Theo Alexiou
659d2421c7
Fixed #20296 -- Prevented mark_safe() from evaluating lazy objects.
2022-02-21 10:11:26 +01:00
Mariusz Felisiak
1299bc33e1
Refs #33526 -- Made CSRF_COOKIE_SECURE/SESSION_COOKIE_SECURE/SESSION_COOKIE_HTTPONLY don't pass on truthy values.
2022-02-21 07:54:47 +01:00
saeedblanchette
e559070a7a
Fixed #33518 -- Added RemovedAfterNextVersionWarning.
2022-02-21 06:23:41 +01:00
David Smith
fac3dd7f39
Refs #33173 -- Fixed MailTests.test_backend_arg() on Windows and Python 3.11+.
2022-02-19 20:36:01 +01:00
Hasan Ramezani
9ac3ef59f9
Fixed #33379 -- Added minimum database version checks.
...
Thanks Tim Graham for the review.
2022-02-18 13:37:49 +01:00
My-Name-Is-Nabil
3079133c73
Fixed #33514 -- Added fallbacks to subsequent language codes in Select2 translations.
2022-02-18 08:34:49 +01:00
Matthias Kestenholz
b2ed0d78f2
Refs #28358 -- Fixed infinite recursion in LazyObject.__getattribute__().
...
Regression in 97d7990abd
.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Theo Alexiou <theofilosalexiou@gmail.com>
2022-02-17 14:52:17 +01:00
Mariusz Felisiak
1e2e1be02b
Fixed #33515 -- Prevented recreation of migration for ManyToManyField to lowercased swappable setting.
...
Thanks Chris Lee for the report.
Regression in 4328970780
.
Refs #23916 .
2022-02-16 21:09:24 +01:00
Theo Alexiou
97d7990abd
Fixed #28358 -- Prevented LazyObject from mimicking nonexistent attributes.
...
Thanks Sergey Fedoseev for the initial patch.
2022-02-16 10:51:15 +01:00
Carlton Gibson
236e6cb588
Refs #31407 -- Handled potential exception in test cleanup.
...
The test view may not be called when running the tests with
--parallel=2 or greater. Catch the AttributeError for this case.
2022-02-15 14:38:19 +01:00
Baptiste Mispelon
f7e0bffa2e
Refs #33348 -- Made SimpleTestCase.assertFormError() raise ValueError when "field" is passed without "form_index".
2022-02-15 10:30:20 +01:00
Mariusz Felisiak
d4c9dab74b
Refs #33348 -- Fixed SimpleTestCase.assertFormError() error message raised for unbound forms.
2022-02-15 10:16:06 +01:00
Baptiste Mispelon
d84cd91e90
Refs #33348 -- Improved messages raised by SimpleTestCase.assertFormError()/assertFormsetErrors().
...
This makes messages use BaseFormSet/BaseForm.__repr__() instead of
context, and adds the _assert_form_error() helper.
2022-02-15 07:15:44 +01:00
Baptiste Mispelon
9bb13def5d
Refs #33348 -- Made SimpleTestCase.assertFormsetErrors() raise an error when form_index is too big.
2022-02-14 12:46:46 +01:00
Baptiste Mispelon
261885e4c1
Simplified SimpleTestCase.assertFormError()/assertFormsetErrors() calls in admin_views tests.
2022-02-14 11:34:58 +01:00
Baptiste Mispelon
1f749d6f12
Fixed field name in admin_views.tests.UserAdminTest.test_password_mismatch() assertion.
2022-02-14 11:29:45 +01:00
Baptiste Mispelon
7986028e3f
Refs #33348 -- Made SimpleTestCase.assertFormError()/assertFormsetErrors() raise an error for unbound forms/formsets.
2022-02-14 08:43:46 +01:00
rafrafek
cdd4ff67d2
Refs #25684 -- Removed double newline from request/response output of runserver.
...
Follow up to 0bc5cd6280
.
2022-02-14 06:55:34 +01:00
Mariusz Felisiak
3702819227
Refs #32502 -- Avoided table rebuild when removing fields on SQLite 3.35.5+.
...
