Commit Graph

9006 Commits

Author SHA1 Message Date
John-Mark Bell 4b129ac81f Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string. 2016-03-07 13:19:39 -05:00
Michal Petrucha 2109975e90 Refs #26217 -- Fixed typo in docs/ref/class-based-views/generic-date-based.txt. 2016-03-05 19:40:33 -05:00
Jon Dufresne 1845bc1d10 Refs #26315 -- Cleaned up argparse options in commands.
* Removed type coercion. Options created by argparse are already coerced
  to the correct type.
* Removed fallback default values. Options created by argparse already
  have a default value.
* Used direct indexing. Options created by argparse are always set. This
  eliminates the need to use dict.get().
2016-03-05 13:19:29 -05:00
Jon Dufresne 4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Tim Graham 9ed4a788aa Refs #26312 -- Reworded tutorial 2 to avoid spelling "error". 2016-03-05 10:58:45 -05:00
Tim Graham bc0410d98a Fixed typo in docs/releases/1.8.12.txt. 2016-03-05 10:02:29 -05:00
Tim Graham c960af4adb Added stub release notes for 1.9.5/1.8.12. 2016-03-05 10:00:40 -05:00
Bob McDonald b388c294eb Fixed #26312 -- Documented "create database" requirement in tutorial 2. 2016-03-05 09:09:00 -05:00
Tim Graham e19fc9f08a Removed claim that you can use different database backends for Django's tests.
Such as a setup isn't tested through continuous integration and therefore
isn't likely to work reliably.
2016-03-05 08:42:18 -05:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Tim Graham cecbf1bdef Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
Tim Graham 2f0c785a4c Added stub release notes for 1.8.11. 2016-03-04 09:47:43 -05:00
Tim Graham de8a11ba18 Fixed #26321 -- Added missing "for_save" parameter in expressions example.
Thanks tomaszn for the patch.
2016-03-03 19:36:03 -05:00
Tim Graham c0181f2c1f Fixed #26310 -- Documented that a queryset ordering must be specified to ensure ordered results.
Thanks Simon Charette for review.
2016-03-03 17:54:07 -05:00
Simon Charette d0451e4cad Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf.
Thanks Tim for the review.
2016-03-03 12:08:49 -05:00
Alasdair Nicol 2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Simon Charette c92123cc1d Fixed #26226 -- Made related managers honor the queryset used for prefetching their results.
Thanks Loïc for the suggested improvements and Tim for the review.
2016-03-02 16:10:18 -05:00
Tim Graham 1d17bb4f7d Refs #19527 -- Fixed typo in docs/ref/models/querysets.txt. 2016-03-02 15:54:46 -05:00
Marc Tamlyn 8ddc79a799 Fixed #26285 -- Deprecated the MySQL-specific __search lookup. 2016-03-02 14:41:56 -05:00
acrefoot 04240b2365 Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects.
PostgreSQL support only.

Thanks Vladislav Manchev and alesasnouski for working on the patch.
2016-03-02 14:29:09 -05:00
Dmitry Dygalo 5155c2b458 Fixed typo in 1.9.3/1.8.10 release date. 2016-03-02 07:08:36 -05:00
Alasdair Nicol 8c42cf0cbd Fixed #26303 -- Updated links to mod_wsgi docs. 2016-03-01 19:22:32 -05:00
Tim Graham 33db899a21 Fixed #25814 -- Added changing #django topic to release checklist. 2016-03-01 13:02:03 -05:00
Tim Graham 2e895d2870 Added stub release notes for 1.9.4. 2016-03-01 12:39:01 -05:00
Tim Graham 24fc935218 Added CVE-2016-2512/2513 to security release archive. 2016-03-01 12:32:42 -05:00
Florian Apolloner 67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham f43291639b Added stub release notes for security issues. 2016-03-01 11:25:28 -05:00
Michal Petrucha fe8ea3ba3b Fixed #26217 -- Added a warning about format strings to WeekArchiveView docs. 2016-03-01 10:29:52 -05:00
acemaster a1b1688c7d Fixed #26165 -- Added some FAQs about CSRF protection.
Thanks Florian Apolloner and Shai Berger for review.
2016-03-01 08:45:05 -05:00
Taranjeet 11a8207d42 Fixed typos in docs/ref/models/meta.txt. 2016-03-01 08:33:27 -05:00
Simon Charette 0223e213dd Fixed #26186 -- Documented how app relative relationships of abstract models behave.
This partially reverts commit bc7d201bdb.

Thanks Tim for the review.

Refs #25858.
2016-02-29 22:07:05 -05:00
Shai Berger 72e5778b23 Minor fixes for release-process doc fix
As suggested by Tim Graham
2016-02-28 19:30:18 +02:00
Shai Berger 3dd4e9203a Fixed docs: release-process, Supported Versions section, concrete example
Security & data loss fixes are applied to the two last feature releases,
not just one.

