Carlton Gibson
34ec52269a
Applied jQuery patch for CVE-2019-11358.
2019-06-03 11:36:12 +02:00
Carlton Gibson
deeba6d920
Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link.
2019-06-03 11:36:12 +02:00
Carlton Gibson
98c0fe19ee
Added stub release notes for security releases.
2019-06-03 10:48:52 +02:00
can
dffa3e1992
Fixed #30493 -- Fixed prefetch_related() for GenericRelation with different content types.
...
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Thanks Simon Charette for the review.
2019-05-31 18:11:55 +02:00
Mariusz Felisiak
f66021f3f7
Refs #30493 -- Added GenericRelatedObjectManager.get_content_type() hook.
2019-05-31 18:11:51 +02:00
Mariusz Felisiak
ea6e684f34
Simplified m2m_recursive.tests.
2019-05-31 16:19:11 +02:00
parth
8543647306
Fixed #28831 -- Doc'd that InlineModelAdmin methods' obj argument is the parent object.
2019-05-31 12:35:15 +02:00
Mariusz Felisiak
f6075fb333
Fixed #26192 -- Fixed crash of ordering by constants on PostgreSQL.
...
Thanks Simon Charette for the review.
2019-05-31 07:38:48 +02:00
Mariusz Felisiak
cc80979f01
Refs #26192 -- Added tests for ordering by constant value.
2019-05-31 07:38:48 +02:00
Hasan Ramezani
e2de49ec2e
Fixed #28520 -- Added --start-at/--start-after options to runtests.py.
2019-05-31 07:01:12 +02:00
Hasan Ramezani
ef7e0ae53b
Refs #28520 -- Added _module_match_label() hook to runtests.py.
2019-05-30 09:29:09 +02:00
Daniel Hahler
59f04d6b8f
Simplified SessionMiddleware.process_response() a bit.
2019-05-29 14:10:11 +02:00
Tom Forbes
480492fe70
Fixed #30523 -- Fixed updating file modification times on seen files in auto-reloader when using StatReloader.
...
Previously we updated the file mtimes if the file has not been seen
before - i.e on the first iteration of the loop.
If the mtime has been changed we triggered the notify_file_changed()
method which in all cases except the translations will result in the
process being terminated. To be strictly correct we need to update the
mtime for either branch of the conditional.
Regression in 6754bffa2b
.
2019-05-29 09:41:24 +02:00
Tom Forbes
0344565179
Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with custom signature.
...
Regression in c8720e7696
.
2019-05-29 08:08:50 +02:00
葛汉斌
fcbc502af9
Simplified Model.save() a bit.
2019-05-28 15:40:31 +02:00
Brad Solomon
67b6cb7723
Fixed #30491 -- Clarified when save() on object with pk executes INSERT.
2019-05-28 11:02:26 +02:00
Caio Ariede
a3f91891d2
Fixed #30315 -- Fixed crash of ArrayAgg and StringAgg with ordering when used in Subquery.
2019-05-28 10:05:50 +02:00
Tom Forbes
b2790f74d4
Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when using StatReloader.
...
Regression in c8720e7696
.
2019-05-28 08:31:33 +02:00
Simon Charette
df46b329e0
Refs #30485 -- Avoided unnecessary instance checks in urlencode.
...
Given doseq defaults to False it should avoid an unnecessary instance
check in most cases.
2019-05-27 22:00:14 +02:00
Mariusz Felisiak
b6c4766f53
Refs #29548 -- Updated docs for MariaDB support.
2019-05-27 19:59:49 +02:00
Ivor Bosloper
5ec44973dc
Fixed typo in RasterField test name.
2019-05-27 13:40:03 +02:00
Mariusz Felisiak
8bdc7a6778
Doc'd that extra_email_context can be used to override default template context values in PasswordResetView.
2019-05-27 12:05:48 +02:00
Mattia Procopio
aff61790a3
Refs #24944 -- Added test for overriding domain in email context in PasswordResetView.
2019-05-27 11:50:30 +02:00
Johan Lübcke
0670b1b403
Fixed #30485 -- Adjusted django.utils.http.urlencode for doseq=False case.
2019-05-24 17:15:34 +02:00
Mariusz Felisiak
1d25354fb5
Updated release process in the "How is Django Formed?" documentation.
...
* Fixed Trac's post release step.
* Doc'd the use of robots_txt for updating robots.docs.txt.
2019-05-24 11:05:51 +02:00
Mariusz Felisiak
85195dd237
Refs #9982 -- Added test for saving OneToOneField field after saving related object.
...
Fixed in 519016e5f2
.
2019-05-24 10:54:05 +02:00
Jon Dufresne
45edd746cc
Used re.Pattern.findall() instead of re.findall() in inspectdb.tests.