ALTER TABLE ... DROP COLUMN was introduced in SQLite 3.35+ however
a data corruption issue was fixed in SQLite 3.35.5.
2022-02-11 22:21:58 +01:00
Carlton Gibson
d113b5a837
Refs #33476 -- Made management commands use black.
...
Run black on generated files, if it is available on PATH.
2022-02-11 12:23:26 +01:00
Theo Alexiou
f9ec777a82
Fixed #26287 -- Added support for addition operations to SimpleLazyObject.
2022-02-10 11:24:51 +01:00
Claude Paroz
4c76ffc2d6
Fixed #29490 -- Added support for object-based Media CSS and JS paths.
2022-02-10 08:48:27 +01:00
Damian Posener
09e499a39e
Fixed #33501 -- Made order_with_respect_to respect database routers.
2022-02-09 13:31:49 +01:00
Aaron Chong
2d472ad05c
Fixed #33495 -- Improved debug logging message about adapting handlers for middlewares.
...
It's the wrapped handler that's adapted to the wrapping middleware.
2022-02-09 12:10:26 +01:00
Simon Charette
d35ce682e3
Fixed #33506 -- Made QuerySet.bulk_update() perform atomic writes against write database.
...
The lack of _for_write = True assignment in bulk_update prior to
accessing self.db resulted in the db_for_read database being used to
wrap batched UPDATEs in a transaction.
Also tweaked the batch queryset creation to also ensure they are
executed against the same database as the opened transaction under all
circumstances.
Refs #23646 , #33501 .
2022-02-09 11:14:50 +01:00
Mariusz Felisiak
7119f40c98
Refs #33476 -- Refactored code to strictly match 88 characters line length.
2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
Mariusz Felisiak
f68fa8b45d
Refs #33476 -- Changed quotation marks in DebugViewTests.test_template_exceptions().
...
This prevents a failure after reformatting the code with Black.
2022-02-07 20:36:04 +01:00
Mariusz Felisiak
6f185a53a2
Refs #33482 -- Fixed QuerySet selecting and filtering againts negated Exists() with empty queryset.
...
Regression in b7d1da5a62
.
2022-02-07 20:34:21 +01:00
Carlton Gibson
4b8e9492d9
Refs #32559 -- Added selenium test for FloatField client-side validation.
...
step="any" is required for non-integer values. See:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/number#step
Covers behaviour added in 7ec2a21be1
.
2022-02-03 13:50:37 +01:00
Hrushikesh Vaidya
832adb31f2
Fixed #33473 -- Fixed detecting changes by autoreloader in .py files inside template directories.
2022-02-03 11:22:45 +01:00
Mariusz Felisiak
c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
...
In these cases Black produces unexpected results, e.g.
def make_random_password(
self,
length=10,
allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):
or
cursor.execute("""
SELECT ...
""",
[table name],
)
2022-02-03 11:20:46 +01:00
Simon Charette
b7d1da5a62
Fixed #33482 -- Fixed QuerySet filtering againts negated Exists() with empty queryset.
...
Thanks Tobias Bengfort for the report.
2022-02-02 07:54:19 +01:00
tschilling
0dcd549bbe
Fixed #30360 -- Added support for secret key rotation.
...
Thanks Florian Apolloner for the implementation idea.
Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-02-01 11:12:24 +01:00
Mariusz Felisiak
fc18f36c4a
Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
...
Thanks Alan Ryan for the report and initial patch.
2022-02-01 07:41:40 +01:00
Markus Holtermann
394517f078
Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
...
Thanks Keryn Knight for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-02-01 07:40:51 +01:00
Kirill Safronov
97a7274468
Fixed #33480 -- Fixed makemigrations crash when renaming field of renamed model.
...
Regression in aa4acc164d
.
2022-02-01 07:01:41 +01:00
Mariusz Felisiak
71e7c8e737
Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on aggregates with default.
...
Thanks Adam Johnson for the report.
2022-01-31 11:33:24 +01:00
Keryn Knight
55022f75c1
Fixed #33465 -- Added empty __slots__ to SafeString and SafeData.
...
Despite inheriting from the str type, every SafeString instance gains
an empty __dict__ due to the normal, expected behaviour of type
subclassing in Python.
