282d58e193
Refs #25232 -- Simplified ModelBackend.user_can_authenticate().
...
Thanks Jay Turner for the suggestion.
2022-07-11 20:27:11 +02:00
5e2f4ddf29
Refs CVE-2022-34265 -- Unified DatabaseOperations._convert_*_to_tz() hook names.
2022-07-09 13:02:07 +02:00
eb3699ea77
Fixed #33718 -- Dropped support for MySQL 5.7.
2022-07-08 13:30:12 +02:00
ccbf714ebe
Fixed #33829 -- Made BaseConstraint.deconstruct() and equality handle violation_error_message.
...
Regression in 667105877e
2022-07-08 08:17:42 +02:00
41019e48bb
Refs #27236 -- Added generic mechanism to handle the deprecation of migration operations.
2022-07-08 07:05:55 +02:00
57793b4765
Refs #27236 -- Refactored out DeprecationForHistoricalMigrationMixin.
2022-07-07 12:21:35 +02:00
6f80050496
Fixed #33781 -- Restored alignment for admin split-field timezone warnings.
...
Regression in f3e2bb0833#33750 and #27207 .
2022-07-07 11:32:05 +02:00
608ab043f7
Fixed #33826 -- Fixed RedisCache.set_many()/delete_many() crash with an empty list.
2022-07-06 10:45:52 +02:00
fcee0d3fb6
Used list comprehensions in RedisCache.delete_many().
2022-07-06 10:37:20 +02:00
3926e35aa8
Fixed #33823 -- Made inspectdb generate unique related_name when reverse accessor clashes.
2022-07-06 09:35:50 +02:00
877c800f25
Refs CVE-2022-34265 -- Properly escaped Extract() and Trunc() parameters.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-07-06 07:40:07 +02:00
18c5ba07cc
Fixed #33822 -- Fixed save() crash on model formsets when not created by modelformset_factory().
...
Thanks Claude Paroz for the report.
Regression in e87f57fdb8
2022-07-05 07:19:18 +02:00
249ecc437f
Fixed #33815 -- Fixed last_executed_query() on Oracle when parameter names overlap.
2022-07-05 05:53:49 +02:00
54eb8a374d
Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
...
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
2022-07-04 08:13:41 +02:00
425718726b
Fixed #33816 -- Fixed QuerySet.only() after select_related() crash on proxy models.
2022-07-04 06:37:36 +02:00
03eec9ff6c
Updated vendored _urlsplit() to strip newline and tabs.
...
Refs Python CVE-2022-0391. Django is not affected, but others who
incorrectly use internal function url_has_allowed_host_and_scheme()
with unsanitized input could be at risk.
2022-07-01 08:48:38 +02:00
72e41a0df6
Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script().
2022-06-28 10:54:38 +02:00
d4d5427571
Refs #33697 -- Used django.utils.http.parse_header_parameters() for parsing boundary streams.
...
This also removes unused parse_header() and _parse_header_params()
helpers in django.http.multipartparser.
2022-06-28 09:42:47 +02:00
bff5c114be
Removed unnecessary _parse_header() from MultiPartParser.
...
Reraising ValueError was unused since its introduction in
d725cc9734
2022-06-28 09:27:03 +02:00
d6e0c7c30c
Refs #33697 -- Made MediaType use django.utils.http.parse_header_parameters().
2022-06-28 07:33:41 +02:00
eb7b8f3699
Fixed #33805 -- Made admin's many-to-many widgets do not display help text for selecting values when allow_multiple_selected is False.
2022-06-28 06:04:42 +02:00
c48b34e26d
Refs #32786 -- Made query clear ordering when ordered combined queryset is used in subquery on Oracle.
2022-06-27 06:21:31 +02:00
20b6e30858
Refs #33713 -- Removed unnecessary skip for MariaDB 10.3.
2022-06-27 06:21:31 +02:00
44ffd8d06f
Fixed #33796 -- Fixed ordered combined queryset crash when used in subquery on PostgreSQL and MySQL.
...
Thanks Shai Berger for the report.
Regression in 30a0144134
2022-06-27 06:21:31 +02:00
083bfca6b6
Fixed #33800 -- Fixed system check for the same template tag module in installed apps and template tag libraries.
...
Thanks Claude Paroz for the report.
Regression in 004b4620f6
2022-06-23 20:22:59 +02:00
c627226d05
Fixed #33799 , Refs #31685 -- Added parameters for updating conflicts to QuerySeta.abulk_create().
2022-06-23 11:12:35 +02:00
e6f36ea0a9
Made HashedFilesMixin ignore URLs without a path.
