innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
12,058 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

12058 Commits

Author SHA1 Message Date
Tim Graham 83420e70ef [1.4.x] Fixed random aggregation_regress test_more_more_more() failure 
The cause was assuming that an unordered queryset returns the values
always in the same order.

Backport of 33dd8f5442
 2014-04-19 13:01:52 -04:00
Tim Graham f2a9f71565 [1.4.x] Updated six to 1.6.1. 
Backport of 2ec82c7387 from master
 2014-03-24 07:35:13 -04:00
Claude Paroz f108b1f7d7 [1.4.x] Clarified striptags documentation 
The fact that striptags cannot guarantee to really strip all
non-safe HTML content was not clear enough. Also see:
https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/

Partial backport (doc-only) of 6ca6c36f82 from master.
 2014-03-22 11:19:58 +01:00
Tim Graham b8713ee69a [1.4.x] Fixed #21195 -- Clarifed usage of template_name in tutorial part 4. 
Backport of b66a51ad54 from master.
 2014-03-05 22:35:37 +01:00
Tim Graham 74181c0a2c [1.4.x] Added release note stub for 1.4.11. 
Backport of dfa28981ce from master.
 2014-01-26 17:50:12 -05:00
Tim Graham 257f8528b7 [1.4.x] Fixed #21823 -- Upgraded six to 1.5.2 
Backport of 780ae7e9f8 from master.
 2014-01-26 15:52:39 -05:00
Tim Graham 85057522bc [1.4.x] Fixed #21869 -- Fixed docs building with Sphinx 1.2.1. 
Thanks tragiclifestories for the report.

Backport of e1d18b9d2e from master
 2014-01-24 09:05:59 -05:00
Jacob Kaplan-Moss 03d9b9ea0a [1.4.x] Added a note about LTS releases. 
Backport of a44cbca2a5 from master.
 2014-01-19 18:46:57 +01:00
Tim Graham 1036e3ec7c [1.4.x] Fixed #20052 -- Discouraged use of Jython given the current state of django-jython. 
Thanks Josh Juneau (maintainer of django-jython) for the review.

Backport of a67e327db5 from master
 2014-01-17 09:29:57 -05:00
Luke Plant 2c1d92bc64 Updated six to version 1.4.1 
This is not a bugfix. But six only exists on Django 1.4.x branch to help
with future compatibility, so it is helpful if it keeps up with latest
Django.
 2014-01-02 12:39:00 +00:00
Ben Spaulding 474e7dd6d0 [1.4.x] Fixed #21594 -- Added note about model formsets deleting objects. 
This behavior has been fixed in 65e03a424e. refs #10284.

Backport of de1d5d5df5 from stable/1.6.x.
 2013-12-11 14:49:22 -05:00
Aymeric Augustin 2d4f399ad4 [1.4.x] Fixed #21558 -- Support building CHM files. 
Thanks Michał Pasternak.

Backport of cd9e85ec from master.
 2013-12-04 16:52:30 +01:00
Alasdair Nicol 23126866ec [1.4.x] Fixed #21538 -- Added numpy to test/requirements/base.txt 
Thanks Tim Graham for the report

Backport of c75dd664c from master
 2013-12-02 13:45:56 -05:00
Aymeric Augustin 8e8584f959 [1.4.x] Removed obsolete deprecation notes. 2013-11-23 14:47:09 +01:00
Baptiste Mispelon 46755c50ee [1.4.x] Fix #20054: Removed links to modwsgi.org. 
Backport of 957fcd0c9f from master.
 2013-11-22 09:16:50 +01:00
Tim Graham c5d071f85a [1.4.x] Added 1.4.10 release notes to index. 2013-11-07 09:38:53 -05:00
James Bennett 30eb916bdb [1.4.x] Bump version info and add release notes for 1.4.10. 2013-11-06 08:17:26 -06:00
Florian Apolloner 848a759474 Fixed #21362 -- Restored Python 2.5 compatibility. 2013-11-02 18:18:18 +01:00
Aymeric Augustin b149d1fcd6 Merge pull request #1837 from loic/django14 
Fixed SyntaxError on Python 2.5 caused by a @unittest.skipIf class decoration.
 2013-11-01 01:21:34 -07:00
Loic Bistuer 7984b58e78 Fixed SyntaxError on Python 2.5 caused by a @unittest.skipIf class decoration. 2013-11-01 03:35:29 +07:00
Paolo Melchiorre d491702ed7 [1.4.x] Fixed typo in docs/releases/1.4.9.txt. 
Backport of 3b0293370a from master
 2013-10-25 07:55:50 -04:00
Tim Graham 11b750b031 [1.4.x] Bump version post-release. 2013-10-25 07:54:10 -04:00
James Bennett 8f36d1fd95 [1.4.x] Bump everything for 1.4.9 bugfix release. 2013-10-24 23:37:26 -05:00
Tim Graham 3a46f621fe [1.4.x] Bumped release date for 1.5.5 & 1.4.9. 
Backport of 4ce5c119b5 from master
 2013-10-23 18:29:53 -04:00
Shai Berger 6de3726423 Fixed #13245: Explained Oracle's behavior w.r.t db_table 
and how to prevent table-name truncation

Thanks russellm & timo for discussion, and timo for review.

Backported from master 317040a73b
 2013-10-23 15:05:05 +03:00
Tim Graham ead7c496a4 [1.4.x] Added 1.4.9 release notes 
Backport of 2eb8f15516 from master
 2013-10-22 20:25:20 -04:00
Florian Apolloner c4f29c91f9 [1.4.x] Fixed #21253 -- PBKDF2 with cached HMAC key 
This gives a 2x speed increase compared to the existing implementation.

