Commit Graph

2719 Commits

Author SHA1 Message Date
Claude Paroz 122c90a43b Fixed #27305 -- Removed BaseCommand.can_import_settings unused attribute
Thanks Tim Graham for the review.
2016-10-02 20:31:56 +02:00
Tim Graham bae1160c3f Added stub release notes for 1.10.3. 2016-10-01 16:11:54 -04:00
Claude Paroz 67eee5e4fa Fixed #27302 -- Fixed ModelAdmin.construct_change_message() changed field detection
Thanks Ramiro Morales for the report and Tim Graham for the review.
2016-10-01 20:14:27 +02:00
Tim Graham aa7dc2dc39 Added release date for 1.10.2. 2016-10-01 11:48:11 -04:00
Claude Paroz fa2f55cfd5 Refs #26940 -- Re-allowed makemessages without settings
Thanks Tim Graham for the review.
2016-10-01 14:57:16 +02:00
Tim Graham 87c5e7efeb Refs #27186 -- Fixed model form default fallback for CheckboxSelectMultiple. 2016-09-30 14:49:50 -04:00
Tim Graham cc282fa731 Updated links to the current version of PostGIS docs. 2016-09-30 09:26:20 -04:00
Tim Graham 9819676676 Updated links to the current version of MySQL docs. 2016-09-30 09:14:17 -04:00
Tim Graham eb4d4376fc Normalized spelling of "Web server/page" in docs. 2016-09-29 19:51:59 -04:00
Rinat Khabibiev 9e07a9b5fe Fixed #27226 -- Removed patch_response_headers()'s setting of the Last-Modified header. 2016-09-28 09:09:09 -04:00
Alasdair Nicol 3203171832 Fixed 27283 -- Fixed typo in 1.8 release notes. 2016-09-28 06:50:49 -04:00
levental 617e36dc1e Fixed #20705 -- Allowed using PasswordResetForm with user models with an email field not named 'email'. 2016-09-27 11:59:00 -04:00
Sergey Fursov 6709ea4ae9 Fixed #27271 -- Fixed a crash in runserver logging.
Allowed ServerFormatter to handle simple string messages or messages with
formatting arguments. The formatter will set the server_time variable on
the log record if it's required by the format string but wasn't passed in
extra parameters.
2016-09-27 09:46:07 -04:00
Tim Graham 6fe846a8f0 Added CVE-2016-7401 to the security release archive. 2016-09-26 18:01:19 -04:00
Tim Graham a46742e738 Added a CVE role for Sphinx. 2016-09-26 15:48:40 -04:00
Tim Graham c6a3109e20 Added release notes for 1.9.10 and 1.8.15 releases. 2016-09-26 13:55:21 -04:00
François Freitag a5e13a0b92 Fixed #27118 -- Made QuerySet.get_or_create()/update_or_create() error for a non-field in their arguments. 2016-09-24 20:16:16 -04:00
Tim Graham 3507d4e773 Fixed #27186 -- Fixed model form default fallback for MultiWidget, FileInput, SplitDateTimeWidget, SelectDateWidget, and SplitArrayWidget.
Thanks Matt Westcott for the review.
2016-09-22 12:20:58 -04:00
Claude Paroz 92323d54fd Fixed #27056 -- Allowed migrating geometry field dimension on PostGIS
Thanks Tim Graham for the review.
2016-09-22 16:40:27 +02:00
Jon Dufresne 2c716c1dc7 Fixed #27256 -- Changed Select widget's selected attribute to use HTML5 boolean syntax. 2016-09-21 15:12:13 -07:00
Mads Jensen 094d630ae8 Fixed #26610 -- Added CITextField to contrib.postgres. 2016-09-21 12:11:37 -04:00
Alasdair Nicol 911d9f4ed1 Fixed #27238 -- Disabled check_pattern_startswith_slash if settings.APPEND_SLASH=False.
Thanks strycore for the report and timgraham for suggesting the
solution.
2016-09-19 21:00:12 -04:00
Kevin Christopher Henry 22e303887b Refs #27083 -- Updated conditional header comparison to match RFC 7232. 2016-09-16 15:45:53 -04:00
Tim Graham 5a51b44936 Fixed #26697 -- Removed contrib.gis.maps. 2016-09-16 15:21:46 -04:00
Gavin Wahl f0f3de3c96 Fixed #23155 -- Added request argument to user_login_failed signal. 2016-09-12 20:30:34 -04:00
Aleksej Manaev 4b9330ccc0 Fixed #25187 -- Made request available in authentication backends. 2016-09-12 20:11:53 -04:00
Claude Paroz d389125606 Fixed #27098 -- Deprecated DatabaseIntrospection.get_indexes
Thanks Akshesh <aksheshdoshi@gmail.com> for help with the PostgreSQL query.
Thanks Tim Graham for the review.
2016-09-12 09:26:33 +02:00
Jon Dufresne 1ec1633cb2 Fixed #26401 -- Added BaseAuthConfig to use auth without migrations. 2016-09-10 16:38:05 -07:00
Alexander Gaevsky 536db42cf0 Fixed #26097 -- Added password_validators_help_text_html to UserCreationForm. 2016-09-10 18:23:18 -04:00
Alexander Gaevsky 2d26b4637f Fixed #27207 -- Replaced <p> tag with <div> in admin help texts. 2016-09-10 16:54:10 -04:00
Kevin Christopher Henry 4ef0e019b7 Fixed #27083 -- Added support for weak ETags. 2016-09-10 08:14:52 -04:00
Rinat Khabibiev ca9c69a968 Fixed #27199 -- Made AdminIntegerFieldWidget use NumberInput. 2016-09-09 09:42:39 -04:00
Jon Dufresne 331ca5391e Fixed #27175 -- Deprecated silencing exceptions from the {% include %} template tag.
Thanks Tim Graham for the review.
2016-09-08 18:24:22 -07:00
Jon Dufresne 66e1ebbffc Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView.
Allows specifying additional hosts to redirect after login and log out.
2016-09-07 19:56:25 -07:00
Jon Dufresne f227b8d15d Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts 2016-09-07 19:56:25 -07:00
Nicola Jordan 978a00e39f Fixed #27143 -- Allowed combining SearchQuery with more than one & or | operators. 2016-09-07 15:26:52 -04:00
Markus Gerards 2b64ff68cc Fixed #27180 -- Fixed a crash in MySQL checks where SELECT @@sql_mode doesn't return a result. 2016-09-07 11:15:41 -04:00
Tim Graham 6a2af01452 Fixed #24865 -- Added remove_stale_contenttypes management command.
Thanks Simon Charette for the review.
2016-09-06 09:48:58 -04:00
Tim Graham 277fe2e8f2 Fixed #25788 -- Enabled the cached template loader if debug is False. 2016-09-03 09:06:33 -04:00
Daniel Hahler b1d6b0a7b1 Fixed #26098 -- Used cdnjs.cloudflare for OpenLayers.js. 2016-09-03 06:52:25 -04:00
Shai Berger c93ac9cf42 Refs #25850, #27142, #27110 -- Documented migration history consistency checks. 2016-09-01 18:49:10 -04:00
Tim Graham de7f9758ac Added stub release notes for 1.10.2. 2016-09-01 16:27:45 -04:00
Tim Graham 894df3e327 Added release date for 1.10.1. 2016-09-01 16:24:46 -04:00
Tim Graham 098c07a032 Fixed #27142, #27110 -- Made makemigrations consistency checks respect database routers.
Partially reverted refs #27054 except for one of the tests as this
solution supersedes that one.

