761f449e0d
Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
...
Thanks to Dennis Brinkrolf for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
968a3d01fa
Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
...
Thanks Chris Bailey for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
b13d920b7b
Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases.
2021-12-28 08:47:33 +01:00
59a66f0512
Refs #33342 -- Deprecated ExclusionConstraint.opclasses.
2021-12-27 08:55:18 +01:00
0e656c02fe
Fixed #33342 -- Added support for using OpClass() in exclusion constraints.
2021-12-24 11:39:00 +01:00
ca04659b4b
Refs #32355 -- Bumped required psycopg2 version to 2.8.4.
...
psycopg2 2.8.4 is the first release to support Python 3.8.
2021-12-22 20:32:55 +01:00
19fb838803
Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64.
2021-12-21 13:00:09 +01:00
4328970780
Fixed #33366 -- Fixed case handling with swappable setting detection in migrations autodetector.
...
The migration framework uniquely identifies models by case insensitive
labels composed of their app label and model names and so does the app
registry in most of its methods (e.g. AppConfig.get_model) but it
wasn't the case for get_swappable_settings_name() until this change.
This likely slipped under the radar for so long and only regressed in
b9df2b74b9
2021-12-17 07:46:58 +01:00
40165eecc4
Fixed #33350 -- Reallowed using cache decorators with duck-typed HttpRequest.
...
Regression in 3fd82a6241
2021-12-16 20:13:17 +01:00
068b2c072b
Fixed #30127 -- Deprecated name argument of cached_property().
2021-12-16 18:52:27 +01:00
ac5cc6cf01
Fixed #33316 -- Added pagination to admin history view.
2021-12-15 10:54:08 +01:00
76ccce64cc
Fixed #16063 -- Adjusted admin changelist searches spanning multi-valued relationships.
...
This reduces the likelihood of admin searches issuing queries with
excessive joins.
2021-12-15 08:14:19 +01:00
2f33217ea2
Fixed #33361 -- Fixed Redis cache backend crash on booleans.
2021-12-14 07:16:30 +01:00
eba9a9b7f7
Refs #32338 -- Added Boundfield.legend_tag().
2021-12-09 07:16:33 +01:00
cb383753c0
Fixed #33346 -- Fixed SimpleTestCase.assertFormsetError() crash on a formset named "form".
...
Thanks OutOfFocus4 for the report.
Regression in 456466d932
2021-12-08 20:33:03 +01:00
8a4e506760
Fixed #19721 -- Allowed admin filters to customize the list separator.
2021-12-08 15:25:52 +01:00
dfdf1c6864
Improved release notes wording for template-based form rendering.
2021-12-07 12:44:33 +01:00
adef3d975e
Added stub release notes for 4.0.1.
2021-12-07 10:41:32 +01:00
d7bd9eb6cd
Finalized release notes for Django 4.0.
2021-12-07 10:02:41 +01:00
513441240f
Updated asgiref dependency for 4.0 release series.
2021-12-07 09:49:39 +01:00
8747052411
Added CVE-2021-44420 to security archive.
2021-12-07 08:51:26 +01:00
d4dcd5b9dd
Fixed #30530 , CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
...
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
2021-12-07 06:28:08 +01:00
d3f4c2b95d
Fixed #33078 -- Added support for language regions in i18n_patterns().
2021-12-03 12:57:06 +01:00
2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL.
...
This makes models.BinaryField pickleable on PostgreSQL.
Regression in 3cf80d3fcf
2021-12-03 11:56:22 +01:00
4ce59f602e
Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
...
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.
Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
ae4077e13e
Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25.
2021-11-30 11:25:00 +01:00
5d80843ebc
Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
...
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.
Thanks Florian Apolloner and Shai Berger for reviews.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
b8c0b22f2f
Fixed typo in docs/releases/4.0.txt.
2021-11-24 17:38:35 +01:00
aec71aaa5b
Fixed #33304 -- Allowed passing string expressions to Window(order_by).
2021-11-23 07:58:44 +01:00
e6e664a711
Fixed #33302 -- Made element_id optional argument for json_script template filter.
...
Added versionchanged note in documentation
2021-11-22 11:52:19 +01:00
5e218cc0b7
Added Malay language.
2021-11-18 20:57:50 +01:00
8d9827c06c
Fixed #33161 -- Enabled durability check for nested atomic blocks in TestCase.
...
Co-Authored-By: Adam Johnson <me@adamj.eu>
2021-11-12 13:05:56 +01:00
0b95a96ee1
Removed DatabaseIntrospection.get_key_columns().
...
Thanks Simon Charette for the report.
2021-11-10 16:38:43 +01:00
91acfc3514
Fixed #33264 -- Made test runner return non-zero error code for unexpected successes.
2021-11-08 20:19:21 +01:00
4f8c7fd9d9
Fixed #32980 -- Made models cache related managers.
2021-11-08 08:44:12 +01:00
ba9ced3e9a
Fixed #33253 -- Reverted "Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage."
...
This reverts commit 91e21836f6
2021-11-05 12:11:18 +01:00
2c01ebb4be
Refs #33263 -- Expanded release notes for DeleteView adopting FormMixin.
2021-11-05 09:22:53 +01:00
fc565cb539
Fixed #27147 -- Allowed specifying bounds of tuple inputs for non-discrete range fields.
2021-11-04 19:08:57 +01:00
60503cc747
Corrected multiply defined labels in docs.
2021-11-04 10:46:01 +01:00
d811fa1d10
Added stub release notes for Django 3.2.10.
2021-11-01 10:41:06 +01:00
7ec603ba25
Added release date for 3.2.9.
2021-11-01 10:18:49 +01:00
073b7b5915
Fixed #33228 -- Changed value of BaseDatabaseFeatures.has_case_insensitive_like to False.
2021-10-28 17:56:29 +02:00
3f1f8b9376
Fixed #33182 -- Moved admin dark mode vars to separate stylesheet and template block.
2021-10-27 10:34:01 +02:00
480191244d
Fixed #25916 -- Added lastmod support to sitemap index view.
...
Co-authored-by: Matthew Downey <matthew.downey@webit.com.au>
2021-10-21 15:26:22 +02:00
69b0736fad
Refs #32956 -- Changed docs to treat the acronym HTTP phonetically.
2021-10-18 21:00:28 +02:00
86971c4090
Fixed #33194 -- Fixed migrations when altering a field with functional indexes/unique constraints on SQLite.
...
This adjusts Expressions.rename_table_references() to only update alias
when needed.
Regression in 83fcfc9ec8
2021-10-18 08:25:23 +02:00
32f1fe5f89
Fixed #29470 -- Logged makemigrations automatic decisions in non-interactive mode.
2021-10-12 15:19:39 +02:00
604df4e0ad
Refs #32074 -- Doc'd Python 3.10 compatibility in Django 3.2.x.
2021-10-05 13:30:41 +02:00
c113f7fb0d
Added stub release notes for Django 3.2.9.
2021-10-05 09:39:20 +02:00
c5776bfca9
Added release date for 3.2.7.
2021-10-05 09:07:26 +02:00
Florian Apolloner
Carlton Gibson
Hannes Ljungberg
Mariusz Felisiak
Brenton Partridge
Simon Charette
mgaligniana
Jacob Walls
Jeremy Lainé
David Smith
Baptiste Mispelon
Shreya Bamne
Nick Pope
Maxim Piskunov
Przemysław Suliga
Chris Jerdonek
Ryuji Tsutsui
jhisham
Krzysztof Jagiello
Keryn Knight
Guilherme Martins Crocetti
Chinmoy
Matteo Vitali