0393b9262d
Fixed #32812 -- Restored immutability of named values from QuerySet.values_list().
...
Regression in 981a072dd4
2021-06-04 07:23:16 +02:00
0d2816133c
Refs #32668 -- Simplified get_test_modules() in runtests.py.
...
This simplifies runtests.py's get_test_modules() in a few ways. For
example, it changes the function to yield strings instead of returning
pairs of strings, which simplifies the calling code.
This commit also changes SUBDIRS_TO_SKIP from a list to a dict since
the directories to skip depend on the parent directory.
2021-06-03 09:20:47 +02:00
ffc0d57a04
Refs #32668 -- Refactored away module_found_in_labels in runtests.py's setup().
2021-06-03 09:20:47 +02:00
90f41c2d91
Refs #32668 -- Made setup()'s test_labels argument optional in runtests.py.
2021-06-03 09:20:47 +02:00
62e8f369c3
Fixed #32808 -- Prevented DiscoverRunner.build_suite() from mutating test loader patterns.
...
Thanks Chris Jerdonek for the report and reviews.
2021-06-03 08:59:37 +02:00
1b4d1675b2
Refs #32641 -- Made DiscoverRunner's "Found X tests" message work for finding one test.
...
This also removes passing level to log() as logging.INFO is the default.
2021-06-02 12:53:09 +02:00
ec2727efef
Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists.
2021-06-02 12:20:22 +02:00
e1d787f1b3
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
...
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.
[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
46572de2e9
Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs' TemplateDetailView.
2021-06-02 10:58:39 +02:00
e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
...
Regression in 1e38f1191d
2021-06-01 15:11:42 +02:00
a0410ffe8f
Refs #32552 -- Added DiscoverRunner.log() to allow customization.
...
Thanks Carlton Gibson, Chris Jerdonek, and David Smith for reviews.
2021-06-01 13:31:44 +02:00
cd19db10df
Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted cookie tokens.
2021-06-01 09:02:27 +02:00
623cec0879
Refs #32796 -- Added CsrfViewMiddleware tests for incorrectly formatted cookie tokens.
2021-06-01 09:02:23 +02:00
c609d5149c
Refs #24121 -- Added __repr__() to Engine
2021-06-01 07:44:36 +02:00
55775891fb
Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted tokens.
2021-05-31 21:12:21 +02:00
ffdee8d264
Refs #32795 -- Added CsrfViewMiddleware tests for rejecting invalid or missing tokens.
...
This also improves test names for test_process_request_no_csrf_cookie
and test_process_request_csrf_cookie_no_token. The logic being tested
is actually in process_view() rather than process_request(), and it's
not necessary to include the method name.
2021-05-31 21:12:17 +02:00
91e21836f6
Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage.
2021-05-31 11:09:48 +02:00
781b44240a
Refs #32319 -- Changed HashedFilesMixin to use named groups in patterns.
2021-05-31 10:40:21 +02:00
b9df2b74b9
Fixed #32676 -- Prevented migrations from rendering related field attributes when not passed during initialization.
...
Thanks Simon Charette for the implementation idea.
2021-05-28 20:25:59 +02:00
b746596f5f
Refs #32779 -- Changed DatabaseSchemaEditor._unique_sql()/_create_unique_sql() to take fields as second parameter.
2021-05-28 10:50:27 +02:00
22da686ca9
Refs #24121 -- Added __repr__() to PermWrapper.
2021-05-28 08:03:23 +02:00
71179a6124
Fixed #32596 -- Added CsrfViewMiddleware._check_referer().
...
This encapsulates CsrfViewMiddleware's referer logic into a method and
updates existing tests to check the "seam" introduced by the refactor,
when doing so would improve the test.
2021-05-28 07:31:56 +02:00
e93eb3d971
Fixed #32789 -- Made feeds emit elements with no content as self-closing tags.
2021-05-27 21:05:28 +02:00
02c59b7a43
Refs #32596 -- Added extra tests for CsrfViewMiddleware's referer logic.
2021-05-27 10:53:20 +02:00
0d67481a66
Fixed #32762 -- Fixed locale reset in compilemessages test.
...
Reset the `LC_ALL` override value in the test environment to ensure that locale
values the calling environment are not used.
