Clarified the type of arguments required by custom assertions. 2021-11-26 12:03:00 +01:00
Mariusz Felisiak 75ee7057e9
Refs #33163 -- Corrected example of connection signal handlers in AppConfig.ready(). 2021-11-26 11:16:35 +01:00
Ryuji Tsutsui b8c0b22f2f
Fixed typo in docs/releases/4.0.txt. 2021-11-24 17:38:35 +01:00
mgaligniana 7f8f69fb38 Fixed #33298 -- Added docs and tests for using Q objects with get_object_or_404()/get_list_or_404(). 2021-11-24 09:28:21 +01:00