d5b526bf78
Added CVE-2020-24583 & CVE-2020-24584 to security archive.
2020-09-01 11:32:57 +02:00
7a60670b78
Added stub release notes for 3.1.2.
2020-09-01 10:45:12 +02:00
976e2b7420
Added release date for 3.1.1, 3.0.10, and 2.2.16.
2020-09-01 09:56:42 +02:00
1853724aca
Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+.
2020-09-01 09:17:23 +02:00
8d7271578d
Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
...
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
2bc38bc7ca
Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar.
2020-09-01 07:51:22 +02:00
179d9dc0c2
Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
...
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
f6405c0b8e
Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
...
The optimization introduced in 7acef095d75b83bae031#23576 .
2020-08-31 08:11:28 +02:00
0be51d2226
Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
...
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
825ce75fae
Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
...
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.
This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.
Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator.
...
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.
Thanks tytusd and leonyxz for reports.
Regression in edeec1247e26554cf5d1
2020-08-28 05:57:36 +02:00
1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
...
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.
Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
b9be11d442
Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field.
2020-08-26 09:43:39 +02:00
547a07fa7e
Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
0b0658111c
Removed trailing whitespace in 3.2 release notes.
2020-08-25 10:02:56 +02:00
9f8c7d2b4b
Moved CreateExtension release notes into django.contrib.postgres section.
2020-08-25 06:13:19 +02:00
bb8f66934d
Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context."
...
This reverts commit 4ed534758c
2020-08-24 11:37:59 +02:00
04e87e79a0
Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning."
...
This reverts commit 20799cc0a6
2020-08-24 11:37:59 +02:00
3e753d3de3
Fixed #31925 -- Fixed typo in docs/releases/3.0.txt.
2020-08-21 09:47:37 +02:00
4376c2c7f8
Fixed #31895 -- Fixed crash when decoding invalid session data.
...
Thanks Matt Hegarty for the report.
Regression in d4fff711d4
2020-08-19 12:06:00 +02:00
35b03788b0
Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms.
...
Follow up to 162765d6c3
2020-08-18 09:37:15 +02:00
3254991762
Refs #20347 -- Allowed customizing the maximum number of instantiated forms in generic_inlineformset_factory().
...
Follow up to 433dd737f9
2020-08-18 09:37:15 +02:00
dd5173ca1b
Fixed #31892 -- Added backward incompatibility note about Media <script> tags changes.
...
Refs 31080.
2020-08-17 10:13:18 +02:00
61a0ba43cf
Refs #31811 -- Added optional timing outputs to the test runner.
2020-08-13 17:17:15 +02:00
21768a99f4
Refs #31863 -- Added release notes for 94ea79be13.
2020-08-13 16:29:55 +02:00
20799cc0a6
Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning.
...
SimpleLazyObjects cause a crash when filtering.
Thanks Tim L. White for the report.
Regression in 4ed534758c
2020-08-13 07:26:10 +02:00
63300f7e68
Fixed #21181 -- Added Collate database function.
...
Thanks Simon Charette for reviews.
2020-08-11 22:21:08 +02:00
60626162f7
Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()).
2020-08-11 11:55:10 +02:00
0aeb802cf0
Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging.
...
Thanks to Mariusz Felisiak for review.
2020-08-11 11:42:15 +02:00
8a5683b6b2
Added stub release notes for 2.2.16 and 3.0.10.
2020-08-11 10:31:44 +02:00
b2b0711b55
Refs #31864 -- Doc'd that DEFAULT_HASHING_ALGORITHM requires 3.1.1+ in release notes.
2020-08-08 17:32:28 +02:00
99abfe8f4d
Fixed #31864 -- Fixed encoding session data during transition to Django 3.1.
...
Thanks אורי for the report.
2020-08-07 21:42:39 +02:00
0a306f7da6
Fixed #25513 -- Extracted admin pagination to Paginator.get_elided_page_range().
2020-08-06 12:38:56 +02:00
b203ec70fd
Refs #25513 -- Adjusted admin pagination to be 1-indexed.
2020-08-06 12:38:56 +02:00
e70dc506d7
Fixed #31854 -- Fixed wrapping of long model names in admin's sidebar.
2020-08-05 10:54:25 +02:00
b0af56f639
Fixed #31853 -- Fixed wrapping of translated action labels in admin sidebar.
2020-08-05 10:24:16 +02:00
c7e7f176c1
Fixed #26977 -- Made abstract models raise TypeError when instantiating.
2020-08-05 06:37:04 +02:00
6c19230297
Added stub release notes for 3.1.1.
2020-08-04 10:34:38 +02:00
df37c2ec76
Finalized release notes for Django 3.1.
2020-08-04 09:47:34 +02:00
d907371ef9
Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
...
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.
Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
b68b8cb89a
Added release date for 2.2.15 and 3.0.9.
2020-08-03 08:52:28 +02:00
1d6fdca557
Refs #27468 -- Added tests and release notes for signing.dumps()/loads() changes.
...
Follow up to 71c4fb7beb
2020-07-31 22:05:02 +02:00
f4ac167119
Fixed #27719 -- Added QuerySet.alias() to allow creating reusable aliases.
...
QuerySet.alias() allows creating reusable aliases for expressions that
don't need to be selected but are used for filtering, ordering, or as
a part of complex expressions.
Thanks Simon Charette for reviews.
2020-07-31 13:19:33 +02:00
1173db4a16
Fixed #31822 -- Added support for comments URL per feed item.
...
The item_comments hook returns a comments URL which is then used by the
feed builder.
2020-07-30 07:36:27 +02:00
95da207bdb
Fixed #28507 -- Made ValidationError.__eq__() ignore messages and params ordering.
...
Co-authored-by: caleb logan <clogan202@gmail.com>
2020-07-29 12:04:13 +02:00
16218c2060
Fixed #27395 -- Added sitemap 'alternates' generation.
...
Updated the sitemap generator and default template to optionally
include link elements with hreflang attribute to alternate language
URLs.
2020-07-29 11:48:29 +02:00
948a874425
Fixed #29324 -- Made SECRET_KEY validation lazy (on first access).
2020-07-29 09:06:54 +02:00
ba691933ce
Fixed #31836 -- Dropped support for JSONField __contains and __contained_by lookups on SQLite.
...
The current implementation works only for basic examples without
supporting nested structures and doesn't follow "the general principle
that the contained object must match the containing object as to
structure and data contents, possibly after discarding some
non-matching array elements or object key/value pairs from the
containing object".
2020-07-28 13:06:52 +02:00
83fbaa9231
Fixed #31806 -- Made validators include the value in ValidationErrors.
2020-07-27 13:03:26 +02:00
ff55adbd0d
Reverted "Fixed #30300 -- Allowed migrations to be loaded from directories without __init__.py file."
...
This reverts commit 3cd3bebe89
2020-07-22 07:04:06 +02:00
3f2821af6b
Fixed #31180 -- Configured applications automatically.
2020-07-21 10:35:12 +02:00
96a3ea39ef
Fixed #31784 -- Fixed crash when sending emails on Python 3.6.11+, 3.7.8+, and 3.8.4+.
...
Fixed sending emails crash on email addresses with display names longer
then 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+.
Wrapped display names were passed to email.headerregistry.Address()
what caused raising an exception because address parts cannot contain
CR or LF.
See https://bugs.python.org/issue39073
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-07-20 07:10:40 +02:00
3d16496037
Bumped asgiref requirement to >= 3.2.10.
...
Forwardported 3.1 release notes from 474f65406f
2020-07-17 21:15:21 +02:00
8fa9a6d29e
Fixed #31623 -- Allowed specifying number of adjacent time units in timesince()/timeuntil().
2020-07-16 09:44:28 +02:00
9bc8b1ad2d
Refs #31790 -- Removed incorrect item from 2.2.15 and 3.0.9 release notes.
...
Django 2.2 and 3.0 don't support settings samesite='None' in
HttpResponse.set_cookie() so fix is not necessary and will not be
backported.
2020-07-16 09:27:09 +02:00
240cbb63bf
Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in HttpResponse.delete_cookie().
...
Cookies with the "SameSite" flag set to None and without the "secure"
flag will be soon rejected by latest browser versions.
This affects sessions and messages cookies.
2020-07-16 08:16:58 +02:00
1e38f1191d
Fixed #30446 -- Resolved Value.output_field for stdlib types.
...
This required implementing a limited form of dynamic dispatch to combine
expressions with numerical output. Refs #26355 should eventually provide
a better interface for that.
2020-07-15 10:58:29 +02:00
2cd3e7eeaf
Added Igbo language.
2020-07-14 20:44:41 +02:00
e906ff6fca
Fixed #30457 -- Added TestCase.captureOnCommitCallbacks().
2020-07-13 11:56:46 +02:00
ca6c5e5fc2
Fixed #31770 -- Allowed select_for_update(of) on MySQL 8.0.1+.