Thanks Shai Berger for the review.
2016-09-01 16:19:29 -04:00
Sergei Maertens 32c02f2a0e Fixed #5908 -- Added {% resetcycle %} template tag.
Thanks to Simon Litchfield for the report, Uninen for the initial
patch, akaihola, jamesp, b.schube, and Florian Appoloner for
subsequent patches, tests, and documentation.
2016-09-01 15:52:21 -04:00
Ed Morley d8ef5b0e65 Fixed #27152 -- Supported comma delimiter in memcached LOCATION string. 2016-08-31 17:23:41 -04:00
Ed Morley 65ec8fa8ca Fixed #20892 -- Allowed configuring memcached client using OPTIONS.
Previously, the MemcachedCache backend ignored `OPTIONS` and
PyLibMCCache used them to set pylibmc behaviors. Both backends now
pass `OPTIONS` as keyword arguments to the client constructors.
2016-08-31 12:50:14 -04:00
Olexander Yermakov b7fb608142 Fixed #27154 -- Allowed comparing CallableBool with bitwise or.
Thanks Tim for the review.
2016-08-31 08:27:37 -04:00
Kevan Swanberg 35504f74a8 Fixed #26685 -- Added dwithin lookup support on SpatiaLite. 2016-08-30 20:45:47 -04:00
Baptiste Mispelon 61b45dff6b Fixed #27126 -- Made {% regroup %} return a namedtuple to ease unpacking. 2016-08-26 16:59:21 -04:00
Chris Jerdonek 42dcceba61 Fixed #26942 -- Added support for subtests during parallel testing. 2016-08-26 14:24:27 -04:00
Mattias Loverot 2315114090 Fixed #27067 -- Deprecated string_concat() in favor of format_lazy(). 2016-08-25 16:12:40 -04:00
Claude Paroz 13c3e5d5a0 Fixed #25995 -- Added an encoder option to JSONField
Thanks Berker Peksag and Tim Graham for the reviews.
2016-08-25 21:42:42 +02:00
Akshesh 989f6108d3 Added class-based indexes to 1.11 release notes. 2016-08-25 09:51:54 -04:00
Tim Graham 4bc6b93994 Fixed #27039 -- Fixed empty data fallback to model field default in model forms. 2016-08-24 17:50:10 -04:00
Berker Peksag 3c18f8a3d2 Fixed #27111 -- Fixed KeyError if USERNAME_FIELD isn't in UserCreationForm.fields. 2016-08-24 13:20:12 -04:00
Simon Charette d5c4ea5246 Fixed #27100 -- Included already applied migration changes in the pre-migrate state.
Refs #24100.

Thanks Tim for the review.
2016-08-24 01:17:48 -04:00
Simon Charette d1757d8df4 Fixed #27044 -- Included already applied migration changes in the post-migrate state when the execution plan is empty.
Refs #24100.

Thanks tkhyn for the report and Tim for the review.
2016-08-24 01:17:18 -04:00
Tim Graham ad25fe7350 Fixed #27089 -- Added database alias to InconsistentMigrationHistory message. 2016-08-23 17:39:58 -04:00
Collin Anderson 384f89f8f8 Fixed #26998 -- Reverted some admin checks from checking field.many_to_many back to isinstance(field, models.ManyToManyField).
This partially reverts 983c158da7
2016-08-23 16:00:12 -04:00
Chris Jerdonek a3db480393 Fixed #27061 -- Added a TEST['TEMPLATE'] setting for PostgreSQL. 2016-08-23 15:08:20 -04:00
Helen Sherwood-Taylor bc1e2d8e8e Fixed #27018 -- Fixed admindocs crash with a view in a class.
Generated correct admindocs URLs on Python 3. URLs generate 404s on
Python 2, as in older versions of Django.
2016-08-20 10:01:57 -04:00
Przemysław Suliga 1f68bb5683 Refs #26902 -- Protected against insecure redirects in set_language(). 2016-08-19 19:16:00 -04:00
Przemysław Suliga 549b90fab3 Refs #26902 -- Protected against insecure redirects in Login/LogoutView. 2016-08-19 19:01:01 -04:00
Tim Graham 1d1e246db6 Removed DateTimeAwareJSONEncoder alias. 2016-08-19 15:00:16 -04:00
Matthew Wilkes 4f138fe5a4 Fixed #22288 -- Fixed F() expressions with the __range lookup. 2016-08-19 13:40:56 -04:00
Tim Graham 518eaf1fa2 Fixed #26807 -- Documented how to replicate SubfieldBase's assignment behavior. 2016-08-18 20:59:40 -04:00
Jon Dufresne f5c6d3c8d9 Fixed #27068 -- Unified form field initial data retrieval. 2016-08-18 17:55:47 -07:00
Ian Foote 39f35d4b9d Fixed #25871 -- Added expressions support to QuerySet.values(). 2016-08-18 16:05:15 -04:00
Loïc Bistuer d4eefc7e2a Fixed #27073 -- Removed duplicated managers in `Model._meta.managers`. 2016-08-19 01:24:45 +07:00
Jim Nicholls 76ab885118 Fixed #27054 -- Fixed makemigrations crash with a read-only database. 2016-08-18 08:27:40 -04:00
Chris Lamb 97513269d7 Refs #26983 -- Added test for isnull lookup to CharField with primary_key=True. 2016-08-17 21:08:15 -04:00
Andreas Pelme e76981b433 Fixed #26840 -- Added test.utils.setup/teardown_databases(). 2016-08-17 13:55:04 -04:00
Tim Graham 7549eb0004 Fixed #27009 -- Made update_session_auth_hash() rotate the session key. 2016-08-15 19:29:12 -04:00
Tim Graham 937d752d3d Fixed #27058 -- Reallowed the {% for %} tag to unpack any iterable.
Thanks Sergei Maertens for the report and patch.
2016-08-15 15:39:22 -04:00
Daniel Wiesmann 89f17e7caf Fixed #27014 -- Fixed annotations with database functions on PostGIS.
Thanks Sean Mc Allister for providing a test.
2016-08-15 14:23:10 -04:00
Tim Graham c6cd9f4ae2 Fixed typo in docs/releases/1.11.txt 2016-08-13 08:33:58 -04:00
Chris Jerdonek 5890b1613c Fixed #27008 -- Added --debug-mode option to DiscoverRunner. 2016-08-12 20:43:17 -04:00
Michael Schwarz 72d541b61c Fixed #27007 -- Handled non-UTF-8 bytes objects for text/* attachments.
The fallback logic which allows non-UTF-8 encoded files to be passed to
attach_file() even when a `text/*` mime type has been specified is
moved to attach(). Both functions now fall back to a content type of
`application/octet-stream`.

A side effect is that a file's content is decoded in memory instead of
opening it in text mode and reading it into a string.

