e197dcca36
Clarified docs about increasing the work factor for bcrypt hasher.
2021-05-20 20:24:51 +02:00
66491f08fe
Changed IRC references to Libera.Chat.
2021-05-20 12:23:36 +02:00
31b6ce9ff9
Fixed note about ISP caching in docs.
...
Regression in 7aabd62380
2021-05-20 10:55:42 +02:00
736bb9868a
Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods.
2021-05-20 07:29:16 +02:00
6e155d280d
Added note about culling in database cache backend docs.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-20 06:24:48 +02:00
fa4e963ee7
Doc'd that HttpRequest.path doesn't contain a query string.
2021-05-19 11:23:56 +02:00
c2e6047c72
Fixed #32740 -- Caught possible exception when initializing colorama.
2021-05-19 10:33:15 +02:00
dacc307d93
Fixed typo in docs/ref/contrib/admin/index.txt.
2021-05-19 07:28:56 +02:00
8cd55021bc
Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
...
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
958cdf65ae
Fixed #32747 -- Prevented initialization of unused caches.
...
Thanks Alexander Ebral for the report.
Regression in 98e05ccde4
2021-05-18 18:24:19 +02:00
a24fed399c
Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
...
Regression in b5e12d490a
2021-05-18 13:02:33 +02:00
27d4573d35
Fixed #32755 -- Corrected Model.get_absolute_url() example in docs.
2021-05-18 11:30:38 +02:00
f7691d4812
Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
...
Regression in ba31b01034
2021-05-18 09:14:05 +02:00
0851933cba
Fixed #32720 -- Added configuration and docs for Sphinx link checker.
...
We explicitly ignore checking anchors for line-range anchors on GitHub
which are dynamically generated and, otherwise, show up as broken links.
See https://github.com/sphinx-doc/sphinx/issues/7388#issuecomment-739961689 .
We also ignore links to resources that require authentication.
2021-05-17 11:21:35 +02:00
c156e36955
Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.
2021-05-17 09:46:09 +02:00
7c4ee487c7
Refs #32720 -- Fixed some broken links in docs.
2021-05-17 09:22:17 +02:00
1c3bbcf802
Refs #32720 -- Used full hashes in security archive.
2021-05-17 08:27:46 +02:00
df5c96299a
Corrected commit hashes for security patches.
2021-05-17 08:26:06 +02:00
8c4caee76a
Refs #32720 -- Used :commit: and :source: role in old release notes.
2021-05-17 07:36:57 +02:00
820408d842
Added stub release notes for Django 3.2.4.
2021-05-13 09:42:26 +02:00
b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
...
- Validate filename returned by FileField.upload_to() not a filename
passed to the FileField.generate_filename() (upload_to() may
completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.
Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.
Regression in 0b79eb3691
2021-05-13 08:53:44 +02:00
b81c7562fc
Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
...
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc
2021-05-13 07:26:52 +02:00
3733ae8957
Fixed #32031 -- Added model class for each model to AdminSite.each_context().
2021-05-13 06:57:09 +02:00
0456d3e427
Fixed #26721 -- Doc'd setting UTF-8 on Windows.
2021-05-12 20:46:01 +02:00
29e4ccb1a2
Fixed #32738 -- Deprecated django.utils.datetime_safe module.
2021-05-12 14:42:17 +02:00
1061f52436
Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
...
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).
This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
69ffb1acf3
Refs #32366 -- Avoided use of datetime.utcnow() in the documentation.
2021-05-12 11:06:31 +02:00
88b3982af3
Fixed a typo in docs/ref/models/fields.txt.
...
datetime.date.utcnow() doesn't exist, should be .today().
2021-05-12 11:06:29 +02:00
d1f1417cae
Refs #32718 -- Corrected CVE-2021-31542 release notes.
2021-05-12 10:42:01 +02:00
34363a391b
Fixed #32735 -- Made DateFormat.Y() return a zero-padded year.
2021-05-12 08:17:06 +02:00
205c36b58f
Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.
2021-05-07 20:03:46 +02:00
028f10fac6
Fixed #32712 -- Deprecated django.utils.baseconv module.
2021-05-07 11:57:40 +02:00
c240ceea7d
Fixed typo in docs/internals/contributing/writing-documentation.txt.
2021-05-06 20:01:32 +02:00
29779075d7
Added stub release notes for Django 3.2.3.
2021-05-06 10:08:00 +02:00
efebcc429f
Added CVE-2021-32052 to security archive.
2021-05-06 09:58:24 +02:00
e1e81aa1c4
Fixed #32713 , Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
...
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
96f55ccf79
Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
...
Regression in c8b6594305
2021-05-05 08:43:57 +02:00
62b2e8b37e
Added commits for CVE-2021-31542 to security archive.
2021-05-04 11:09:21 +02:00
607ebbfba9
Added CVE-2021-31542 to security archive.
2021-05-04 11:06:07 +02:00
5a43cfe245
Added stub release notes for Django 3.2.2.
2021-05-04 11:01:33 +02:00
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
7582d913e7
Added spelling option to make.bat.
2021-04-30 14:04:22 +02:00
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
8bcb00858e
Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri().
2021-04-30 08:05:42 +02:00
ca34db4650
Refs #32178 -- Doc'd DatabaseFeatures.django_test_skips/django_test_expected_failures in contributing guide.
2021-04-29 20:55:34 +02:00
2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript".
2021-04-29 20:29:08 +02:00
907d3a7ff4
Refs #32674 -- Noted that auto-created through table PKs cannot be automatically migrated.
2021-04-29 13:53:56 +02:00
baba733dcc
Refs #32682 -- Renamed lookup_needs_distinct() to lookup_spawns_duplicates().
...
Follow up to 1871182031
2021-04-29 12:04:30 +02:00
4f128fcf5d
Refs #32694 -- Clarified when colorama requirement is needed in Windows how-to.
2021-04-29 11:26:38 +02:00
4ab3ef238e
Fixed #32675 -- Doc'd that autodector changes might cause generation of no-op migrations.
...
Follow up to aa4acc164d
2021-04-29 07:46:22 +02:00
yyyyyyyan
Mariusz Felisiak
Ben Sturmfels
David Sanders
Mike Lissner
David D Lowe
Carlton Gibson
Claude Paroz
Rust Saiargaliev
Girish Sontakke
Slava Skvortsov
Nick Pope
Simon Charette
Raffaele Salmaso
David Smith
Jordi Castells
Hasan Ramezani
Florian Apolloner
Susan Wright
Tim Graham
Carlton Gibson
David Wobrock