2022-06-23 08:59:49 +02:00
d80a258553
Fixed #33028 -- Used ModelAdmin's opts attribute instead of model._meta.
2022-06-22 07:50:24 +02:00
de74a74b4b
Fixed #33794 -- Fixed string-casting of GIS queries on PostgreSQL.
...
Regression in 64c3f049ea
2022-06-21 10:10:37 +02:00
2887b9f67c
Fixed #33657 -- Allowed customizing formatter class of argument parsers.
2022-06-20 17:34:52 +02:00
d7f5bfd241
Fixed #32969 -- Fixed pickling HttpResponse and subclasses.
2022-06-20 08:51:26 +02:00
901a169198
Fixed #23689 -- Made parsing HTTP Accept-Language header case-insensitive.
...
Thank you Daniel Samuels for test project.
2022-06-20 07:40:28 +02:00
d19a53d8e3
Fixed #33784 -- Removed unnecessary format escaping in admin calendar widget.
...
Replacements were added in fa0653cd1dd638cdc42a
2022-06-18 20:21:28 +02:00
8d160f154f
Fixed #33788 -- Added TrigramStrictWordSimilarity() and TrigramStrictWordDistance() on PostgreSQL.
2022-06-17 11:14:30 +02:00
3ef37a5245
Fixed #28897 -- Fixed QuerySet.update() on querysets ordered by annotations.
2022-06-17 10:06:17 +02:00
f4680a112d
Refs #28897 -- Added test for QuerySet.update() on querysets ordered by inline m2m annotation.
2022-06-17 10:06:12 +02:00
e286ce17ff
Fixed #24870 -- Added --update option to makemigrations command.
2022-06-17 07:50:39 +02:00
3893fcdd94
Refs #24870 -- Refactored out get_relative_path() hook in makemigrations.
2022-06-17 06:02:42 +02:00
759ff4862a
Fixed #33786 -- Confirmed support for GDAL 3.5.
2022-06-16 09:44:19 +02:00
d287294885
Fixed #33772 -- Added QuerySet.first()/last() error message on unordered queryset with aggregation.
2022-06-14 12:24:43 +02:00
de1c8320ce
Fixed #33773 -- Made Index with multiple fields respect DEFAULT_INDEX_TABLESPACE.
...
Thanks to Simon Charette for locating where issue lay.
2022-06-13 07:21:46 +02:00
4996eaa7b5
Made QuerySet.bulk_update() raise an error when batch_size is zero.
2022-06-13 06:25:25 +02:00
e96320c917
Fixed #33755 -- Moved ASGI body-file cleanup into request class.
2022-06-09 11:11:45 +02:00
c32858a8ce
Fixed #33565 -- Improved locale format validation for the makemessages command.
2022-06-08 16:17:12 +02:00
49b470b918
Refs #33697 -- Made MultiPartParser use django.utils.http.parse_header_parameters() for parsing Content-Type header.
2022-06-03 21:37:29 +02:00
d0863429a3
Fixed documentation of Widget.id_for_label() empty return value.
2022-06-03 12:19:47 +02:00
286e7d076c
Fixed #33764 -- Deprecated BaseUserManager.make_random_password().
2022-06-03 07:30:57 +02:00
fbac2a4dd8
Fixed #33700 -- Skipped extra resolution for successful requests not ending with /.
...
By moving a should_redirect_with_slash call out of an if block, commit
9390da7fb6434d309ef6#24720 ).
Meanwhile, the logging issue #26293 that it targeted was subsequently
fixed more fully by commit 40b69607c7#26504 ), so it is no longer needed. This effectively reverts it.
This speeds up successful requests not ending with / when APPEND_SLASH
is enabled (the default, and still useful in projects with a mix of
URLs with and without trailing /). The amount of speedup varies from
about 5% in a typical project to nearly 50% on a benchmark with many
routes.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-06-02 15:15:04 +02:00
798b6c23ee
Fixed #31788 -- Fixed migration optimization after altering field to ManyToManyField.
...
This makes AddField() used for altering to ManyToManyField, dependent
on the prior RemoveField.
2022-06-02 12:10:27 +02:00
6f73eb9d90
Fixed #33742 -- Added id to GeoJSON serializer.
2022-06-01 19:11:26 +02:00
f3e2bb0833
Fixed #33750 -- Fixed timezone warning alignment with help texts.
...
Previously help_text was wrapped in a paragraph, but the change to div
broke the alignment, refs #27207 .