2020-07-13 10:15:43 +02:00
b7a438c7e2
Fixed #31509 -- Made DiscoverRunner enable faulthandler by default.
2020-07-10 18:55:50 +02:00
7d6916e827
Fixed #29789 -- Added support for nested relations to FilteredRelation.
2020-07-09 20:24:00 +02:00
779e615e36
Fixed #31573 -- Made QuerySet.update() respect ordering on MariaDB/MySQL.
2020-07-08 11:43:50 +02:00
af2b3fee08
Added Turkmen language.
2020-07-08 08:43:28 +02:00
cb0da637a6
Fixed #31713 -- Added SpatialReference support to GDALRaster.transform().
2020-07-07 09:26:44 +02:00
5d4b9c1cab
Refs #12990 -- Added example to JSONField release notes.
2020-07-03 12:45:39 +02:00
baf404f749
Fixed #30945 -- Doc'd plural equations changes in 2.2. release notes.
2020-07-03 09:38:18 +02:00
c2a835703f
Added stub release notes for 3.0.9.
2020-07-01 07:00:43 +02:00
0f3aecf581
Added release date for 2.2.14 and 3.0.8.
2020-07-01 06:16:32 +02:00
615e32162f
Fixed #31751 -- Fixed database introspection with cx_Oracle 8.
2020-06-30 09:50:15 +02:00
8984cab8a8
Fixed #31620 -- Added support for %V format to WeekMixin/WeekArchiveView.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-06-26 11:12:57 +02:00
e13cfc6dfd
Fixed #31596 -- Changed ForeignKey.validate() to use the base manager.
2020-06-25 11:36:20 +02:00
074844e947
Fixed #31529 -- Added support for serialization of pathlib.Path/PurePath and os.PathLike in migrations.
2020-06-24 11:45:34 +02:00
162765d6c3
Fixed #9061 -- Allowed FormSets to disable deleting extra forms.
...
Thanks to Dan Ward for the initial patch.
2020-06-24 09:26:25 +02:00
2e8941b6f9
Fixed #31735 -- Fixed migrations crash on namespaced inline FK addition on PostgreSQL.
...
The namespace of the constraint must be included when making the
constraint immediate.
Regression in 22ce5d0031
2020-06-24 08:37:20 +02:00
258c88a913
Refs #5691 -- Made cache keys independent of USE_L10N.
...
This mostly reverts af1893c4ff
2020-06-22 10:55:12 +02:00
27c09043da
Refs #31670 -- Renamed whitelist argument and attribute of EmailValidator.
2020-06-18 21:43:20 +02:00
26a413507a
Fixed #6933 -- Added support for searching against quoted phrases in ModelAdmin.search_fields.
2020-06-18 20:17:20 +02:00
10df5b7177
Refs #31670 -- Removed whitelist/blacklist terminology in docs and comments.
2020-06-17 13:15:56 +02:00
1621f06051
Fixed #30472 -- Made Argon2PasswordHasher use Argon2id.
2020-06-17 08:10:41 +02:00
faad809e09
Refs #30472 -- Simplified Argon2PasswordHasher with argon2-cffi 19.1+ API.
2020-06-17 08:10:41 +02:00
e29637681b
Fixed #30190 -- Added JSONL serializer.
2020-06-16 16:51:58 +02:00
0d6d4e78b1
Fixed #31709 -- Added support for opclasses in ExclusionConstraint.
2020-06-16 08:16:14 +02:00
7edc6e53a7
Fixed #31702 -- Added support for PostgreSQL opclasses in UniqueConstraint.
2020-06-16 07:19:00 +02:00
a16080810b
Fixed #31696 -- Updated OWASP links in docs.
2020-06-15 09:44:08 +02:00
a8473b4d34
Fixed #31691 -- Added ordering support to JSONBAgg.
2020-06-13 00:06:29 +02:00
e0cdd0fcf5
Fixed #31649 -- Added support for covering exclusion constraints on PostgreSQL 12+.
2020-06-12 23:23:21 +02:00
db8268bce6
Added support for the Tajik language.
...
Thanks Sirius Sufiew for contributing that support.
2020-06-12 17:47:22 +02:00
4339f2aff2
Refs #31682 -- Doc'd minimal sqlparse version in Django 2.2.
...
Support for sqlparse < 0.2.2 was broken in
40b0a58f5f
2020-06-10 06:53:32 +02:00
b38d44229f
Fixed #31664 -- Reallowed using non-expressions having filterable attribute as rhs in queryset filters.
...
Regression in 4edad1ddf6
2020-06-08 08:17:23 +02:00
78ad4b4b02
Fixed #31660 -- Fixed queryset crash when grouping by m2o relation.
...
Regression in 3a941230c8
2020-06-08 07:21:54 +02:00
433dd737f9
Fixed #20347 -- Allowed customizing the maximum number of instantiated forms in formsets.
...
Co-authored-by: ethurgood <ethurgood@gmail.com>
2020-06-05 12:01:32 +02:00
926148ef01
Fixed #31654 -- Fixed cache key validation messages.
2020-06-05 07:21:52 +02:00
8c7992f658
Fixed #30913 -- Added support for covering indexes on PostgreSQL 11+.
2020-06-04 12:26:22 +02:00
9e57b1efb5
Fixed #30134 -- Ensured unlocalized numbers are string representation in templates.
2020-06-04 10:34:54 +02:00
e24b63fe85
Refs #31630 -- Removed DatabaseFeatures.can_introspect_autofield.
2020-06-04 08:27:46 +02:00
e198beadad
Fixed #31630 -- Replaced introspection features with DatabaseFeatures.introspected_field_types.
2020-06-04 08:27:42 +02:00
dbdc192ca3
Preferred usage of among/while to amongst/whilst.
2020-06-03 21:02:48 +02:00
54975780ee
Added CVE-2020-13254 and CVE-2020-13596 to security archive.
2020-06-03 12:03:37 +02:00
7ec2658e1e
Added stub release notes for 3.0.8.
2020-06-03 10:54:29 +02:00
2c82414914
Fixed CVE-2020-13254 -- Enforced cache key validation in memcached backends.
2020-06-03 09:24:26 +02:00
2dd4d110c1
Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdWidget.
2020-06-03 09:23:00 +02:00
81dc710571
Added release date for 2.2.13 and 3.0.7.
2020-06-03 09:13:16 +02:00
0daddf093f
Refs #31485 -- Added release notes for backport of jQuery upgrade to 3.5.1.
2020-06-02 14:32:43 +02:00
dd1ca50b09
Fixed #31570 -- Corrected translation loading for apps providing territorial language variants with different plural equations.
...
Regression in e3e48b0012
2020-06-01 08:38:54 +02:00
bd4e409695
Made intword/intcomma template filters independent of USE_L10N.
2020-06-01 07:27:08 +02:00
0382ecfe02
Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores.
2020-05-29 06:47:51 +02:00
fa58450a9a
Fixed #31468 -- Allowed specifying migration filename in Operation.
...
This adds also suggested filename for many built-in operations.
2020-05-28 11:42:53 +02:00
62f1655a64
Fixed #11157 -- Stopped removing stop words in admin's prepopulated_fields.
...
Co-Authored-By: Andy Chosak <andy@chosak.org>
2020-05-27 12:32:56 +02:00
d693a086de
Fixed #31615 -- Made migrations skip extension operations if not needed.
...
- Don't try to create an existing extension.
- Don't try to drop a nonexistent extension.
2020-05-27 10:48:44 +02:00
7c947f0f5a
Fixed #31494 -- Preserved query strings when following HTTP 307/308 redirects in test client.
2020-05-27 10:36:52 +02:00
9d55ae00d3
Updated expected release dates for 3.0.7 and 2.2.13.
2020-05-27 10:19:15 +02:00
587b179d41
Fixed #31606 -- Allowed using condition with lookups in When() expression.
2020-05-27 07:32:23 +02:00
643207efae
Fixed #31608 -- Doc'd that form ISO 8601 datetime parsing always retains tzinfo.
2020-05-21 20:45:39 +02:00
c60524c658
Fixed #31546 -- Allowed specifying list of tags in Command.requires_system_checks.
2020-05-21 12:34:54 +02:00
a4e6030904
Fixed #30375 -- Added FOR NO KEY UPDATE support to QuerySet.select_for_update() on PostgreSQL.
2020-05-21 10:51:10 +02:00
3460ea49e8
Added Kyrgyz language.
...
Thanks Soyuzbek orozbek uulu for contributing that support.
2020-05-20 12:29:59 +02:00
8328811f04
Refs #31607 -- Added release notes for a125da6a7c.
2020-05-20 09:18:19 +02:00
20a8a443f0
Fixed #31578 -- Dropped support for MySQL 5.6.
2020-05-19 10:56:39 +02:00
9756c33429
Fixed #31504 -- Allowed calling makemigrations without an active database connection.
