Commit Graph

3551 Commits

Author SHA1 Message Date
Claude Paroz e663f695fb Fixed #31359 -- Deprecated get_random_string() calls without an explicit length. 2020-03-11 13:16:44 +01:00
Claude Paroz e3e48b0012
Fixed #30439 -- Added support for different plural forms for a language.
Thanks to Michal Čihař for review.
2020-03-10 15:56:32 +01:00
Carlton Gibson 692870b611 Removed trailing whitespace in 3.1 release notes. 2020-03-10 12:01:32 +01:00
Carlton Gibson a4200e958d Added stub release notes for 2.2.12. 2020-03-10 12:01:01 +01:00
Jon Dufresne eb77e80de0 Fixed #31349 -- Used :nth-child() CSS pseudo-class to style alternative rows in admin. 2020-03-09 12:34:32 +01:00
Jon Dufresne 769cee5252 Fixed #31327 -- Deprecated providing_args argument for Signal. 2020-03-05 09:38:52 +01:00
Mariusz Felisiak 1b3a900a69 Added stub release notes for 3.0.5. 2020-03-04 10:56:07 +01:00
Mariusz Felisiak 43f8ba1c7c Fixed typo in docs/releases/1.11.29.txt. 2020-03-04 10:46:43 +01:00
Mariusz Felisiak f37f9a0bf0 Added CVE-2020-9402 to security archive. 2020-03-04 09:59:07 +01:00
Mariusz Felisiak 6695d29b1c Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle.
Thanks to Norbert Szetei for the report.
2020-03-04 09:04:50 +01:00
Hannes Ljungberg 65ab4f9f03 Fixed #31147 -- Added SearchHeadline to django.contrib.postgres. 2020-03-03 15:39:52 +01:00
Mariusz Felisiak 7b8fa1653f Fixed #31150 -- Included subqueries that reference related fields in GROUP BY clauses.
Thanks Johannes Hoppe for the report.

Regression in fb3f034f1c.

Co-authored-by: Simon Charette <charette.s@gmail.com>
2020-03-03 11:25:37 +01:00
Claude Paroz d4fff711d4 Fixed #31274 -- Used signing infrastructure in SessionBase.encode()/decode().
Thanks Mariusz Felisiak and Florian Apolloner for the reviews.
2020-03-02 12:16:48 +01:00
Carlton Gibson 8b30360322
Fixed #31032 -- Updated admin browser support FAQ for 2020.
Following web standards, the modern _evergreen_ browsers are all
supported. This applies equally to mobile platforms. Assuming current
trends continue, this should be a sustainable policy.

Microsoft deprecated all versions of Internet Explorer. IE 11, the last
version, is described as a "compatibility solution" rather than a web
browser. Whilst it will receive security updates for the lifetime of
Windows 10 it's use is actively discouraged.

The IE 11 downloads page makes it clear: "We recommend you use the new
Microsoft Edge".
2020-02-28 12:39:14 +01:00
Simon Charette 41ebe60728 Fixed #31312 -- Properly ordered temporal subtraction params on MySQL.
Regression in 9bcbcd599a.

Thanks rick2ricks for the report.
2020-02-27 08:50:55 +01:00
Adam Johnson a6b3938afc
Fixed #31182 -- Adjusted release notes for ASGI support. 2020-02-20 15:05:47 +01:00
Claude Paroz 4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Mariusz Felisiak 2a038521c4
Fixed #31271 -- Preserved ordering when unifying query parameters on Oracle.
This caused misplacing parameters in logged SQL queries.

Regression in 79065b55a7.

Thanks Hans Aarne Liblik for the report.
2020-02-18 11:45:12 +01:00
Keshav Kumar f37d548ede Fixed #20995 -- Added support for iterables of template names to {% include %} template tag.
Thanks Adam Johnson for the review.
2020-02-18 06:56:05 +01:00
Claude Paroz da4923ea87 Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm. 2020-02-12 21:46:56 +01:00
Abhijeet Viswa 1712a76b9d Fixed #31246 -- Fixed locking models in QuerySet.select_for_update(of=()) for related fields and parent link fields with multi-table inheritance.
Partly regression in 0107e3d105.
2020-02-11 20:43:57 +01:00
Florian Apolloner 41a3b3d186 Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used.
Thanks to Oskar Persson for the report.
2020-02-11 20:39:12 +01:00
Jon Dufresne e3f6e18513 Fixed #31253 -- Fixed data loss possibility when using caching from async code.
Case missed in a415ce70be.
2020-02-11 09:09:25 +01:00
Mariusz Felisiak 7e8339748c Added stub release notes for 2.2.11. 2020-02-10 08:18:58 +01:00
Mariusz Felisiak 932bd794b2 Added "Bugfixes" section to release notes for 3.0.4. 2020-02-10 08:14:58 +01:00
Simon Charette 430e796980 Refs #31055 -- Made DiscoverRunner skip running system checks on unused test databases. 2020-02-07 11:01:31 +01:00
Simon Charette 0b83c8cc4d Refs #31055 -- Added --database option to the check management command.
This avoids enabling the ``database`` checks unless they are explicitly
requested and allows to disable on a per-alias basis which is required
when only creating a subset of the test databases.