Thanks Loic Bistuer for review
2016-02-28 18:44:47 +02:00
chenesan b84f5ab4ec Fixed #26230 -- Made default_related_name affect related_query_name. 2016-02-27 08:48:32 -05:00
inondle 5fb9756eba Fixed #26275 -- Noted difference between o and Y date format chars. 2016-02-27 08:05:12 -05:00
Simon Charette 3938b3ccaa Fixed #26286 -- Prevented content type managers from sharing their cache.
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.

Thanks Tim for the review.

Refs #23822.
2016-02-26 16:18:16 -05:00
Tim Graham b9519b2730 Added 'prefetches to docs/spelling_wordlist. 2016-02-26 16:06:34 -05:00
Adam Chainz ef33bc2d4d Fixed #25279 -- Made prefetch_related_objects() public. 2016-02-26 14:55:01 -05:00
Simon Charette 766afc22a1 Fixed #24793 -- Unified temporal difference support. 2016-02-26 12:25:12 -05:00
Ivan Tsouvarev 8890c533e0 Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template. 2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus bbe136e1a2 Fixed #26231 -- Used .get_username in admin login template. 2016-02-25 19:29:53 -05:00
Tim Graham 22d2a5b00a Corrected a run on sentence in doc/topics/db/models.txt. 2016-02-25 14:22:41 -05:00
Tim Graham 1f8cfcf3b4 Fixed #26278 -- Clarified apps.ready docs. 2016-02-25 08:55:10 -05:00
Tim Graham 7a7e403325 Refs #26270 -- Reorganized TestCase docs. 2016-02-25 07:58:22 -05:00
Olivier Le Thanh Duong 10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Tim Graham 441c537b66 Fixed a function signature in docs/topics/auth/default.txt. 2016-02-24 16:24:33 -05:00
Claude Paroz c5517b9e74 Fixed #26266 -- Output the primary key in the GeoJSON serializer properties
Thanks Tim Graham for the review.
2016-02-24 16:10:46 +01:00
Tim Graham 6637cd0ef2 Removed docs of deprecated SimpleTestCase warnings behavior.
Removed in Django 1.7 (4f6be9a0c4).
2016-02-24 09:57:39 -05:00
Jon Dufresne b412681359 Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets. 2016-02-24 07:02:51 -05:00
James Aylett 1ff6e37de4 Fixed #23832 -- Added timezone aware Storage API.
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
2016-02-23 18:51:43 -05:00
Andrew Kuchev e81d1c995c Fixed #25670 -- Allowed dictsort to sort a list of lists.
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
Tim Graham cdbd8745f6 Fixed #26263 -- Deprecated Context.has_key() 2016-02-23 08:08:55 -05:00
Claude Paroz b46c0ea6c8 Fixed #26190 -- Returned handle() result from call_command
Thanks Tim Graham for the review.
2016-02-23 09:12:12 +01:00
Tim Graham 47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Markus Holtermann b14470c7b7 Fixed spelling error 2016-02-23 10:24:38 +11:00
Tim Graham 5a541e2e6c Fixed #26188 -- Documented how to wrap password hashers. 2016-02-22 17:21:45 -05:00
Tim Graham 33a4040d07 Refs #26253 -- Forwardported release note. 2016-02-22 17:19:08 -05:00
Daniel Quinn de7edc005f Fixed import location of check_password() in docs. 2016-02-22 12:42:47 -05:00
Claude Paroz d43156e1e9 Fixed #26238 -- Raised explicit error for non-editable field in ModelForm
Thanks Luke Crouch for the report and Simon Charette for the review.
2016-02-21 00:24:20 +01:00
Akshesh 6670da75ff Fixed #25653 -- Made --selenium run only the selenium tests. 2016-02-19 14:21:00 -05:00
Tim Graham 032f5a7896 Refs #25735 -- Made @tag decorator importable from django.test. 2016-02-19 14:21:00 -05:00
Raphael Michel 5c31d8d189 Fixed #26243 -- Noted that 'python -R' is enabled by default in Python 3.3. 2016-02-19 10:50:15 -05:00
Sergey Fedoseev 23e1ad537a Fixed #25974 -- Switched GIS docs to 4 spaces indentation. 2016-02-19 09:27:32 -05:00
Sergey Fedoseev dbaa1a6b59 Fixed some code blocks indentation in GIS docs. 2016-02-19 08:34:38 -05:00
Tim Graham b1afebf882 Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator.
Thanks Shai Berger for the review.
2016-02-18 19:06:49 -05:00
Akshesh d58aaa24e3 Fixed #26107 -- Added option to int_list_validator() to allow negative integers. 2016-02-18 18:58:18 -05:00
Tim Graham b954ad0640 Added intended use in the admin's introduction. 2016-02-18 08:50:22 -05:00
Akshesh fdccc02576 Fixed #26219 -- Fixed crash when filtering by Decimal in RawQuery. 2016-02-17 13:56:42 -05:00
Tim Graham 88034c9938 Fixed #25687 -- Documented how to add database function support to third-party backends.
Thanks Kristof Claes for the initial patch.
2016-02-17 13:36:12 -05:00
Berker Peksag f0425c7260 Refs #19353 -- Added tests for using custom user models with built-in auth forms.
Also updated topics/auth/customizing.txt to reflect that subclasses of
UserCreationForm and UserChangeForm can be used with custom user models.