2020-05-19 10:24:23 +02:00
3cf80d3fcf
Fixed #31395 -- Made setUpTestData enforce in-memory data isolation.
...
Since it's introduction in Django 1.8 setUpTestData has been suffering
from a documented but confusing caveat due to its sharing of attributes
assigned during its execution with all test instances.
By keeping track of class attributes assigned during the setUpTestData
phase its possible to ensure only deep copies are provided to test
instances on attribute retreival and prevent manual setUp gymnastic to
work around the previous lack of in-memory data isolation.
Thanks Adam Johnson for the extensive review.
2020-05-15 20:22:52 +02:00
0e3b0da2e3
Fixed #31552 -- Added support for LZMA and XZ fixtures to loaddata.
2020-05-15 11:30:28 +02:00
9d211f149a
Refs #31524 -- Moved release notes for 81ffedaacc to 3.2.
2020-05-14 17:17:46 +02:00
81ffedaacc
Fixed #31524 -- Removed minified static assets from the admin.
2020-05-14 16:07:56 +02:00
3a941230c8
Fixed #31584 -- Fixed crash when chaining values()/values_list() after Exists() annotation and aggregation on Oracle.
...
Oracle requires the EXISTS expression to be wrapped in a CASE WHEN in
the GROUP BY clause.
Regression in efa1908f66
2020-05-14 15:07:08 +02:00
e341bed606
Refs #31034 -- Documented admin requires django.template.context_processors.request.
...
Required since d24ba1be7a
2020-05-14 11:00:51 +02:00
adfbf653dc
Fixed #31568 -- Fixed alias reference when aggregating over multiple subqueries.
...
691def10a0#30727 , #30188 .
Thanks Makina Corpus for the report.
2020-05-14 09:31:15 +02:00
42c08ee465
Fixed #31566 -- Fixed aliases crash when chaining values()/values_list() after annotate() with aggregations and subqueries.
...
Subquery annotation references must be resolved if they are excluded
from the GROUP BY clause by a following .values() call.
Regression in fb3f034f1c
2020-05-14 08:16:16 +02:00
e536fa5ce1
Fixed #31579 -- Dropped support for PostgreSQL 9.5 and PostGIS 2.2.
2020-05-14 06:33:00 +02:00
50798d4389
Added stub release notes for 2.2.13.
2020-05-14 06:22:54 +02:00
d4c5ef3ebb
Renamed PROJ.4 to PROJ.
2020-05-13 10:30:30 +02:00
fbdb032de2
Used :envvar: role and .. envvar:: directive in various docs.
2020-05-13 09:14:40 +02:00
feb91dbda1
Used :mimetype: role in various docs.
2020-05-13 09:14:04 +02:00
a9337b4add
Used :pep: role in various docs.
2020-05-13 09:14:04 +02:00
f2187a227f
Increased the default PBKDF2 iterations for Django 3.2.
2020-05-13 09:07:51 +02:00
3b94f12462
Added stub release notes for 3.2.
2020-05-13 09:07:51 +02:00
0b938cb7d2
Cosmetic edits to docs/releases/3.1.txt.
2020-05-12 11:26:37 +02:00
a9e589030a
Removed empty sections from 3.1 release notes.
2020-05-12 11:26:37 +02:00
58f1b07e49
Fixed #30678 -- Added support for GDAL 3.
2020-05-12 09:06:06 +02:00
d24ba1be7a
Fixed #31034 -- Added a navigation sidebar to the admin.
...
Co-authored-by: elky <elky@users.noreply.github.com>
Co-authored-by: Goetz <goetz.buerkle@gmail.com>
2020-05-11 18:16:38 +02:00
72a170b4c3
Fixed #25236 -- Deprecated {% ifequal %} and {% ifnotequal %} template tags.
...
The {% if %} tag provides all features of these tags.
Since Django 1.2 (May 17, 2010), the docs have hinted that
{% ifequal %} and {% ifnotequal %} will be deprecated in a future
Django version. Time to make it official.
2020-05-11 09:07:33 +02:00
6789ded0a6
Fixed #12990 , Refs #27694 -- Added JSONField model field.
...
Thanks to Adam Johnson, Carlton Gibson, Mariusz Felisiak, and Raphael
Michel for mentoring this Google Summer of Code 2019 project and
everyone else who helped with the patch.
Special thanks to Mads Jensen, Nick Pope, and Simon Charette for
extensive reviews.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-05-08 07:23:31 +02:00
f97f71f592
Refs #12990 -- Bumped mysqlclient requirement to >= 1.4.0.
...
MySQLdb.constants.FIELD_TYPE.JSON was added in mysqlclient 1.4.0rc2.
2020-05-08 06:14:42 +02:00
1c2c6f1b51
Fixed a/an typos in "SQL" usage.
2020-05-06 06:35:26 +02:00
aff7a58aef
Updated admin's Select2 to 4.0.13.
2020-05-05 11:30:02 +02:00
30083e0780
Fixed #31485 -- Updated admin's jQuery to 3.5.1.
2020-05-05 11:00:05 +02:00
b73e66e758
Fixed #31538 -- Fixed Meta.ordering validation lookups that are not transforms.
...
Regression in 440505cb2c
2020-05-05 09:08:29 +02:00
d2b9a9fdbb
Refs #28622 -- Corrected PASSWORD_RESET_TIMEOUT/PASSWORD_RESET_TIMEOUT_DAYS docs.
...
Removed outdated note about an extra day in PASSWORD_RESET_TIMEOUT
docs and incorrect "minimum" phrase.
2020-05-05 08:19:25 +02:00
2522559d1a
Fixed #31534 -- Deprecated django.conf.urls.url().
2020-05-05 07:34:34 +02:00
d17b380653
Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments.
2020-05-04 12:10:47 +02:00
c00bc27945
Refs #30372 -- Stopped watching built-in Django translation files by auto-reloader.
2020-05-04 09:13:47 +02:00
7668f9bce9
Fixed typo in docs/releases/3.0.6.txt.
2020-05-04 07:42:25 +02:00
8e8ff38cb8
Added stub release notes for 3.0.7.
2020-05-04 07:38:35 +02:00
c5358794e3
Added release date for 3.0.6.
2020-05-04 07:04:23 +02:00
b4068bc656
Fixed #31455 -- Added support for deferrable exclusion constraints on PostgreSQL.
2020-05-01 09:08:36 +02:00
c226c6cb32
Fixed #20581 -- Added support for deferrable unique constraints.
2020-04-30 10:43:50 +02:00
54646a423b
Refs #27468 -- Made user sessions use SHA-256 algorithm.
2020-04-29 16:45:00 +02:00
68fc21b378
Fixed #29249 -- Made JSON and YAML serializers use Unicode by default.
2020-04-28 11:11:39 +02:00
2788de95e3
Updated expected date for 3.0.6 release.
2020-04-28 10:12:33 +02:00
a92cc84b4a
Refs #31369 -- Deprecated models.NullBooleanField in favor of BooleanField(null=True).
2020-04-24 10:10:45 +02:00
fb9b1c245d
Updated admin's XRegExp to 3.2.0.
2020-04-22 08:45:14 +02:00
75866b93cc
Fixed #31479 -- Added support to reset sequences on SQLite.
2020-04-21 10:41:47 +02:00
505fec6bad
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
5673d4b102
Fixed #31477 -- Removed "using" argument from DatabaseOperations.execute_sql_flush().
2020-04-20 07:49:35 +02:00
75410228df
Fixed #31473 -- Made sql_flush() use RESTART IDENTITY to reset sequences on PostgreSQL.
...
The sql_flush() positional argument sequences is replaced by the boolean
keyword-only argument reset_sequences. This ensures that the old
function signature can't be used by mistake when upgrading Django. When
the new argument is True, the sequences of the truncated tables will
reset. Using a single boolean value, rather than a list, allows making a
binary yes/no choice as to whether to reset all sequences rather than a
working on a completely different set.
2020-04-17 11:57:24 +02:00
71c4fb7beb
Refs #27468 -- Changed default Signer algorithm to SHA-256.
2020-04-15 12:49:14 +02:00
5b884d45ac
Fixed #29501 -- Allowed dbshell to pass options to underlying tool.
2020-04-14 14:02:51 +01:00
8e8c3f964e
Refs #29501 -- Allowed customizing exit status for management commands.
2020-04-14 13:22:47 +02:00
b9e2355eb0
Fixed #31196 -- Added support for PostGIS 3.
2020-04-14 13:19:59 +02:00
cc70a0343e
Fixed term warning on Sphinx 3.0.1+.
...
"term" role became case sensitive in Sphinx 3.0.1.
2020-04-14 09:32:09 +02:00
a350bfa6f4
Fixed #13009 -- Added BoundField.widget_type property.
2020-04-10 07:11:14 +02:00
210657b791
Fixed #28184 -- Allowed using a callable for FileField and ImageField storage.
