Commit Graph

8261 Commits

Author SHA1 Message Date
rroskam ed514caed2 Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. 2015-07-15 09:18:58 -04:00
Thomas Stephenson 035b0fa60d Fixed #24716 -- Deprecated Field._get_val_from_obj()
The method duplicates the functionality of Field.value_from_object()
and has the additional downside of being a privately named public
API method.
2015-07-14 09:13:22 -04:00
Tim Graham 64f731e77d Added 1.4.22 release notes. 2015-07-14 07:28:55 -04:00
Tim Graham 84bc4f6cdd Fixed #25121 -- Added a warning that filtering sensitive information from error reporting isn't bulletproof 2015-07-14 07:12:21 -04:00
Vlastimil Zíma 8f8c54f70b Fixed #25099 -- Cleaned up HttpRequest representations in error reporting. 2015-07-13 19:22:39 -04:00
Daniel Roseman 24620d71f2 Fixed #25079 -- Added warning if both TEMPLATES and TEMPLATE_* settings are defined.
Django ignores the value of the TEMPLATE_* settings if TEMPLATES is also
set, which is confusing for users following older tutorials. This change
adds a system check that warns if any of the TEMPLATE_* settings have
changed from their defaults but the TEMPLATES dict is also non-empty.

Removed the TEMPLATE_DIRS from the test settings file; this was marked
for removal in 1.10 but no tests fail if it is removed now.
2015-07-13 17:50:22 -04:00
Tim Graham b49e3ab92c Documented templates system check type. 2015-07-13 17:29:08 -04:00
Andrei Kulakov db97a88495 Fixed #24375 -- Added Migration.initial attribute
The new attribute is checked when the `migrate --fake-initial` option
is used. initial will be set to True for all initial migrations (this
is particularly useful when initial migrations are split) as well as
for squashed migrations.
2015-07-13 15:57:40 -04:00
Razvan Andrei Ionescu 97bc875234 Fixed #25117 -- Added Romanian char map for Javascript slug generation 2015-07-13 13:31:12 -04:00
Tim Graham 276356b36d Added 'bookmarklet' to spelling word list. 2015-07-13 08:48:56 -04:00
Ben Spaulding 83f6373030 Fixed #25116 -- Removed long-broken admindocs bookmarklets
These were broken back in commit 64e11a6.
2015-07-13 08:18:58 -04:00
Chris McCollister d62194a260 Fixed #24984 -- Added link to Jinja2 static tag instructions in staticfiles docs. 2015-07-13 07:38:18 -04:00
Alex Gaynor 4e9d5ba4b6 Updated where I live. 2015-07-12 09:33:20 -05:00
Matthew Madurski 0b02ce54cf Fixed #25103 -- Corrected versionadded for FileResponse 2015-07-10 13:47:58 -04:00
Tim Graham 074706c64d Added a link to running the unit tests to new contributors page. 2015-07-10 11:02:25 -04:00
Tim Graham 074a82f49b Fixed #25082 -- Documented where to register system checks. 2015-07-10 10:37:25 -04:00
Nick Sweeting f0857c09fb Fixed #25083 -- Added SessionAuthenticationMiddleware to auth installation docs 2015-07-10 08:40:57 -04:00
Claude Paroz 2e05ef4e18 Added release note for the UUID serialization backport
Refs #25019.
2015-07-10 09:00:19 +02:00
Claude Paroz 846cb6fef7 Added stub release notes for 1.8.4 2015-07-10 08:51:16 +02:00
Tim Graham 7b6d3104f2 Fixed #25048 -- Documented that runservers strips headers with underscores.
refs 316b8d4974
2015-07-09 09:10:27 -04:00
Tim Graham 3d650e80ad Added today's security issues to the archive. 2015-07-08 17:41:48 -04:00
Shai Berger 17d3a6d804 Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham 014247ad19 Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham 125eaa19b2 Added security release note stubs. 2015-07-08 15:23:03 -04:00
Tim Graham bdfce4db21 Removed a confusing sentence in tutorial 5. 2015-07-08 15:11:40 -04:00
Luke Plant f87e552d98 Corrected example code for get_query_set upgrade in 1.6 release notes
The conditional setting of `get_query_set` is required for correct behaviour
if running Django 1.8. The full gory details are here:

http://lukeplant.me.uk/blog/posts/handling-django%27s-get_query_set-rename-is-hard/
2015-07-08 10:58:07 +01:00
Chris Bainbridge e5cfa394d7 Refs #23882 -- Added detection for moved files when using inotify polling
Commit 15f82c7 ("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
2015-07-07 12:23:04 -04:00
David Wolever 0d71349773 Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer
Thanks Jaap Roes for completing the patch.
2015-07-07 11:44:37 -04:00
Alexey Sveshnikov bc98bc56a5 Fixed #25059 -- Allowed Punycode TLDs in URLValidator 2015-07-06 15:08:43 -04:00
Tim Graham a871cf422d Fixed #25051 -- Clarified return type of {% now %} tag. 2015-07-04 08:46:49 -04:00
Sylvain Fankhauser f5d5867a4a Fixed #24877 -- Added middleware handling of response.render() errors. 2015-07-03 12:06:40 -04:00
Rigel Di Scala b91a2a499f Fixed #23190 -- Made Paginator.page_range an iterator 2015-07-03 11:34:34 -04:00
Luke fd869cceac Fixed mistake in Model.from_db() example. 2015-07-03 09:08:22 -04:00
Tim Graham 0e3193a386 Updated mock note since Django no longer works with Python 3.2. 2015-07-03 08:24:58 -04:00
Tim Graham ca58181bac Fixed #25056 -- Documented minimum version of jinja2 for testing. 2015-07-03 08:20:53 -04:00
Jan Pazdziora a570701e02 Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication. 2015-07-02 17:38:10 -04:00
William Schwartz 9a5cfa05a0 Fixed #24997 -- Enabled bulk_create() on proxy models 2015-07-02 13:53:51 -04:00
Curtis 11cac1bd8e Fixed #4960 -- Added "strip" option to CharField 2015-07-01 17:47:05 -04:00
Jon Dufresne b44dee16e6 Fixed #20916 -- Added Client.force_login() to bypass authentication. 2015-07-01 13:01:08 -04:00
Matthew Somerville 839edcebb3 Fixed #21695 -- Added asvar option to blocktrans.
Thanks Bojan Mihelac for the initial patch.
2015-07-01 10:03:00 -04:00
Claude Paroz 3d7a713156 Fixed typo in writing migrations docs 2015-07-01 09:16:17 +02:00
Trey Hunner 2d0dead224 DEP 0003 -- Added JavaScript unit tests.
Setup QUnit, added tests, and measured test coverage.

Thanks to Nick Sanford for the initial tests.
2015-06-30 21:04:16 -04:00
Jean-Michel Vourgère b64c0d4d61 Fixed #23658 -- Provided the password to PostgreSQL dbshell command
The password from settings.py is written in a temporary .pgpass file
file whose name is given to psql using the PGPASSFILE environment
variable.
2015-06-30 18:21:51 -04:00
Shai Berger eecd42ea7d Removed datetime_cast_sql, which is never overridden or used anywhere in Django.
Thanks Tim Graham for review.
2015-07-01 00:43:45 +03:00
Andreas Pelme 00a1d4d042 Fixed #21803 -- Added support for post-commit callbacks
Made it possible to register and run callbacks after a database
transaction is committed with the `transaction.on_commit()` function.

This patch is heavily based on Carl Meyers django-transaction-hooks
<https://django-transaction-hooks.readthedocs.org/>. Thanks to
Aymeric Augustin, Carl Meyer, and Tim Graham for review and feedback.
2015-06-30 14:51:00 -04:00
Tim Graham 9f0d67137c Fixed #25038 -- Reverted incorrect documentation about inspectdb introspecting views.
This reverts commit bd691f4586 (refs #24177).
2015-06-30 14:23:29 -04:00
Luke Plant aef2a0ec59 Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output.
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.