Some mimetype-related logic in _create_attachment() has become
obsolete as the code moved from attach_file() to attach() already
handles this.
2016-08-12 16:35:09 -04:00
Jon Dufresne fab46ce6f5 Fixed #27037 -- Prevented required attribute on ClearableFileInput when initial data exists. 2016-08-12 13:59:01 -04:00
Akshesh f842d1011c Refs #20888 -- Added index order introspection. 2016-08-12 11:51:09 -04:00
Tim Graham 5eab1f6f83 Fixed typo in docs/releases/1.9.txt 2016-08-12 07:29:29 -04:00
Moritz Sichert 08b8c46971 Refs #23960 -- Documented how to restore absolute redirect URLs. 2016-08-11 16:35:59 -04:00
Tim Graham e2dfa81ff7 Refs #18682 -- Edited explanation in stale content type deletion.
Follow up to 8db889eaf7.
2016-08-10 21:19:09 -04:00
Ed Morley 3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Tim Graham 1e32e1cc95 Fixed #26973 -- Fixed views.static.serve() crash with show_indexes enabled. 2016-08-10 11:27:03 -04:00
jordij 0814566bf1 Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset. 2016-08-10 10:23:16 -04:00
Chris Jerdonek a3a5ef4d0e Fixed #27035 -- Eased changing settings.DEBUG for DiscoverRunner. 2016-08-09 13:40:29 -04:00
Claude Paroz ade681b9ad Unified SpatiaLite spelling 2016-08-09 18:46:28 +02:00
Tim Graham 79a9603ba8 Corrected Django 1.8 EOL in 1.11 release notes. 2016-08-09 10:24:35 -04:00
Claude Paroz a6baada7bd Fixed #26940 -- Removed makemessages from no_settings_commands whitelist
As makemessages uses several settings for proper run (FILE_CHARSET,
LOCALE_PATHS, MEDIA_ROOT, and STATIC_ROOT), we should require settings
configuration for this command.
2016-08-08 19:52:57 +02:00
Simon Charette b8e6e1b43b
Fixed #26500 -- Added SKIP LOCKED support to select_for_update().
Thanks Tim for the review.
2016-08-08 12:01:43 -04:00
Chris Jerdonek e7fb724cd2 Fixed #27032 -- Prevented setup_test_environment() from being called twice. 2016-08-08 10:40:29 -04:00
Sjoerd Job Postmus 3246d2b4bb Fixed #27026 -- Fixed state initialization of bulk_create() objects if can_return_ids_from_bulk_insert. 2016-08-06 10:24:57 -04:00
Ben Demboski fc8f097117 Fixed #27027 -- Restored Client.force_login() defaulting to the first auth backend. 2016-08-06 08:41:41 -04:00
Jarek Glowacki d117567c7d Fixed #27004 -- Made migrations consistency check ignore unapplied squashed migrations. 2016-08-05 18:01:55 -04:00
Yoong Kang Lim d30febb4e5 Fixed #26706 -- Made RelatedManager modification methods clear prefetch_related() cache. 2016-08-05 13:32:27 -04:00
Tim Graham 3c20aa49d7 Fixed #26986 -- Documented force_login() delegation to auth backends. 2016-08-05 10:52:30 -04:00
Jon Dufresne 50e299dbfb Fixed #26928 -- Changed forms' checked attribute to HTML5 boolean style. 2016-08-04 19:16:54 -04:00
Chris Jerdonek ebed9ee8d5 Fixed #26981 -- Added DiscoverRunner.get_test_runner_kwargs(). 2016-08-04 14:45:44 -04:00
Claude Paroz 272eccf7ff Fixed #26983 -- Fixed isnull filtering on ForeignKey with to_field
Thanks weidwonder for the report.
2016-08-04 16:05:21 +02:00
Tim Graham 5c63b3e5a7 Fixed #27005 -- Fixed crash if request.META[''CONTENT_LENGTH']=''. 2016-08-03 13:12:40 -04:00
Alex Hill c5ebfda002 Fixed #27001 -- Fixed a query count regression in ModelChoiceField with RadioSelect. 2016-08-03 10:45:55 -04:00
Sergey Yurchenko 4e64e3bb6e Fixed #26997 -- Fixed checks crash with empty Meta.default_permissions. 2016-08-03 09:14:01 -04:00
Tim Graham f4b1f972dc Fixed #26999 -- Documented model_to_dict() ManyToManyField change in 1.10. 2016-08-03 08:49:47 -04:00
Tim Graham ccd5a23fba Fixed #27000 -- Removed BaseCommand.usage() per deprecation timeline (refs #19973). 2016-08-02 18:50:12 -04:00
Tim Graham 54afa960d1 Fixed #26988 -- Improved/clarified User.is_authenticated/anonymous compatibility.
Thanks marktranchant for the report and review.
2016-08-02 11:01:08 -04:00
Tim Graham d95c669c29 Fixed #26991 -- Fixed a crash in MySQL where SQL_AUTO_IS_NULL doesn't return a result. 2016-08-02 10:52:31 -04:00
Tim Graham 9af0a58756 Added stub release notes for 1.10.1. 2016-08-01 14:57:10 -04:00
Tim Graham 95b47c009b Added release dates for 1.10 and 1.9.9 2016-08-01 13:55:08 -04:00
Sergey Fedoseev 9031a4c13b Fixed #26657 -- Made GeomValue omit SRID for MySQL.
This fixes some test failures on MySQL 5.7+.
2016-07-28 16:51:47 -04:00
Andrew Nester 0ba179194b Fixed #26929 -- Deprecated extra_context parameter of contrib.auth.views.logout_then_login(). 2016-07-28 11:57:02 -04:00
Tim Graham ec4a6b33a9 Fixed #26946 -- Clarified instructions for customizing collectstatic's ignore_patterns. 2016-07-25 10:05:40 -04:00
Markus Holtermann e69091b34a Refs #25232 -- Documented AllowAll*Backend in "new features" section of 1.10 release notes. 2016-07-25 09:09:54 -04:00
Jon Dufresne 348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page. 2016-07-24 18:18:57 +02:00
Jon Dufresne b2e54aec58
Added stub release notes for 1.9.9. 2016-07-24 18:18:57 +02:00
Tim Graham bc53af13cb Added CVE-2016-6186 to the security release archive. 2016-07-18 15:19:35 -04:00
Tim Graham 93c538694e Fixed XSS in admin's add/change related popup.
This is a security fix.
2016-07-18 11:17:01 -04:00
Claude Paroz 255fb99284 Fixed #17209 -- Added password reset/change class-based views
Thanks Tim Graham for the review.
2016-07-16 10:36:12 +02:00
Claude Paroz 3e71f6544f Fixed #26897 -- Fixed makemessages crash on Python 2 with non-ASCII file names
Thanks Tim Graham for the review.
2016-07-14 20:37:56 +02:00
Will Hardy 8ef78b8165 Fixed #26656 -- Added duration (timedelta) support to DjangoJSONEncoder. 2016-07-14 13:34:15 -04:00
Priy a7b5dfd170 Fixed #26821 -- Fixed forms.Email/URLField crash on None value. 2016-07-14 12:59:14 -04:00
Tim Graham 944e66cb1d Reverted "Fixed #25388 -- Added an option to allow disabling of migrations during test database creation"
This reverts commit 157d7f1f1d since it
disables migrations all the time, not just during tests.
2016-07-14 09:21:28 -04:00
Jon Dufresne 2e4cfcd2b9 Fixed #26889 -- Fixed missing PostgreSQL index in SchemaEditor.add_field(). 2016-07-13 14:33:54 -07:00
Tim Graham ee2f0f311a Linked "Features removed" release notes to corresponding deprecation notes. 2016-07-11 15:22:32 -04:00
Julien Hartmann f4afb85d7e Fixed #26749 -- Preserved behavior of use_for_related_field during deprecation. 2016-07-11 13:30:44 -04:00
