Commit Graph

30501 Commits

Author SHA1 Message Date
Adam Johnson 45a42aabfa Fixed #29708 -- Deprecated PickleSerializer. 2022-01-13 13:50:20 +01:00
Adam Johnson c920387fab Optimized SessionBase.get_expire_at_browser_close(). 2022-01-13 13:05:46 +01:00
Adam Johnson 436862787c Refs #29708 -- Made SessionBase store expiry as string. 2022-01-13 13:05:42 +01:00
Adam Johnson c6cb5a0277 Refs #29708 -- Stopped inheriting from PickleSerializer by RedisSerializer. 2022-01-13 12:28:06 +01:00
Adam Johnson 08d8bccbf1 Improved Model.__init__() properties loop.
This improves readability, accumulates unrecognized arguments raise an
exception with all of them, and avoids refetching the values.
2022-01-13 11:09:37 +01:00
Mariusz Felisiak 0a4a5e5bac
Refs #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
Regression in 84609b3205.

Follow up to 4e5bbb6ef2.

Thanks Sourav Kumar for the report.
2022-01-13 10:10:48 +01:00
Hrushikesh Vaidya 6815da6e94 Fixed #33396 -- Added view name to technical 500 debug page. 2022-01-13 07:02:41 +01:00
Hrushikesh Vaidya 4099e6e737 Refs #33396 -- Added django.views.debug.get_caller() hook. 2022-01-13 06:50:06 +01:00
Adam Johnson 90cf963264 Changed django.utils.log.log_response() to take exception instance.
There's little point retrieving a fresh reference to the exception in
the legacy tuple format, when it's all available via the exception
instance we already have.
2022-01-12 20:23:42 +01:00
Hrushikesh Vaidya d05ab13c56 Refs #33426 -- Simplified technical_404_response() with ResolverMatch._func_path. 2022-01-12 15:56:59 +01:00
Adam Johnson 84e98ba194
Added exception to SuspiciousOperation logging.
This allows better debugging and filtering of errors.
2022-01-12 13:27:25 +01:00
Mariusz Felisiak 76aefe0fc9
Updated Python license for 2022. 2022-01-12 11:21:51 +01:00
Hrushikesh Vaidya 18a15bbc9c Fixed #33433 -- Avoided unnecessary resolve() calls in technical_404_response().
Thanks Keryn Knight for the initial patch.
2022-01-12 08:23:38 +01:00
David Smith 75c1127eef
Alphabetized field attributes in form topic docs. 2022-01-12 08:07:21 +01:00
Scott Pashley 367d6920ec
Fixed typo in docs/ref/contrib/admin/index.txt. 2022-01-12 07:44:45 +01:00
Zeilentaucher 658dc7045a
Fixed #33432 -- Fixed typo in docs/howto/outputting-csv.txt. 2022-01-12 07:36:27 +01:00
Jacob Walls dc9deea8e8 Fixed #11715 -- Changed default value of ModelAdmin.actions/inlines to empty tuples.
This clarifies the intended pattern of overwriting the default value
rather than mutating it.
2022-01-11 12:22:49 +01:00
Mariusz Felisiak b111b15c12
Refs #30141 -- Removed unused branch in parse_duration().
Unused since 99fc5dc13c.
2022-01-11 11:09:08 +01:00
mgaligniana fa235004dd Fixed #13251 -- Made pre/post_delete signals dispatch the origin. 2022-01-11 08:06:18 +01:00
Victor Peralta f1905db6c0
Fixed typo in docs/ref/contrib/admin/index.txt. 2022-01-11 06:19:43 +01:00
Jacob Walls 6f78cb6b13 Fixed #29026 -- Added --scriptable option to makemigrations. 2022-01-10 18:49:57 +01:00
Nick Pope 274771df91
Fixed #33428 -- Confirmed support for PostGIS 3.2. 2022-01-10 18:47:32 +01:00
Keryn Knight f4b06a3cc1 Fixed #33426 -- Fixed ResolverMatch.__repr_() for class-based views.
Regression in 7c08f26bf0.
2022-01-10 17:30:41 +01:00
Mariusz Felisiak 178109c173 Corrected signatures of some functions in docs. 2022-01-10 13:30:24 +01:00
Mariusz Felisiak b0ccf74549 Corrected directive for signals in django.contrib.auth docs. 2022-01-10 13:30:24 +01:00
Baptiste Mispelon 3d7ac6420c
Simplified @stringfilter decorator and Library with unwrap().
Nowadays we can use inspect.unwrap() to retrieve the innermost function
object when needed, and most of the uses of _decorated_function were to
access the original __name__ which is not needed because
@functools.wraps sets that attribute correctly.
2022-01-10 08:31:43 +01:00
Jacob Walls 3430093a46
Refs #32193 -- Removed python-memcached from test requirements.
Follow up to 05f3a6186e.
2022-01-10 06:39:15 +01:00
Keryn Knight 2a66c102d9 Fixed #33425 -- Fixed view name for CBVs on technical 404 debug page.
Regression in 0c0b87725b.
2022-01-08 13:05:55 +01:00
Mariusz Felisiak 7346c288e3
Refs #32355 -- Removed unnecessary list() calls before reversed() on dictviews.
Dict and dictviews are iterable in reversed insertion order using
reversed() in Python 3.8+.
2022-01-07 16:29:15 +01:00
David 4c60c3edff Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe.
Regression in 456466d932.