2020-04-08 11:26:17 +02:00
026719cf17
Fixed #31030 -- Registered SQLite functions as deterministic on Python 3.8+.
2020-04-06 11:26:00 +02:00
98ea4f0f46
Refs #7098 -- Deprecated passing raw column aliases to order_by().
...
Now that order_by() has expression support passing RawSQL() can achieve
the same result.
This was also already supported through QuerySet.extra(order_by) for
years but this API is more or less deprecated at this point.
2020-04-06 10:01:02 +02:00
4237050684
Fixed #31420 -- Fixed crash when filtering subquery annotation against a SimpleLazyObject.
...
Thanks Simon Charette for the solution and analysis.
2020-04-06 07:11:29 +02:00
89032876f4
Fixed #31275 -- Optimized sql_flush() without resetting sequences on MySQL.
...
Co-Authored-By: Simon Charette <charettes@users.noreply.github.com>
2020-04-02 12:57:53 +02:00
b1f88476db
Corrected docs spelling of PgBouncer.
2020-04-01 14:55:11 +02:00
1cdfe8d912
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
a7e4ff370c
Added stub release notes for 3.0.6.
2020-04-01 10:09:43 +02:00
b56243b77f
Added release dates for 2.1.12 and 3.0.5.
2020-04-01 09:14:56 +02:00
8aa71f4e87
Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes or strings.
2020-03-31 10:52:56 +02:00
4b146e0c83
Fixed #30864 -- Doc'd classproperty decorator.
2020-03-31 10:46:48 +02:00
93ed71e058
Fixed #31403 -- Added support for returning fields from INSERT statements on MariaDB 10.5+.
2020-03-31 07:25:50 +02:00
d0da2820ca
Fixed #31402 -- Added migrate --check option.
...
Command exits with non-zero status if unapplied migrations exist.
2020-03-26 20:12:39 +01:00
f3da09df0f
Fixed #31396 -- Added binary XOR operator to F expressions.
2020-03-25 10:16:30 +01:00
10866a10fe
Fixed #31377 -- Disabled grouping by aliases on QuerySet.values()/values_list() when they collide with field names.
...
Regression in fb3f034f1c
2020-03-25 09:13:46 +01:00
27746ab28a
Fixed #7664 -- Allowed customizing suffixes of MultiWidget.widgets' names.
2020-03-24 20:05:18 +01:00
0b51a4f894
Fixed #28194 -- Added support for normalization and cover density to SearchRank.
2020-03-23 11:00:55 +01:00
4ed534758c
Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context.
2020-03-23 08:11:14 +01:00
53b6a466d8
Refs #29724 -- Added is_dst parameter to QuerySet.datetimes().
...
Thanks Simon Charette for the review and Mariusz Felisiak for tests.
2020-03-20 12:55:33 +01:00
142ab6846a
Fixed #31123 -- Added --include-stale-apps option to the remove_stale_contenttypes management command.
...
Co-Authored-By: Javier Buzzi <buzzi.javier@gmail.com>
2020-03-19 11:48:10 +01:00
fc0fa72ff4
Fixed #31224 -- Added support for asynchronous views and middleware.
...
This implements support for asynchronous views, asynchronous tests,
asynchronous middleware, and an asynchronous test client.
2020-03-18 19:59:12 +01:00
5f8495a40a
Fixed #31371 -- Increased User.first_name max_length to 150 characters.
2020-03-18 08:22:49 +01:00
3baf92cf82
Fixed #31340 -- Allowed query expressions in SearchQuery.value and __search lookup.
2020-03-16 10:27:23 +01:00
924c01ba09
Fixed #31363 -- Added support for negative integers to intword template filter.
2020-03-16 08:44:43 +01:00
ccf32aca44
Fixed #8760 -- Changed ModelMultipleChoiceField to use invalid_list as a error message key.
2020-03-12 09:36:01 +01:00
e663f695fb
Fixed #31359 -- Deprecated get_random_string() calls without an explicit length.
2020-03-11 13:16:44 +01:00
e3e48b0012
Fixed #30439 -- Added support for different plural forms for a language.
...
Thanks to Michal Čihař for review.
2020-03-10 15:56:32 +01:00
692870b611
Removed trailing whitespace in 3.1 release notes.
2020-03-10 12:01:32 +01:00
a4200e958d
Added stub release notes for 2.2.12.
2020-03-10 12:01:01 +01:00
eb77e80de0
Fixed #31349 -- Used :nth-child() CSS pseudo-class to style alternative rows in admin.
2020-03-09 12:34:32 +01:00
769cee5252
Fixed #31327 -- Deprecated providing_args argument for Signal.
2020-03-05 09:38:52 +01:00
1b3a900a69
Added stub release notes for 3.0.5.
2020-03-04 10:56:07 +01:00
43f8ba1c7c
Fixed typo in docs/releases/1.11.29.txt.
2020-03-04 10:46:43 +01:00
f37f9a0bf0
Added CVE-2020-9402 to security archive.
2020-03-04 09:59:07 +01:00
6695d29b1c
Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle.
...
Thanks to Norbert Szetei for the report.
2020-03-04 09:04:50 +01:00
65ab4f9f03
Fixed #31147 -- Added SearchHeadline to django.contrib.postgres.
2020-03-03 15:39:52 +01:00
7b8fa1653f
Fixed #31150 -- Included subqueries that reference related fields in GROUP BY clauses.
...
Thanks Johannes Hoppe for the report.
Regression in fb3f034f1c
2020-03-03 11:25:37 +01:00
d4fff711d4
Fixed #31274 -- Used signing infrastructure in SessionBase.encode()/decode().
...
Thanks Mariusz Felisiak and Florian Apolloner for the reviews.
2020-03-02 12:16:48 +01:00
8b30360322
Fixed #31032 -- Updated admin browser support FAQ for 2020.
...
Following web standards, the modern _evergreen_ browsers are all
supported. This applies equally to mobile platforms. Assuming current
trends continue, this should be a sustainable policy.
Microsoft deprecated all versions of Internet Explorer. IE 11, the last
version, is described as a "compatibility solution" rather than a web
browser. Whilst it will receive security updates for the lifetime of
Windows 10 it's use is actively discouraged.
The IE 11 downloads page makes it clear: "We recommend you use the new
Microsoft Edge".
2020-02-28 12:39:14 +01:00
41ebe60728
Fixed #31312 -- Properly ordered temporal subtraction params on MySQL.
...
Regression in 9bcbcd599a
2020-02-27 08:50:55 +01:00
a6b3938afc
Fixed #31182 -- Adjusted release notes for ASGI support.
2020-02-20 15:05:47 +01:00
4d973f5939
Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
...
This is the new contract since middleware refactoring in Django 1.10.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
2a038521c4
Fixed #31271 -- Preserved ordering when unifying query parameters on Oracle.
...
This caused misplacing parameters in logged SQL queries.
Regression in 79065b55a7
2020-02-18 11:45:12 +01:00
f37d548ede
Fixed #20995 -- Added support for iterables of template names to {% include %} template tag.
...
Thanks Adam Johnson for the review.
2020-02-18 06:56:05 +01:00
da4923ea87
Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm.
2020-02-12 21:46:56 +01:00
1712a76b9d
Fixed #31246 -- Fixed locking models in QuerySet.select_for_update(of=()) for related fields and parent link fields with multi-table inheritance.
...
Partly regression in 0107e3d105
2020-02-11 20:43:57 +01:00
41a3b3d186
Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used.
...
Thanks to Oskar Persson for the report.
2020-02-11 20:39:12 +01:00
e3f6e18513
Fixed #31253 -- Fixed data loss possibility when using caching from async code.
...
Case missed in a415ce70be
2020-02-11 09:09:25 +01:00
7e8339748c
Added stub release notes for 2.2.11.
2020-02-10 08:18:58 +01:00
932bd794b2
Added "Bugfixes" section to release notes for 3.0.4.
2020-02-10 08:14:58 +01:00
430e796980
Refs #31055 -- Made DiscoverRunner skip running system checks on unused test databases.
2020-02-07 11:01:31 +01:00
0b83c8cc4d
Refs #31055 -- Added --database option to the check management command.
...
This avoids enabling the ``database`` checks unless they are explicitly
requested and allows to disable on a per-alias basis which is required
when only creating a subset of the test databases.
This also removes unnecessary BaseCommand._run_checks() hook.
2020-02-07 11:01:31 +01:00
f48f671223
Refs #31233 -- Changed DatabaseWrapper._nodb_connection to _nodb_cursor().
...
It is now a method instead of a property and returns a context manager
that yields a cursor on entry and closes the cursor and connection upon
exit.
2020-02-06 15:29:38 +01:00
72b97a5b1e
Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'.
2020-02-05 14:39:01 +01:00
de1924e0e7
Improved grammar in 3.0 release notes for SECURE_CONTENT_TYPE_NOSNIFF change.
