Anton Strogonoff
20787b5c29
Used consistent capitalization and hyphenation of "class-based views" in docs.
2015-08-18 19:07:10 -04:00
Tim Graham
068a80d717
Added today's issue to the security archive.
2015-08-18 13:46:47 -04:00
Tim Graham
8cc41ce7a7
Fixed DoS possiblity in contrib.auth.views.logout()
...
Thanks Florian Apolloner and Carl Meyer for review.
This is a security fix.
2015-08-18 08:03:43 -04:00
Tim Graham
b0ab74dfca
Added stub release notes for security releases.
2015-08-18 08:03:39 -04:00
Caio Ariede
dad8434d6f
Fixed #25180 -- Prevented varchar_patterns_ops and text_patterns_ops indexes for ArrayField.
2015-08-15 10:02:08 -04:00
Valentina Mukhamedzhanova
1f7b25c1a7
Fixed #24986 -- Added support for annotations in DISTINCT queries.
2015-08-15 08:23:32 -04:00
Sambhav Satija
d0bd533043
Fixed #25254 -- Added JsonResponse json_dumps_params parameter.
2015-08-12 10:39:07 -04:00
Doug Beck
b7508896fb
Fixed #24257 -- Corrected i18n handling of percent signs.
...
Refactored tests to use a sample project.
Updated extraction:
* Removed special handling of single percent signs.
* When extracting messages from template text, doubled all percent signs
so they are not interpreted by gettext as string format flags. All
strings extracted by gettext, if containing a percent sign, will now
be labeled "#, python-format".
Updated translation:
* Used "%%" for "%" in template text before calling gettext.
* Updated {% trans %} rendering to restore "%" from "%%".
2015-08-12 10:23:34 -04:00
Tim Graham
5980b05c1f
Fixed #25160 -- Moved unsaved model instance data loss check to Model.save()
...
This mostly reverts 5643a3b51b
and
81e1a35c36
.
Thanks Carl Meyer for review.
2015-08-10 08:51:32 -04:00
Claude Paroz
e9c5c39631
Updated various links in docs
2015-08-08 13:57:15 +02:00
Claude Paroz
64982cc2fb
Updated Wikipedia links to use https
2015-08-08 12:02:32 +02:00
mlavin
69db1c7455
Fixed #25231 -- Added recording of squashed migrations in the migrate command.
...
Ensured squashed migrations are recorded as applied when the
migrate command is run and all of the original migrations
have been previously applied.
2015-08-07 17:59:18 -04:00
Tim Graham
a7b7f27c05
Fixed #25233 -- Fixed HStoreField.has_changed() handling of initial values.
...
Thanks Simon Charette for review.
2015-08-07 13:26:17 -04:00
Caio Ariede
ec9004728e
Fixed #25175 -- Renamed the postgresql_psycopg2 database backend to postgresql.
2015-08-07 09:33:17 -04:00
Sergey Kolosov
244404227e
Fixed #22404 -- Added a view that exposes i18n catalog as a JSON
...
Added django.views.i18n.json_catalog() view, which returns a JSON
response containing translations, formats, and a plural expression
for the specified language.
2015-08-05 09:05:21 -04:00
Matt Robenolt
4dcfbd7923
Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting.
2015-08-04 09:50:57 -04:00
Curtis Maloney
9f73009e98
Fixed #25215 -- Solved reference to forms.HStoreField in declaration of HStoreField
...
Correct test which was using the model field in a test form.
2015-08-04 19:15:22 +10:00
Rigel Di Scala
3bdaaf6777
Fixed #25146 -- Allowed method_decorator() to decorate classes.
2015-08-01 08:38:03 -04:00
Adam Chainz
0abb06930f
Fixed #25176 -- Prevented TestCase.setUpTestData() exception from leaking transaction.
2015-08-01 07:33:22 -04:00
Flavio Curella
1e2362ca0f
Refs #25184 -- Started deprecation for contrib.gis.geoip.
2015-07-31 10:09:06 -04:00
Flavio Curella
7f0953ce1f
Fixed #25184 -- Added support for MaxMind GeoLite2 database format
2015-07-31 09:45:03 -04:00
Tim Graham
70912e137d
Fixed #25168 -- Documented how to avoid foreign key constraint error after upgrading to 1.8.
2015-07-31 08:19:39 -04:00
elky
35901e64b0
Fixed #24444 -- Updated contrib.admin to use django-flat-theme
2015-07-30 15:18:22 -04:00
Tim Graham
d27e0f04a6
Fixed #25190 -- Deprecated callable_obj parameter to assertRaisesMessage().
...
Thanks Aymeric Augustin for review.
2015-07-30 10:12:41 -04:00
Piper Merriam
537818af87
Fixed #25185 -- Added support for functools.partial serialization in migrations
2015-07-29 10:15:50 -04:00
Tim Graham
adc0c4fbac
Fixed #18556 -- Allowed RelatedManager.add() to execute 1 query where possible.