Thanks to Steve Thomas for the initial patch and Tim Graham for finishing it.

Backport of 1e4f53a6eb from master.
 2013-10-21 20:03:12 +02:00
Aymeric Augustin ea04c81d37 [1.4.x] Fixed #21256 -- Error in datetime_safe.datetime.combine. 
Backport of d9b6fb8 from master
 2013-10-13 19:11:59 +02:00
Anssi Kääriäinen 037ec1054c [1.4.x] Fixed #21248 -- Skipped test_bcrypt if no py-bcrypt found 
Pre 1.6 Django worked only with py-bcrypt, not with bcrypt. Skipped
test_bcrypt when using bcrypt to avoid false positives.

Backpatch of 9f8a36eb20 from stable/1.5.x.
 2013-10-09 14:44:43 +03:00
Florian Apolloner e2403db95a [1.4.x] Fixed #21138 -- Increased the performance of our PBKDF2 implementation. 
Thanks go to Michael Gebetsroither for pointing out this issue and help on
the patch.

Backport of 68540fe4df from master.
 2013-09-24 21:20:19 +02:00
Florian Apolloner 0317edf0c7 Revert "[1.4.x] Ensure that passwords are never long enough for a DoS." 
This reverts commit 3f3d887a68.

This fix is no longer necessary, our pbkdf2 (see next commit) implementation
no longer rehashes the password every iteration.
 2013-09-24 21:19:20 +02:00
Tim Graham ca77e38d24 [1.4.x] Cleaned up 1.4.8 release notes 
Backport of 8d29005524 from master
 2013-09-15 14:29:40 -04:00
Tim Graham efee30e6b0 [1.4.x] Bump version post-release. 2013-09-15 12:59:10 -04:00
Claude Paroz 629813a804 [1.4.x] Fixed geos test to prevent random failure 
Points in the test fixtures have 20 as max coordinate.

Backport of 87854b0bdf from master.
 2013-09-15 11:45:16 +02:00
Russell Keith-Magee 6903d1690a [1.4.x] Removed usage of b"" string syntax for Python 2.5 compatibility. 
Refs commit 3f3d887a68.
 2013-09-15 14:02:38 +08:00
James Bennett 3ffc7b52f8 [1.4.x] Add release notes and bump version numbers for 1.4.8 security release. 2013-09-14 23:53:07 -06:00
Russell Keith-Magee 3f3d887a68 [1.4.x] Ensure that passwords are never long enough for a DoS. 
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
 * Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.

Backport of aae5a96d57 from master.
 2013-09-15 13:49:16 +08:00
Tim Graham 75d2bcda10 Fixed #18923 -- Corrected usage of sensitive_post_parameters in contrib.auth 
Thanks Collin Anderson for the report.

Backport of 425d076d0c from master
 2013-09-13 10:18:55 -04:00
Tim Graham cca302cde6 [1.4.x] Fixed #20887 -- Added a warning to GzipMiddleware in light of BREACH. 
Thanks EvilDMP for the report and Russell Keith-Magee
for the draft text.

Backport of da843e7dba from master
 2013-09-11 08:18:56 -04:00
Florian Apolloner 434d122a74 Merge pull request #1616 from loic/fix1.4 
Fixed failing test introduced by 87d2750b39.
 2013-09-11 04:30:45 -07:00
Tim Graham fba6af5a1e [1.4.x] Bump version post-release. 2013-09-11 07:06:09 -04:00
Loic Bistuer 3203f684e8 Fixed failing test introduced by 87d2750b39. 
The {% ssi %} tag in Django 1.4 doesn't support spaces in its argument.
Skip the test if run from a location that contains a space.
 2013-09-11 18:05:39 +07:00
James Bennett 701c1a11bc [1.4.x] Bump version numbers for 1.4.7 security release. 2013-09-10 20:15:38 -05:00
Tim Graham d1dc8a0d00 Added 1.4.7 release notes 
Backport of baec6a26dd from master
 2013-09-10 21:09:47 -04:00
Tim Graham 87d2750b39 [1.4.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths. 
Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.

Backport of 7fe5b656c9 from master
 2013-09-10 21:05:47 -04:00
Садовский Николай 9ab7ed9b72 [1.4.x] Fixed #20707 -- Added explicit quota assignment to Oracle test user 
To enable testing on Oracle 12c
 2013-09-09 15:13:18 +03:00
Shai Berger 7826824aef [1.4.x] Fixed #20907 - Test failure on Oracle 
Backport of the Oracle-specific part of commit a18e43c5bb
from master. This commit made get_indexes more consistent across
backends.

Thanks Tim Graham for pointer to the commit, akaariai and ikelly
for the original commit.
 2013-08-18 01:45:01 +03:00
Shai Berger d9dc98159d [1.4.x] Fixed #20904: Test failure on Oracle 
Just skip the failing test, the failure isn't really relevant; also,
both the test and the reason for its failure were removed in 1.5.

Thanks Tim Graham for advice on 1.5.
 2013-08-17 23:12:01 +03:00
Luke Plant d5da495a2e [1.4.x] Fixed #20906 -- Fixed a dependence on set-ordering in tests 
Backport of 1ae64e96c1 from master
 2013-08-16 17:55:08 -04:00
Anssi Kääriäinen bf611f14ec [1.4.x] Fixed #20905 -- Fixed an Oracle-specific test case failure 
Made a test checking ORM-generated query string case-insensitive.

Backport of ee0a7c741e from master
 2013-08-16 12:23:05 -04:00