2020-02-05 12:46:14 +01:00
469bf2db15
Fixed #31210 -- Doc'd how to reproduce HttpRequest.is_ajax() in release notes.
2020-02-04 12:21:48 +01:00
85cb59cba9
Fixed typo in docs/releases/3.1.txt.
2020-02-04 12:21:45 +01:00
8ae84156d6
Fixed #27604 -- Used the cookie signer to sign message cookies.
...
Co-authored-by: Craig Anderson <craiga@craiga.id.au>
2020-02-04 08:05:02 +01:00
273918c25b
Added stub release notes for 3.0.4.
2020-02-03 10:23:54 +01:00
d8b2ccbbb8
Added CVE-2020-7471 to security archive.
2020-02-03 10:11:34 +01:00
1a2600d8df
Added release date for 3.0.3.
2020-02-03 08:52:16 +01:00
eb31d84532
Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter.
2020-02-03 08:49:13 +01:00
a97111eabf
Fixed 31207 -- Prevented references to non-local remote fields in ForeignKey.to_field.
...
Thanks Simon Charette for the initial patch and review.
2020-01-31 10:19:12 +01:00
0ac8ac8b0d
Refs #25778 -- Updated some links to HTTPS and new locations.
2020-01-29 09:34:37 +01:00
c9bf1910e2
Refs #30997 -- Added link to Fetch API in release notes.
2020-01-28 08:37:41 +01:00
e348ab0d43
Fixed #30997 -- Deprecated HttpRequest.is_ajax().
2020-01-27 08:54:32 +01:00
7fa0fa45c5
Refs #30997 -- Removed HttpRequest.is_ajax() usage.
2020-01-27 08:52:40 +01:00
d66d72f956
Refs #30997 -- Added HttpRequest.accepts().
2020-01-24 14:24:59 +01:00
b94764e178
Fixed #27888 -- Added link to clear all filters in the admin changelist view.
2020-01-23 14:14:54 +01:00
0b013564ef
Fixed #31190 -- Fixed prefetch_related() crash for GenericForeignKey with custom ContentType foreign key.
...
Regression in dffa3e1992
2020-01-22 07:54:16 +01:00
13e4abf83e
Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports.
2020-01-16 15:25:49 +01:00
d08d4f464a
Fixed #30765 -- Made cache_page decorator take precedence over max-age Cache-Control directive.
2020-01-16 13:39:16 +01:00
29c126bb34
Fixed #31124 -- Fixed setting of get_FOO_display() when overriding inherited choices.
...
Regression in 2d38eb0ab9
2020-01-15 15:35:22 +01:00
927c903f3c
Refs #31097 -- Added release notes for 2f565f84ac.
...
.
2020-01-14 14:35:28 +01:00
1f4b9f4f1f
Removed unused ExceptionReporterFilter class.
...
Unused since 8f8c54f70b
2020-01-11 20:18:38 +01:00
6f7998adc7
Fixed #31155 -- Fixed a system check for the longest choice when a named group contains only non-string values.
...
Regression in b6251956b6
2020-01-11 19:47:36 +01:00
e2d9d66a22
Fixed #23004 -- Added request.META filtering to SafeExceptionReporterFilter.
...
Co-authored-by: Ryan Castner <castner.rr@gmail.com>
2020-01-10 11:35:41 +01:00
581ba5a948
Refs #23004 -- Allowed exception reporter filters to customize settings filtering.
...
Thanks to Tim Graham for the original implementation idea.
Co-authored-by: Daniel Maxson <dmaxson@ccpgames.com>
2020-01-10 11:21:23 +01:00
5166097d7c
Fixed #31154 -- Added support for using enumeration types in templates.
...
Enumeration helpers are callables, so the template system tried to call
them with no arguments.
Thanks Rupert Baker for helping discover this.
2020-01-10 07:52:06 +01:00
eb629f4c02
Fixed #30995 -- Allowed converter.to_url() to raise ValueError to indicate no match.
2020-01-09 14:41:41 +01:00
ffcf1a8ebf
Fixed #31118 -- Made FileInput to avoid the required attribute when initial data exists.
2020-01-08 09:15:31 +01:00
53d8646f79
Fixed #31141 -- Relaxed system check of translation settings for sublanguages.
...
Regression in 4400d8296d
2020-01-08 08:05:43 +01:00
188b003014
Fixed #15982 -- Added DATE_INPUT_FORMATS to forms.DateTimeField default input formats.
2020-01-07 11:08:40 +01:00
1487f16f2d
Fixed #11385 -- Made forms.DateTimeField accept ISO 8601 date inputs.
...
Thanks José Padilla for the initial patch, and Carlton Gibson for the
review.
2020-01-06 10:52:09 +01:00
0f843fdd5b
Fixed #31136 -- Disabled grouping by aliases on QuerySet.values()/values_list().
...
Regression in fb3f034f1c
2020-01-04 20:49:11 +01:00
9bcbcd599a
Fixed #31133 -- Fixed crash when subtracting against a subquery annotation.
...
The subtract_temporals() database operation was not handling expressions
returning SQL params in mixed database types.
Regression in 3543129822
2020-01-03 10:35:08 +01:00
372eaa395f
Fixed #28991 -- Added EmptyFieldListFilter class in admin.filters.
...
Thanks Simon Charette and Carlton Gibson for reviews.
Co-Authored-By: Jonas Haag <jonas@lophus.org>
Co-Authored-By: Christophe Baldy <christophe.baldy@polyconseil.fr>
2020-01-03 07:58:04 +01:00
69331bb851
Added stub release notes for 3.0.3.
2020-01-02 08:36:08 +01:00
434a81d320
Added release date for 3.0.2.
2020-01-02 07:55:53 +01:00
cf5d4701dc
Fixed #30819 -- Fixed year determination in admin calendar widget for two-digit years.
...
Two-digit years in the range of [00, 68] are in the current century,
while [69,99] are in the previous century, according to the Open Group
Specification.
2019-12-30 13:06:29 +01:00
9e14bc2135
Refs #29260 -- Doc'd Model.save() behavior change in Django 3.0.
2019-12-30 07:49:10 +01:00
5779cc938a
Fixed #31071 -- Disabled insert optimization for primary keys with defaults when loading fixtures.
...
Model.save_base() is called directly when loading fixtures and assumes
existing rows will be updated. Branching of "raw" allows to maintain
the optimization introduced in #29260 while supporting this edge case.
Regression in 85458e94e3
2019-12-30 07:49:10 +01:00
22ce5d0031
Fixed #31106 -- Fixed migrations crash on PostgreSQL 10+ when adding FK constraints inline and changing data.
...
This allows adding foreign key constraints inline and changing data in
the same migration on PostgreSQL 10+.
Regression in 738faf9da2
2019-12-23 23:28:59 +01:00
67ea35df52
Fixed #30998 -- Added ModelChoiceIteratorValue to pass the model instance to ChoiceWidget.create_option().
2019-12-23 10:34:50 +01:00
720de4d044
Fixed #31109 -- Disabled grouping by aliases on QuerySet.exists().
...
Clearing the SELECT clause in Query.has_results was orphaning GROUP BY
references to it.
Thanks Thierry Bastian for the report and Baptiste Mispelon for the
bisect.
Regression in fb3f034f1c
2019-12-23 09:24:03 +01:00
5a4d7285bd
Fixed #31094 -- Included columns referenced by subqueries in GROUP BY on aggregations.
...
Thanks Johannes Hoppe for the report.
Regression in fb3f034f1c
2019-12-19 10:04:56 +01:00
d291c72bf2
Fixed #30585 -- Added {% translate %} and {% blocktranslate %} template tags.
2019-12-18 13:15:38 +01:00
50a69efb2e
Added stub release notes for 3.0.2.
2019-12-18 10:51:57 +01:00
5a2b9f0b54
Added CVE-2019-19844 to the security archive.
2019-12-18 10:36:22 +01:00
5b1fbcef7a
Fixed CVE-2019-19844 -- Used verified user email for password reset requests.
...
Co-Authored-By: Florian Apolloner <florian@apolloner.eu>
2019-12-18 09:11:39 +01:00
ff00a05347
Fixed #31088 -- Added support for websearch searching in SearchQuery.
2019-12-16 14:59:59 +01:00
5b7450080f
Added Algerian Arabic language.
2019-12-14 16:26:31 +01:00
9736137cdc
Fixed #31069 , Refs #26431 -- Doc'd RegexPattern behavior change in passing optional named groups in Django 3.0.
2019-12-12 14:24:10 +01:00
b33bfc3839
Fixed #30862 -- Allowed setting SameSite cookies flags to 'none'.
...
Thanks Florian Apolloner and Carlton Gibson for reviews.
2019-12-12 10:52:31 +01:00
52018e1615
Fixed typos in 3.0 release notes and docs/ref/request-response.txt.
2019-12-12 10:19:09 +01:00
ec12c37384
Refs #31073 -- Added release notes for 02eff7ef60.