Simon Charette 8a4f017f45 Fixed #26348 -- Added TruncTime and exposed it through the __time lookup.
Thanks Tim for the review.
2016-07-08 12:35:34 -04:00
Simon Charette 082c52dbed Refs #25774, #26348 -- Allowed Trunc functions to operate with time fields.
Thanks Josh for the amazing testing setup and Tim for the review.
2016-07-08 12:35:34 -04:00
Tim Graham 415ae960bb Fixed capitalization of "URL pattern". 2016-07-06 15:31:12 -04:00
Erik Romijn 8db889eaf7 Fixed #18682 -- Expanded explanation in stale content type deletion. (#6869) 2016-07-03 15:55:14 +02:00
Berker Peksag 12b4280444 Fixed #21548 -- Added FileExtensionValidator and validate_image_file_extension. 2016-06-30 09:08:50 -04:00
Berker Peksag 52a991d976 Fixed #24694 -- Added support for context_processors to Jinja2 backend. 2016-06-28 14:30:54 -04:00
Berker Peksag c1b6f554e4 Fixed #15091 -- Allowed passing custom encoder to JSON serializer. 2016-06-28 11:10:07 -04:00
Claude Paroz 9588718cd4 Fixed #5897 -- Added the Content-Length response header in CommonMiddleware
Thanks Tim Graham for the review.
2016-06-27 10:44:57 +02:00
Bang Dao + Tam Huynh 09119dff14 Fixed #26719 -- Normalized email in AbstractUser.clean(). 2016-06-24 10:37:38 -04:00
Claude Paroz 78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views
Thanks Tim Graham for the review.
2016-06-24 10:45:13 +02:00
Tim Graham 81cdcb66bc Fixed #26791 -- Replaced LiveServerTestCase port ranges with binding to port 0. 2016-06-23 12:04:05 -04:00
jasisz b5a1c3a6f5 Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING. 2016-06-22 17:28:49 -04:00
Zbigniew Siciarz 46338296aa Fixed typo in 1.11 release notes. 2016-06-22 12:10:42 -04:00
Tim Graham 91c02ca7ba Fixed a heading typo in docs/releases/1.11.txt 2016-06-22 11:16:18 -04:00
Tim Graham 39805686b3 Refs #21379, #26719 -- Moved username normalization to AbstractBaseUser.
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
2016-06-21 16:19:37 -04:00
Sergey Fedoseev 5ce660cd65 Fixed #25940 -- Added OGRGeometry.from_gml() and GEOSGeometry.from_gml(). 2016-06-21 15:46:27 -04:00
Tim Graham 20d1cb33c2 Fixed #26787 -- Documented deleting and reloading of model instance fields.
Thanks Julien Hartmann for the report.
2016-06-21 14:39:17 -04:00
Tobias McNulty 17e661641d Refs #26666 -- Added ALLOWED_HOSTS validation when running tests.
Also used ALLOWED_HOSTS to check for external hosts in assertRedirects().
2016-06-20 11:07:46 -04:00
Claude Paroz f7a363ee1d Fixed #26753 -- Made GDAL a required dependency for contrib.gis
Thanks Tim Graham for the review.
2016-06-18 10:58:02 +02:00
Jon Dufresne 267dc4addd Fixed #4136 -- Made ModelForm save empty values for nullable CharFields as NULL.
Previously, empty values were saved as strings.
2016-06-13 09:14:36 -04:00
Vytis Banaitis 83120af2c1 Refs #26524 -- Fixed an error in 1.11 release notes. 2016-06-09 20:34:53 -04:00
Berker Peksag ae2a7da86b Fixed #20468 -- Added loaddata --exclude option.
Thanks Alex Morozov for the initial patch.
2016-06-09 10:35:32 -04:00
krishbharadwaj f6681393d3 Fixing #26524 -- Made a foreign key id reference in ModelAdmin.list_display display the id. 2016-06-08 17:20:03 -04:00
Berker Peksag 724dd2043e Fixed #26717 -- Added Serializer.stream_class to customize the stream. 2016-06-08 11:08:18 -04:00
Scott Vitale be729b6120 Fixed #10107 -- Allowed using mark_safe() as a decorator.
Thanks ArcTanSusan for the initial patch.
2016-06-07 12:24:03 -04:00
wim glenn 5ebebd1159 Fixed #26707 -- Added QueryDict.fromkeys() 2016-06-06 08:54:25 -04:00
Tom Christie da22079c21 Linked to upgrade guide from release notes. 2016-06-06 07:28:55 -04:00
Tim Graham 01e567864e Added stub release notes for 1.9.8. 2016-06-04 19:58:14 -04:00
Tim Graham 1f5eb521a0 Added release date for 1.9.7. 2016-06-04 19:24:51 -04:00
Vytis Banaitis 2f9c4e2b6f Fixed #19963 -- Added support for date_hierarchy across relations. 2016-06-04 12:14:02 -04:00
Holly Becker 55fec16aaf Fixed #26628 -- Changed CSRF logger to django.security.csrf. 2016-06-04 10:17:06 -04:00
Anton I. Sipos c3495bb984 Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Tim Graham e2296e7f0a Fixed #26667 -- Fixed a regression in queries on a OneToOneField that has to_field and primary_key=True.
Thanks Simon Charette for review.
2016-06-04 08:04:51 -04:00
mieciu 19ff506878 Fixed #26698 -- Fixed PostgreSQL dbshell crash on an empty database name. 2016-06-03 12:30:21 -04:00
Will Koster 9899347641 Fixed #26638 -- Allowed callable arguments for QuerySet.get_or_create()/update_or_create() defaults. 2016-06-03 10:00:53 -04:00
jrabbit d65e2899b2 Fixes #26700 -- Added how to upgrade to TEMPLATES link in 1.10 release notes. 2016-06-02 20:27:33 -04:00
Brad Melin f6517a5335 Fixed #26672 -- Fixed HStoreField to raise ValidationError instead of crashing on non-dict JSON input. 2016-06-02 16:28:01 -04:00
Rustam Kashapov df8412d2e5 Fixed #26617 -- Added distinct argument to contrib.postgres's StringAgg. 2016-06-02 13:48:35 -04:00
Tim Graham 149ace94df Updated release notes links to prevent warnings with Sphinx 1.4.2. 2016-06-02 11:41:49 -04:00
Tim Graham 3db04d4422 Fixed #26084 -- Documented that deprecation warnings are no longer loud. 2016-06-01 15:17:25 -04:00
Tim Graham bc84278615 Fixed #26675 -- Dropped support for PostgreSQL 9.2/PostGIS 2.0. 2016-06-01 07:45:22 -04:00
Tim Graham 47f22e8286 Fixed #25645 -- Dropped support for SpatiaLite < 4.0. 2016-05-31 11:31:51 -04:00
Ketan Bhatt f31fbbae1a Fixed #26653 -- Made SyndicationFeed.latest_post_date() return time in UTC. 2016-05-30 18:36:15 -04:00
Simon Charette 4f474607de
Fixed #26646 -- Added IOBase methods required by TextIOWrapper to File.
Thanks Tim for the review.
2016-05-27 21:05:58 -04:00
Tim Graham 0e7e47b5d7 Fixed #26652 -- Documented removal of model instance _(default/base)_manager attributes. 2016-05-27 10:36:16 -04:00
Tim Graham 1915a7e5c5 Increased the default PBKDF2 iterations. 2016-05-20 09:19:19 -04:00
Tim Graham 97c3dfe12e Added stub 1.11 release notes. 2016-05-19 22:28:24 -04:00
Tim Graham 0eac5535f7 Removed unused sections in 1.10 release notes. 2016-05-19 11:49:15 -04:00
Shai Berger 5112e65ef2 Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).