Thanks Matt Westcott for the report.
2022-01-07 15:35:31 +01:00
Ad Timmering bdf3e156b4 Fixed #28628 -- Changed \d to [0-9] in regexes where appropriate. 2022-01-07 12:25:06 +01:00
Ad Timmering fe76944269 Refs #28628 -- Added tests for intcomma with non-ASCII digits. 2022-01-07 12:23:33 +01:00
Allen Jonathan David 28c98d4113 Fixed #33216 -- Simpilified deconstructed paths for some expressions. 2022-01-07 11:19:29 +01:00
Keryn Knight 96e7ff5e9f
Avoided isinstance(…, Variable) calls in FilterExpression.resolve().
By determining the variable type within __init__() instead of resolve() 
we can skip an isinstance() check at template runtime. Templates are
executed in production more often than the parse trees themselves,
assuming the cached Loader is used.
2022-01-07 10:29:22 +01:00
Baptiste Mispelon c67e1cf44f Refs #33348 -- Deprecated passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors(). 2022-01-06 17:29:32 +01:00
Petter Friberg bc174e6ea0 Fixed #33410 -- Fixed recursive capturing of callbacks by TestCase.captureOnCommitCallbacks().
Regression in d89f976bdd.
2022-01-06 06:38:17 +01:00
Ad Timmering 806efe912b Fixed #33400 -- Added support for msg_prefix and count arguments to assertTemplateUsed()/assertTemplateNotUsed() used as context managers. 2022-01-05 12:49:42 +01:00
Ad Timmering e700a3714f Refs #33400 -- Renamed SimpleTestCase._assert_template_used() to _get_template_used(). 2022-01-05 11:46:26 +01:00
Jamie Matthews f5233dce30 Fixed #32511 -- Corrected handling prefetched nested reverse relationships.
When prefetching a set of child objects related to a set of parent
objects, we usually want to populate the relationship back from the
child to the parent to avoid a query when accessing that relationship
attribute. However, there's an edge case where the child queryset
itself specifies a prefetch back to the parent. In that case, we want
to use the prefetched relationship rather than populating the reverse
relationship from the parent.
2022-01-05 09:49:05 +01:00
David 973fa56652 Removed unused comment directive in CBV topic docs. 2022-01-05 08:11:13 +01:00
David cc8e771c64 Fixed malformed attribute directives in docs. 2022-01-05 08:11:13 +01:00
Allen Jonathan David 205f67cd5b Refs #33216 -- Made @deconstructible do not change path for subclasses. 2022-01-04 13:15:29 +01:00
Allen Jonathan David 194ca77092 Refs #21275 -- Added more tests for @deconstructible decorator. 2022-01-04 13:08:36 +01:00
Carlton Gibson 63869ab1f1 Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security archive. 2022-01-04 11:30:11 +01:00
Carlton Gibson f38c66b555 Added stub release notes for Django 4.0.2. 2022-01-04 11:10:53 +01:00
Carlton Gibson 155e06a50b Corrected merge error in release notes. 2022-01-04 10:50:23 +01:00
Florian Apolloner 6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner 761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Florian Apolloner 968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Luke Plant ccafad2e42
Avoided suggestion of plain text database password in sessions topic. 2022-01-04 06:47:24 +01:00