Commit Graph

20346 Commits

Author SHA1 Message Date
Shai Berger 8f9a4d3a2b [1.8.x] Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:19 -04:00
Tim Graham 574dd5e0b0 [1.8.x] Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:18 -04:00
Carl Meyer 66d12d1aba [1.8.x] Fixed #19324 -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:18 -04:00
Tim Graham 64e8a5f1bb [1.8.x] Added security release note stubs. 2015-07-08 15:23:18 -04:00
Tim Graham 2dbef35714 [1.8.x] Removed a confusing sentence in tutorial 5.
Backport of bdfce4db21 from master
2015-07-08 15:12:24 -04:00
Luke Plant 5e1fa14006 [1.8.x] Corrected example code for get_query_set upgrade in 1.6 release notes
The conditional setting of `get_query_set` is required for correct behaviour
if running Django 1.8. The full gory details are here:

http://lukeplant.me.uk/blog/posts/handling-django%27s-get_query_set-rename-is-hard/

Backport of f87e552d98 from master
2015-07-08 11:05:37 +01:00
Chris Bainbridge b252e0f350 [1.8.x] Refs #23882 -- Added detection for moved files when using inotify polling
Commit 15f82c7 ("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.

Backport of e5cfa394d7 from master
2015-07-07 12:26:36 -04:00
Andriy Sokolovskiy 6840aaf3c1 [1.8.x] Replaced try..except blocks by context manager in custom lookups tests
Backport of 13dca01af0 from master
2015-07-07 12:04:21 -04:00
Alexey Sveshnikov 8c417564c7 [1.8.x] Fixed #25059 -- Allowed Punycode TLDs in URLValidator
Backport of bc98bc56a5 from master
2015-07-06 15:11:43 -04:00
Tim Graham 73cbf08159 [1.8.x] Fixed #25051 -- Clarified return type of {% now %} tag.
Backport of a871cf422d from master
2015-07-04 08:49:05 -04:00
Luke e2acbfb69b [1.8.x] Fixed mistake in Model.from_db() example.
Backport of fd869cceac from master
2015-07-03 09:09:38 -04:00
Michael Manfre 342074f4a4 [1.8.x] Fixed #25055 -- Made m2m long name testing friendlier for 3rd party databases.
Backport of f9c3587b51 from master
2015-07-03 09:00:36 -04:00
Tim Graham cb3e9bc0d7 [1.8.x] Fixed #25056 -- Documented minimum version of jinja2 for testing.
Backport of ca58181bac from master
2015-07-03 08:22:34 -04:00
Tim Graham 92e1ace575 [1.8.x] Backported .gitignore and .hgignore from master. 2015-07-01 10:31:13 -04:00
Tim Graham 08b0b81a6a [1.8.x] Fixed #25041 -- Clarified difference between syncdb and migrate. 2015-07-01 10:15:29 -04:00
Claude Paroz 805e5b88e0 [1.8.x] Fixed typo in writing migrations docs
Backport of 3d7a713156 from master.
2015-07-01 09:17:10 +02:00
Marten Kenbeek 42aa919de9 [1.8.x] Refs #23621 -- Fixed warning message when reloading models.
Backport of aabb58428b from master
2015-06-30 15:01:22 -04:00
Tim Graham fdaf9359ab [1.8.x] Fixed #25038 -- Reverted incorrect documentation about inspectdb introspecting views.
This reverts commit e69eea73d9 (refs #24177).
2015-06-30 14:25:45 -04:00
Tim Graham 8922266a8d [1.8.x] Fixed #25033 -- Added context_processors.auth to documented admin dependencies.
Backport of f59667c121 from master
2015-06-27 14:27:28 -04:00
Noam fd61ce3817 [1.8.x] Fixed #25031 -- Fixed a regression in the unordered_list template filter.
Backport of e291fc4757 from master
2015-06-27 09:39:29 -04:00
Jason Hoos 4296801463 [1.8.x] Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children.
Backport of a50b66da30 from master
2015-06-26 09:15:59 -04:00
薛丞宏 a97e50c5e6 [1.8.x] Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3.
Backport of d3e12c9017 from master
2015-06-26 08:35:13 -04:00
Marten Kenbeek ae93aeed2b [1.8.x] Refs #24127 -- Added documentation for HttpRequest.current_app.
Backport of 6364df6887 from master
2015-06-25 14:11:16 -04:00
Tim Graham ae1d663b79 [1.8.x] Renamed RemovedInDjango20Warning to RemovedInDjango110Warning. 2015-06-23 07:22:16 -04:00
Wim Feijen 7439039806 [1.8.x] Updated indentation of example template in docs/topics/i18n/translation.txt.
Backport of 514b69cb9e from master
2015-06-22 15:42:30 -04:00
Tim Graham 252867ed2a [1.8.x] Fixed #25001 -- Doc'd caveat about collectstatic and removing INSTALLED_APPS.
Thanks aRkadeFR for the initial patch.