While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).

Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
2016-05-19 05:02:19 +03:00
Barthelemy Dagenais a5c8072ab1 Fixed #26627 -- Fixed on_commit callbacks execution order when callbacks make transactions. 2016-05-18 09:09:48 -04:00
Josh Smeaton 2a4af0ea43 Fixed #25774 -- Refactor datetime expressions into public API 2016-05-18 20:14:58 +10:00
Tim Graham ece4d24f8e Refs #26601 -- Deprecated old-style middleware. 2016-05-17 07:22:26 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Tim Graham c999c8d8f6 Updated admin's jQuery to 2.2.3. 2016-05-17 07:20:06 -04:00
Loïc Bistuer ed0ff913c6 Fixed #10506, #13793, #14891, #25201 -- Introduced new APIs to specify models' default and base managers.
This deprecates use_for_related_fields.

Old API:

class CustomManager(models.Model):
    use_for_related_fields = True

class Model(models.Model):
    custom_manager = CustomManager()

New API:

class Model(models.Model):
    custom_manager = CustomManager()

    class Meta:
        base_manager_name = 'custom_manager'

Refs #20932, #25897.

Thanks Carl Meyer for the guidance throughout this work.
Thanks Tim Graham for writing the docs.
2016-05-17 12:07:22 +07:00
Claude Paroz 526575c641 Fixed #21379 -- Created auth-specific username validators
Thanks Tim Graham for the review.
2016-05-16 19:37:57 +02:00
Aron Podrigal 85ef98dc6e Fixed #24305 -- Allowed overriding fields on abstract models.
Fields inherited from abstract base classes may be overridden like
any other Python attribute. Inheriting from multiple models/classes
with the same attribute name will follow the MRO.
2016-05-16 07:32:21 -04:00
Simon Charette f937c9ec97 Fixed #24100 -- Made the migration signals dispatch its plan and apps.
Thanks Markus for your contribution and Tim for your review.
2016-05-15 19:51:15 -04:00
Matthew Somerville 1962a96a30 Fixed #24938 -- Added PostgreSQL trigram support. 2016-05-13 12:38:21 -04:00
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham 2f0e0eee45 Fixed #24046 -- Deprecated the "escape" half of utils.safestring. 2016-05-10 12:46:47 -04:00
Claude Paroz c3e1086949 Stopped truncating AdminEmailHandler message subjects
Refs #26572, #17281. The RFC doesn't limit total length, just the line length
which is already taken care of by Python itself.
Thanks Tim Graham for the review.
2016-05-10 18:17:43 +02:00
Simon Charette 207c5b4acd
Fixed #26603 -- Forced lazy template names to text when computing cache key.
Refs #26536.

Thanks Sylvain Fankhauser for the very detailed report.
2016-05-10 10:03:01 -04:00
Tim Graham f5ff5010cd Fixed #26483 -- Updated docs.python.org links to use Intersphinx. 2016-05-08 18:07:43 -04:00
Vitaly Bogomolov aec4f97555 Fixed #26402 -- Added relative path support in include/extends template tags. 2016-05-07 16:21:57 -04:00
Claude Paroz b26fedacef Fixed #26544 -- Delayed translations of SetPasswordForm help_texts
Thanks Michael Bitzi for the reporti and Tim Graham for the review.
2016-05-07 10:17:49 +02:00
Daniel Wiesmann bbfad84dd9 Fixed #25588 -- Added spatial lookups to RasterField.
Thanks Tim Graham for the review.
2016-05-06 09:17:18 -04:00
Claude Paroz 388bb5bd9a Fixed #22936 -- Obsoleted Field.get_prep_lookup()/get_db_prep_lookup()
Thanks Tim Graham for completing the initial patch.
2016-05-04 20:02:01 +02:00
Dan Stephenson 1206eea11e Fixed #26558 -- Removed need for request context processor on admin login page. 2016-05-04 09:43:24 -04:00
Ville Skyttä 575a9a791e Normalized "an SQL" spelling. 2016-05-03 19:30:48 -04:00
Michal Petrucha 8a47ba679d Refs #16508 -- Made Model.__init__() aware of virtual fields.
It's no longer necessary for GenericForeignKey (and any other virtual fields)
to intercept the field's values using the pre_init signal.
2016-05-03 09:06:26 -04:00
Tim Graham 8a55982e70 Added stub release notes for 1.9.7. 2016-05-02 19:02:21 -04:00
Tim Graham f0b8da7350 Added release date for 1.9.6/1.8.13. 2016-05-02 18:16:36 -04:00
Cristiano 914c72be2a Fixed #26058 -- Delegated os.path bits of FileField's filename generation to the Storage. 2016-04-30 17:22:40 -04:00
Claude Paroz b16b124996 Fixed #26341 -- Fixed makemessages breaking location comments for HTML files
Thanks Sylvain Garancher for the report and Veranika Sabiashchanskaya for the
initial patch.
2016-04-30 12:08:20 +02:00
Anssi Kääriäinen 7f51876f99 Fixed #26207 -- Replaced dynamic classes with non-data descriptors for deferred instance loading. 2016-04-29 13:06:32 -04:00
Tim Graham 9f8941eda4 Refs #26557 -- Added forgotten release notes. 2016-04-29 10:18:49 -04:00
Joshua Phillips 4681d65048 Fixed #26557 -- Converted empty strings to None when saving GenericIPAddressField. 2016-04-29 10:11:49 -04:00
Tim Graham 2f698cd991 Refs #26428 -- Added support for relative path redirects to the test client.
Thanks iktyrrell for the patch.
2016-04-29 09:15:28 -04:00
Tim Graham f945fb24a3 Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 10:09:57 -04:00
Tim Graham bb0b4b705b Fixed #26052 -- Moved conditional_content_removal() processing to the test client. 2016-04-25 07:56:07 -04:00
Simon Charette bd145e7209 Fixed #26536 -- Preserved leading dashes of the cached template loader keys.
Thanks Anders Roos for the report.
2016-04-24 22:15:45 -04:00
Tim Graham 859eeaa0f0 Fixed #26533 -- Renamed Widget._format_value() to format_value(). 2016-04-23 13:15:45 -04:00
Tim Graham 87338198e9 Fixed #26320 -- Deprecated implicit OneToOnField parent_link. 2016-04-22 12:59:41 -04:00
Marc Tamlyn 2d877da855 Refs #3254 -- Added full text search to contrib.postgres.
Adds a reasonably feature complete implementation of full text search
using the built in PostgreSQL engine. It uses public APIs from
Expression and Lookup.