Adding __slots__ to SafeData is necessary, because otherwise inheriting
from that (as SafeString does) will give it a __dict__ and negate the
benefit added by modifying SafeString.
2022-01-29 13:50:34 +01:00
Keryn Knight
c5c7a15b09
Fixed #33461 -- Escaped template errors in the technical 500 debug page.
2022-01-28 07:07:12 +01:00
vgolubev
e87f57fdb8
Fixed #26142 -- Allowed model formsets to prevent new object creation.
...
Thanks Jacob Walls, David Smith, and Mariusz Felisiak for reviews.
Co-authored-by: parth <parthvin@gmail.com>
2022-01-27 20:45:21 +01:00
Jörg Breitbart
0af9a5fc7d
Fixed #33463 -- Fixed QuerySet.bulk_update() with F() expressions.
2022-01-27 19:03:26 +01:00
Mariusz Felisiak
e972620ada
Fixed #33462 -- Fixed migration crash when altering type of primary key with MTI and foreign key.
...
This prevents duplicated operations when altering type of primary key
with MTI and foreign key. Previously, a foreign key to the base model
was added twice, once directly and once by the inheritance model.
Thanks bcail for the report.
Regression in 325d7710ce
.
2022-01-27 18:51:39 +01:00
Carlton Gibson
d15a10afb5
Adjusted CBV resolver_match example in testing tools docs.
...
The view_class is available on the view callback, allowing that to be
checked, rather than the __name__.
2022-01-26 20:58:22 +01:00
Mariusz Felisiak
f38c3cbadc
Increased test coverage for django.contrib.gis.gdal.layer.Layer.
2022-01-26 17:47:03 +01:00
Jacob Walls
edbf930287
Fixed #29984 -- Added QuerySet.iterator() support for prefetching related objects.
...
Co-authored-by: Raphael Kimmig <raphael.kimmig@ampad.de>
Co-authored-by: Simon Charette <charette.s@gmail.com>
2022-01-25 06:12:04 +01:00
Timothy McCurrach
efb4478e48
Fixed #33458 -- Fixed encoding of messages with empty string as extra_tags.
2022-01-24 07:05:53 +01:00
Claude Paroz
7c4f396509
Stopped including type="text/css" attributes for CSS link tags.
2022-01-22 16:38:14 +01:00
My-Name-Is-Nabil
9dc65263d4
Fixed #33455 -- Improved error message when selenium is not installed.
2022-01-21 21:54:10 +01:00
Jacob Walls
2d8232fa71
Fixed #26760 -- Added --prune option to migrate command.
2022-01-21 17:10:31 +01:00
Fabian Büchler
eeff1787b0
Fixed #33449 -- Fixed makemigrations crash on models without Meta.order_with_respect_to but with _order field.
...
Regression in aa4acc164d
.
2022-01-21 06:44:53 +01:00
Mariusz Felisiak
f605e85af9
Fixed #33453 -- Dropped support for GDAL 2.1.
2022-01-20 18:54:29 +01:00
Hrushikesh Vaidya
3fadf141e6
Fixed #33062 -- Made MultiPartParser remove non-printable chars from file names.
2022-01-20 07:19:52 +01:00
sean_c_hsu
0f6946495a
Fixed #31685 -- Added support for updating conflicts to QuerySet.bulk_create().
...
Thanks Florian Apolloner, Chris Jerdonek, Hannes Ljungberg, Nick Pope,
and Mariusz Felisiak for reviews.
2022-01-19 20:17:42 +01:00
Mariusz Felisiak
4a8ac604b1
Added tests for SpatialReference.to_esri()/from_esri().
2022-01-19 16:03:04 +01:00
Adam Johnson
dc8bb35e39
Fixed #33446 -- Added CSS source map support to ManifestStaticFilesStorage.
2022-01-18 12:53:14 +01:00
Mariusz Felisiak
30a0144134
Fixed #29338 -- Allowed using combined queryset in Subquery.
...
Thanks Eugene Kovalev for the initial patch, Simon Charette for the
review, and Chetan Khanna for help.
