Commit Graph

4146 Commits

Author SHA1 Message Date
Keryn Knight 2a66c102d9 Fixed #33425 -- Fixed view name for CBVs on technical 404 debug page.
Regression in 0c0b87725b.
2022-01-08 13:05:55 +01:00
David 4c60c3edff Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe.
Regression in 456466d932.

Thanks Matt Westcott for the report.
2022-01-07 15:35:31 +01:00
Baptiste Mispelon c67e1cf44f Refs #33348 -- Deprecated passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors(). 2022-01-06 17:29:32 +01:00
Petter Friberg bc174e6ea0 Fixed #33410 -- Fixed recursive capturing of callbacks by TestCase.captureOnCommitCallbacks().
Regression in d89f976bdd.
2022-01-06 06:38:17 +01:00
Carlton Gibson 63869ab1f1 Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security archive. 2022-01-04 11:30:11 +01:00
Carlton Gibson f38c66b555 Added stub release notes for Django 4.0.2. 2022-01-04 11:10:53 +01:00
Carlton Gibson 155e06a50b Corrected merge error in release notes. 2022-01-04 10:50:23 +01:00
Florian Apolloner 6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner 761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Florian Apolloner 968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Carlton Gibson b13d920b7b Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases. 2021-12-28 08:47:33 +01:00
Hannes Ljungberg 59a66f0512 Refs #33342 -- Deprecated ExclusionConstraint.opclasses. 2021-12-27 08:55:18 +01:00
Hannes Ljungberg 0e656c02fe Fixed #33342 -- Added support for using OpClass() in exclusion constraints. 2021-12-24 11:39:00 +01:00
Mariusz Felisiak ca04659b4b
Refs #32355 -- Bumped required psycopg2 version to 2.8.4.
psycopg2 2.8.4 is the first release to support Python 3.8.
2021-12-22 20:32:55 +01:00
Brenton Partridge 19fb838803 Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64. 2021-12-21 13:00:09 +01:00
Simon Charette 4328970780 Fixed #33366 -- Fixed case handling with swappable setting detection in migrations autodetector.
The migration framework uniquely identifies models by case insensitive
labels composed of their app label and model names and so does the app
registry in most of its methods (e.g. AppConfig.get_model) but it
wasn't the case for get_swappable_settings_name() until this change.

This likely slipped under the radar for so long and only regressed in
b9df2b74b9 because prior to the changes
related to the usage of model states instead of rendered models in the
auto-detector the exact value settings value was never going through a
case folding hoop.

Thanks Andrew Chen Wang for the report and Keryn Knight for the
investigation.
2021-12-17 07:46:58 +01:00
Mariusz Felisiak 40165eecc4
Fixed #33350 -- Reallowed using cache decorators with duck-typed HttpRequest.
Regression in 3fd82a6241.

Thanks Terence Honles for the report.
2021-12-16 20:13:17 +01:00
mgaligniana 068b2c072b Fixed #30127 -- Deprecated name argument of cached_property(). 2021-12-16 18:52:27 +01:00
mgaligniana ac5cc6cf01 Fixed #33316 -- Added pagination to admin history view. 2021-12-15 10:54:08 +01:00
Jacob Walls 76ccce64cc Fixed #16063 -- Adjusted admin changelist searches spanning multi-valued relationships.
This reduces the likelihood of admin searches issuing queries with
excessive joins.
2021-12-15 08:14:19 +01:00
Jeremy Lainé 2f33217ea2 Fixed #33361 -- Fixed Redis cache backend crash on booleans. 2021-12-14 07:16:30 +01:00
David Smith eba9a9b7f7 Refs #32338 -- Added Boundfield.legend_tag(). 2021-12-09 07:16:33 +01:00
Baptiste Mispelon cb383753c0 Fixed #33346 -- Fixed SimpleTestCase.assertFormsetError() crash on a formset named "form".
Thanks OutOfFocus4 for the report.