...
Thanks Loic Bistuer for review.
2015-07-28 09:28:25 +07:00
Flavio Curella
c2e70f0265
Fixed #21127 -- Started deprecation toward requiring on_delete for ForeignKey/OneToOneField
2015-07-27 18:28:13 -04:00
Marten Kenbeek
bc7923beff
Fixed #24127 -- Changed the default current_app to the current namespace.
...
Changed the url template tag to use request.resolver_match.namespace as a
default for the current_app argument if request.current_app is not set.
2015-07-27 09:14:48 -04:00
Claude Paroz
c296e55dc6
Fixed #22258 -- Added progress status for dumpdata when outputting to file
...
Thanks Gwildor Sok for the report and Tim Graham for the review.
2015-07-24 18:37:55 +02:00
Matt Johnson
e063ac2fae
Fixed #12768 -- Fixed QuerySet.raw() regression on FK with custom db_column.
2015-07-23 18:07:38 -04:00
Tim Graham
8eeb566aca
Fixed #25149 -- Replaced window.__admin_utc_offset__ with a data attribute.
2015-07-22 17:09:52 -04:00
lukasz.wojcik
927b30a6ab
Fixed #24126 -- Deprecated current_app parameter to auth views.
2015-07-21 08:26:41 -04:00
Edward Henderson
f8cc464452
Fixed #16501 -- Added an allow_unicode parameter to SlugField.
...
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Claude Paroz
1ef4aeab40
Fixed #25078 -- Added support for disabled form fields
...
Thanks Keryn Knight and Tim Graham for the reviews.
2015-07-16 19:36:56 +02:00
Tim Graham
1fed8dd715
Fixed #25120 -- Deprecated egg template loader.
2015-07-16 09:32:42 -04:00
Thomas Stephenson
035b0fa60d
Fixed #24716 -- Deprecated Field._get_val_from_obj()
...
The method duplicates the functionality of Field.value_from_object()
and has the additional downside of being a privately named public
API method.
2015-07-14 09:13:22 -04:00
Tim Graham
64f731e77d
Added 1.4.22 release notes.
2015-07-14 07:28:55 -04:00
Vlastimil Zíma
8f8c54f70b
Fixed #25099 -- Cleaned up HttpRequest representations in error reporting.
2015-07-13 19:22:39 -04:00
Daniel Roseman
24620d71f2
Fixed #25079 -- Added warning if both TEMPLATES and TEMPLATE_* settings are defined.
...
Django ignores the value of the TEMPLATE_* settings if TEMPLATES is also
set, which is confusing for users following older tutorials. This change
adds a system check that warns if any of the TEMPLATE_* settings have
changed from their defaults but the TEMPLATES dict is also non-empty.
Removed the TEMPLATE_DIRS from the test settings file; this was marked
for removal in 1.10 but no tests fail if it is removed now.
2015-07-13 17:50:22 -04:00
Andrei Kulakov
db97a88495
Fixed #24375 -- Added Migration.initial attribute
...
The new attribute is checked when the `migrate --fake-initial` option
is used. initial will be set to True for all initial migrations (this
is particularly useful when initial migrations are split) as well as
for squashed migrations.
2015-07-13 15:57:40 -04:00
Razvan Andrei Ionescu
97bc875234
Fixed #25117 -- Added Romanian char map for Javascript slug generation
2015-07-13 13:31:12 -04:00
Claude Paroz
2e05ef4e18
Added release note for the UUID serialization backport
...
Refs #25019 .
2015-07-10 09:00:19 +02:00
Claude Paroz
846cb6fef7
Added stub release notes for 1.8.4
2015-07-10 08:51:16 +02:00
Tim Graham
3d650e80ad
Added today's security issues to the archive.
2015-07-08 17:41:48 -04:00
Shai Berger
17d3a6d804
Fixed catastrophic backtracking in URLValidator.
...
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.
This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham
014247ad19
Prevented newlines from being accepted in some validators.
...
This is a security fix; disclosure to follow shortly.
Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Carl Meyer
df049ed77a
Fixed #19324 -- Avoided creating a session record when loading the session.
...
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.
This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham
125eaa19b2
Added security release note stubs.
2015-07-08 15:23:03 -04:00
Luke Plant
f87e552d98
Corrected example code for get_query_set upgrade in 1.6 release notes
...
The conditional setting of `get_query_set` is required for correct behaviour
if running Django 1.8. The full gory details are here:
http://lukeplant.me.uk/blog/posts/handling-django%27s-get_query_set-rename-is-hard/
2015-07-08 10:58:07 +01:00
Chris Bainbridge
e5cfa394d7
Refs #23882 -- Added detection for moved files when using inotify polling
...
Commit 15f82c7
("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
2015-07-07 12:23:04 -04:00