Florian Apolloner
6d343d01c5
Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
...
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Jacob Walls
0ab58c1209
Refs #29026 -- Allowed customizing InteractiveMigrationQuestioner's prompt destination.
...
Previously, the questioner did not obey the value of stdout provided
to the command.
2022-01-03 12:30:51 +01:00
mendespedro
e8b4feddc3
Fixed #33367 -- Fixed URLValidator crash in some edge cases.
2021-12-20 07:30:22 +01:00
Jeremy Lainé
2f33217ea2
Fixed #33361 -- Fixed Redis cache backend crash on booleans.
2021-12-14 07:16:30 +01:00
Arsa
17df72114e
Fixed #33340 -- Fixed unquoted column names in queries used by DatabaseCache.
2021-12-09 11:16:04 +01:00
Mariusz Felisiak
5def7f3f74
Updated various links to HTTPS and new locations.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-02 11:27:29 +01:00
Ad Timmering
9a6e2df3a8
Fixed #32397 -- Made startapp/startproject management commands set User-Agent.
...
This sets User-Agent to 'Django/<version>'.
2021-11-25 20:36:04 +01:00
Ad Timmering
59f4796918
Fixed #4282 -- Made startapp/startproject management commands honor umask.
...
Co-authored-by: Christian Schmitt <c.schmitt@briefdomain.de>
2021-11-24 13:10:45 +01:00
Ad Timmering
4bfe8c0eec
Fixed #6106 -- Prevented makemessages from changing .po files when up to date.
...
Co-authored-by: Daniyal Abbasi <abbasi.daniyal98@gmail.com>
2021-11-11 09:12:05 +01:00
jordan.bae
aaf9b55858
Fixed #33187 -- Made inspectdb handle ForeignKey.to_field attribute.
2021-11-02 18:53:11 +01:00
andrewdotn
9e6d631697
Fixed #33246 -- Made squashmigrations raise CommandError when squashed_name already exists.
2021-11-02 07:13:42 +01:00
Hasan Ramezani
c1e4111c74
Fixed #33205 -- Made call_command() raise TypeError when dest with multiple arguments is passed.
2021-10-25 07:48:06 +02:00
Shreya Bamne
004b4620f6
Fixed #32987 -- Added system check for template tag modules with the same name.
...
Co-authored-by: Daniel Fairhead <daniel@dev.ngo>
2021-10-20 11:15:47 +02:00
David Smith
69b0736fad
Refs #32956 -- Changed docs to treat the acronym HTTP phonetically.
2021-10-18 21:00:28 +02:00
Jacob Walls
32f1fe5f89
Fixed #29470 -- Logged makemigrations automatic decisions in non-interactive mode.
2021-10-12 15:19:39 +02:00
Ade Lee
d10c7bfe56
Fixed #28401 -- Allowed hashlib.md5() calls to work with FIPS kernels.
...
md5 is not an approved algorithm in FIPS mode, and trying to instantiate
a hashlib.md5() will fail when the system is running in FIPS mode.
md5 is allowed when in a non-security context. There is a plan to add a
keyword parameter (usedforsecurity) to hashlib.md5() to annotate whether
or not the instance is being used in a security context.
In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.
Some downstream python versions already support this parameter. To
support these versions, a new encapsulation of md5() has been added.
This encapsulation will pass through the usedforsecurity parameter in
the case where the parameter is supported, and strip it if it is not.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-10-12 08:58:27 +02:00
Jacob Walls
f153e9214f
Refs #29026 -- Added log() to makemigrations.
2021-10-05 06:57:01 +02:00
Adam Johnson
840ad06300
Refs #32355 -- Modernized subprocess.run() calls.
2021-09-27 08:20:24 +02:00
Mariusz Felisiak
05f3a6186e
Refs #32193 -- Removed MemcachedCache per deprecation timeline.
2021-09-20 21:23:01 +02:00
Mariusz Felisiak
d25710a625
Refs #31670 -- Removed whitelist argument and domain_whitelist attribute in EmailValidator per deprecation timeline.
2021-09-20 21:23:01 +02:00
Mariusz Felisiak
1cb495074f
Refs #31546 -- Removed support for boolean values in Command.requires_system_checks.
...
Per deprecation timeline.
2021-09-20 21:23:01 +02:00
Daniyal
ec212c6616
Fixed #33012 -- Added Redis cache backend.
...
Thanks Carlton Gibson, Chris Jerdonek, David Smith, Keryn Knight,
Mariusz Felisiak, and Nick Pope for reviews and mentoring this
Google Summer of Code 2021 project.
2021-09-14 15:50:08 +02:00
Andrew-Chen-Wang
301a85a12f
Fixed #32076 -- Added async methods to BaseCache.
...
This also makes DummyCache async-compatible.
2021-09-07 20:14:25 +02:00
Nick Pope
42dfa97e19
Fixed #33060 -- Added BaseCache.make_and_validate_key() hook.
...
This helper function reduces the amount of duplicated code and makes it
easier to ensure that we always validate the keys.
