Mariusz Felisiak
8d7271578d
Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
...
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
007gzs
2bc38bc7ca
Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar.
2020-09-01 07:51:22 +02:00
Federico Jaramillo Martínez
179d9dc0c2
Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
...
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
Simon Charette
f6405c0b8e
Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
...
The optimization introduced in 7acef095d7
did not properly handle
deletion involving filters against aggregate annotations.
It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031
.
Thanks Anton Plotkin for the report.
Refs #23576 .
2020-08-31 08:11:28 +02:00
Mariusz Felisiak
0be51d2226
Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
...
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
Kevin Michel
825ce75fae
Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
...
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.
This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.
Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
Mariusz Felisiak
e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator.
...
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.
Thanks tytusd and leonyxz for reports.
Regression in edeec1247e
and
26554cf5d1
.
2020-08-28 05:57:36 +02:00
Mariusz Felisiak
1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
...
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.
Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
Kaustubh
b9be11d442
Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field.
2020-08-26 09:43:39 +02:00
Michael Galler
547a07fa7e
Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
Mariusz Felisiak
0b0658111c
Removed trailing whitespace in 3.2 release notes.
2020-08-25 10:02:56 +02:00
Cleiton de Lima
9f8c7d2b4b
Moved CreateExtension release notes into django.contrib.postgres section.
2020-08-25 06:13:19 +02:00
Mariusz Felisiak
bb8f66934d
Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context."
...
This reverts commit 4ed534758c
.
2020-08-24 11:37:59 +02:00
Mariusz Felisiak
04e87e79a0
Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning."
...
This reverts commit 20799cc0a6
.
2020-08-24 11:37:59 +02:00
Kaustubh
3e753d3de3
Fixed #31925 -- Fixed typo in docs/releases/3.0.txt.
2020-08-21 09:47:37 +02:00
Mariusz Felisiak
4376c2c7f8
Fixed #31895 -- Fixed crash when decoding invalid session data.
...
Thanks Matt Hegarty for the report.
Regression in d4fff711d4
.
2020-08-19 12:06:00 +02:00
Mariusz Felisiak
35b03788b0
Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms.
...
Follow up to 162765d6c3
.
2020-08-18 09:37:15 +02:00
Mariusz Felisiak
3254991762
Refs #20347 -- Allowed customizing the maximum number of instantiated forms in generic_inlineformset_factory().
...
Follow up to 433dd737f9
.
2020-08-18 09:37:15 +02:00
Jon Dufresne
dd5173ca1b
Fixed #31892 -- Added backward incompatibility note about Media <script> tags changes.
...
Refs 31080.
2020-08-17 10:13:18 +02:00
Ahmad A. Hussein
61a0ba43cf
Refs #31811 -- Added optional timing outputs to the test runner.
2020-08-13 17:17:15 +02:00
Mariusz Felisiak
21768a99f4
Refs #31863 -- Added release notes for 94ea79be13
.
2020-08-13 16:29:55 +02:00
Adam Johnson
20799cc0a6
Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning.
...
SimpleLazyObjects cause a crash when filtering.
Thanks Tim L. White for the report.
Regression in 4ed534758c
.
2020-08-13 07:26:10 +02:00
Tom Carrick
63300f7e68
Fixed #21181 -- Added Collate database function.
...
Thanks Simon Charette for reviews.
2020-08-11 22:21:08 +02:00
Daniel Hillier
60626162f7
Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()).
2020-08-11 11:55:10 +02:00
Carlton Gibson
0aeb802cf0
Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging.
...
Thanks to Mariusz Felisiak for review.
2020-08-11 11:42:15 +02:00
Mariusz Felisiak
8a5683b6b2
Added stub release notes for 2.2.16 and 3.0.10.
2020-08-11 10:31:44 +02:00
Uri
b2b0711b55
Refs #31864 -- Doc'd that DEFAULT_HASHING_ALGORITHM requires 3.1.1+ in release notes.
2020-08-08 17:32:28 +02:00
Mariusz Felisiak
99abfe8f4d
Fixed #31864 -- Fixed encoding session data during transition to Django 3.1.
...
Thanks אורי for the report.
2020-08-07 21:42:39 +02:00
Nick Pope
0a306f7da6
Fixed #25513 -- Extracted admin pagination to Paginator.get_elided_page_range().
