p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
27,224 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

11240 Commits

Author SHA1 Message Date
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Claude Paroz 0468159763 Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. 2019-08-18 13:17:49 +02:00
Claude Paroz 7203efb799 Fixed #30694 -- Documented FileResponse does not seek its file source. 2019-08-17 09:20:36 +02:00
Adnan Umer 6805c0f99f Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231. 2019-08-16 15:25:42 +02:00
zeyneloz 00035672a4 Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering. 
Regression in 6d4e5feb79.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-08-15 10:29:05 +02:00
Mariusz Felisiak 1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params. 
Regression in 4f5b58f5cd.

Thanks Florian Apolloner for the report and helping with tests.
 2019-08-14 15:25:35 +02:00
Claude Paroz eed2e740f7 Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path. 
Thanks Nikita Krokosh for the initial patch.
 2019-08-13 19:44:10 +02:00
Akash Agrawal c1b26c77a9 Fixed #30696 -- Removed obsolete mention of CheckConstraint in the AddConstraint docs. 
Follow up to 8eae094638.
 2019-08-11 15:39:48 +02:00
Akash Agrawal af08a54415 Fixed #30670 -- Doc'd SchemaEditor.add/remove_constraint(). 2019-08-11 03:26:44 +02:00
Carlton Gibson 514efa3129 Fixed #30688 -- Clarified base_manager_name docs. 2019-08-09 10:08:06 +02:00
Adnan Umer 8d3519071e Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning. 2019-08-08 21:14:06 +02:00
Andrew Godwin 052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak 1af469e67f Added stub release notes for 2.2.5. 2019-08-02 20:32:21 +02:00
niauah 75f8264083 Corrected StreamingHttpResponse.streaming_content description in docs. 2019-08-02 16:37:49 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
Carlton Gibson a5652eb795 Added CVE-2019-14235 to security release archive. 2019-08-01 12:01:27 +02:00
Carlton Gibson 3a6a2f5eaf Added CVE-2019-14234 to security release archive. 2019-08-01 11:59:45 +02:00
Carlton Gibson 9600f63885 Added CVE-2019-14233 to security release archive. 2019-08-01 11:57:24 +02:00
Carlton Gibson 87750787d1 Added CVE-2019-14232 to the security release archive. 2019-08-01 11:54:24 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection. 
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
 2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope 1692f69e37 Refs #30160 -- Doc'd startapp/startproject support for tarfile templates. 2019-07-31 09:46:24 +02:00
Nick Pope 69a30f620e Refs #30160 -- Simplified archive extension map and added other aliases. 2019-07-31 09:46:17 +02:00
daniel a rios 68aeb90160 Fixed #30656 -- Added QuerySet.bulk_update() to the database optimization docs. 2019-07-29 09:52:29 +02:00
daniel a rios fe33fdc049 Refs #30656 -- Reorganized bulk methods in the database optimization docs. 2019-07-29 09:52:29 +02:00
Jon Dufresne 4122d9d3f1 Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames. 
Regression in 519016e5f2.
 2019-07-27 12:04:56 +02:00
Carlton Gibson f13147c8de Added stub release notes for security releases. 2019-07-25 10:49:30 +02:00
Jon Dufresne 5ed20b3aa3 Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute. 
Allows model fields to override the descriptor class used on the model
instance attribute.
 2019-07-25 08:15:20 +02:00
Tom Forbes fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
terminator14 8323691de0 Fixed typo in docs/topics/http/sessions.txt. 2019-07-23 15:10:58 +02:00
Tom Forbes 2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Mariusz Felisiak fc1182af01 Refs #30083 -- Added a warning about performing queries in pre/post_init receivers. 
Thanks Carlton Gibson the review.
 2019-07-19 16:06:05 +02:00
Mariusz Felisiak a2e1c17f19 Refs #30083 -- Clarified database state of instances in signals.pre_init docs. 2019-07-19 16:06:05 +02:00
Davit Gachechiladze 7f612eda80 Fixed #30648 -- Removed unnecessary overriding get_context_data() from mixins with CBVs docs. 2019-07-18 18:40:40 +02:00
Mariusz Felisiak 230d75f59c
Refs #30547 -- Clarified that partial UniqueConstraints don't affect model validation. 2019-07-18 12:56:25 +02:00
Mads Jensen a3417282ac Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL. 
Thanks to Nick Pope and Mariusz Felisiak for review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-07-16 18:04:41 +02:00
Mads Jensen 7174cf0b00 Refs #29824 -- Added RangeOperators helper class. 2019-07-16 16:57:46 +02:00
Mariusz Felisiak ad4e83a6d1
Fixed heading level typo in docs/ref/contrib/postgres/fields.txt. 2019-07-16 15:08:14 +02:00
Frank Wiles fa65b90a96 Updated WSGI servers ordering according to the more commonly used. 2019-07-16 14:43:59 +02:00
Frank Wiles c1b94e32fb Fixed explanation of how to automatically create tables in database. 2019-07-15 11:04:30 +02:00
Hasan Ramezani 8dd5877f58 Doc'd --no-input option for createsuperuser. 2019-07-11 10:25:39 +02:00
Johannes Hoppe 00d4e6f8b5 Updated Select2 to version 4.0.7. 2019-07-10 12:31:16 +02:00
Mariusz Felisiak 7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type. 
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.

Regression in 6b048b364c.
 2019-07-10 10:33:36 +02:00
Simon Charette ee6e93ec87 Fixed #30628 -- Adjusted expression identity to differentiate bound fields. 
Expressions referring to different bound fields should not be
considered equal.

Thanks Julien Enselme for the detailed report.

Regression in bc7e288ca9.
 2019-07-10 07:46:08 +02:00
Mariusz Felisiak 24e8f7f7d3 Fixed typos in docs/ref/django-admin.txt. 2019-07-09 13:38:11 +02:00