2019-12-11 10:07:41 +01:00
9e565386d3
Fixed #27430 -- Added -b/--buffer option to DiscoverRunner.
2019-12-09 13:47:12 +01:00
663bb435de
Fixed typo in docs/releases/3.0.1.txt.
2019-12-09 07:57:36 +01:00
bf12273db4
Fixed #31060 -- Reallowed window expressions to be used in conditions outside of queryset filters.
...
Regression in 4edad1ddf6
2019-12-06 13:52:16 +01:00
5708327c37
Fixed #23433 -- Deprecated django-admin.py entry point in favor of django-admin.
...
Unify on the entry point created by setuptools entry_points feature.
2019-12-06 12:11:44 +01:00
82a88d2f48
Fixed #31061 -- Ignored positional args in django.urls.resolve() when all optional named parameters are missing.
...
Regression in 76b993a117
2019-12-06 09:32:51 +01:00
5d674eac87
Fixed #31039 -- Added support for contained_by lookup with AutoFields, SmallIntegerField, and DecimalField.
2019-12-05 15:50:39 +01:00
adb9661789
Fixed #31010 -- Allowed subdomains of localhost in the Host header by default when DEBUG=True.
2019-12-05 09:44:45 +01:00
1f62c008d1
Fixed typo in docs/releases/3.0.txt.
2019-12-05 07:55:20 +01:00
c06492dd87
Fixed #23524 -- Allowed DATABASES['TIME_ZONE'] option on PostgreSQL.
2019-12-04 18:22:08 +01:00
ad88524e4d
Refs #23524 -- Unified BaseDatabaseWrapper.timezone.
...
There was a special case in this property to return None when the
database backend supports time zone. However, only the PostgreSQL
backend supports time zones and it never uses this property.
2019-12-04 18:07:51 +01:00
95ae1a9f8c
Fixed #31059 -- Fixed typo in docs/releases/3.0.txt.
2019-12-04 09:22:51 +01:00
26cab4e8c1
Fixed #31046 -- Allowed RelatedManager.add()/create()/set() to accept callable values in through_defaults.
2019-12-03 19:47:38 +01:00
c90ab30fa1
Fixed #31056 -- Allowed disabling async-unsafe check with an environment variable.
2019-12-03 17:29:31 +01:00
908c67e719
Added stub release notes for 3.0.1.
2019-12-02 21:43:59 +01:00
3b347a8a00
Finalized release notes for Django 3.0.
2019-12-02 11:54:32 +01:00
900ea762e5
Added CVE-2019-19118 to the security archive.
2019-12-02 11:42:24 +01:00
368b8d20aa
Removed issue reporter name from 2.1.15 and 2.2.8 release notes.
2019-12-02 09:46:25 +01:00
e31d185267
Added release dates for 2.1.15, 2.2.8 and 3.0.
2019-12-02 09:10:15 +01:00
11c5e0609b
Fixed CVE-2019-19118 -- Required edit permissions on parent model for editable inlines in admin.
...
Thank you to Shen Ying for reporting this issue.
2019-12-02 08:56:08 +01:00
39e39d0ac1
Refs #30953 -- Added 2.1.15 release note for 0107e3d105.
2019-12-02 08:10:39 +01:00
0107e3d105
Fixed #30953 -- Made select_for_update() lock queryset's model when using "self" with multi-table inheritance.
...
Thanks Abhijeet Viswa for the report and initial patch.
2019-12-02 07:57:19 +01:00
e8fcdaad5c
Fixed #31021 -- Fixed proxy model permissions data migration crash with a multiple databases setup.
...
Regression in 98296f86b3
2019-11-29 08:23:01 +01:00
1f817daa20
Fixed #30803 -- Allowed comma separators for milliseconds in django.utils.dateparse functions.
...
Co-Authored-By: Ben Wilber <benwilber@gmail.com>
2019-11-27 09:43:12 +01:00
42b23d1e79
Refs #30803 -- Allowed comma separators for decimal fractions in parse_duration().
2019-11-27 09:43:12 +01:00
abc51d44af
Used 🎫 role in all tickets links.
2019-11-26 14:02:24 +01:00
52936eface
Fixed #31031 -- Fixed data loss in admin changelist view when formset's prefix contains regex special chars.
...
Regression in b18650a263
2019-11-26 08:48:10 +01:00
a5855c8f0f
Fixed #30996 -- Added AsWKB and AsWKT GIS functions.
2019-11-22 13:40:48 +01:00
ee4a19053a
Fixed #31012 -- Reverted "Fixed #29056 -- Fixed HTML5 validation of required SelectDateWidget."
...
This reverts commit f038214d91
2019-11-21 20:53:31 +01:00
e9a0e1d4f6
Fixed #30484 -- Added conditional expressions support to CheckConstraint.
2019-11-21 11:56:35 +01:00
f69b32782e
Fixed #30625 -- Doc'd cache.get()/delete() behavior change in Django 2.2.
2019-11-21 10:54:05 +01:00
f5ebdfce5c
Fixed #25388 -- Added an option to allow disabling of migrations during test database creation.
2019-11-20 20:42:38 +01:00
e9def97d10
Added stub release notes for 2.1.15.
2019-11-19 12:33:39 +01:00
89abecc75d
Fixed #27272 -- Added an on_delete RESTRICT handler to allow cascading deletions while protecting direct ones.
2019-11-19 10:55:05 +01:00
555bebe774
Fixed #30987 -- Added models.PositiveBigIntegerField.
2019-11-19 09:34:11 +01:00
f95b59a1b3
Fixed #30994 -- Added Oracle support for AsGeoJSON GIS function.
2019-11-18 15:32:44 +01:00
11e327a3ff
Fixed #30988 -- Deprecated the InvalidQuery exception.
...
It was barely documented without pointers at its defining location and
was abused to prevent misuse of the QuerySet field deferring feature.
2019-11-18 14:06:51 +01:00
24b9f50823
Fixed #29916 -- Added lower_inc, lower_inf, upper_inc, and upper_inf lookups for RangeFields.
...
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-11-14 22:27:29 +01:00
efc3e32d6d
Fixed #30759 -- Made cache.delete() return whether it succeeded.
...
Thanks Simon Charette for the review.
2019-11-14 11:14:11 +01:00
b93a0e34d9
Refs #29926 -- Doc'd Python 3.8 compatibility in Django 2.2.x.
2019-11-12 22:11:44 +01:00
30359496a3
Added stub release notes for 2.2.8 release.
2019-11-12 14:37:59 +01:00
153c7956f8
Fixed #24858 -- Added support for get_FOO_display() to ArrayField and RangeFields.
...
_get_FIELD_display() crashed when Field.choices was unhashable.
2019-11-08 10:59:24 +01:00
02983c5242
Fixed #30943 -- Added BloomIndex to django.contrib.postgres.
2019-11-07 11:23:53 +01:00
26554cf5d1
Fixed #29983 -- Replaced os.path() with pathlib.Path in project template and docs.
...
Thanks Curtis Maloney for the original patch.
2019-11-07 11:11:27 +01:00
77aa74cb70
Refs #29983 -- Added support for using pathlib.Path in all settings.
2019-11-07 10:26:22 +01:00
4c45b627f8
Removed unused import of ACTION_CHECKBOX_NAME in django.contrib.admin.
...
Unused since e651b3095c
2019-11-06 12:49:42 +01:00
fbbff7f808
Refs #29983 -- Added pathlib.Path support to the file email backend.
2019-11-06 09:33:07 +01:00
4b6db766ba
Refs #30183 -- Doc'd dropping support for sqlparse < 0.2.2.
...
Support for sqlparse < 0.2.2 was broken in
782d85b6df
2019-11-06 08:45:43 +01:00
b9fe7f9294
Fixed #30947 -- Changed tuples to lists in model Meta options in django.contrib modules.
...
The Django "Model Meta options" docs provide examples and generally
point the reader to use lists for the unique_together and ordering
options. Follow our own advice for contrib models.
More generally, lists should be used for homogeneous sequences of
arbitrary lengths of which both unique_together and ordering are.
2019-11-05 08:16:31 +01:00
6ccb1b68bc
Added Uzbek language.
2019-11-04 14:50:00 +01:00
126cfefce2
Added release dates for 2.2.7, 2.1.14, and 1.11.26.
2019-11-04 08:20:22 +01:00
2d38eb0ab9
Fixed #30931 -- Restored ability to override Model.get_FIELD_display().
...
Thanks Sergey Fedoseev for the implementation idea.
Regression in a68ea23101
2019-11-04 07:55:34 +01:00
3cf907c20c
Fixed #30761 -- Prevented floatformat filter from returning a negative zero.
2019-10-31 10:48:35 +01:00
17752003a8
Refs #28428 -- Made FileSystemStorage.save() to support pathlib.Path.