2021-09-07 11:59:59 +02:00
Nick Pope
4b82578a60
Refs #33060 -- Ensured cache backends validate keys.
...
The validate_key() function should be called after make_key() to ensure
that the validation is performed on the key that will actually be
stored in the cache.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-09-07 11:59:40 +02:00
Peter Inglesby
3921b1c6d2
Refs #32363 -- Made shell ignore a missing sys.___interactivehook__.
...
Thanks Tim Graham for the report.
Follow up to 1bbb98d9a4
.
2021-09-06 10:18:13 +02:00
Nick Pope
68b8eda788
Refs #33060 -- Added .make_key() in .touch() for dummy cache backend.
...
All cache operations should use make_key().
2021-09-03 10:36:14 +02:00
Daniyal Abbasi
dca4c2ff76
Refs #33012 -- Moved PickleSerializer to django.core.serializers.base and added tests.
2021-09-02 11:24:55 +02:00
Stefanos I. Tsaklidis
d0ea01af28
Fixed #33079 -- Fixed get_image_dimensions() on nonexistent images.
...
Thanks Nick Pope for the review.
2021-09-02 07:08:50 +02:00
sage
84c7c4a477
Fixed #32309 -- Added --exclude option to startapp/startproject management commands.
2021-09-01 12:08:02 +02:00
Jan Szoja
b667ac24ea
Fixed #25264 -- Allowed suppressing base command options in --help output.
...
This also suppresses -verbosity and --trackback options in the
runserver's help.
2021-08-31 11:04:02 +02:00
Mariusz Felisiak
93e06f2978
Refs #33061 -- Removed unnecessary BaseMemcachedCache.decr().
2021-08-31 10:37:59 +02:00
Sondre Lillebø Gundersen
2c912c3488
Fixed #33061 -- Fixed handling nonexistent keys with negative deltas in incr()/decr() in memcached backends.
...
Thanks Chris Jerdonek for the review.
2021-08-31 07:34:53 +02:00
Mariusz Felisiak
36714be874
Refs #31621 -- Fixed handling --parallel option in test management command and runtests.py.
...
Regression in ae89daf46f
.
Thanks Tim Graham for the report.
2021-08-19 09:18:32 +02:00
qimingmafan
ee46722cb9
Fixed typo in regex for IPv6 literals in EmailValidator.
2021-08-06 12:58:55 +02:00
Jacob Walls
910ecd1b8d
Fixed #29063 -- Fixed migrate crash when specifying a name of partially applied squashed migrations.
2021-08-04 09:57:32 +02:00
Jacob Walls
202d3e193a
Fixed typos in migrations tests, comments, and error message.
2021-08-04 09:28:23 +02:00
David Smith
1024b5e74a
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
2021-07-29 06:24:12 +02:00
Wu Haotian
65b880b726
Fixed #32930 -- Fixed URLValidator when port numbers < 10.
2021-07-22 11:58:28 +02:00
Wilhelm Klopp
bbf93efa19
Refs #23359 -- Corrected showmigrations help text for the --database option.
2021-07-13 06:29:21 +02:00
Allan Feldman
36fa071d6e
Fixed #32889 -- Allowed per-request sync_to_async context in ASGIHandler .
...
By using a asgiref's ThreadSensitiveContext context manager, requests
will be able to execute independently of other requests when sync work
is involved.
Prior to this commit, a single global thread was used to execute any
sync work independent of the request from which that work was scheduled.
This could result in contention for the global sync thread in the case
of a slow sync function.
Requests are now isolated to their own sync thread.
2021-07-01 12:13:19 +02:00
Carlton Gibson
4af162d4de
Refs #32144 -- Made makemessages remove temporary files on preprocessing error.
...
Co-authored-by: Anders Hovmöller <anders.hovmoller@dryft.se>
2021-07-01 10:11:10 +02:00
Carlton Gibson
dfa7781033
Fixed #32144 -- Made makemessages remove temporary files when locale path doesn't exist.
2021-07-01 10:11:10 +02:00
Peter Inglesby
1bbb98d9a4
Fixed #32363 -- Ensured sys.__interactivehook__ is called in shell
...
By default, this means that readline is properly registered, so that
.python_history is used.
sys.__interactivehook__ may be set by a $PYTHONSTARTUP file.
2021-06-23 14:53:41 +02:00
Jacob Walls
501a371411
Fixed typo in makemessages error message.
2021-06-21 21:23:59 +02:00
Jacob Walls
2dfc1066a0
Fixed #25250 -- Clarified partially recorded state of squashed migrations in showmigrations --list.
2021-06-11 09:35:42 +02:00
Chris Jerdonek
7272e1963f
Fixed #32821 -- Updated os.scandir() uses to use a context manager.
2021-06-07 06:52:42 +02:00
Jacob Walls
ec2727efef
Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists.
2021-06-02 12:20:22 +02:00
Mariusz Felisiak
e1d787f1b3
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
...
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.
[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
Michael Lissner
5a8e8f80bb
Fixed #32772 -- Made database cache count size once per set.
2021-05-26 11:21:11 +02:00