737d24923a
Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth
...
Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.
2015-01-14 19:59:39 +01:00
ec7ef5afbb
Added stub release notes for 1.7.4.
2015-01-14 09:47:29 -05:00
1913c1ac21
Added today's security issues to the archive.
2015-01-13 14:44:08 -05:00
7ecd654497
Removed blank lines from docs/releases/security.txt
2015-01-13 14:37:30 -05:00
cbbe6a6abb
Added dates to release notes.
2015-01-13 13:08:57 -05:00
baf2542c4f
Fixed DoS possibility in ModelMultipleChoiceField.
...
This is a security fix. Disclosure following shortly.
Thanks Keryn Knight for the report and initial patch.
2015-01-13 13:03:06 -05:00
a3bebfdc34
Ensured views.static.serve() doesn't use large memory on large files.
...
This issue was fixed in master by refs #24072 .
2015-01-13 13:03:06 -05:00
69b5e66738
Fixed is_safe_url() to handle leading whitespace.
...
This is a security fix. Disclosure following shortly.
2015-01-13 13:03:06 -05:00
316b8d4974
Stripped headers containing underscores to prevent spoofing in WSGI environ.
...
This is a security fix. Disclosure following shortly.
Thanks to Jedediah Smith for the report.
2015-01-13 13:03:05 -05:00
958aeda4b5
Added stub release notes for security releases.
2015-01-13 13:03:05 -05:00
65246de7b1
Fixed #24031 -- Added CASE expressions to the ORM.
2015-01-12 18:15:34 -05:00
5d7217dce3
Fixed typo in docs/release/1.8.txt & added word for spelling check.
2015-01-12 17:53:32 -05:00
21b858cb67
Fixed #24060 -- Added OrderBy Expressions
2015-01-13 09:39:55 +11:00
f48e2258a9
Fixed #24133 -- Replaced formatting syntax in success_url placeholders
...
Thanks Laurent Payot for the report, and Markus Holtermann, Tim Graham
for the reviews.
2015-01-12 22:51:22 +01:00
79deb6a071
Accounted for multiple template engines in template responses.
2015-01-12 21:01:34 +01:00
a3e783fe11
Deprecated passing a Context to a generic Template.render.
...
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.
test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
2015-01-12 21:01:34 +01:00
a7c256cb54
Fixed #9893 -- Allowed using a field's max_length in the Storage.
2015-01-12 09:09:18 -05:00
b5c1a85b50
Fixed #24118 -- Added --debug-sql option for tests.
...
Added a --debug-sql option for tests and runtests.py which outputs the
SQL logger for failing tests. When combined with --verbosity=2, it also
outputs the SQL for passing tests.
Thanks to Berker, Tim, Markus, Shai, Josh and Anssi for review and
discussion.
2015-01-12 08:16:08 +00:00
d563e3be68
Fixed #23913 -- Deprecated the `=` comparison in `if` template tag.
2015-01-11 15:21:01 -05:00
be158e3625
Refs #24110 -- Added a more descriptive release note and fixed a spelling mistake.
2015-01-11 00:30:47 +01:00
fdc2cc9487
Fixed #24110 -- Rewrote migration unapply to preserve intermediate states
2015-01-10 23:14:15 +01:00
3d495cfd77
Added release notes and upgrade instructions for templates.
2015-01-10 20:17:20 +01:00
ee8d5b91e9
Wrote main documentation for templates.
2015-01-10 20:16:19 +01:00
07988744b3
Fixed #13165 -- Added edit and delete links to admin foreign key widgets.
...
Thanks to Collin Anderson for the review and suggestions and Tim for the
final review.
2015-01-10 12:24:52 -05:00
48ad288679
Fixed #24001 -- Added range fields for PostgreSQL.
...
Added support for PostgreSQL range types to contrib.postgres.
- 5 new model fields
- 4 new form fields
- New validators
- Uses psycopg2's range type implementation in python
2015-01-10 16:18:19 +00:00
74f02557e0
Fixed #23967 -- Added formats for Greek
2015-01-10 11:10:26 -05:00
d7bc37d611
Fixed #24097 -- Prevented AttributeError in redirect_to_login
...
Thanks Peter Schmidt for the report and the initial patch.