With thanks to Tim Graham, Simon Charettes, Josh Smeaton, Mikey Ariel
and many others for their advice and review. Particular thanks also go
to the supporters of the contrib.postgres kickstarter.
2016-04-22 10:44:37 +01:00
Jon Dufresne ec6121693f Fixed #22383 -- Added support for HTML5 required attribute on required form fields. 2016-04-21 19:16:38 -04:00
Tobias Kroenke b040ac06eb Fixed #26520 -- Fixed a regression where SessionBase.pop() didn't return a KeyError. 2016-04-20 13:06:47 -04:00
Markus Amalthea Magnuson 08cd6a0e56 Fixed #16327 -- Redirected "Save as new" to change view instead of the changelist. 2016-04-20 11:31:44 -04:00
Matthew Schinckel 5402f3ab09 Fixed #26475 -- Added functools.partial() support to migrations autodetector. 2016-04-19 10:17:11 -04:00
Jon Dufresne 500e5a6886 Fixed #26516 -- Added minlength attribute when forms.CharField.min_length is set. 2016-04-19 08:54:27 -04:00
Lukasz Wiecek d3c87a2425 Fixed #26498 -- Fixed TimeField microseconds round-tripping on MySQL and SQLite.
Thanks adamchainz for the report and review.
2016-04-18 09:39:46 -04:00
Claude Paroz 9686c888d6 Fixed #25951 -- Trimmed default representation of GEOSGeometry
Thanks Sergey Fedoseev for the report.
2016-04-17 15:31:12 +02:00
krishbharadwaj e494b9ffb6 Fixed #26509 -- Deprecated the contrib.gis.utils.precision_wkt() function. 2016-04-16 16:47:04 -04:00
Claude Paroz de40cfbe74 Fixed #19567 -- Added JavaScriptCatalog and JSONCatalog class-based views
Thanks Cristiano Coelho and Tim Graham for the reviews.
2016-04-15 17:28:54 +02:00
Tim Graham ad3c72118f Added stub release notes for 1.8.13. 2016-04-13 13:21:20 -04:00
Michal Petrucha c339a5a6f7 Refs #16508 -- Renamed the current "virtual" fields to "private".
The only reason why GenericForeignKey and GenericRelation are stored
separately inside _meta is that they need to be cloned for every model
subclass, but that's not true for any other virtual field. Actually,
it's only true for GenericRelation.
2016-04-13 10:10:53 -04:00
Jeremy Lainé c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Alasdair Nicol c16b9dd8e0 Fixed #26479 -- Added 'is not' operator to the if tag. 2016-04-09 13:01:15 -04:00
Mounir Messelmeni 03e1cc930c Fixed #26145 -- Made debug context processor return queries for all databases. 2016-04-09 11:47:15 -04:00
Daniel Wiesmann c12a00e554 Fixed #26455 -- Allowed filtering and repairing invalid geometries.
Added the IsValid and MakeValid database functions, and the isvalid lookup,
all for PostGIS.

Thanks Tim Graham for the review.
2016-04-09 09:22:30 -04:00
Attila Tovt 02ae5fd31a Fixed #25850 -- Made migrate/makemigrations error on inconsistent history. 2016-04-05 08:52:08 -04:00
David Evans 99bb7fcc18 Fixed #26452 -- Loaded middleware on server start rather than on first request. 2016-04-04 10:12:41 -04:00
Sergey Kolosov 21dd98a386 Fixed #25699 -- Allowed using the test client if 'django.contrib.sessions' isn't in INSTALLED_APPS. 2016-04-04 07:48:48 -04:00
anna b28c60529b Fixed #26101 -- Allowed introspection of base_field.model in RangeField
Used the same test and fix as in #25867.
This required initializing base_field in RangeField.__init__,
not when setting the attribute.
2016-04-03 16:32:30 +02:00
Tim Graham d2569f89f2 Fixed #26428 -- Added support for relative path redirects in assertRedirects().
Thanks Trac alias master for the report and review.
2016-04-02 10:35:33 -04:00
Tim Graham a637ed879d Added stub release notes for 1.9.6. 2016-04-01 14:09:48 -04:00
Tim Graham 93539ba2f4 Added release date for 1.9.5 and 1.8.12. 2016-04-01 13:29:43 -04:00
Claude Paroz db19619545 Fixed #25532 -- Properly redisplayed JSONField form input values
Thanks David Szotten for the report and Tommy Beadle for code inspiration.
Thanks Tim Graham for the review.
2016-04-01 09:04:20 +02:00
Simon Charette 64aba7a8ab Fixed #26438 -- Fixed multiple .objects typos in the docs.
Thanks Pablo Oubiña for the report.
2016-03-31 18:27:47 -04:00
Akshesh 49f95cc0a0 Fixed #11560 -- Allowed proxy model multiple-inheritance from the same concrete base model. 2016-03-30 13:06:27 -04:00
Krzysztof Jurewicz 940b7fd5cb Fixed #21446 -- Allowed not performing redirect in set_language view
Thanks Claude Paroz and Tim Graham for polishing the patch.
2016-03-29 22:15:14 +02:00
Alex Hill 4b2cf1cd27 Fixed #26384 -- Fixed renaming the PK on a model with a self-referential FK on SQLite. 2016-03-29 13:25:09 -04:00
Daniel Wiesmann 870dd1d38b Fixed #26417 -- Allowed setting GDALBand data with partial values. 2016-03-29 11:08:36 -04:00
Claude Paroz 03b6947728 Fixed #24932 -- Added Cast database function.
Thanks Ian Foote for the initial patch.
2016-03-29 08:14:33 -04:00
Kai Feldhoff 5336158990 Fixed #25759 -- Added keyword arguments to customize Expressions' as_sql(). 2016-03-29 08:09:58 -04:00
Simon Charette 67cf5efa31 Fixed #26413 -- Fixed a regression with abstract model inheritance and explicit parent links.
Thanks Trac alias trkjgrdg for the report and Tim for investigation and review.
2016-03-28 21:11:37 -04:00
Tim Graham acfaec3db5 Fixed #26387 -- Restored the functionality of the admin's raw_id_fields in list_editable. 2016-03-25 13:47:42 -04:00
ieatkittens 9390da7fb6 Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently. 2016-03-23 09:23:19 -04:00
Alexander Gaevsky 107165c4b0 Fixed #24987 -- Allowed inactive users to login with the test client. 2016-03-23 09:01:52 -04:00
Alexander Gaevsky e0a3d93730 Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users. 2016-03-23 09:01:48 -04:00
Berker Peksag 157d7f1f1d Fixed #25388 -- Added an option to allow disabling of migrations during test database creation 2016-03-23 08:21:30 +08:00
Jason Parrott 4c1c93032f Fixed #26373 -- Fixed reverse lookup crash with a ForeignKey to_field in a subquery. 2016-03-19 17:54:29 -04:00
José Tomás Tocino 39a16dd2e0 Fixed #25658 -- Allowed inspectdb to inspect a specific set of tables. 2016-03-18 08:41:15 -04:00
Berker Peksag 28bcff82c5 Fixed #26297 -- Fixed `collectstatic --clear` crash if storage doesn't implement path(). 2016-03-17 09:49:57 -04:00
Alex Hill ecb59cc657 Fixed #26306 -- Fixed memory leak in cached template loader. 2016-03-16 12:37:57 -04:00
Collin Anderson 93a135d111 Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers. 2016-03-15 12:24:06 -04:00
Vincenzo Pandolfo d0fe6c9156 Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields. 2016-03-14 20:20:24 -04:00
Jakub Wilk 402da9ab7b Fixed typos in docs. 2016-03-13 19:48:24 +01:00
Tim Graham 4f0cd0fd16 Fixed #26324 -- Fixed DurationField with fractional seconds on SQLite. 2016-03-10 12:18:29 -05:00
Przemysław Suliga 96ec67a7cf Fixed #26332 -- Fixed a race condition in BaseCache.get_or_set(). 2016-03-08 11:44:37 -05:00
Bas Westerbaan b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Saúl Ibarra Corretgé 6c33e73333 Fixed #26289 -- Enabled shell tab completion on systems using libedit. 2016-03-08 08:37:14 -05:00
Krzysztof Urbaniak 839a955d08 Fixed #25933 -- Allowed an unprefixed default language in i18n_patterns(). 2016-03-08 08:14:10 -05:00
John-Mark Bell 4b129ac81f Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string. 2016-03-07 13:19:39 -05:00
Jon Dufresne 1845bc1d10 Refs #26315 -- Cleaned up argparse options in commands.
* Removed type coercion. Options created by argparse are already coerced
  to the correct type.
* Removed fallback default values. Options created by argparse already
  have a default value.
* Used direct indexing. Options created by argparse are always set. This
  eliminates the need to use dict.get().
2016-03-05 13:19:29 -05:00
Jon Dufresne 4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Tim Graham bc0410d98a Fixed typo in docs/releases/1.8.12.txt. 2016-03-05 10:02:29 -05:00
Tim Graham c960af4adb Added stub release notes for 1.9.5/1.8.12. 2016-03-05 10:00:40 -05:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Tim Graham cecbf1bdef Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
Tim Graham 2f0c785a4c Added stub release notes for 1.8.11. 2016-03-04 09:47:43 -05:00
Simon Charette d0451e4cad Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf.
Thanks Tim for the review.
2016-03-03 12:08:49 -05:00
Alasdair Nicol 2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Simon Charette c92123cc1d Fixed #26226 -- Made related managers honor the queryset used for prefetching their results.
Thanks Loïc for the suggested improvements and Tim for the review.
2016-03-02 16:10:18 -05:00
Marc Tamlyn 8ddc79a799 Fixed #26285 -- Deprecated the MySQL-specific __search lookup. 2016-03-02 14:41:56 -05:00
acrefoot 04240b2365 Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects.
PostgreSQL support only.