This also removes unnecessary BaseCommand._run_checks() hook.
2020-02-07 11:01:31 +01:00
Jon Dufresne f48f671223 Refs #31233 -- Changed DatabaseWrapper._nodb_connection to _nodb_cursor().
It is now a method instead of a property and returns a context manager
that yields a cursor on entry and closes the cursor and connection upon
exit.
2020-02-06 15:29:38 +01:00
Adam Johnson 72b97a5b1e Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. 2020-02-05 14:39:01 +01:00
Adam Johnson de1924e0e7
Improved grammar in 3.0 release notes for SECURE_CONTENT_TYPE_NOSNIFF change. 2020-02-05 12:46:14 +01:00
Adam Johnson 469bf2db15 Fixed #31210 -- Doc'd how to reproduce HttpRequest.is_ajax() in release notes. 2020-02-04 12:21:48 +01:00
Adam Johnson 85cb59cba9 Fixed typo in docs/releases/3.1.txt. 2020-02-04 12:21:45 +01:00
Claude Paroz 8ae84156d6 Fixed #27604 -- Used the cookie signer to sign message cookies.
Co-authored-by: Craig Anderson <craiga@craiga.id.au>
2020-02-04 08:05:02 +01:00
Carlton Gibson 273918c25b Added stub release notes for 3.0.4. 2020-02-03 10:23:54 +01:00
Carlton Gibson d8b2ccbbb8 Added CVE-2020-7471 to security archive. 2020-02-03 10:11:34 +01:00
Carlton Gibson 1a2600d8df Added release date for 3.0.3. 2020-02-03 08:52:16 +01:00
Simon Charette eb31d84532 Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter. 2020-02-03 08:49:13 +01:00
Hasan Ramezani a97111eabf Fixed 31207 -- Prevented references to non-local remote fields in ForeignKey.to_field.
Thanks Simon Charette for the initial patch and review.
2020-01-31 10:19:12 +01:00
Mariusz Felisiak 0ac8ac8b0d
Refs #25778 -- Updated some links to HTTPS and new locations. 2020-01-29 09:34:37 +01:00
Nick Pope c9bf1910e2 Refs #30997 -- Added link to Fetch API in release notes. 2020-01-28 08:37:41 +01:00
Claude Paroz e348ab0d43 Fixed #30997 -- Deprecated HttpRequest.is_ajax(). 2020-01-27 08:54:32 +01:00
Claude Paroz 7fa0fa45c5 Refs #30997 -- Removed HttpRequest.is_ajax() usage. 2020-01-27 08:52:40 +01:00
Claude Paroz d66d72f956 Refs #30997 -- Added HttpRequest.accepts(). 2020-01-24 14:24:59 +01:00
Hasan Ramezani b94764e178 Fixed #27888 -- Added link to clear all filters in the admin changelist view. 2020-01-23 14:14:54 +01:00
Eugene Hatsko 0b013564ef Fixed #31190 -- Fixed prefetch_related() crash for GenericForeignKey with custom ContentType foreign key.
Regression in dffa3e1992.
2020-01-22 07:54:16 +01:00
Pavel Lysak 13e4abf83e Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. 2020-01-16 15:25:49 +01:00
Flavio Curella d08d4f464a Fixed #30765 -- Made cache_page decorator take precedence over max-age Cache-Control directive. 2020-01-16 13:39:16 +01:00
Carlton Gibson 29c126bb34 Fixed #31124 -- Fixed setting of get_FOO_display() when overriding inherited choices.
Regression in 2d38eb0ab9
2020-01-15 15:35:22 +01:00
Carlton Gibson 927c903f3c Refs #31097 -- Added release notes for 2f565f84ac.
.
2020-01-14 14:35:28 +01:00
Carlton Gibson 1f4b9f4f1f Removed unused ExceptionReporterFilter class.
Unused since 8f8c54f70b.
2020-01-11 20:18:38 +01:00