Commit Graph

19896 Commits

Author SHA1 Message Date
Markus Holtermann 737d24923a Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth
Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.
2015-01-14 19:59:39 +01:00
Tim Graham a6f144fd4f Fixed a static view test on Windows. 2015-01-14 13:56:49 -05:00
Markus Holtermann 88786afbff Fixed #24147 -- Prevented managers leaking model during migrations
Thanks Tim Graham for the review.
2015-01-14 16:09:33 +01:00
Tim Graham ec7ef5afbb Added stub release notes for 1.7.4. 2015-01-14 09:47:29 -05:00
Claude Paroz dc90bf2ac8 Removed unused import 2015-01-14 09:31:24 +01:00
Tim Graham 1913c1ac21 Added today's security issues to the archive. 2015-01-13 14:44:08 -05:00
Tim Graham 7ecd654497 Removed blank lines from docs/releases/security.txt 2015-01-13 14:37:30 -05:00
Tim Graham cbbe6a6abb Added dates to release notes. 2015-01-13 13:08:57 -05:00
Tim Graham baf2542c4f Fixed DoS possibility in ModelMultipleChoiceField.
This is a security fix. Disclosure following shortly.

Thanks Keryn Knight for the report and initial patch.
2015-01-13 13:03:06 -05:00
Tim Graham a3bebfdc34 Ensured views.static.serve() doesn't use large memory on large files.
This issue was fixed in master by refs #24072.
2015-01-13 13:03:06 -05:00
Tim Graham 69b5e66738 Fixed is_safe_url() to handle leading whitespace.
This is a security fix. Disclosure following shortly.
2015-01-13 13:03:06 -05:00
Carl Meyer 316b8d4974 Stripped headers containing underscores to prevent spoofing in WSGI environ.
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
2015-01-13 13:03:05 -05:00
Tim Graham 958aeda4b5 Added stub release notes for security releases. 2015-01-13 13:03:05 -05:00
Collin Anderson e7771ec380 Fixed bad model example in admin docs. 2015-01-13 11:53:03 -05:00
Claude Paroz e084ff01f2 Fixed #24136 -- Prevented crash when convert_extent input is None
Thanks Max Demars for the report.
2015-01-13 17:27:11 +01:00
Michał Modzelewski 65246de7b1 Fixed #24031 -- Added CASE expressions to the ORM. 2015-01-12 18:15:34 -05:00
Shai Berger aa8ee6a573 Fixed test failures in Oracle introspection
Refs #17785
2015-01-13 01:00:09 +02:00
Tim Graham 5d7217dce3 Fixed typo in docs/release/1.8.txt & added word for spelling check. 2015-01-12 17:53:32 -05:00
Josh Schneier 3844ccc958 Fixed #24138 -- Added modelform_factory to __all__. 2015-01-12 17:44:06 -05:00
Josh Smeaton 21b858cb67 Fixed #24060 -- Added OrderBy Expressions 2015-01-13 09:39:55 +11:00
Claude Paroz f48e2258a9 Fixed #24133 -- Replaced formatting syntax in success_url placeholders
Thanks Laurent Payot for the report, and Markus Holtermann, Tim Graham
for the reviews.
2015-01-12 22:51:22 +01:00
Aymeric Augustin 5f7230e12f Fixed #24124 (again) -- Updated tests with new default context_processors.
Thanks Collin for the review.
2015-01-12 22:31:44 +01:00
Aymeric Augustin 511a53b314 Avoided exceptions in admindocs' template detail view.
This is marginally better than crashing when several Django template
engines are configured in a project.

Refs #24125.
2015-01-12 21:01:34 +01:00
Aymeric Augustin 3bba4b420e Avoided exceptions in a non-critical check in the admin.
This change makes it possible to configure several Django template
engines in a project and still use the admin. On the flip side the
check is silently skipped when no Django template engine is configured.
2015-01-12 21:01:34 +01:00
Aymeric Augustin 6b5113ec94 Made debug views not crash when there isn't a default template engine. 2015-01-12 21:01:34 +01:00
Aymeric Augustin 79deb6a071 Accounted for multiple template engines in template responses. 2015-01-12 21:01:34 +01:00
Aymeric Augustin a3e783fe11 Deprecated passing a Context to a generic Template.render.
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.