Thanks Vladislav Manchev and alesasnouski for working on the patch.
2016-03-02 14:29:09 -05:00
Dmitry Dygalo 5155c2b458 Fixed typo in 1.9.3/1.8.10 release date. 2016-03-02 07:08:36 -05:00
Tim Graham 2e895d2870 Added stub release notes for 1.9.4. 2016-03-01 12:39:01 -05:00
Tim Graham 24fc935218 Added CVE-2016-2512/2513 to security release archive. 2016-03-01 12:32:42 -05:00
Florian Apolloner 67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham f43291639b Added stub release notes for security issues. 2016-03-01 11:25:28 -05:00
Simon Charette 0223e213dd Fixed #26186 -- Documented how app relative relationships of abstract models behave.
This partially reverts commit bc7d201bdb.

Thanks Tim for the review.

Refs #25858.
2016-02-29 22:07:05 -05:00
chenesan b84f5ab4ec Fixed #26230 -- Made default_related_name affect related_query_name. 2016-02-27 08:48:32 -05:00
Simon Charette 3938b3ccaa Fixed #26286 -- Prevented content type managers from sharing their cache.
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.

Thanks Tim for the review.

Refs #23822.
2016-02-26 16:18:16 -05:00
Adam Chainz ef33bc2d4d Fixed #25279 -- Made prefetch_related_objects() public. 2016-02-26 14:55:01 -05:00
Simon Charette 766afc22a1 Fixed #24793 -- Unified temporal difference support. 2016-02-26 12:25:12 -05:00
Ivan Tsouvarev 8890c533e0 Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template. 2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus bbe136e1a2 Fixed #26231 -- Used .get_username in admin login template. 2016-02-25 19:29:53 -05:00
Olivier Le Thanh Duong 10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Claude Paroz c5517b9e74 Fixed #26266 -- Output the primary key in the GeoJSON serializer properties
Thanks Tim Graham for the review.
2016-02-24 16:10:46 +01:00
Jon Dufresne b412681359 Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets. 2016-02-24 07:02:51 -05:00
James Aylett 1ff6e37de4 Fixed #23832 -- Added timezone aware Storage API.
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
2016-02-23 18:51:43 -05:00
Andrew Kuchev e81d1c995c Fixed #25670 -- Allowed dictsort to sort a list of lists.
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
Tim Graham cdbd8745f6 Fixed #26263 -- Deprecated Context.has_key() 2016-02-23 08:08:55 -05:00
Claude Paroz b46c0ea6c8 Fixed #26190 -- Returned handle() result from call_command
Thanks Tim Graham for the review.
2016-02-23 09:12:12 +01:00
Tim Graham 47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Tim Graham 33a4040d07 Refs #26253 -- Forwardported release note. 2016-02-22 17:19:08 -05:00
Tim Graham b1afebf882 Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator.
Thanks Shai Berger for the review.
2016-02-18 19:06:49 -05:00
Akshesh d58aaa24e3 Fixed #26107 -- Added option to int_list_validator() to allow negative integers. 2016-02-18 18:58:18 -05:00
Akshesh fdccc02576 Fixed #26219 -- Fixed crash when filtering by Decimal in RawQuery. 2016-02-17 13:56:42 -05:00
Jakub Paczkowski d4dc775620 Fixed #25735 -- Added support for test tags to DiscoverRunner.
Thanks Carl Meyer, Claude Paroz, and Simon Charette for review.
2016-02-17 09:44:18 -05:00
Claude Paroz 928c12eb1a Fixed #26215 -- Fixed RangeField/ArrayField serialization with None values
Also added tests for HStoreField and JSONField.
Thanks Aleksey Bukin for the report and Tim Graham for the initial patch and
the review.
2016-02-16 21:07:05 +01:00
Alexey Kotlyarov b59f963ad2 Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable. 2016-02-15 11:44:29 -05:00
Jon Dufresne fcd08c1757 Fixed #11665 -- Made TestCase check deferrable constraints after each test. 2016-02-13 06:53:39 -05:00
Mounir Messelmeni 50931dfa53 Fixed #25304 -- Allowed management commands to check if migrations are applied. 2016-02-12 13:34:56 -05:00
Anssi Kääriäinen 46ecfb9b3a Fixed #26196 -- Made sure __in lookups use to_field as default.
Thanks Simon Charette for the test.
2016-02-11 11:09:08 -05:00
ZachLiuGIS 04e13c8913 Fixed #26179 -- Removed null assignment check for non-nullable foreign key fields. 2016-02-11 10:07:39 -05:00
Anssi Kääriäinen 353aecbf8c Fixed #26153 -- Reallowed Q-objects in ForeignObject.get_extra_descriptor_filter(). 2016-02-11 08:59:43 -05:00
Curtis Maloney 6f1318734f Fixed #26014 -- Added WSGIRequest content_type and content_params attributes.
Parsed the CONTENT_TYPE header once and recorded it on the request.
2016-02-10 18:19:23 -05:00
Brobin dca8b916ff Fixed #26154 -- Deprecated CommaSeparatedIntegerField 2016-02-10 17:57:43 -05:00
Shai Berger bb51dc902d Refs #26112 -- Fixed aggregate GIS test on Oracle.
Made sure the test doesn't try to aggregate over MultiPolygonField and made
AreaField turn decimals into floats on the way from the DB.

Thanks Daniel Wiesmann, Jani Tiainen, and Tim Graham for review and discussion.
2016-02-09 10:04:54 -05:00
Simon Charette a325fb1f9b Fixed #26162 -- Checked query name clashes of hidden relationships.
Although reverse accessor clashes should be skipped query name can't be hidden.