2021-05-26 15:37:42 +02:00
9e4780deda
Fixed #32669 -- Fixed detection when started non-django modules which aren't packages with "python -m" in autoreloader.
2021-05-26 12:29:43 +02:00
5a8e8f80bb
Fixed #32772 -- Made database cache count size once per set.
2021-05-26 11:21:11 +02:00
12b19a1d76
Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute.
...
Regression in ec6d2531c5
2021-05-26 11:19:47 +02:00
1143f3bb5e
Fixed #32543 -- Added search_help_text to ModelAdmin.
2021-05-26 10:20:13 +02:00
68357b2ca9
Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes.
2021-05-26 09:41:29 +02:00
7e51893911
Refs #32379 -- Added USE_TZ settings to AdminScriptTestCase.write_settings().
2021-05-25 13:22:40 +02:00
3e0fdf5546
Fixed #32780 -- Made Add/RemoveConstraint operations a noop for covering/deferrable unique constraints on SQLite.
2021-05-25 11:34:25 +02:00
d3d95d645f
Refs #24121 -- Added __repr__() to Lookup.
2021-05-24 07:32:25 +02:00
f0a9413bd2
Refs #24121 -- Improved Value.__repr__().
2021-05-24 07:26:53 +02:00
3f6d4e22f8
Fixed typo in tests/expressions/tests.py.
2021-05-24 07:26:53 +02:00
7ef2398e81
Fixed #32777 -- Passed table reference as a string to DatabaseSchemaEditor._index_columns().
2021-05-24 06:31:48 +02:00
5e04e84d67
Fixed #32503 -- Fixed altering BLOB/TEXT field to non-nullable with default on MySQL 8.0.13+.
...
MySQL 8.0.13+ supports defaults for BLOB/TEXT but not in the
ALTER COLUMN statement.
Regression in 6b16c91157
2021-05-21 13:34:37 +02:00
7cca22964c
Fixed #32375 -- Started deprecation toward changing the default sitemap protocol to https.
...
The default sitemap protocol, when it is built outside the context of
a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-21 11:00:54 +02:00
56003b21ea
Added tests for Sitemap.get_protocol().
2021-05-21 10:55:05 +02:00
736bb9868a
Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods.
2021-05-20 07:29:16 +02:00
2978c63a34
Fixed #32771 -- Used IS_POPUP_VAR constant instead of hard-coded value.
2021-05-20 07:04:26 +02:00
536c155e67
Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget.
...
ReadOnlyPasswordHashWidget doesn't have any labelable elements.
2021-05-19 20:34:57 +02:00
8cd55021bc
Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
...
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
958cdf65ae
Fixed #32747 -- Prevented initialization of unused caches.
...
Thanks Alexander Ebral for the report.
Regression in 98e05ccde4
2021-05-18 18:24:19 +02:00
a24fed399c
Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
...
Regression in b5e12d490a
2021-05-18 13:02:33 +02:00
f07723aa0a
Refs #31007 -- Added test for check for specifying type of auto-created primary keys from abstract models.
2021-05-18 12:54:51 +02:00
f7691d4812
Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
...
Regression in ba31b01034
2021-05-18 09:14:05 +02:00
3954bf50fb
Fixed #32750 -- Fixed crash of Extract() transform on OuterRef() expressions.
...
Thanks Simon Charette for the review.
2021-05-17 17:51:39 +02:00
530f58caaa
Fixed #32734 -- Fixed validation of startapp's directory with trailing slash.
...
Regression in fc9566d42d
2021-05-14 12:45:00 +02:00
29345aecf6
Fixed #32721 -- Fixed migrations crash when adding namespaced spatial indexes on PostGIS.
2021-05-14 07:10:28 +02:00
c6d88a1872
Refs #16455 -- Added test for using opclasses on indexes for multidimensional geometry fields on PostGIS.
2021-05-13 13:13:12 +02:00
b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
...
- Validate filename returned by FileField.upload_to() not a filename
passed to the FileField.generate_filename() (upload_to() may
completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.
Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.
Regression in 0b79eb3691
2021-05-13 08:53:44 +02:00
b81c7562fc
Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
...
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc
2021-05-13 07:26:52 +02:00
3733ae8957
Fixed #32031 -- Added model class for each model to AdminSite.each_context().
2021-05-13 06:57:09 +02:00
29e4ccb1a2
Fixed #32738 -- Deprecated django.utils.datetime_safe module.