Thanks Baptiste Mispelon for the initial documentation.
2016-02-17 10:26:07 -05:00
Jakub Paczkowski d4dc775620 Fixed #25735 -- Added support for test tags to DiscoverRunner.
Thanks Carl Meyer, Claude Paroz, and Simon Charette for review.
2016-02-17 09:44:18 -05:00
Jon Dufresne 0db7e61076 Followed recommended ValidationError use in docs. 2016-02-17 09:05:33 -05:00
Juan José Conti bb7042cdab Used relative models imports in the GIS tutorial. 2016-02-16 23:24:29 -05:00
Claude Paroz 928c12eb1a Fixed #26215 -- Fixed RangeField/ArrayField serialization with None values
Also added tests for HStoreField and JSONField.
Thanks Aleksey Bukin for the report and Tim Graham for the initial patch and
the review.
2016-02-16 21:07:05 +01:00
Tim Graham 6a71ac61bd Fixed possible "RuntimeError: maximum recursion depth exceeded" building docs. 2016-02-16 07:30:32 -05:00
Ryan Nowakowski 11af73eaeb Fixed #26221 -- Used find_packages() in reusable apps tutorial.
Otherwise the migrations package won't be included in the tarball.
2016-02-15 19:25:26 -05:00
Alexey Kotlyarov b59f963ad2 Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable. 2016-02-15 11:44:29 -05:00
Jon Dufresne fcd08c1757 Fixed #11665 -- Made TestCase check deferrable constraints after each test. 2016-02-13 06:53:39 -05:00
Camilo Nova a6f856df52 Added import in docs/topics/email.txt example. 2016-02-12 13:44:38 -05:00
Mounir Messelmeni 50931dfa53 Fixed #25304 -- Allowed management commands to check if migrations are applied. 2016-02-12 13:34:56 -05:00
Tim Graham 004ba0f99e Removed unneeded hint=None/obj=None in system check messages. 2016-02-12 13:01:25 -05:00
Markus Holtermann 228427ab1a Fixed allow_migrate() signature in documentation 2016-02-12 14:16:03 +11:00
Johannes Linke 02430ef19d Fixed #26111 -- Clarified that fixtures are loaded once per TestCase. 2016-02-11 18:45:40 -05:00
Becka R cf48962b36 Clarified "database column type" explanation. 2016-02-11 18:26:46 -05:00
Anssi Kääriäinen 46ecfb9b3a Fixed #26196 -- Made sure __in lookups use to_field as default.
Thanks Simon Charette for the test.
2016-02-11 11:09:08 -05:00
ZachLiuGIS 04e13c8913 Fixed #26179 -- Removed null assignment check for non-nullable foreign key fields. 2016-02-11 10:07:39 -05:00
Anssi Kääriäinen 353aecbf8c Fixed #26153 -- Reallowed Q-objects in ForeignObject.get_extra_descriptor_filter(). 2016-02-11 08:59:43 -05:00
Tim Graham 1d86d4c72b Updated instructions for gettext on Windows. 2016-02-11 08:45:55 -05:00
Tim Graham f2b45ddd99 Fixed #26206 -- Fixed docs comments causing empty code blocks. 2016-02-11 07:58:15 -05:00
Curtis Maloney 6f1318734f Fixed #26014 -- Added WSGIRequest content_type and content_params attributes.
Parsed the CONTENT_TYPE header once and recorded it on the request.
2016-02-10 18:19:23 -05:00
Brobin dca8b916ff Fixed #26154 -- Deprecated CommaSeparatedIntegerField 2016-02-10 17:57:43 -05:00
Shai Berger bb51dc902d Refs #26112 -- Fixed aggregate GIS test on Oracle.
Made sure the test doesn't try to aggregate over MultiPolygonField and made
AreaField turn decimals into floats on the way from the DB.

Thanks Daniel Wiesmann, Jani Tiainen, and Tim Graham for review and discussion.
2016-02-09 10:04:54 -05:00
userimack 75143fa13f Fixed #26182 -- Removed an obsolete (refs #24917) paragraph in admindocs. 2016-02-09 09:49:12 -05:00
userimack 7a7b82e6f4 Fixed #26181 -- Corrected AngularJS CSRF example. 2016-02-09 09:22:23 -05:00
Simon Charette a325fb1f9b Fixed #26162 -- Checked query name clashes of hidden relationships.
Although reverse accessor clashes should be skipped query name can't be hidden.

Thanks to Ian Foote and Tim Graham for the review.
2016-02-08 09:59:27 -05:00
Tim Graham 10a162809f Refs #24007 -- Removed an apps.populate() call in model unpickling that can cause deadlocks. 2016-02-08 08:28:48 -05:00
Tim Graham 97eb3356b2 Fixed #26177 -- Fixed a PostgreSQL crash with TIME_ZONE=None and USE_TZ=False. 2016-02-08 07:21:54 -05:00
Shai Berger 28f60ef3b8 Fixed title formatting in backwards-incompat section of 1.10 release notes 2016-02-06 21:10:36 +02:00