Florian Apolloner
df79ef03ac
[4.0.x] Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
...
Thanks Chris Bailey for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:10:14 +01:00
Luke Plant
7753169585
[4.0.x] Avoided suggestion of plain text database password in sessions topic.
...
Backport of ccafad2e42
from main
2022-01-04 06:48:19 +01:00
Mariusz Felisiak
fe59bf202d
[4.0.x] Fixed #33391 -- Clarified Aggregate.empty_result_set_value docs.
...
Backport of 4400d8568a
from main
2021-12-31 06:49:55 +01:00
mangelozzi
b93fb3d6be
[4.0.x] Improved @display(empty_value) example in ModelAdmin.empty_value_display docs.
...
Backport of eb901681ab
from main
2021-12-30 11:39:45 +01:00
Jacob Walls
c46e996307
[4.0.x] Fixed #27936 -- Rewrote spanning multi-valued relationships docs.
...
Backport of 6174814dbe
from main
2021-12-30 09:05:29 +01:00
Mariusz Felisiak
e9b023b8e4
[4.0.x] Added default values to Entry's fields in making queries docs.
...
This makes it easier to create a data in examples.
Backport of 1283458baa
from main
2021-12-30 09:05:20 +01:00
Sergey Fursov
76d24d5f16
[4.0.x] Updated example of YAML serialization format in docs.
...
Backport of feeb0685c6
from main
2021-12-28 13:39:06 +01:00
Carlton Gibson
c9ec72ea1b
[4.0.x] Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases.
...
Backport of b13d920b7b
from main.
2021-12-28 10:08:54 +01:00
Mariusz Felisiak
b5f60ef5a7
[4.0.x] Refs #32355 -- Bumped required psycopg2 version to 2.8.4.
...
psycopg2 2.8.4 is the first release to support Python 3.8.
Backport of ca04659b4b
from main
2021-12-22 20:33:49 +01:00
David Smith
a0e01b000a
[4.0.x] Refs #31026 -- Updated TemplatesSetting docs to refer to forms.
...
Backport of 78f062f63e
from main
2021-12-22 08:43:44 +01:00
Adam Johnson
ad09b1687d
[4.0.x] Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs.
...
Backport of fde425051c
from main
2021-12-22 07:59:58 +01:00
Brenton Partridge
b85ceaaba6
[4.0.x] Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64.
...
Backport of 19fb838803
from main
2021-12-21 13:36:08 +01:00
Simon Charette
7e6a2e3b45
[4.0.x] Fixed #33366 -- Fixed case handling with swappable setting detection in migrations autodetector.
...
The migration framework uniquely identifies models by case insensitive
labels composed of their app label and model names and so does the app
registry in most of its methods (e.g. AppConfig.get_model) but it
wasn't the case for get_swappable_settings_name() until this change.
This likely slipped under the radar for so long and only regressed in
b9df2b74b9
because prior to the changes
related to the usage of model states instead of rendered models in the
auto-detector the exact value settings value was never going through a
case folding hoop.
Thanks Andrew Chen Wang for the report and Keryn Knight for the
investigation.
Backport of 4328970780
from main
2021-12-17 10:00:33 +01:00
Mariusz Felisiak
c1d2e8b9b8
[4.0.x] Fixed #33350 -- Reallowed using cache decorators with duck-typed HttpRequest.
...
Regression in 3fd82a6241
.
Thanks Terence Honles for the report.
Backport of 40165eecc4
from main
2021-12-16 20:14:17 +01:00
Mariusz Felisiak
267a743bf2
[4.0.x] Refs #33365 , Refs #30530 -- Doc'd re_path() behavior change in Django 2.2.25, 3.1.14, and 3.2.10.
...
Follow up to d4dcd5b9dd
.
Backport of 5de12a369a
from main
2021-12-15 18:54:35 +01:00
Jeremy Lainé
3b03bce122
[4.0.x] Fixed #33361 -- Fixed Redis cache backend crash on booleans.
...