2019-10-31 09:06:05 +01:00
6315a272c5
Refs #28428 -- Made filepath_to_uri() support pathlib.Path.
2019-10-30 13:13:15 +01:00
6bbf9a20e2
Fixed #29770 -- Added LinearRing.is_counterclockwise property.
2019-10-25 14:28:26 +02:00
55df1750be
Refs #30897 -- Added support for ANALYZE option to Queryset.explain() on MariaDB and MySQL 8.0.18+.
2019-10-24 15:13:26 +02:00
742961332e
Refs #30897 -- Added support for TREE format to Queryset.explain() on MySQL 8.0.16+.
2019-10-24 15:13:23 +02:00
fa5f3291e7
Fixed #30903 -- Fixed migrations crash on PostgreSQL when adding Index with opclasses and ordering.
2019-10-24 09:33:14 +02:00
3120490912
Fixed #30876 -- Moved classproperty() decorator to the django.utils.functional.
2019-10-21 09:57:39 +02:00
31174031f1
Fixed #30841 -- Deprecated using non-boolean values for isnull lookup.
2019-10-21 08:44:20 +02:00
1711c509fa
Fixed #27391 -- Implemented SimpleTestCase.debug().
...
debug() should bubbled up exceptions if occurring in test, but behave
the same as run() when no exceptions occurred.
2019-10-18 12:22:51 +02:00
3a8af298b9
Fixed #30890 -- Added MariaDB support for the relate lookup.
2019-10-18 07:46:31 +02:00
187a64608d
Fixed #30885 -- Dropped support for MariaDB 10.1.
2019-10-16 18:40:48 +02:00
06d34aab7c
Fixed #30870 -- Fixed showing that RunPython operations are irreversible by migrate --plan.
...
Thanks Hasan Ramezani for the initial patch and Kyle Dickerson for the
report.
2019-10-14 11:13:27 +02:00
7d1bf29977
Fixed #30826 -- Fixed crash of many JSONField lookups when one hand side is key transform.
...
Regression in 6c3dfba892
2019-10-11 10:55:22 +02:00
ed112fadc1
Fixed #23755 -- Added support for multiple field names in the no-cache Cache-Control directive to patch_cache_control().
...
https://tools.ietf.org/html/rfc7234#section-5.2.2.2
2019-10-10 19:30:51 +02:00
2a6f45e08e
Fixed typos in docs/releases/3.0.txt.
2019-10-10 14:22:04 +02:00
ee6b17187f
Fixed #30812 -- Made ConditionalGetMiddleware set ETag only for responses with non-empty content.
2019-10-10 09:51:05 +02:00
3cd3bebe89
Fixed #30300 -- Allowed migrations to be loaded from directories without __init__.py file.
2019-10-10 08:31:41 +02:00
f4ac9ae8d9
Refs #14218 -- Adjusted release note to use present tense.
...
Thanks to Tim Graham for review.
2019-10-03 10:14:06 +02:00
8ed6788aa4
Fixed #30821 -- Added ExtractIsoWeekYear database function and iso_week_day lookup.
2019-10-02 10:41:34 +02:00
17595407ca
Fixed #14218 -- Added Paginator.__iter__().
2019-10-02 09:49:31 +02:00
84322a29ce
Added stub release notes for 1.11.26 and 2.1.14.
2019-10-02 07:49:47 +02:00
e1c1eaf0c6
Added stub release notes for 2.2.7.
2019-10-01 10:43:30 +02:00
3826aed46d
Added release dates for 2.2.6, 2.1.13, and 1.11.25.
2019-10-01 08:49:15 +02:00
c574bec092
Fixed #25598 -- Added SCRIPT_NAME prefix to STATIC_URL and MEDIA_URL set to relative paths.
...
Thanks Florian Apolloner for reviews.
Co-authored-by: Joel Dunham <Joel.Dunham@technicalsafetybc.ca>
2019-09-25 19:47:03 +02:00
129583a0d3
Removed some outdated backwards compatibility imports and misleading comments.
...
EmptyResultSet moved in 46509cf13d89581707558550161e53471596fc1a5c53e30607
2019-09-24 15:18:53 +02:00
b31e63879e
Fixed #29444 -- Allowed returning multiple fields from INSERT statements on Oracle.
2019-09-24 10:22:43 +02:00
226ebb1729
Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS.
2019-09-20 13:52:04 +02:00
5cb3ed187b
Fixed #30772 -- Optimized make_template_fragment_key().
...
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc
2019-09-18 14:53:05 +02:00
6c3dfba892
Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation.
...
This was a regression introduced by 7deeabc7c7
2019-09-16 08:24:40 +02:00
bd7e0f81f8
Added stub release notes for 1.11.25 and 2.1.13.
2019-09-16 07:37:47 +02:00
1c66767d4e
Refs #27910 -- Improved documentation for model field choice enumeration types.
2019-09-13 15:37:40 +02:00
ea25bdc2b9
Added PBKDF2 hasher iteration increase to 3.0 release notes.
...
Refs 06670015f7
2019-09-12 17:24:01 +02:00
b5db65c4fb
Increased the default PBKDF2 iterations for Django 3.1.
2019-09-12 17:24:01 +02:00
0ddb4ebf7b
Refs #14357 -- Made Meta.ordering not affect GROUP BY queries.
...
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
d17be88afd
Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
...
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
b61ea56789
Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline.
2019-09-10 12:01:00 +02:00
f1894bae30
Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline.
2019-09-10 12:01:00 +02:00
81993b47ea
Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline.
2019-09-10 12:01:00 +02:00
cb2be9d5d5
Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline.
2019-09-10 12:01:00 +02:00
3d716467a9
Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline.
2019-09-10 12:01:00 +02:00
b47bb4c4a7
Refs #29598 -- Removed FloatRangeField per deprecation timeline.
2019-09-10 12:01:00 +02:00
32796826bb
Added stub release notes for 3.1.
2019-09-10 12:00:56 +02:00
34decdebf1
Fixed #30754 -- Prevented inclusion of aliases in partial index conditions.
...
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.
Thanks Pēteris Caune for the report.
2019-09-10 10:03:16 +02:00
a624803514
Finalised release notes for 3.0 alpha release.
...
* Removed empty sections
* Corrected some typos and wrapping errors.
2019-09-10 09:58:42 +02:00
b1d37fea8f
Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models.
2019-09-09 14:04:46 +02:00
406dba04e1
Fixed #29406 -- Added support for Referrer-Policy header.
...
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
1edbb6c194
Refs #30426 -- Moved release notes into separate security section.
2019-09-09 13:35:31 +02:00
7254f1138d
Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL.
...
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
2019-09-09 10:51:14 +02:00
05d0eca635
Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.
2019-09-09 08:15:26 +02:00
350123f38c
Moved release note for refs #30158 from deprecated to backwards incompatible changes.
2019-09-05 15:56:52 +02:00
e2c6a0858d
Fixed #30750 -- Added support for check constraints on MySQL 8.0.16+.
2019-09-05 09:18:34 +02:00
72ebe85a26
Fixed #27910 -- Added enumeration helpers for use in Field.choices.
...
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.
Additional properties make it easy to access the list of names, values
and display labels.
Thanks to the following for ideas and reviews:
Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.
Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-09-04 14:42:49 +02:00
25706d7285
Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler.
2019-09-04 08:40:46 +02:00
0d4529d314
Added stub release notes for 2.2.6.
2019-09-04 08:02:32 +02:00
4f61810751
Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().
2019-09-02 15:32:23 +02:00
47f49adc11
Added release dates for 2.2.5, 2.1.12, and 1.11.24.
2019-09-02 07:43:51 +02:00
0545781764
Fixed #30736 -- Added Storage.get_alternative_name() to allow customization.
2019-08-30 11:32:19 +02:00
400ec5125e
Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
4137fc2efc
Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude().
...
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.
Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.
Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
2019-08-29 09:45:29 +02:00
03dbdfd9bb
Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS.
2019-08-26 14:48:40 +02:00
06372a8d27
Fixed #30507 -- Updated admin's jQuery to 3.4.1.
2019-08-23 11:00:16 +02:00
85ac838d9e
Fixed #21039 -- Added AddIndexConcurrently/RemoveIndexConcurrently operations for PostgreSQL.
...
Thanks to Simon Charettes for review.
Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
2019-08-21 13:10:06 +02:00
9a88e43aeb
Fixed broken links and redirects in documentation.
...
Removed reference to custom builds, feature removed in
8e6b3bba99
2019-08-21 10:57:24 +02:00
21e559495b
Fixed #29979 , Refs #17337 -- Extracted AutoField field logic into a mixin and refactored AutoFields.
...
This reduces duplication by allowing AutoField, BigAutoField and
SmallAutoField to inherit from IntegerField, BigIntegerField and
SmallIntegerField respectively. Doing so also allows for enabling the
max_length warning check and minimum/maximum value validation for auto
fields, as well as providing a mixin that can be used for other possible
future auto field types such as a theoretical UUIDAutoField.