2020-08-06 12:38:56 +02:00
Nick Pope
b203ec70fd
Refs #25513 -- Adjusted admin pagination to be 1-indexed.
2020-08-06 12:38:56 +02:00
Mariusz Felisiak
e70dc506d7
Fixed #31854 -- Fixed wrapping of long model names in admin's sidebar.
2020-08-05 10:54:25 +02:00
007gzs
b0af56f639
Fixed #31853 -- Fixed wrapping of translated action labels in admin sidebar.
2020-08-05 10:24:16 +02:00
Jacob Walls
c7e7f176c1
Fixed #26977 -- Made abstract models raise TypeError when instantiating.
2020-08-05 06:37:04 +02:00
Mariusz Felisiak
6c19230297
Added stub release notes for 3.1.1.
2020-08-04 10:34:38 +02:00
Mariusz Felisiak
df37c2ec76
Finalized release notes for Django 3.1.
2020-08-04 09:47:34 +02:00
Mariusz Felisiak
d907371ef9
Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
...
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.
Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Mariusz Felisiak
b68b8cb89a
Added release date for 2.2.15 and 3.0.9.
2020-08-03 08:52:28 +02:00
Mariusz Felisiak
1d6fdca557
Refs #27468 -- Added tests and release notes for signing.dumps()/loads() changes.
...
Follow up to 71c4fb7beb
.
2020-07-31 22:05:02 +02:00
Alexandr Tatarinov
f4ac167119
Fixed #27719 -- Added QuerySet.alias() to allow creating reusable aliases.
...
QuerySet.alias() allows creating reusable aliases for expressions that
don't need to be selected but are used for filtering, ordering, or as
a part of complex expressions.
Thanks Simon Charette for reviews.
2020-07-31 13:19:33 +02:00
Viktor Garske
1173db4a16
Fixed #31822 -- Added support for comments URL per feed item.
...
The item_comments hook returns a comments URL which is then used by the
feed builder.
2020-07-30 07:36:27 +02:00
David Smith
95da207bdb
Fixed #28507 -- Made ValidationError.__eq__() ignore messages and params ordering.
...
Co-authored-by: caleb logan <clogan202@gmail.com>
2020-07-29 12:04:13 +02:00
Florian Demmer
16218c2060
Fixed #27395 -- Added sitemap 'alternates' generation.
...
Updated the sitemap generator and default template to optionally
include link elements with hreflang attribute to alternate language
URLs.
2020-07-29 11:48:29 +02:00
Florian Apolloner
948a874425
Fixed #29324 -- Made SECRET_KEY validation lazy (on first access).
2020-07-29 09:06:54 +02:00
Mariusz Felisiak
ba691933ce
Fixed #31836 -- Dropped support for JSONField __contains and __contained_by lookups on SQLite.
...
The current implementation works only for basic examples without
supporting nested structures and doesn't follow "the general principle
that the contained object must match the containing object as to
structure and data contents, possibly after discarding some
non-matching array elements or object key/value pairs from the
containing object".
2020-07-28 13:06:52 +02:00
Jon Dufresne
83fbaa9231
Fixed #31806 -- Made validators include the value in ValidationErrors.
2020-07-27 13:03:26 +02:00
Tim Graham
ff55adbd0d
Reverted "Fixed #30300 -- Allowed migrations to be loaded from directories without __init__.py file."
...
This reverts commit 3cd3bebe89
.
2020-07-22 07:04:06 +02:00
Aymeric Augustin
3f2821af6b
Fixed #31180 -- Configured applications automatically.
2020-07-21 10:35:12 +02:00
Florian Apolloner
96a3ea39ef
Fixed #31784 -- Fixed crash when sending emails on Python 3.6.11+, 3.7.8+, and 3.8.4+.
...
Fixed sending emails crash on email addresses with display names longer
then 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+.
Wrapped display names were passed to email.headerregistry.Address()
what caused raising an exception because address parts cannot contain
CR or LF.
See https://bugs.python.org/issue39073
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-07-20 07:10:40 +02:00
Mariusz Felisiak
3d16496037
Bumped asgiref requirement to >= 3.2.10.
...
Forwardported 3.1 release notes from 474f65406f
.
2020-07-17 21:15:21 +02:00
Tim Park
8fa9a6d29e
Fixed #31623 -- Allowed specifying number of adjacent time units in timesince()/timeuntil().
2020-07-16 09:44:28 +02:00