2021-05-12 14:42:17 +02:00
46346f8ea0
Refs #32738 -- Added sanitize_strftime_format() to replace datetime_safe.
2021-05-12 14:42:17 +02:00
44accb066a
Refs #32738 , Refs #29600 , Refs #29595 -- Removed unused django.utils.datetime_safe.time().
...
Unused since c72dde41e6
2021-05-12 14:42:17 +02:00
1061f52436
Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
...
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).
This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
d06c5b3581
Fixed #32366 -- Updated datetime module usage to recommended approach.
...
- Replaced datetime.utcnow() with datetime.now().
- Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp().
- Replaced datetime.utctimetuple() with datetime.timetuple().
- Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
2021-05-12 11:08:41 +02:00
6b7960188b
Added extra assertion to migrations.test_writer.WriterTests.test_serialize_datetime.
...
This checks that datetime.timezone.utc serializes correctly.
2021-05-12 11:06:30 +02:00
e6406853c3
Refs #24121 -- Added__repr__() to StaticNode.
2021-05-12 08:41:52 +02:00
34363a391b
Fixed #32735 -- Made DateFormat.Y() return a zero-padded year.
2021-05-12 08:17:06 +02:00
b1a4b1f0bd
Fixed #32722 -- Fixed comparing to TruncTime() on Oracle.
2021-05-11 09:19:25 +02:00
205c36b58f
Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.
2021-05-07 20:03:46 +02:00
028f10fac6
Fixed #32712 -- Deprecated django.utils.baseconv module.
2021-05-07 11:57:40 +02:00
c4ee3b208a
Fixed #32699 -- Fixed comparing to TruncTime() with 0 microseconds on MySQL.
2021-05-07 08:13:40 +02:00
65a9d0013d
Removed unused TestHashedFiles._max_post_process_passes.
...
Unused since f1894bae30
2021-05-06 12:26:25 +02:00
e1e81aa1c4
Fixed #32713 , Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
...
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
a708f39ce6
Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows.
...
The validate_file_name() sanitation introduced in
0b79eb3691914c72be2a
2021-05-06 07:04:52 +02:00
a0a5e0f4c8
Fixed #32705 -- Prevented database cache backend from checking .rowcount on closed cursor.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-05 12:41:59 +02:00
136ff592ad
Fixed #32690 -- Fixed __in lookup crash when combining with filtered aggregates.
...
Having lookups group by subquery right-hand-sides is likely unnecessary
in the first place but relatively large amount of work would be needed
to achieve that such as making Lookup instances proper resolvable
expressions.
Regression in 3543129822
2021-05-05 11:41:35 +02:00
06fd4df41a
Fixed #32479 -- Added fallbacks to subsequent language codes in translations.
...
Thanks Claude Paroz and Nick Pope for reviews.
2021-05-05 09:37:54 +02:00
96f55ccf79
Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
...
Regression in c8b6594305
2021-05-05 08:43:57 +02:00
f9f6bd63c9
Refs #32074 -- Removed usage of deprecated Thread.setDaemon().
...
Thread.setDaemon() was deprecated in Python 3.10 and will be removed in
Python 3.12.
2021-05-04 12:07:18 +02:00
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
8de4ca74ba
Fixed #32693 -- Quoted and lowercased generated column aliases.
2021-05-04 07:36:56 +02:00
1f643c28b5
Fixed #32653 -- Made quoting names in the Oracle backend consistent with db_table.
2021-04-30 12:59:07 +02:00
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
8bcb00858e
Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri().
2021-04-30 08:05:42 +02:00
2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript".
2021-04-29 20:29:08 +02:00
c8b6594305
Fixed #32632 , Fixed #32657 -- Removed flawed support for Subquery deconstruction.
...
Subquery deconstruction support required implementing complex and
expensive equality rules for sql.Query objects for little benefit as
the latter cannot themselves be made deconstructible to their reference
to model classes.
Making Expression @deconstructible and not BaseExpression allows
interested parties to conform to the "expression" API even if they are
not deconstructible as it's only a requirement for expressions allowed
in Model fields and meta options (e.g. constraints, indexes).
Thanks Phillip Cutter for the report.
This also fixes a performance regression in bbf141bcdc
2021-04-28 12:13:55 +02:00
4f600673d7
Refs #32632 -- Added tests for returning a copy when combining Q() objects.