2019-08-20 09:22:25 +02:00
d1c2e6dd04
Refs #28428 -- Made FileField.upload_to support pathlib.Path.
2019-08-18 20:34:58 +02:00
0468159763
Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True.
2019-08-18 13:17:49 +02:00
6805c0f99f
Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231.
2019-08-16 15:25:42 +02:00
00035672a4
Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering.
...
Regression in 6d4e5feb79
2019-08-15 10:29:05 +02:00
1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params.
...
Regression in 4f5b58f5cd
2019-08-14 15:25:35 +02:00
eed2e740f7
Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path.
...
Thanks Nikita Krokosh for the initial patch.
2019-08-13 19:44:10 +02:00
8d3519071e
Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning.
2019-08-08 21:14:06 +02:00
052388aba4
Fixed #30676 -- Added --pdb option to test runner.
2019-08-07 08:16:31 +02:00
1af469e67f
Added stub release notes for 2.2.5.
2019-08-02 20:32:21 +02:00
194d1dfc18
Fixed #30661 -- Added models.SmallAutoField.
2019-08-02 11:39:01 +02:00
a5652eb795
Added CVE-2019-14235 to security release archive.
2019-08-01 12:01:27 +02:00
3a6a2f5eaf
Added CVE-2019-14234 to security release archive.
2019-08-01 11:59:45 +02:00
9600f63885
Added CVE-2019-14233 to security release archive.
2019-08-01 11:57:24 +02:00
87750787d1
Added CVE-2019-14232 to the security release archive.
2019-08-01 11:54:24 +02:00
76ed1c49f8
Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
7deeabc7c7
Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
...
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
4b78420d25
Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
7f65974f82
Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
5f24e7158e
Fixed #30665 -- Added support for distinct argument to Avg() and Sum().
2019-07-31 11:22:50 +02:00
f618e033ac
Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands.
2019-07-31 10:02:13 +02:00
4122d9d3f1
Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames.
...
Regression in 519016e5f2
2019-07-27 12:04:56 +02:00
f13147c8de
Added stub release notes for security releases.
2019-07-25 10:49:30 +02:00
5ed20b3aa3
Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute.
...
Allows model fields to override the descriptor class used on the model
instance attribute.
2019-07-25 08:15:20 +02:00
fc75694257
Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved.
2019-07-24 14:08:37 +02:00
2ff517ccb6
Fixed #30506 -- Fixed crash of autoreloader when path contains null characters.
2019-07-23 10:03:23 +02:00
a3417282ac
Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL.
...
Thanks to Nick Pope and Mariusz Felisiak for review.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-07-16 18:04:41 +02:00
7174cf0b00
Refs #29824 -- Added RangeOperators helper class.
2019-07-16 16:57:46 +02:00
00d4e6f8b5
Updated Select2 to version 4.0.7.
2019-07-10 12:31:16 +02:00
7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type.
...
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.
Regression in 6b048b364c
2019-07-10 10:33:36 +02:00
ee6e93ec87
Fixed #30628 -- Adjusted expression identity to differentiate bound fields.
...
Expressions referring to different bound fields should not be
considered equal.
Thanks Julien Enselme for the detailed report.
Regression in bc7e288ca9
2019-07-10 07:46:08 +02:00
08e69cad9c
Added stub release notes for 2.2.4.
2019-07-09 07:39:35 +02:00
febe136d4c
Fixed #30397 -- Added app_label/class interpolation for names of indexes and constraints.
2019-07-08 14:57:56 +02:00
bc91f27a86
Refs #29444 -- Added support for fetching a returned non-integer insert values on Oracle.
...
This is currently not actively used, since the ORM will ask the
SQL compiler to only return auto fields.
2019-07-08 08:53:08 +02:00
a5308514fb
Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields.
2019-07-02 12:55:09 +02:00
868cd56f05
Added CVE-2019-12781 to the security release archive.
2019-07-01 10:14:36 +02:00
fc41401f33
Added release date for 2.2.3.
2019-07-01 07:48:45 +02:00
54d0f5e62f
Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
...
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.
HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.
Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
2019-07-01 07:48:04 +02:00
30b3ee9d0b
Added stub release notes for security releases.
2019-07-01 06:57:27 +02:00
d54baf6970
Updated translations from Transifex
...
Forward port of b3f7262e6e
2019-06-29 16:17:16 +02:00
a289e79679
Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator.
2019-06-26 09:25:24 +02:00
8454f6dea4
Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute.
2019-06-26 06:44:10 +02:00
87b1ad6e73
Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField.
2019-06-21 15:03:17 +02:00
2ef6f209f7
Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes.
2019-06-21 07:07:23 +02:00
a415ce70be
Fixed #30451 -- Added ASGI handler and coroutine-safety.
...
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
2019-06-20 12:29:43 +02:00
87f5d07eed
Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names.
2019-06-14 18:20:29 +02:00
fde9b7d35e
Fixed #30128 -- Fixed handling timedelta timezone in database functions.
2019-06-13 09:29:43 +02:00
9e38ed0536
Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters.
...
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692 .
For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.
For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
2019-06-11 20:34:59 +02:00
dcb8f00d06
Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.
...
Thank you to Nick Pope for review.
Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07 12:44:39 +02:00
581a0f4545
Refs #30226 -- Added User.get_user_permissions() method.
...
Added to mirror the existing User.get_group_permissions().
2019-06-05 13:56:37 +02:00
75337a6050
Fixed #30226 -- Added BaseBackend for authentication.
2019-06-05 13:39:46 +02:00
4b6dfe1622
Fixed #30542 -- Fixed crash of numerical aggregations with filter.
...
Filters in annotations crashed when used with numerical-type
aggregations (i.e. Avg, StdDev, and Variance). This was caused as the
source expressions no not necessarily have an output_field (such as the
filter field), which lead to an AttributeError: 'WhereNode' object has
no attribute output_field.
Thanks to Chuan-Zheng Lee for the report.
Regression in c690afb873
2019-06-05 08:06:26 +02:00
1f81e2df69
Added stub release notes for 2.2.3.
2019-06-05 06:57:44 +02:00
21b1d23912
Added CVE-2019-12308 to the security release archive.
2019-06-03 21:44:55 +02:00
8fb0ea5583
Added CVE-2019-11358 to the security release archive.
2019-06-03 21:44:55 +02:00
100ec901ae
Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes.
2019-06-03 14:08:51 +02:00
34ec52269a
Applied jQuery patch for CVE-2019-11358.
2019-06-03 11:36:12 +02:00
deeba6d920
Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link.
2019-06-03 11:36:12 +02:00
Carlton Gibson
Mariusz Felisiak
007gzs
Federico Jaramillo Martínez
Simon Charette
Kevin Michel
Kaustubh
Michael Galler
Cleiton de Lima
Jon Dufresne
Ahmad A. Hussein
Adam Johnson
Tom Carrick
Daniel Hillier
Uri
Nick Pope
Jacob Walls
Alexandr Tatarinov
Viktor Garske
David Smith
Florian Demmer
Florian Apolloner
Tim Graham
Aymeric Augustin
Florian Apolloner
Tim Park
Simon Charette
Kelechi Precious Nwachukwu
ovkulkarni
matt ferrante
davidchorpash
Resulkary
rico-ci
Tom Forbes
David Smith
Hasan Ramezani
Claude Paroz
Alix
Ali Vakilzade
Hannes Ljungberg
John Parton
Nicolas Baccelli
Dan Palmer
Carlton Gibson
Scott Cranfill
Frantisek Holop
Ryan Heard
Manuel Weitzman
wtkm11
Paolo Melchiorre
Tom Carrick
sage
Chris Burchhardt
Ian Foote
Tim Schilling
Sergey Fedoseev
miigotu
c-bata
Deep Sukhwani
Gordon Pendleton
gowthamk63
Andrew Godwin
Ryan Petrello
Baptiste Mispelon
jay20162016
Keshav Kumar
Abhijeet Viswa
Eugene Hatsko
Pavel Lysak
Flavio Curella
Jack Cushman
Shubham singh
Farhaan Bukhsh
Mike Hansen
James Turk
Rabah Saadi
Osaetin Daniel
Ali Mirlou
Alex Aktsipetrov
jsals1
Daniel Izquierdo
Caio Ariede
Dulmandakh
daniel a rios
Stephen Rauch
Sky
André Ericson
Pavel Savchenko
Louise Grandjonc
Viktor Lomakin
Benjy Weinberger
Anatol Ulrich
Tanner Stirrat
Oleg Kainov
Mads Jensen
Johannes Hoppe
Daniel Fairhead
Vojtech Bocek
Shai Berger
Nasir Hussain
yukihira1992
Berker Peksag
Matthew Schinckel
François Freitag
Adnan Umer
zeyneloz
Étienne Beaulé
can
nsasaki128
Nadège Michel
Sanyam Khurana
Tobias Bengfort