Thanks to Tim Graham for the review.
2015-06-29 08:16:19 -04:00
Trey Hunner ec4f219ecb Fixed #22463 -- Added code style guide and JavaScript linting (EditorConfig and ESLint) 2015-06-27 16:36:26 -04:00
Tim Graham f59667c121 Fixed #25033 -- Added context_processors.auth to documented admin dependencies. 2015-06-27 14:27:03 -04:00
Noam e291fc4757 Fixed #25031 -- Fixed a regression in the unordered_list template filter. 2015-06-27 09:37:41 -04:00
sujayskumar 2e70bf3785 Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response 2015-06-27 08:46:23 -04:00
Jason Hoos a50b66da30 Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children. 2015-06-26 09:09:09 -04:00
薛丞宏 d3e12c9017 Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3. 2015-06-26 08:30:05 -04:00
Marten Kenbeek 6364df6887 Refs #24127 -- Added documentation for HttpRequest.current_app. 2015-06-25 19:54:50 +02:00
Tim Graham aed437d567 Updated release process for new release schedule. 2015-06-25 11:36:17 -04:00
Tim Graham aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap.
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Daniel Wiesmann c078021555 Refs #24840 -- Added GDALRaster Warp and transform methods
Thanks to Tim Graham for the review.
2015-06-24 18:31:22 +02:00
Tim Graham c45fbd060a Added white-space: pre-wrap; to docs code blocks to match docs.dp.com. 2015-06-22 15:56:06 -04:00
Wim Feijen 514b69cb9e Updated indentation of example template in docs/topics/i18n/translation.txt. 2015-06-22 15:42:09 -04:00
Ola Sitarska f1635ba433 Added Ola Sitarska to the team page. 2015-06-22 15:30:20 -04:00
Tim Graham 5ae0dd6abf Fixed #25001 -- Doc'd caveat about collectstatic and removing INSTALLED_APPS.
Thanks aRkadeFR for the initial patch.
2015-06-22 12:36:38 -04:00
Tim Graham 256aebbdaa Simplified wording of Python support policy. 2015-06-22 12:07:53 -04:00
Bipin Suresh 34047b23e2 Fixed #24983 -- Clarified contrib.sites Site.domain is fully qualified. 2015-06-22 09:39:54 -04:00
Tim Graham 7f155a0703 Refs #25006 -- Added a '6 p.m.' option to the admin's time picker. 2015-06-22 07:24:57 -04:00
Rolo e7b4bd48c7 Fixed #24970 -- Added --managers and --admins options to the sendtestemail management command. 2015-06-22 07:21:26 -04:00
Claude Paroz 1c90a3dcca Fixed #24985 -- Added note about possible invalid feed content
Thanks Michael Wood for the report and Tim Graham for the review.
2015-06-21 20:53:01 +02:00
Tim Graham 4a66564888 Fixed #25010 -- Documented APP_DIRS default in startproject's settings.py 2015-06-20 19:28:17 -04:00
Marten Kenbeek 738c0de300 Fixed #14200 -- Added a fallback if HttpRequest.urlconf is None.
Made BaseHandler fall back to settings.ROOT_URLCONF if
HttpRequest.urlconf is set to None, rather than raising
ImproperlyConfigured.
2015-06-20 18:52:33 -04:00
Claude Paroz ffdf507ec0 Added GDAL 2.0 support 2015-06-20 14:40:50 +02:00
Claude Paroz 9368f51e12 Fixed #20197 -- Made XML serializer fail loudly when outputting unserializable chars
Thanks Tim Graham for the review.
2015-06-19 20:54:46 +02:00
Daniel Wiesmann b769bbd4f6 Fixed #23804 -- Added RasterField for PostGIS.
Thanks to Tim Graham and Claude Paroz for the reviews and patches.
2015-06-19 14:36:43 -04:00
Markus Holtermann d3d66d4722 Fixed #24940 -- Made model managers hashable
Thanks Federico Jaramillo Martínez for the report and Tim Graham for the
test and review.
2015-06-19 19:02:01 +02:00
Carl Meyer 200e06a5ee Merge pull request #4890 from oinopion/add-tomek-to-team
Added Tomek Paczkowski bio to the team page
2015-06-19 11:01:31 -06:00
Tomek Paczkowski e64ed92b44 Added Tomek Paczkowski bio to the team page 2015-06-19 17:20:54 +01:00
johannes.linke 27c839e0fc Fixed #24881 -- Clarified Meta.order_with_respect_to documentation 2015-06-19 07:01:54 -04:00
Carl Meyer 06747ee790 Tweak my bio. 2015-06-18 10:30:25 -06:00
Nick Pope b3d5dc6932 Fixed #24834 -- Fixed get_current_site() when Host header contains port.
When the Host header contains a port, looking up the Site record fails
as the host will never match the domain.
2015-06-18 10:18:12 -04:00
Tim Graham 7f1168e387 Removed support for Python 3.3. 2015-06-18 08:36:50 -04:00
Markus Holtermann e5cb4e1411 Fixed #24914 -- Added authentication mixins for CBVs
Added the mixins LoginRequiredMixin, PermissionRequiredMixin and
UserPassesTestMixin to contrib.auth as counterparts to the respective
view decorators.