Regression in 456466d932.
2021-12-08 20:33:03 +01:00
Shreya Bamne 8a4e506760 Fixed #19721 -- Allowed admin filters to customize the list separator. 2021-12-08 15:25:52 +01:00
Nick Pope dfdf1c6864 Improved release notes wording for template-based form rendering. 2021-12-07 12:44:33 +01:00
Mariusz Felisiak adef3d975e Added stub release notes for 4.0.1. 2021-12-07 10:41:32 +01:00
Mariusz Felisiak d7bd9eb6cd Finalized release notes for Django 4.0. 2021-12-07 10:02:41 +01:00
Mariusz Felisiak 513441240f
Updated asgiref dependency for 4.0 release series. 2021-12-07 09:49:39 +01:00
Mariusz Felisiak 8747052411 Added CVE-2021-44420 to security archive. 2021-12-07 08:51:26 +01:00
Florian Apolloner d4dcd5b9dd Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
2021-12-07 06:28:08 +01:00
Maxim Piskunov d3f4c2b95d Fixed #33078 -- Added support for language regions in i18n_patterns(). 2021-12-03 12:57:06 +01:00
Mariusz Felisiak 2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL.
This makes models.BinaryField pickleable on PostgreSQL.

Regression in 3cf80d3fcf.

Thanks Adam Zimmerman for the report.
2021-12-03 11:56:22 +01:00
Przemysław Suliga 4ce59f602e Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.

Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
Mariusz Felisiak ae4077e13e Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25. 2021-11-30 11:25:00 +01:00
Chris Jerdonek 5d80843ebc Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.

Thanks Florian Apolloner and Shai Berger for reviews.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
Ryuji Tsutsui b8c0b22f2f
Fixed typo in docs/releases/4.0.txt. 2021-11-24 17:38:35 +01:00
Simon Charette aec71aaa5b Fixed #33304 -- Allowed passing string expressions to Window(order_by). 2021-11-23 07:58:44 +01:00
Baptiste Mispelon e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter.
Added versionchanged note in documentation
2021-11-22 11:52:19 +01:00
jhisham 5e218cc0b7 Added Malay language. 2021-11-18 20:57:50 +01:00
Krzysztof Jagiello 8d9827c06c Fixed #33161 -- Enabled durability check for nested atomic blocks in TestCase.
Co-Authored-By: Adam Johnson <me@adamj.eu>
2021-11-12 13:05:56 +01:00
Mariusz Felisiak 0b95a96ee1
Removed DatabaseIntrospection.get_key_columns().
Thanks Simon Charette for the report.
2021-11-10 16:38:43 +01:00
Baptiste Mispelon 91acfc3514 Fixed #33264 -- Made test runner return non-zero error code for unexpected successes. 2021-11-08 20:19:21 +01:00
Keryn Knight 4f8c7fd9d9 Fixed #32980 -- Made models cache related managers. 2021-11-08 08:44:12 +01:00
Mariusz Felisiak ba9ced3e9a
Fixed #33253 -- Reverted "Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage."
This reverts commit 91e21836f6.

`export` and `import` directives have several syntax variants and not
all of them were properly covered.

Thanks Hervé Le Roy for the report.
2021-11-05 12:11:18 +01:00
Carlton Gibson 2c01ebb4be Refs #33263 -- Expanded release notes for DeleteView adopting FormMixin. 2021-11-05 09:22:53 +01:00
Guilherme Martins Crocetti fc565cb539 Fixed #27147 -- Allowed specifying bounds of tuple inputs for non-discrete range fields. 2021-11-04 19:08:57 +01:00
Mariusz Felisiak 60503cc747
Corrected multiply defined labels in docs. 2021-11-04 10:46:01 +01:00
Mariusz Felisiak d811fa1d10 Added stub release notes for Django 3.2.10. 2021-11-01 10:41:06 +01:00
Mariusz Felisiak 7ec603ba25 Added release date for 3.2.9. 2021-11-01 10:18:49 +01:00
Chinmoy 073b7b5915
Fixed #33228 -- Changed value of BaseDatabaseFeatures.has_case_insensitive_like to False. 2021-10-28 17:56:29 +02:00