2022-01-17 18:01:07 +01:00
My-Name-Is-Nabil
f37face331
Fixed #33435 -- Fixed invalid SQL generatered by Subquery.as_sql().
2022-01-17 09:00:46 +01:00
Ayush Joshi
0a17666045
Fixed #28135 -- Made simplify_regex() handle non-capturing groups.
2022-01-14 11:01:02 +01:00
Adam Johnson
fdfa97fb16
Fixed #33441 -- Restored immutability of models.Field.__hash__().
...
Regression in 502e75f9ed
.
2022-01-14 07:00:48 +01:00
Adam Johnson
45a42aabfa
Fixed #29708 -- Deprecated PickleSerializer.
2022-01-13 13:50:20 +01:00
Adam Johnson
436862787c
Refs #29708 -- Made SessionBase store expiry as string.
2022-01-13 13:05:42 +01:00
Adam Johnson
08d8bccbf1
Improved Model.__init__() properties loop.
...
This improves readability, accumulates unrecognized arguments raise an
exception with all of them, and avoids refetching the values.
2022-01-13 11:09:37 +01:00
Mariusz Felisiak
0a4a5e5bac
Refs #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
...
Regression in 84609b3205
.
Follow up to 4e5bbb6ef2
.
Thanks Sourav Kumar for the report.
2022-01-13 10:10:48 +01:00
Hrushikesh Vaidya
6815da6e94
Fixed #33396 -- Added view name to technical 500 debug page.
2022-01-13 07:02:41 +01:00
Adam Johnson
84e98ba194
Added exception to SuspiciousOperation logging.
...
This allows better debugging and filtering of errors.
2022-01-12 13:27:25 +01:00
Jacob Walls
dc9deea8e8
Fixed #11715 -- Changed default value of ModelAdmin.actions/inlines to empty tuples.
...
This clarifies the intended pattern of overwriting the default value
rather than mutating it.
2022-01-11 12:22:49 +01:00
mgaligniana
fa235004dd
Fixed #13251 -- Made pre/post_delete signals dispatch the origin.
2022-01-11 08:06:18 +01:00
Jacob Walls
6f78cb6b13
Fixed #29026 -- Added --scriptable option to makemigrations.
2022-01-10 18:49:57 +01:00
Keryn Knight
f4b06a3cc1
Fixed #33426 -- Fixed ResolverMatch.__repr_() for class-based views.
...
Regression in 7c08f26bf0
.
2022-01-10 17:30:41 +01:00
Jacob Walls
3430093a46
Refs #32193 -- Removed python-memcached from test requirements.
...
Follow up to 05f3a6186e
.
2022-01-10 06:39:15 +01:00
Keryn Knight
2a66c102d9
Fixed #33425 -- Fixed view name for CBVs on technical 404 debug page.
...
Regression in 0c0b87725b
.
2022-01-08 13:05:55 +01:00
David
4c60c3edff
Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe.
...
Regression in 456466d932
.
Thanks Matt Westcott for the report.
2022-01-07 15:35:31 +01:00
Ad Timmering
bdf3e156b4
Fixed #28628 -- Changed \d to [0-9] in regexes where appropriate.
2022-01-07 12:25:06 +01:00
Ad Timmering
fe76944269
Refs #28628 -- Added tests for intcomma with non-ASCII digits.
2022-01-07 12:23:33 +01:00
Allen Jonathan David
28c98d4113
Fixed #33216 -- Simpilified deconstructed paths for some expressions.
2022-01-07 11:19:29 +01:00
Baptiste Mispelon
c67e1cf44f
Refs #33348 -- Deprecated passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors().
2022-01-06 17:29:32 +01:00
Petter Friberg
bc174e6ea0
Fixed #33410 -- Fixed recursive capturing of callbacks by TestCase.captureOnCommitCallbacks().
...
Regression in d89f976bdd
.
2022-01-06 06:38:17 +01:00
Ad Timmering
806efe912b
Fixed #33400 -- Added support for msg_prefix and count arguments to assertTemplateUsed()/assertTemplateNotUsed() used as context managers.
2022-01-05 12:49:42 +01:00
Jamie Matthews
f5233dce30
Fixed #32511 -- Corrected handling prefetched nested reverse relationships.