Thanks to Ian Foote and Tim Graham for the review.
2016-02-08 09:59:27 -05:00
Tim Graham 10a162809f Refs #24007 -- Removed an apps.populate() call in model unpickling that can cause deadlocks. 2016-02-08 08:28:48 -05:00
Tim Graham 97eb3356b2 Fixed #26177 -- Fixed a PostgreSQL crash with TIME_ZONE=None and USE_TZ=False. 2016-02-08 07:21:54 -05:00
Shai Berger 28f60ef3b8 Fixed title formatting in backwards-incompat section of 1.10 release notes 2016-02-06 21:10:36 +02:00
Tim Graham d6337e65ed Added stub release notes for 1.8.10. 2016-02-06 09:24:20 -05:00
Pankrat f91a04621e Fixed #25833 -- Added support for non-atomic migrations.
Added the Migration.atomic attribute which can be set to False
for non-atomic migrations.
2016-02-05 09:09:05 -05:00
Yoong Kang Lim 0edb8a146f Fixed #26144 -- Warned when dumping proxy model without concrete parent. 2016-02-04 19:40:12 -05:00
Simon Charette 6eb3ce11e4 Fixed #26089 -- Removed custom user test models from public API.
Thanks to Tim Graham for the review.
2016-02-04 12:30:34 -05:00
Hugo Osvaldo Barrera dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Carl Meyer a0ce4c09ff Fix typos in 1.8 release notes. 2016-02-03 13:05:35 -07:00
jpic 926e90132d Fixed #25731 -- Removed unused choices kwarg for Select.render() 2016-02-02 18:03:19 -05:00
rynomster 468d8211df Fixed #23971 -- Added "Has date"/"No date" choices for DateFieldListFilter. 2016-02-02 12:04:14 -05:00
Tim Graham 1e9150443e Refs #26089 -- Removed obsolete docs about custom user model testing. 2016-02-02 08:12:08 -05:00
Buddy Lindsey, Jr 731bdfe68a Fixed #26155 -- Skipped URL checks if no ROOTURL_CONF setting. 2016-02-01 13:51:38 -05:00
Tim Graham ecd502cfdb Added CVE-2016-2048 to the security archive. 2016-02-01 12:42:37 -05:00
Tim Graham 59654d5efe Added stub release notes for 1.9.3. 2016-02-01 12:39:18 -05:00
Tim Graham 11fae7c9e4 Added release dates for 1.9.2 and 1.8.9. 2016-02-01 12:02:16 -05:00
Myk Willis 62f3acc70a Fixed incorrect permissions check for admin's "Save as new".
This is a security fix.
2016-02-01 11:57:00 -05:00
Tim Graham 8ce8beb3f2 Unified some doc links to OneToOneField and ManyToManyField. 2016-02-01 11:02:26 -05:00
Hugo Osvaldo Barrera 8bf8d0e0ec Fixed #7923 -- Added links to objects displayed by ModelAdmin.raw_id_fields. 2016-02-01 07:36:10 -05:00
Greg Chapple 8dea9f089d Fixed #26120 -- Made HStoreField cast keys and values to strings.
HStoreField now converts all keys and values to string before they're
saved to the database.
2016-01-29 09:51:23 -05:00
Tim Graham 04564eb74d Fixed #26129 -- Made invalid forms display initial values of disabled fields. 2016-01-28 18:43:48 -05:00
Tim Graham 19d1cb1451 Fixed #20415 -- Ensured srid isn't localized in OpenLayers JavaScript. 2016-01-28 17:46:55 -05:00
James Pulec f05722a08a Fixed #25354 -- Added class/app_label interpolation for related_query_name. 2016-01-28 11:10:47 -05:00
Claude Paroz 54236a2c1c Fixed #26138 -- Ensured geometry_field's geometry is always serialized
Thanks Bernd Schlapsi for the report.
2016-01-28 08:50:38 +01:00
Ben Kraft 13023ba867 Fixed #26122 -- Fixed copying a LazyObject
Shallow copying of `django.utils.functional.LazyObject` or its subclasses has
been broken in a couple of different ways in the past, most recently due to
35355a4.
2016-01-26 06:56:21 -05:00
Preston Timmons cfda1fa3f8 Fixed #25848 -- Set template origin on each node.
Prior to 55f12f8709, the template origin was available on each node via
`self.token.source[0]`. This behavior was removed when debug handling was
simplified, but 3rd-party debugging tools still depend on its presence.
This updates the Parser to set origin on individual nodes. This enables the
source template to be determined even when template extending or including is
used.
2016-01-26 06:23:27 -05:00
Simon Charette 4dcaa5871b Fixed #26135 -- Adjusted the migration questioner's handling of disabled apps.
This was causing an issue when calling the `migrate` command in a test case with
the `available_apps` attribute pointing to an application with migrations
disabled using the `MIGRATION_MODULES` setting.

Thanks to Tim Graham for the review.

Refs #24919
2016-01-25 21:38:36 -05:00
Chris Lamb abc0777b63 Fixed #25968 -- Changed project/app templates to use a "py-tpl" suffix.
Debian packages unconditionally byte-compile .py files on installation and
do not silence errors by design. Therefore, we need a way of shipping these
invalid .py files without a .py extension but ensuring that when we
template them, they end up as .py.

We don't special-case .py files so that the all the TemplateCommand
command-line options (eg. extra_files and extensions) still work entirely
as expected and it may even be useful for other formats too.
2016-01-25 12:39:06 -05:00
Tim Graham 5e8685c1b1 Refs #26034 -- Added another case fixed by this ticket to release notes. 2016-01-25 08:35:58 -05:00
Tim Graham 497b5d6fee Refs #26034 -- Added another case fixed by this ticket to release notes.
Thanks Shai Berger for the report.
2016-01-25 08:33:02 -05:00
Simon Charette 729e0b086d Fixed #24109 -- Allowed RunSQL and RunPython operations to be elided.
Thanks to Markus Holtermann and Tim Graham for their review.
2016-01-23 14:19:03 -05:00
Preston Timmons c00ae7f58c Fixed #26118 -- Added 'is' operator to if template tag. 2016-01-22 15:35:28 -05:00
Elif T. Kus bca9faae95 Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
Alexander Gaevsky 9a33d3d764 Fixed #26060 -- Fixed crash with reverse OneToOneField in ModelAdmin.readonly_fields. 2016-01-21 13:21:28 -05:00
Aymeric Augustin f91b5a7e4b Fixed #26063 -- Crash when passing > 2000 params.
If SQLITE_MAX_VARIABLE_NUMBER (default = 999) is changed at compile time
to be greater than SQLITE_MAX_COLUMN (default = 2000), which Debian does
by setting the former to 250000, Django raised an exception on queries
containing more than 2000 parameters when DEBUG = True.
2016-01-21 10:47:15 +01:00
Anssi Kääriäinen ee596888e1 Fixed #26092 -- Fixed QuerySet.order_by() regression with an M2M through model. 2016-01-20 19:13:05 -05:00
chemary 2d28144c95 Fixed #26094 -- Fixed CSRF behind a proxy (settings.USE_X_FORWARDED_PORT=True). 2016-01-20 18:19:24 -05:00
Tim Graham 073dd4ce79 Refs #26096 -- Forwardported 1.9.2 release note. 2016-01-19 07:35:48 -05:00
Tim Graham e519aab43a Fixed #23868 -- Added support for non-unique django-admin-options in docs.
Also documented missing short command line options to fix #24134. This bumps
the minimum sphinx version required to build the docs to 1.3.4.

Thanks Simon Charette for review.
2016-01-14 18:21:33 -05:00
Simon Charette fd1c5bb041 Fixed a typo in the 1.9.2 release notes. 2016-01-14 17:46:48 -05:00