Backport of 2f33217ea2
from main
2021-12-14 08:46:16 +01:00
mgaligniana
cc5bbd447b
[4.0.x] Fixed #33338 -- Doc'd that never_cache() decorator set Expires header.
...
Backport of 669dcefc04
from main
2021-12-13 18:38:48 +01:00
Beomsoo Kim
c607ee949d
[4.0.x] Corrected example in models.DecimalField docs.
...
Backport of 7e4a9a9f69
from main
2021-12-13 07:20:56 +01:00
Wayne Lambert
e39e5fa8e6
[4.0.x] Updated link to Microsoft SQL Server backend.
...
Backport of 8a8c8797e8
from main
2021-12-13 07:17:33 +01:00
Ömer Faruk Abacı
bb8435f5db
[4.0.x] Refs #33319 -- Added note about commutation of QuerySet's | operator.
...
Backport of f04b44bad4
from main
2021-12-08 21:59:40 +01:00
Baptiste Mispelon
15031852c5
[4.0.x] Fixed #33346 -- Fixed SimpleTestCase.assertFormsetError() crash on a formset named "form".
...
Thanks OutOfFocus4 for the report.
Regression in 456466d932
.
Backport of cb383753c0
from main.
2021-12-08 21:13:00 +01:00
Nick Pope
b7f2afa8de
[4.0.x] Improved release notes wording for template-based form rendering.
...
Backport of dfdf1c6864
from main
2021-12-07 13:35:03 +01:00
Mariusz Felisiak
81a90b5bc3
[4.0.x] Added stub release notes for 4.0.1.
...
Backport of adef3d975e
from main
2021-12-07 10:42:26 +01:00
Mariusz Felisiak
677c553699
[4.0.x] Post-release version bump.
2021-12-07 10:16:37 +01:00
Mariusz Felisiak
67d0c4644a
[4.0.x] Bumped version for 4.0 release.
2021-12-07 10:10:26 +01:00
Mariusz Felisiak
0f4fa0caee
[4.0.x] Finalized release notes for Django 4.0.
...
Backport of d7bd9eb6cd
from main
2021-12-07 10:03:39 +01:00
Mariusz Felisiak
01c0fb9d19
[4.0.x] Updated asgiref dependency for 4.0 release series.
...
Backport of 513441240f
from main
2021-12-07 09:55:18 +01:00
Mariusz Felisiak
7f20e89453
[4.0.x] Added CVE-2021-44420 to security archive.
...
Backport of 8747052411
from main
2021-12-07 08:53:48 +01:00
Florian Apolloner
20b9ad36ff
[4.0.x] Fixed #30530 , CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
...
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
Backport of d4dcd5b9dd
from main.
2021-12-07 06:29:34 +01:00
Mariusz Felisiak
4c5215ab03
[4.0.x] Updated translations from Transifex.
...
This also fixes related i18n tests.
Co-authored-by: Claude Paroz <claude@2xlibre.net>
2021-12-06 20:29:53 +01:00
Hannes Ljungberg
fed7f992ac
[4.0.x] Fixed #33335 -- Made model validation ignore functional unique constraints.
...
Regression in 3aa545281e
.
Thanks Hervé Le Roy for the report.
Backport of 1eaf38fa87
from main
2021-12-06 13:28:54 +01:00
Mariusz Felisiak
7bde53a7ae
[4.0.x] Refs #33333 -- Fixed PickleabilityTestCase.test_annotation_with_callable_default() crash on Oracle.
...
Grouping by LOBs is not allowed on Oracle. This moves a binary field to
a separate model.
Backport of d3a64bea51
from main
2021-12-04 15:55:31 +01:00
Mariusz Felisiak
2c20883cb0
[4.0.x] Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL.
...
This makes models.BinaryField pickleable on PostgreSQL.
Regression in 3cf80d3fcf
.
Thanks Adam Zimmerman for the report.
Backport of 2c7846d992
from main.
2021-12-03 11:58:55 +01:00
Shivam Durgbuns
306fbf197a
[4.0.x] Fixed #33334 -- Alphabetized form and model fields in reference docs.