Thanks to Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
2015-01-10 10:05:02 +01:00
8f4877c89d
Fixed #22583 -- Allowed RunPython and RunSQL to provide hints to the db router.
...
Thanks Markus Holtermann and Tim Graham for the review.
2015-01-10 00:30:48 +07:00
c8bac4b556
Fixed #24098 -- Added no-op attributes to RunPython and RunSQL
...
Thanks Loïc Bistuer and Tim Graham for the discussion and review.
2015-01-09 10:31:32 -05:00
8fb7a0987c
Fixed a typo in 1.8 release notes.
2015-01-09 07:38:11 -05:00
c1493879d9
Fixed a typo in 1.8 release notes.
2015-01-08 16:02:18 -05:00
13e4156518
Fixed a typo in 1.8 release notes.
2015-01-08 15:12:40 -05:00
543df07720
Fixed #24073 -- Returned None for get_language when translations are deactivated
...
This fixes a regression caused by f7c287fca9
2015-01-08 17:43:07 +01:00
eaa1a22341
Added a request argument to render_to_string.
...
This is for consistency with Template.render.
It adds a little bit of knowledge about HTTP requests in
django.template.loader but I think consistency trumps purity.
2015-01-07 21:54:22 +01:00
f7c287fca9
Fixed #24073 -- Deactivated translations when leave_locale_alone is False
...
Thanks Tim Graham and Markus Holtermann for the reviews.
2015-01-07 20:11:24 +01:00
5a4ac4ead9
Fixed #24078 -- Removed empty strings from GenericIPAddressField
2015-01-07 08:08:36 -05:00
fb48eb0581
Fixed #12663 -- Formalized the Model._meta API for retrieving fields.
...
Thanks to Russell Keith-Magee for mentoring this Google Summer of
Code 2014 project and everyone else who helped with the patch!
2015-01-06 19:25:12 -05:00
2e65d56156
Fixed #20003 -- Improved and extended URLValidator
...
This adds support for authentication data (`user:password`) in URLs,
IPv6 addresses, and unicode domains.
The test suite has been improved by adding test URLs from
http://mathiasbynens.be/demo/url-regex (with a few adjustments,
like allowing local and reserved IPs).
The previous URL validation regex failed this test suite on 13
occasions, the validator was updated based on
https://gist.github.com/dperini/729294 .
2015-01-06 14:04:25 -05:00
27dd7e7271
Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware
...
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
2015-01-06 08:42:58 +01:00
de9ebdd39c
Fixed #24022 -- Deprecated the ssi tag.
2015-01-05 19:35:02 -05:00
ce17b045bf
Added 1.4.18 release notes.
2015-01-05 14:24:34 -05:00
c87ee41954
Fixed #23861 -- Added an API to deprecate model fields.
...
Thanks Markus Holterman and Berker Peksag for review.
2015-01-05 11:35:36 -05:00
6e1c9c6568
Fixed #8280 -- Allowed management command discovery for eggs
...
Thanks jdetaeye for the report, bhuztez and jdetaeye for the
initial patches, Tim Graham and Berker Peksag for the reviews.
2015-01-05 17:19:35 +01:00
d94fe42ae5
Forwardported release note for 4aed731154.
2015-01-05 10:55:48 -05:00
3d2cae0896
Fixed #24072 -- Added FileResponse for streaming binary files.
2015-01-05 10:51:52 -05:00
572ad9a92e
Added release note for PBKDF2 iteration count increase.
...
refs 6732566967
2015-01-03 13:43:13 -05:00
439f15beab
Added 1.7.3 release notes stub.
2015-01-03 13:27:08 -05:00
15cd71ed24
Added dates to release notes.
2015-01-02 19:20:18 -05:00
52f0b2b622
Updated six to 1.9.0.
2015-01-02 12:35:41 -05:00
f60c35cddc
Removed release note for refs #23891 as the backport proved too difficult.
2015-01-01 13:59:38 -05:00
Markus Holtermann
Tim Graham
Carl Meyer
Michał Modzelewski
Josh Smeaton
Claude Paroz
Aymeric Augustin
Pavel Shpilev
Marc Tamlyn
Ola Sitarska
Simon Charette
Serafeim Papastefanos
Loic Bistuer
Thomas Chaumeny
Sylvain Fankhauser
Daniel Pyrathon
Danilo Bargen
Preston Timmons
Collin Anderson