The authentication mixins UserPassesTestMixin, LoginRequiredMixin and
PermissionRequiredMixin have been inspired by django-braces
<https://github.com/brack3t/django-braces/>

Thanks Raphael Michel for the initial patch, tests and docs on the PR
and Ana Balica, Kenneth Love, Marc Tamlyn, and Tim Graham for the
review.
2015-06-17 23:19:10 +02:00
ana-balica 2f615b10e6 Fixed #24829 -- Allowed use of TemplateResponse in view error handlers. 2015-06-17 17:11:50 -04:00
Tim Graham ebd183a18c Fixed outdated Python version support info in docs/topics/install.txt 2015-06-17 11:27:25 -04:00
Tim Graham 58665dded0 Removed usage of string-based url() in auth docs. 2015-06-17 09:45:03 -04:00
Andriy Sokolovskiy cf6ce279c7 Fixed #24948 -- Fixed crash when uploading bitmap images in forms.ImageField 2015-06-16 14:37:58 -04:00
Tim Graham fbc618c13c Refs #24987 -- Documented that Client.login() rejects inactive users. 2015-06-16 12:46:23 -04:00
Mounir Messelmeni e6dd7f995a Fixed #24971 -- Made startapp generate an apps.py 2015-06-16 07:08:04 -04:00
Markus Amalthea Magnuson fb1ba4d63e Fixed #24943 -- Updated contributing tutorial to use virtualenv 2015-06-15 18:38:16 -04:00
Adam Brenecki 65296b3be3 Fixed #24972 -- Fixed removing unique_together indexes on MySQL. 2015-06-15 17:28:13 -04:00
Adam Chainz d34d39ade7 Fixed #24894 -- Added contrib.postgres.functions.TransactionNow 2015-06-15 14:03:17 -04:00
Tim Graham 4b600ed244 Removed django.utils.functional.total_ordering() 2015-06-15 13:15:24 -04:00
Tim Graham ccfb5c7408 Removed obsolete literals_to_xrefs.py script. 2015-06-15 10:22:18 -04:00
Brian King bfb5b7150f Fixed #24912 -- Fixed prefetch_related failure for UUIDField primary keys
This resolves a problem on databases besides PostgreSQL when using
prefetch_related with a source model that uses a UUID primary key.
2015-06-15 09:37:38 -04:00
Moritz Sichert 296919e7a5 Fixed #24965 -- Made LiveServerTestCase.live_server_url accessible from class 2015-06-12 17:44:54 -04:00
Carson Gee e93e0c03b2 Fixed #24963 -- Added File.seekable() on Python 3. 2015-06-12 10:17:21 -04:00
Tim Graham b34d16b78d Added ALLOWED_HOSTS and SERVER_EMAIL details to deployment checklist. 2015-06-11 13:41:24 -04:00
Nick Smith b9bf61ce61 Used PEP 8 style indentation in forms docs. 2015-06-11 12:21:53 -04:00
Tim Graham 55b3bd8468 Refs #16860 -- Minor edits and fixes to password validation. 2015-06-10 07:41:01 -04:00
Rivo Laks a0047c6242 Fixed #24769 -- Cast optparse verbosity argument to an integer for better backwards compatibility.
Using `BaseCommand.options_list` makes Django use the legacy optparse
parser, which does not set the verbosity attribute correctly. Now the
verbosity argument is always cast to int. Regression in 8568638 (#19973).

Initial report and patch from blueyed.
2015-06-09 19:03:23 -04:00
Tim Graham 90c59db7a3 Forwardported release notes for refs #24903. 2015-06-09 17:57:21 -04:00
Daniel Roseman fd0949181f Fixed #24961 -- Added links to all auth docs pages from index. 2015-06-09 12:41:39 -04:00