...
Backport of d75c387f46
from main
2021-12-02 10:12:31 +01:00
Mariusz Felisiak
2fa95bfbd4
[4.0.x] Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25.
...
Backport of ae4077e13e
from main
2021-11-30 11:26:10 +01:00
Baptiste Mispelon
aa0c8ff9a0
[4.0.x] Fixed #33301 -- Clarified the type of arguments required by custom assertions.
...
Backport of 528691d1b6
from main
2021-11-26 18:46:58 +01:00
Mariusz Felisiak
1ab5842760
[4.0.x] Refs #33163 -- Corrected example of connection signal handlers in AppConfig.ready().
...
Backport of 75ee7057e9
from main
2021-11-26 11:17:02 +01:00
Ryuji Tsutsui
5a61bdbb85
[4.0.x] Fixed typo in docs/releases/4.0.txt.
...
Backport of b8c0b22f2f
from main
2021-11-24 17:38:53 +01:00
Mariusz Felisiak
70b05c5374
[4.0.x] Corrected signatures of QuerySet's methods.
...
Backport of a17becf4c7
from main
2021-11-23 07:04:59 +01:00
Mariusz Felisiak
8e5405a47e
[4.0.x] Corrected isort example in coding style docs.
...
Follow up to e74b3d724e
.
Backport of 8b020f2e64
from main
2021-11-22 12:34:52 +01:00
Paolo Melchiorre
cf770b2b3d
[4.0.x] Corrected "pip install" call in coding style docs.
...
Backport of dd528cb2ce
from main
2021-11-22 09:57:23 +01:00
Mariusz Felisiak
4e3d14456b
[4.0.x] Bumped version for 4.0 release candidate 1.
2021-11-22 07:29:13 +01:00
jhisham
35c63c0513
[4.0.x] Added Malay language.
...
Backport of 5e218cc0b7
from main
2021-11-18 22:05:27 +01:00
Adam Johnson
3b09e86fa3
[4.0.x] Configured Read The Docs to build all formats.
...
`all` acts as an alias for all formats ([docs](https://docs.readthedocs.io/en/stable/config-file/v2.html#formats )). Whilst there are only three formats right now, this would auto expand to other formats in the future, which seems desirable?
Backport of 1fe23bdd29
from main
2021-11-18 12:23:50 +01:00
Mariusz Felisiak
b41f669049
[4.0.x] Fixed crash building HTML docs since Sphinx 4.3.
...
See dd2ff3e911
.
Backport of f0480ddd2d
from main
2021-11-17 12:31:46 +01:00
Roxane
350d15d79c
[4.0.x] Fixed #33163 -- Added example of connection signal handlers in AppConfig.ready() to docs.
...
Backport of 2d124f6a1c
from main
2021-11-17 12:30:19 +01:00
Can Sarigol
d54aa49a7d
[4.0.x] Fixed #33279 -- Fixed handling time zones with "-" sign in names.
...
Thanks yakimka for the report.
Regression in fde9b7d35e
.
Backport of 661316b066
from main.
2021-11-12 11:14:08 +01:00
Mariusz Felisiak
45de30dc69
[4.0.x] Refs #33263 -- Added warning to BaseDeleteView when delete() method is overridden.
...
Follow up to 3a45fea083
.
Backport of 6bc437c0d8
from main
2021-11-09 09:04:12 +01:00
Mariusz Felisiak
b7b3bbc835
[4.0.x] Fixed #33253 -- Reverted "Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage."
...
This reverts commit 91e21836f6
.
`export` and `import` directives have several syntax variants and not
all of them were properly covered.
Thanks Hervé Le Roy for the report.
Backport of ba9ced3e9a
from main
2021-11-05 12:11:59 +01:00
Carlton Gibson
3151daaa6c
[4.0.x] Refs #33263 -- Expanded release notes for DeleteView adopting FormMixin.
...
Backport of 2c01ebb4be
from main
2021-11-05 10:27:40 +01:00