Commit Graph

11988 Commits

Author SHA1 Message Date
Carlton Gibson 7a60670b78 Added stub release notes for 3.1.2. 2020-09-01 10:45:12 +02:00
Carlton Gibson 976e2b7420 Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
Mariusz Felisiak 1853724aca Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 2020-09-01 09:17:23 +02:00
Mariusz Felisiak 8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
007gzs 2bc38bc7ca Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar. 2020-09-01 07:51:22 +02:00
Abdullah Dursun fcad0b1324
Corrected note about long names in search docs. 2020-08-31 22:36:25 +02:00
Hasan Ramezani 70731fc6fe Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers. 2020-08-31 10:57:41 +02:00
Federico Jaramillo Martínez 179d9dc0c2 Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
Simon Charette f6405c0b8e Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
The optimization introduced in 7acef095d7 did not properly handle
deletion involving filters against aggregate annotations.

It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031.

Thanks Anton Plotkin for the report.

Refs #23576.
2020-08-31 08:11:28 +02:00
Mariusz Felisiak 0be51d2226 Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
Kevin Michel 825ce75fae Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.

This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.

Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
Mariusz Felisiak e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator.
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
2020-08-28 05:57:36 +02:00
Mariusz Felisiak 1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.

Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
Kaustubh b9be11d442 Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field. 2020-08-26 09:43:39 +02:00
Michael Galler 547a07fa7e Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
Mariusz Felisiak 0b0658111c Removed trailing whitespace in 3.2 release notes. 2020-08-25 10:02:56 +02:00
Cleiton de Lima 9f8c7d2b4b
Moved CreateExtension release notes into django.contrib.postgres section. 2020-08-25 06:13:19 +02:00
Mariusz Felisiak bb8f66934d Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context."
This reverts commit 4ed534758c.
2020-08-24 11:37:59 +02:00
Mariusz Felisiak 04e87e79a0 Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning."
This reverts commit 20799cc0a6.
2020-08-24 11:37:59 +02:00
Kaustubh 3e753d3de3
Fixed #31925 -- Fixed typo in docs/releases/3.0.txt. 2020-08-21 09:47:37 +02:00
Ninad Kulkarni 927bd888dd Fixed #31906 -- Fixed typo in docs/ref/forms/fields.txt. 2020-08-21 08:14:07 +02:00
Juan Pedro Fisanotti 41725602af
Improved wording in async views docs. 2020-08-20 09:06:50 +02:00
Enderson Menezes 67e4a9a4b9 Fixed #31909 -- Fixed typo in docs/ref/contrib/admin/index.txt. 2020-08-20 07:34:03 +02:00
Mariusz Felisiak 4376c2c7f8
Fixed #31895 -- Fixed crash when decoding invalid session data.
Thanks Matt Hegarty for the report.
Regression in d4fff711d4.
2020-08-19 12:06:00 +02:00
David Smith e2e34f4de3
Fixed #27679 -- Doc'd that empty formsets display extra + min_num forms. 2020-08-18 22:56:39 +02:00
Mariusz Felisiak 35b03788b0 Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms.
Follow up to 162765d6c3.
2020-08-18 09:37:15 +02:00
Mariusz Felisiak 3254991762 Refs #20347 -- Allowed customizing the maximum number of instantiated forms in generic_inlineformset_factory().
Follow up to 433dd737f9.
2020-08-18 09:37:15 +02:00
Mariusz Felisiak 13704b057d
Refs #17642 -- Doc'd min_num and validate_min arguments in modelformset_factory() docs.
Changed arguments ordering to match the modelformset_factory()
signature.
2020-08-18 09:30:31 +02:00
Mariusz Felisiak d534b5734f
Fixed typo in docs/ref/django-admin.txt. 2020-08-18 06:28:30 +02:00
Jon Dufresne dd5173ca1b Fixed #31892 -- Added backward incompatibility note about Media <script> tags changes.
Refs 31080.
2020-08-17 10:13:18 +02:00
Ahmad A. Hussein 61a0ba43cf Refs #31811 -- Added optional timing outputs to the test runner. 2020-08-13 17:17:15 +02:00
Mariusz Felisiak 21768a99f4
Refs #31863 -- Added release notes for 94ea79be13. 2020-08-13 16:29:55 +02:00
Adam Johnson 20799cc0a6 Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning.
SimpleLazyObjects cause a crash when filtering.

Thanks Tim L. White for the report.
Regression in 4ed534758c.
2020-08-13 07:26:10 +02:00
Tom Carrick 63300f7e68 Fixed #21181 -- Added Collate database function.
Thanks Simon Charette for reviews.
2020-08-11 22:21:08 +02:00
Daniel Hillier 60626162f7 Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()). 2020-08-11 11:55:10 +02:00
Carlton Gibson 0aeb802cf0 Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging.
Thanks to Mariusz Felisiak for review.
2020-08-11 11:42:15 +02:00
Mariusz Felisiak 8a5683b6b2 Added stub release notes for 2.2.16 and 3.0.10. 2020-08-11 10:31:44 +02:00
Roy Zheng 804f2b7024 Added note about password updates on argon2 attributes change. 2020-08-11 07:51:27 +02:00
Uri b2b0711b55 Refs #31864 -- Doc'd that DEFAULT_HASHING_ALGORITHM requires 3.1.1+ in release notes. 2020-08-08 17:32:28 +02:00
Mariusz Felisiak 99abfe8f4d
Fixed #31864 -- Fixed encoding session data during transition to Django 3.1.
Thanks אורי for the report.
2020-08-07 21:42:39 +02:00
Adam Alton 6e9c5ee88f
Removed unnecessary sentence in QuerySet docs. 2020-08-07 08:05:47 +02:00
Thomas cdead4f013 Fixed typo in docs/ref/contrib/postgres/fields.txt. 2020-08-07 07:33:11 +02:00
Nick Pope 0a306f7da6 Fixed #25513 -- Extracted admin pagination to Paginator.get_elided_page_range(). 2020-08-06 12:38:56 +02:00
Nick Pope b203ec70fd Refs #25513 -- Adjusted admin pagination to be 1-indexed. 2020-08-06 12:38:56 +02:00
Phil Jones 1bd1264f2e
Added Hypercorn to ASGI deployment guide. 2020-08-05 12:14:06 +02:00
David Smith 2c2f4b3799 Fixed #29336 -- Doc'd circular template inheritance 2020-08-05 11:36:14 +02:00
Mariusz Felisiak e70dc506d7 Fixed #31854 -- Fixed wrapping of long model names in admin's sidebar. 2020-08-05 10:54:25 +02:00
007gzs b0af56f639 Fixed #31853 -- Fixed wrapping of translated action labels in admin sidebar. 2020-08-05 10:24:16 +02:00
Jacob Walls c7e7f176c1 Fixed #26977 -- Made abstract models raise TypeError when instantiating. 2020-08-05 06:37:04 +02:00
Mariusz Felisiak 6c19230297 Added stub release notes for 3.1.1. 2020-08-04 10:34:38 +02:00