Backport of 5ae0dd6abf from master
2015-06-22 12:44:34 -04:00
Tim Graham bb8f69e901 [1.8.x] Simplified wording of Python support policy.
Backport of 256aebbdaa from master
2015-06-22 12:20:20 -04:00
Bipin Suresh 6aa618bae3 [1.8.x] Fixed #24983 -- Clarified contrib.sites Site.domain is fully qualified.
Backport of 34047b23e2 from master
2015-06-22 09:41:18 -04:00
Tim Graham 5cc1f13d15 [1.8.x] Fixed #25010 -- Documented APP_DIRS default in startproject's settings.py
Backport of 4a66564888 from master
2015-06-20 19:32:40 -04:00
Markus Holtermann f64a3de2d4 [1.8.x] Fixed #24940 -- Made model managers hashable
Thanks Federico Jaramillo Martínez for the report and Tim Graham for the
test and review.

Backport of d3d66d4722 from master
2015-06-19 19:15:01 +02:00
johannes.linke aa00f48280 [1.8.x] Fixed #24881 -- Clarified Meta.order_with_respect_to documentation
Backport of 27c839e0fc from master
2015-06-19 07:03:16 -04:00
Tim Graham f501f4d41c [1.8.x] Added Python version support policy
Partial backport of 7f1168e387 from master
2015-06-18 12:23:46 -04:00
Tim Graham ac518c8722 [1.8.x] Fixed outdated Python version support info in docs/topics/install.txt
Backport of ebd183a18c from master
2015-06-17 11:28:48 -04:00
Tim Graham 9d5c45beae [1.8.x] Removed usage of string-based url() in auth docs.
Backport of 58665dded0 from master
2015-06-17 09:46:15 -04:00
Andriy Sokolovskiy 8abe2d0643 [1.8.x] Fixed #24948 -- Fixed crash when uploading bitmap images in forms.ImageField
Backport of cf6ce279c7 from master
2015-06-16 14:38:25 -04:00
Tim Graham 8050e6282e [1.8.x] Refs #24987 -- Documented that Client.login() rejects inactive users.
Backport of fbc618c13c from master
2015-06-16 12:47:27 -04:00
Adam Brenecki 0e3a80fa68 [1.8.x] Fixed #24972 -- Fixed removing unique_together indexes on MySQL.
Backport of 65296b3be3 from master
2015-06-15 17:32:07 -04:00
Brian King c58755d875 [1.8.x] Fixed #24912 -- Fixed prefetch_related failure for UUIDField primary keys
This resolves a problem on databases besides PostgreSQL when using
prefetch_related with a source model that uses a UUID primary key.

Backport of bfb5b7150f from master
2015-06-15 17:31:50 -04:00
Tim Graham 062ce508b0 [1.8.x] Fixed flake8 warnings on Python 3.
Backport of 47fcbe506c from master
2015-06-15 13:01:41 -04:00
Tim Graham 53323a5c23 [1.8.x] Removed obsolete literals_to_xrefs.py script.
Backport of ccfb5c7408 from master
2015-06-15 13:01:32 -04:00
Tim Graham 737ddb4d24 [1.8.x] Added ALLOWED_HOSTS and SERVER_EMAIL details to deployment checklist.
Backport of b34d16b78d from master
2015-06-11 13:44:23 -04:00
Nick Smith ffbb6d4742 [1.8.x] Used PEP 8 style indentation in forms docs.
Backport of b9bf61ce61 from master
2015-06-11 12:22:24 -04:00
Rivo Laks 76c526f80e [1.8.x] Fixed #24769 -- Cast optparse verbosity argument to an integer for better backwards compatibility.
Using `BaseCommand.options_list` makes Django use the legacy optparse
parser, which does not set the verbosity attribute correctly. Now the
verbosity argument is always cast to int. Regression in 8568638 (#19973).

Initial report and patch from blueyed.

Backport of a0047c6242 from master
2015-06-09 19:05:16 -04:00
Tim Graham 8bc18ebf0f [1.8.x] Fixed #24903 -- Fixed assertRaisesMessage on Python 2.7.10.
A regression in Python 2.7.10 rc1 wasn't reverted in the final
release: https://bugs.python.org/issue24134

Backport of two commits from master:
* c2bc1cefdc
* e89c3a4603
2015-06-09 17:54:33 -04:00
Daniel Roseman b3f61f6e08 [1.8.x] Fixed #24961 -- Added links to all auth docs pages from index.
Backport of fd0949181f from master
2015-06-09 12:44:07 -04:00
argaen f85780ada0 [1.8.x] Fixed import in docs/ref/contrib/syndication.txt
Backport of 1725d00991 from master
2015-06-09 12:37:54 -04:00
Matt Deacalion Stevens 7ae470cfe2 [1.8.x] Clarified the default form widgets for model number fields in docs
Backport of 77f3d7adb1 from master
2015-06-09 12:33:37 -04:00
Nik Nyby 1e0a5b796c [1.8.x] Fixed typos in docs/topics/python3.txt
Backport of f67127e0af from master
2015-06-09 10:37:49 -04:00
Tim Graham 9cf5c4dcff [1.8.x] Fixed #24956 -- Fixed typo in docs/ref/forms/widgets.txt
Backport of 9f825b9e28 from master
2015-06-08 15:20:32 -04:00
Alasdair Nicol a22a1b3e23 [1.8.x] Fixed #24952 -- Fixed example SQL in Func() expressions docs
Backport of 1f5b067710 from master
2015-06-08 10:56:46 -04:00