2022-06-01 11:41:15 +02:00
46efd03d26
Fixed #33733 -- Preserved wrapper assignment for manager methods.
2022-06-01 10:44:34 +02:00
93cedc82f2
Refs #33697 -- Fixed multipart parsing of headers with double quotes and semicolons.
...
See 1ef0c0349e
2022-06-01 10:11:07 +02:00
295249c901
Fixed #32234 -- Made inspectdb inform about composite primary keys.
2022-06-01 08:40:44 +02:00
1058fc7023
Fixed #33191 -- Avoided clearing cached reference when saving child after parent.
...
Thanks Barry Johnson for the report.
2022-05-31 10:19:54 +02:00
f1e0fc645b
Fixed #33754 -- Fixed crash with prematurely closed ASGI request body.
...
Regression in 441103a04d
2022-05-31 08:38:00 +02:00
292f372768
Fixed #33748 -- Fixed date template filter crash with lazy format.
...
Regression in 659d2421c7
2022-05-31 06:09:39 +02:00
8c0886b068
Fixed #22078 -- Fixed crash of Feed with decorated methods.
2022-05-26 10:39:51 +02:00
b949e40e8c
Fixed #23740 -- Fixed removing unique_together constraint if exists primary key/unique constraint on the same field.
2022-05-26 08:33:07 +02:00
115a978fce
Refs #23740 -- Added BaseDatabaseSchemaEditor._unique_constraint_name().
2022-05-26 07:31:24 +02:00
8cf4de206c
Normalized decorator style for functools.wraps.
2022-05-25 10:58:48 +02:00
aff649a3bd
Normalized imports of functools.wraps.
...
@wraps is 10 times more common than @functools.wraps. Standardize to
the most common version.
2022-05-25 10:58:28 +02:00
6485894157
Renamed wrapped functions to wrapper.
...
All these functions are wrapping another function. They're the wrapper,
while the function they're wrapping is the wrapped.
2022-05-25 10:53:52 +02:00
90dcf27114
Fixed #33725 -- Made hidden quick filter in admin's navigation sidebar not focusable.
...
Regression in d915dd1c58780473d756
2022-05-21 13:37:53 +02:00
78bf1565c3
Fixed #33727 -- Fixed color contrasts in admin header.
2022-05-21 12:35:10 +02:00
0dd2920909
Fixed #33653 -- Fixed template crash when calling methods for built-in types without required arguments.
...
Regression in 09341856ed
2022-05-20 07:53:05 +02:00
1a78ef2b85
Fixed #33715 -- Allowed keyboard interrupt to abort queries in MySQL dbshell.
2022-05-20 07:11:51 +02:00
41c4cb253c
Fixed #33719 -- Fixed test command crash when running in parallel.
...
Thanks Pēteris Caune for the report.
Regression in 3b3f38b3b0
2022-05-19 10:20:51 +02:00
981c23c0cc
Fixed #33717 -- Dropped support for PostgreSQL 11.
2022-05-19 09:26:48 +02:00
9f55489529
Fixed #33705 -- Fixed crash when using IsNull() lookup in filters.
...
Thanks Florian Apolloner for the report.
Thanks Simon Charette for the review.
2022-05-19 07:02:22 +02:00
19297de2fe
Fixed #33713 -- Dropped support for MariaDB 10.3.
2022-05-18 08:38:08 +02:00
2cec020f5b
Refs #33379 -- Fixed minimum supported version of MariaDB.
2022-05-17 14:59:28 +02:00
3c6f1fd1f8
Increased the default PBKDF2 iterations for Django 4.2.
2022-05-17 14:22:06 +02:00
cdb2f7f36c
Advanced deprecation warnings for Django 4.2.
2022-05-17 14:22:06 +02:00
ff8e5eacda
Bumped version; main is now 4.2 pre-alpha.
2022-05-17 14:22:06 +02:00
4286378a08
Updated source translation catalogs.
...
Forward port of d1f1a0168a
2022-05-17 14:17:07 +02:00
d126eba363
Refs #32339 -- Deprecated default.html form template.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2022-05-17 11:16:54 +02:00
7f3cfaa12b
Fixed #32565 -- Moved internal URLResolver view-strings mapping to admindocs.
...
Moved the functionality of URLResolver._is_callback(),
URLResolver._callback_strs, URLPattern.lookup_str() to
django.contrib.admindocs.
2022-05-17 10:50:09 +02:00
2a5d2eefc7
Fixed #33683 -- Document HttpResponseBase and allow import from django.http
2022-05-17 09:51:16 +02:00
97f124f39e
Refs #27064 -- Made migrations generate RenameIndex operations when moving indexes from index_together to Meta.indexes.
