Cleaned up the release notes index page, and added some stub 1.1.2 and 1.2 release notes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11760 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-23 13:44:24 +00:00 · 2009-11-23 13:44:24 +00:00 · cf169d9e12
parent f5fefcc8c9
commit cf169d9e12
7 changed files with 142 additions and 33 deletions
--- a/docs/index.txt
+++ b/docs/index.txt
@ -201,5 +201,5 @@ The Django open-source project

    * **Django over time:**
      :ref:`API stability <misc-api-stability>` |
-      :ref:`Release notes <releases-index>` |
+      :ref:`Release notes and upgrading instructions <releases-index>` |
      :ref:`Deprecation Timeline <internals-deprecation>`
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@ -46,7 +46,7 @@ To enable CSRF protection for your views, follow these steps:
       ``django.views.decorators.csrf.csrf_protect`` on particular views you
       want to protect (see below).

-    2. In any template that uses a POST form, use the ``csrf_token`` tag inside
+    2. In any template that uses a POST form, use the :ttag:`csrf_token` tag inside
       the ``<form>`` element if the form is for an internal URL, e.g.::

           <form action="" method="POST">{% csrf_token %}
@ -123,14 +123,14 @@ as ``CsrfResponseMiddleware``, and it can be used by following these steps:

       ``CsrfResponseMiddleware`` needs to process the response before things
       like compression or setting ofETags happen to the response, so it must
-       come after ``GZipMiddleware``, ``CommonMiddleware`` and 
+       come after ``GZipMiddleware``, ``CommonMiddleware`` and
       ``ConditionalGetMiddleware`` in the list. It also must come after
       ``CsrfViewMiddleware``.

 Use of the ``CsrfResponseMiddleware`` is not recommended because of the
 performance hit it imposes, and because of a potential security problem (see
 below).  It can be used as an interim measure until applications have been
-updated to use the ``{% csrf_token %}`` tag.  It is deprecated and will be
+updated to use the :ttag:`csrf_token` tag.  It is deprecated and will be
 removed in Django 1.4.

 Django 1.1 and earlier provided a single ``CsrfMiddleware`` class.  This is also
@ -199,7 +199,7 @@ Note that contrib apps, such as the admin, have been updated to use the
 ``CsrfViewMiddleware`` to your settings.  However, if you have supplied
 customised templates to any of the view functions of contrib apps (whether
 explicitly via a keyword argument, or by overriding built-in templates), **you
-MUST update them** to include the ``csrf_token`` template tag as described
+MUST update them** to include the :ttag:`csrf_token` template tag as described
 above, or they will stop working.  (If you cannot update these templates for
 some reason, you will be forced to use ``CsrfResponseMiddleware`` for these
 views to continue working).
@ -364,7 +364,7 @@ exactly that.
 Caching
 =======

-If the ``csrf_token`` template tag is used by a template (or the ``get_token``
+If the :ttag:`csrf_token` template tag is used by a template (or the ``get_token``
 function is called some other way), ``CsrfViewMiddleware`` will add a cookie and
 a ``Vary: Cookie`` header to the response.  Similarly,
 ``CsrfResponseMiddleware`` will send the ``Vary: Cookie`` header if it inserted
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@ -51,7 +51,7 @@ comment

 Ignore everything between ``{% comment %}`` and ``{% endcomment %}``

-.. templatetag:: cycle
+.. templatetag:: csrf_token

 csrf_token
 ~~~~~~~~~~
@ -63,6 +63,8 @@ future compatibility purposes.  In Django 1.2 and later, it is used for CSRF
 protection, as described in the documentation for :ref:`Cross Site Request
 Forgeries <ref-contrib-csrf>`.

+.. templatetag:: cycle
+
 cycle
 ~~~~~

--- a/docs/releases/1.1.2.txt
+++ b/docs/releases/1.1.2.txt
@ -0,0 +1,36 @@
+.. _releases-1.1.2:
+
+==============================================
+Django 1.1.2 release notes — UNDER DEVELOPMENT
+==============================================
+
+This page documents release notes for the as-yet-unreleased Django
+1.1.2. As such it is tentative and subject to change. It provides
+up-to-date information for those who are following the 1.1.X branch.
+
+This is the second "bugfix" release in the Django 1.1 series,
+improving the stability and performance of the Django 1.1 codebase.
+
+Django 1.1.2 maintains backwards compatibility with Django
+1.1.0, but contain a number of fixes and other
+improvements. Django 1.1.2 is a recommended upgrade for any
+development or deployment currently using or targeting Django 1.1.
+
+For full details on the new features, backwards incompatibilities, and
+deprecated features in the 1.1 branch, see the :ref:`releases-1.1`.
+
+One new feature
+---------------
+
+Ordinarily, a point release would not include new features, but in the
+case of Django 1.1.2, we have made an exception to this rule. Django
+1.2 (the next major release of Django) will contain a feature that
+will improve protection against Cross-Site Request Forgery (CSRF)
+attacks. This feature requires the use of a new :ttag:`csrf_token`
+template tag in all forms that Django renders.
+
+To make it easier to support both 1.1.X and 1.2.X versions of Django with
+the same templates, we have decided to introduce the :ttag:`csrf_token` template
+tag to the 1.1.X branch. In the 1.1.X branch, :ttag:`csrf_token` does nothing -
+it has no effect on templates or form processing. However, it means that the
+same template will work with Django 1.2.
--- a/docs/releases/1.2.txt
+++ b/docs/releases/1.2.txt
@ -8,6 +8,11 @@ This page documents release notes for the as-yet-unreleased Django 1.2.  As such
 it is tentative and subject to change.  It provides up-to-date information for
 those who are following trunk.