2021-04-28 11:31:17 +02:00
6e742dabc9
Fixed #32687 -- Restored passing process’ environment to underlying tool in dbshell on PostgreSQL.
...
Regression in bbe6fbb876
2021-04-27 10:43:35 +02:00
1871182031
Fixed #32682 -- Made admin changelist use Exists() instead of distinct() for preventing duplicates.
...
Thanks Zain Patel for the report and Simon Charette for reviews.
The exception introduced in 6307c3f1a1
2021-04-27 10:34:47 +02:00
cd74aad90e
Refs #32682 -- Renamed use_distinct variable to may_have_duplicates.
...
QuerySet.distinct() is not the only way to avoid duplicate, it's also
not preferred.
2021-04-27 10:34:47 +02:00
4074f38e1d
Refs #32682 -- Fixed QuerySet.delete() crash on querysets with self-referential subqueries on MySQL.
2021-04-27 10:34:47 +02:00
158eca4f93
Refs #19080 -- Added tests for preserving select_related() in the admin changelist.
2021-04-27 10:34:47 +02:00
d68be0494b
Refs 32637 -- Made technical 404 debug page display exception message when URL is resolved.
...
Follow up to 3b8527e32b
2021-04-27 08:40:52 +02:00
eab71f7690
Fixed #32686 -- Removed unnecessary semicolon on collected multiline SQL for RunSQL.
2021-04-27 08:01:07 +02:00
95754dbc9b
Refs #32686 -- Added tests for adding a semicolon when collecting SQL for RunSQL.
2021-04-27 07:59:41 +02:00
4e5bbb6ef2
Fixed #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
...
Regression in 84609b3205
2021-04-26 07:08:16 +02:00
af609c2f4d
Fixed isolation of test_rename_table_renames_deferred_sql_references().
2021-04-26 06:11:13 +02:00
170b006ce8
Fixed #32673 -- Fixed lookups crash when comparing against lookups on PostgreSQL.
...
Regression in 3a505c70e7
2021-04-23 15:38:32 +02:00
2f435e75ab
Fixed isolation of test_showmigrations_unmigrated_app().
...
Follow up to 90916f050c
2021-04-23 10:06:08 +02:00
ac2e6e6869
Fixed isolation of i18n.tests.FormattingTests.test_get_custom_format().
2021-04-22 19:57:27 +02:00
90916f050c
Fixed isolation of test_showmigrations_unmigrated_app().
2021-04-22 17:43:58 +02:00
c3278bb71f
Used assertCountEqual() in ExcludeTests.test_exclude_subquery().
2021-04-22 10:47:10 +02:00
6d0cbe42c3
Fixed #32650 -- Fixed handling subquery aliasing on queryset combination.
...
This issue started manifesting itself when nesting a combined subquery
relying on exclude() since 8593e162c9#27149 ).
Thanks Raffaele Salmaso for the report.
2021-04-21 09:49:15 +02:00
34d1905712
Fixed #32665 -- Fixed caches system check crash when STATICFILES_DIRS is a list of 2-tuples.
...
Thanks Jared Lockhart for the report.
Regression in c36075ac1d
2021-04-21 09:41:37 +02:00
5c73fbb6a9
Fixed #32647 -- Restored multi-row select with shift-modifier in admin changelist.
...
Regression in 30e59705fc
2021-04-21 08:31:06 +02:00
Takayuki Hirayama
Chris Jerdonek
Mariusz Felisiak
Jacob Walls
Florian Apolloner
Daniyal
abhiabhi94
Gildardo Adrian Maravilla Jacome
David Wobrock
Hannes Ljungberg
Mohammadreza Varasteh
Nilo César Teixeira
Moriyoshi Koizumi
Michael Lissner
Hasan Ramezani
Hannes Ljungberg
saeedblanchette
Yuekui Li
Rohith PR
David Sanders
Claude Paroz
Rust Saiargaliev
Slava Skvortsov
Artur Beltsov
snowman2
Simon Charette
Raffaele Salmaso
Nick Pope
saeedblanchette
Jordi Castells
Alex Hill
Carlton Gibson
ecogels
Maxim Beder
Karthikeyan Singaravelan
Tim Graham
Konstantin Alekseev
Zain Patel