...
When prefetching a set of child objects related to a set of parent
objects, we usually want to populate the relationship back from the
child to the parent to avoid a query when accessing that relationship
attribute. However, there's an edge case where the child queryset
itself specifies a prefetch back to the parent. In that case, we want
to use the prefetched relationship rather than populating the reverse
relationship from the parent.
2022-01-05 09:49:05 +01:00
Allen Jonathan David
205f67cd5b
Refs #33216 -- Made @deconstructible do not change path for subclasses.
2022-01-04 13:15:29 +01:00
Allen Jonathan David
194ca77092
Refs #21275 -- Added more tests for @deconstructible decorator.
2022-01-04 13:08:36 +01:00
Florian Apolloner
6d343d01c5
Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
...
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner
761f449e0d
Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
...
Thanks to Dennis Brinkrolf for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Florian Apolloner
968a3d01fa
Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
...
Thanks Chris Bailey for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
David Wobrock
482ee63b6f
Fixed #33402 -- Optimized multiple AlterFooTogether operations.
2022-01-04 06:24:03 +01:00
Keryn Knight
0ed2919814
Fixed #33406 -- Avoided creation of MaxLengthValidator(None) when resolving Value.output_field for strings.
...
This brings the behaviour in line with Field subclasses which append to
the validators within __init__(), like BinaryField, and prevents the
creation of a validator which incorrectly throws a TypeError, if it
were used.
2022-01-04 05:51:00 +01:00
Keryn Knight
b894199eb0
Refs #33406 -- Added test for not creating broken validators when resolving Value.output_field.
2022-01-04 05:51:00 +01:00
Mariusz Felisiak
30613d6a74
Fixed #33408 -- Fixed adding nullable unique fields on SQLite.
...
Regression in 2f73e5406d
.
Thanks Alan Crosswell for the report.
2022-01-04 05:50:00 +01:00
Jacob Walls
0ab58c1209
Refs #29026 -- Allowed customizing InteractiveMigrationQuestioner's prompt destination.
...
Previously, the questioner did not obey the value of stdout provided
to the command.
2022-01-03 12:30:51 +01:00
Jacob Walls
03a6488116
Refs #31026 -- Changed @jinja2_tests imports to be relative.
2022-01-03 06:11:30 +01:00
Mariusz Felisiak
826701232c
Removed obsolete Oracle's test_client_encoding() test.
...
encoding and nencoding parameters were deprecated in cx_Oracle 8.2.
Moreover, encoding is handled internally between cx_Oracle and Oracle
Database and there is no need to test it.
2021-12-30 12:42:37 +01:00
Shubh1815
aecfc40c88
Fixed #33300 -- Ensured hidden elements are not displayed on small screens.
2021-12-30 07:57:36 +01:00
Jacob Walls
92412aa94c
Fixed #23273 -- Avoided creation of django_migrations table when there are no migrations to apply.
2021-12-30 06:36:55 +01:00
David Smith
950d697b95
Refs #31617 -- Removed redundant title text in filter.html.
...
Unnecessary since 269a767146
.
Title text should provide advisory information and should not be the
same or very similar to the element text.
2021-12-28 13:42:35 +01:00
Mariusz Felisiak
2d07e1aaeb
Refs #22983 -- Added tests for squashing migrations with functions from migration files.
...
Follow up to ebb13bbd88
.
2021-12-27 18:49:19 +01:00
Hannes Ljungberg
59a66f0512
Refs #33342 -- Deprecated ExclusionConstraint.opclasses.
2021-12-27 08:55:18 +01:00
Hannes Ljungberg
0e656c02fe
Fixed #33342 -- Added support for using OpClass() in exclusion constraints.
2021-12-24 11:39:00 +01:00
Adam Johnson
deec15a9a6
Refs #33355 -- Made trunc functions raise ValueError on invalid lookups on SQLite.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 11:47:13 +01:00
David
cb82ded4b2
Refs #32339 -- Added rendering tests for forms with CheckboxSelectMultiple and SelectMultiple widgets.
2021-12-23 07:38:05 +01:00