2019-05-24 09:04:27 +02:00
Rob
58df8aa40f
Fixed #28780 -- Allowed specyfing a token parameter displayed in password reset URLs.
...
Co-authored-by: Tim Givois <tim.givois.mendez@gmail.com>
2019-05-24 08:40:25 +02:00
Shashank Parekh
8000767769
Fixed #30504 -- Corrected redirect() signature in docs.
2019-05-24 08:26:29 +02:00
Caio Ariede
753b67c58d
Fixed #30497 -- Ignored document type in assertXMLEqual()/assertXMLNotEqual().
2019-05-24 07:29:42 +02:00
Caio Ariede
4fb9e7b057
Doc'd that assertXMLEqual()/assertXMLNotEqual() ignores XML declaration and comments.
2019-05-24 07:27:11 +02:00
Mariusz Felisiak
f8b8b00f01
Fixed #30501 -- Preventing QuerySet.reverse() from mutating expressions in QuerySet.order_by and Meta.ordering.
2019-05-23 20:33:37 +02:00
Mariusz Felisiak
2007e11d70
Forced utf-8 encoding when loading common passwords in CommonPasswordValidator.
...
Previously we used `decode()` which defaults to utf-8. This change
restores previous behavior.
Follow up to 28eac41510
.
2019-05-23 08:39:16 +02:00
Ran Benita
a2c31e12da
Fixed #30498 -- Fixed proxy class caching in lazy().
...
lazy() should prepare the proxy class only once (the first time it's
used) not on every call.
Regression in b4e76f30d1
.
2019-05-22 20:41:52 +02:00
Jon Dufresne
b711eafd2a
Refs #30116 -- Removed unnecessary str() calls in CommonPasswordValidator.
...
open() and gzip.open() supports path-like objects since Python 3.6.
2019-05-22 19:47:28 +02:00
Akshesh
888fdf182e
Fixed #30419 -- Favored Meta.indexes over Meta.index_together in optimization docs.
2019-05-22 07:34:54 +02:00
Brad Solomon
28eac41510
Improved performance of loading common passwords in CommonPasswordValidator.
...
CommonPasswordValidator.__init__ previously called either splitlines or
readlines, creating an unneeded intermediate list in memory. For large
custom password files, this could be burdensome.
2019-05-22 06:55:21 +02:00
Alex Gaynor
f011d9ea56
Fixed datetime string format examples in docs/howto/custom-template-tags.txt.
2019-05-22 06:47:32 +02:00
Hasan Ramezani
1378d665a1
Fixed #28816 -- Prevented silencing data loss when decreasing CharField.max_length on PostgreSQL.
2019-05-21 14:15:43 +02:00
Rob
519016e5f2
Fixed #28147 -- Fixed loss of assigned parent when saving child after parent.
...
Thanks Erwin Junge for the initial patch.
2019-05-21 10:11:22 +02:00
Rob
266e7e0ecc
Refs #28147 -- Added test for saving nullable ForeignKey with to_field attribute after saving parent.
2019-05-21 10:08:09 +02:00
Hasan Ramezani
9d6f981a66
Fixed #28763 -- Allowed overriding the session cookie age with SessionStore.get_session_cookie_age().
2019-05-21 08:50:09 +02:00
Mariusz Felisiak
df28ebd6c8
Fixed typo in docs/releases/3.0.txt.
2019-05-21 08:21:35 +02:00
Simon Charette
514104cf23
Refs #29396 , #30494 -- Reduced code duplication in year lookups.
2019-05-21 07:25:09 +02:00
Simon Charette
2b582a7b84
Fixed #29396 -- Added indirect values support to __year lookups.
...
Thanks Windson Yang for the initial patch.
2019-05-21 07:12:33 +02:00
Simon Charette
4d1420947e
Fixed #30494 -- Disabled __year lookup optimization for indirect values.
...
The previous heuristics were naively enabling the BETWEEN optimization on
successful cast of the first rhs SQL params to an integer while it was
not appropriate for a lot of database resolved expressions.
Thanks Alexey Chernov for the report.
2019-05-21 07:11:26 +02:00
Nick Pope
1d0bab0bfd
Fixed #27635 -- Used secrets module in django.utils.crypto.
2019-05-20 11:21:22 +02:00
Nick Pope
068005a349
Refs #27635 -- Removed fallback when SystemRandom() isn't available that doesn't work.
...
Fallback was untested and likely never triggered.
2019-05-20 11:21:22 +02:00
GwynBleidD
5402061c80
Refs #30062 -- Corrected UniqueConstraint signature in docs.
2019-05-20 10:52:57 +02:00
mentix02
fa422dd78b
Changed poll_id to poll_ids in examples of custom management commands.
2019-05-20 10:11:38 +02:00