2022-05-17 07:21:36 +02:00
a098cde968
Refs #27064 -- Refactored out MigrationAutodetector.create_renamed_fields().
2022-05-17 06:20:01 +02:00
c6cec3c2d2
Refs #27064 -- Made migrations generate RenameIndex operations when renaming Meta.indexes.
2022-05-16 17:46:24 +02:00
11310e9abb
Fixed #33710 -- Made RenameIndex operation a noop when the old and new name match.
2022-05-16 10:36:56 +02:00
76af861356
Fixed #27550 -- Allowed GEOSGeometry.normalize() to return a normalized clone.
2022-05-16 06:46:53 +02:00
d27e6b233f
Fixed #33681 -- Made Redis client pass CACHES["OPTIONS"] to a connection pool.
...
Thanks Ben Picolo for the report.
2022-05-16 06:17:40 +02:00
d3677043fc
Added backward compatibility test for ConnectionHandler.databases property.
...
The ConnectionHandler.databases property is no longer used within
Django, but it is maintained for backward compatibility with 3rd party
packages that have used this private API in the past.
2022-05-13 12:01:07 +02:00
19dc3f0f96
Fixed typo in Query.clone()'s docstring.
2022-05-13 06:56:20 +02:00
eacd4977f6
Refs #27064 -- Added RenameIndex migration operation.
2022-05-12 20:44:03 +02:00
20e65a34ae
Made closing in connection handlers more DRY.
2022-05-12 15:13:51 +02:00
3a82b5f655
Fixed #32559 -- Added 'step_size’ to numeric form fields.
...
Co-authored-by: Jacob Rief <jacob.rief@uibk.ac.at>
2022-05-12 14:16:52 +02:00
68da6b389c
Fixed #33543 -- Deprecated passing nulls_first/nulls_last=False to OrderBy and Expression.asc()/desc().
...
Thanks Allen Jonathan David for the initial patch.
2022-05-12 11:30:03 +02:00
2798c937de
Fixed #29538 -- Fixed crash of ordering by related fields when Meta.ordering contains expressions.
...
Thanks Simon Charette for the review.
2022-05-12 07:19:16 +02:00
34e2148fc7
Refs #33173 -- Removed use of deprecated cgi module.
...
https://peps.python.org/pep-0594/#cgi
2022-05-11 14:06:31 +02:00
02dbf1667c
Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher.
2022-05-11 09:13:45 +02:00
262fde94de
Fixed #33622 -- Allowed customizing error messages for invalid number of forms.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-05-10 13:42:31 +02:00
667105877e
Fixed #30581 -- Added support for Meta.constraints validation.
...
Thanks Simon Charette, Keryn Knight, and Mariusz Felisiak for reviews.
2022-05-10 11:22:23 +02:00
441103a04d
Refs #33173 , Refs #30451 -- Fixed ResourceWarning from unclosed body files in ASGI handler on Python 3.11+.
2022-05-10 09:57:28 +02:00
21d8ea4eb3
Corrected extract_views_from_urlpatterns()'s docstring.
2022-05-06 09:50:46 +02:00
dddc8bc47d
Fixed #33679 -- Fixed the last inline's id in admin for users without add permissions.
2022-05-06 08:36:04 +02:00
ec5659382a
Fixed #32339 -- Added div.html form template.
2022-05-05 14:32:43 +02:00
Tim Graham
Mariusz Felisiak
Stéphane "Twidi" Angel
David Wobrock
Carlton Gibson
Christos Kopanos
Vladimir Kochetkov
Simon Charette
Shawn Dong
Ipakeev
Michael Manfre
Hrushikesh Vaidya
Mehrdad
Ankur
DhruvaPatil98
Florian Apolloner
Marcelo Galigniana
Claude Paroz
Abhinav Yadav
Anv3sh
Zainab Amir
Matt Brewer
Pablo Pissi
Bruce Cutler
Ebram Shehata
Jonas Lundberg
Ronnie van den Crommenacker
Swann
Ciaran McCormick
Anders Kaseorg
Samir Shah
Florian Demmer
kshivakumar
Allen Jonathan David
Aymeric Augustin
Sankalp
Mohammed Y. Alnajdi
cheng
Hasan Ramezani
David Smith
Alokik Vijay
Collin Anderson
Nick Pope
非法操作
Kapil Bansal
Ed Rivas
Marc Seguí Coll
Gagaro
Nikita Sobolev
Daniel Hahler