test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
2015-01-12 21:01:34 +01:00
Aymeric Augustin 71b7668b75 Rewrapped TemplateSyntaxError in Jinja2 backend.
Changed import style to avoid confusion between Django's and Jinja2's
APIs.
2015-01-12 21:01:34 +01:00
Claude Paroz 4c413e231c Fixed #17785 -- Preferred column names in get_relations introspection
Thanks Thomas Güttler for the report and the initial patch, and
Tim Graham for the review.
2015-01-12 19:58:47 +01:00
Muthiah Annamalai b75c707943 Fixed #24089 -- Added check for when ModelAdmin.fieldsets[1]['fields'] isn't a list/tuple. 2015-01-12 13:47:58 -05:00
Markus Holtermann eeb88123e7 Fixed #24129 -- Added indicator that migrations are rendering the initial state
Thanks Tim Graham for the review.
2015-01-12 19:23:46 +01:00
Tim Graham 9f51d0c86d Fixed test from refs #23913 when running tests in reverse. 2015-01-12 13:20:44 -05:00
Collin Anderson 26a92619f6 Fixed #24124 -- Changed context_processors in the default settings.py 2015-01-12 13:17:44 -05:00
Markus Holtermann bbbed99f62 Fixed #24123 -- Used all available migrations to generate the initial migration state
Thanks Collin Anderson for the input when creating the patch and Tim Graham for the review.
2015-01-12 18:39:18 +01:00
Ng Zhi An 8f5d6c77b6 Fixed #23878 -- Moved Query and Prefetch documentation 2015-01-12 11:35:20 -05:00
Collin Anderson 58833f5197 Made Django's templates get their own LANGUAGE_* variables.
Refs #24117
2015-01-12 10:54:59 -05:00
Pavel Shpilev a7c256cb54 Fixed #9893 -- Allowed using a field's max_length in the Storage. 2015-01-12 09:09:18 -05:00
Marc Tamlyn b5c1a85b50 Fixed #24118 -- Added --debug-sql option for tests.
Added a --debug-sql option for tests and runtests.py which outputs the
SQL logger for failing tests. When combined with --verbosity=2, it also
outputs the SQL for passing tests.

Thanks to Berker, Tim, Markus, Shai, Josh and Anssi for review and
discussion.
2015-01-12 08:16:08 +00:00
Claude Paroz 68a439a18d Removed supports_binary_field flag as all backends support them
It was mainly for MySQL on Python 3, but now the current
recommended MySQL driver for Python 3 (mysqlclient) does support
binary fields, it is unneeded. Refs #20377.
2015-01-11 23:34:47 +01:00
Ola Sitarska d563e3be68 Fixed #23913 -- Deprecated the `=` comparison in `if` template tag. 2015-01-11 15:21:01 -05:00
Claude Paroz 412066e71e Revert "Marked a test as an expected failure on MySQL and Python 3.2."
This reverts commit 832b4a5722.
We officially don't support MySQL on Python 3.2. Refs #20380.
2015-01-11 20:59:07 +01:00
Tim Graham 28de5cd4de Fixed spelling errors in docs. 2015-01-11 13:24:13 -05:00
Markus Holtermann be158e3625 Refs #24110 -- Added a more descriptive release note and fixed a spelling mistake. 2015-01-11 00:30:47 +01:00
Markus Holtermann fdc2cc9487 Fixed #24110 -- Rewrote migration unapply to preserve intermediate states 2015-01-10 23:14:15 +01:00
Aymeric Augustin d89019a84d Improved template ugrading docs.
Recommending Template(template_code) was dumb. Described alternatives.
2015-01-10 21:11:58 +01:00
Aymeric Augustin f01306a6d8 Updated templates API reference.
Accounted for multiple template engines and made a few small fixes.
2015-01-10 20:17:22 +01:00
Aymeric Augustin 4797af2bb8 Updated custom template tags how-to.
Accounted for multiple template engines and made a few small fixes.
2015-01-10 20:17:22 +01:00
Aymeric Augustin 3d495cfd77 Added release notes and upgrade instructions for templates. 2015-01-10 20:17:20 +01:00
Aymeric Augustin ee8d5b91e9 Wrote main documentation for templates. 2015-01-10 20:16:19 +01:00
Aymeric Augustin 6c392bb2c0 Moved doc on the DTL's syntax to the ref/ section.
This makes room for a more general introduction about templating.

Updated some links to point to the new location, but kept those that
didn't talk specifically about the DTL.
2015-01-10 19:41:14 +01:00