+Django 1.2 includes a number of nifty `new features`_, lots of bug
+fixes, and an easy upgrade path from Django 1.1.
+
+.. _new features: `What's new in Django 1.2`_
+
 .. _backwards-incompatible-changes-1.2:

 Backwards-incompatible changes in 1.2
@ -68,3 +73,37 @@ Features deprecated in 1.2
 ==========================

 None.
+
+What's new in Django 1.2
+========================
+
+CSRF support
+------------
+
+Django now has much improved protection against :ref:`Cross-Site
+Request Forgery (CSRF) attacks<ref-contrib-csrf>`. This type of attack
+occurs when a malicious Web site contains a link, a form button or
+some javascript that is intended to perform some action on your Web
+site, using the credentials of a logged-in user who visits the
+malicious site in their browser. A related type of attack, 'login
+CSRF', where an attacking site tricks a user's browser into logging
+into a site with someone else's credentials, is also covered.
+
+Email Backends
+--------------
+
+You can now :ref:`configure the way that Django sends email
+<topic-email-backends>`. Instead of using SMTP to send all email, you
+can now choose a configurable email backend to send messages. If your
+hosting provider uses a sandbox or some other non-SMTP technique for
+sending mail, you can now construct an email backend that will allow
+Django's standard :ref:`mail sending methods<topics-email>` to use
+those facilities.
+
+This also makes it easier to debug mail sending - Django ships with
+backend implementations that allow you to send email to a
+:ref:`file<topic-email-file-backend>`, to the
+:ref:`console<topic-email-console-backend>`, or to
+:ref:`memory<topic-email-memory-backend>` - you can even configure all
+email to be :ref:`thrown away<topic-email-console-backend>`.
+
--- a/docs/releases/index.txt
+++ b/docs/releases/index.txt
@ -1,5 +1,6 @@
 .. _releases-index:

+=============
 Release notes
 =============

@ -7,37 +8,60 @@ Release notes for the official Django releases. Each release note will tell you
 what's new in each version, and will also describe any backwards-incompatible
 changes made in that version.

+For those upgrading to a new version of Django, you will need to check
+all the backwards-incompatible changes and deprecated features for
+each 'final' release from the one after your current Django version,
+up to and including the new version.
+
+Final releases
+==============
+
+1.2 release
+-----------
 .. toctree::
   :maxdepth: 1

-   0.95
-   0.96
-   1.0-alpha-1
-   1.0-alpha-2
-   1.0-beta
-   1.0-beta-2
-   1.0
-   1.0.1
-   1.0.2
-   1.1-alpha-1
-   1.1-beta-1
-   1.1-rc-1
+   1.2
+
+1.1 release
+-----------
+.. toctree::
+   :maxdepth: 1
+
+   1.1.2
   1.1

-Upgrading
-=========
+1.0 release
+-----------
+.. toctree::
+   :maxdepth: 1

-For those upgrading to a new version of Django, you will need to check all the
-backwards-incompatible changes and deprecated features for each 'final' release
-from the one after your old version up to and including your new version.  The
-relevant sections of the release notes are linked below below for your
-convenience.
+   1.0.2
+   1.0.1
+   1.0

-For those following trunk, the tentative release notes for the next version to
-be released are also included at the bottom.  This is kept up to date with new
-features and changes that you need to be aware of.
+Pre-1.0 releases
+----------------
+.. toctree::
+   :maxdepth: 1

- * :ref:`backwards-incompatible-changes-1.1`
- * :ref:`deprecated-features-1.1`
- * :ref:`backwards-incompatible-changes-1.2`
- * :ref:`deprecated-features-1.2`
+   0.96
+   0.95
+
+Development releases
+====================
+
+These notes are retained for historical purposes. If you are upgrading
+between formal Django releases, you don't need to worry about these
+notes.
+
+.. toctree::
+   :maxdepth: 1
+
+   1.1-rc-1
+   1.1-beta-1
+   1.1-alpha-1
+   1.0-beta-2
+   1.0-beta
+   1.0-alpha-2
+   1.0-alpha-1
--- a/docs/topics/email.txt
+++ b/docs/topics/email.txt
@ -421,6 +421,8 @@ want to specify it explicitly, put the following in your settings::
    still available in ``django.core.mail`` as an alias for the SMTP backend.
    New code should use :meth:`~django.core.mail.get_connection` instead.

+.. _topic-email-console-backend:
+
 Console backend
 ~~~~~~~~~~~~~~~

@ -436,6 +438,8 @@ To specify this backend, put the following in your settings::
 This backend is not intended for use in production -- it is provided as a
 convenience that can be used during development.

+.. _topic-email-file-backend:
+
 File backend
 ~~~~~~~~~~~~

@ -453,6 +457,8 @@ To specify this backend, put the following in your settings::
 This backend is not intended for use in production -- it is provided as a
 convenience that can be used during development.

+.. _topic-email-memory-backend:
+
 In-memory backend
 ~~~~~~~~~~~~~~~~~

@ -469,6 +475,8 @@ To specify this backend, put the following in your settings::
 This backend is not intended for use in production -- it is provided as a
 convenience that can be used during development and testing.

+.. _topic-email-dummy-backend:
+
 Dummy backend
 ~~~~~~~~~~~~~