p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
27,731 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

11508 Commits

Author SHA1 Message Date
Luke Plant 45304e444e Refs #28622 -- Clarified security implications of PASSWORD_RESET_TIMEOUT. 2019-09-20 13:53:01 +02:00
Hasan Ramezani 226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
Carlton Gibson bae05bcf68 Fixed #27462 -- Clarifed pk_set difference in m2m_changed signal receivers for add() and remove(). 
Thank you to Mariusz Felisiak for review.
 2019-09-19 11:34:59 +02:00
Daniel Fairhead 5cb3ed187b Fixed #30772 -- Optimized make_template_fragment_key(). 
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc.
Used hasher's .update() on key fragments.
 2019-09-18 14:53:05 +02:00
Katie McLaughlin 44077985f5 Fixed #30775 -- Added admonition about missing imports to "Running tests" section in tutorial 5. 2019-09-16 09:40:44 +02:00
Simon Charette 6c3dfba892 Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation. 
This was a regression introduced by 7deeabc7c7
to address CVE-2019-14234.

Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
 2019-09-16 08:24:40 +02:00
Mariusz Felisiak bd7e0f81f8 Added stub release notes for 1.11.25 and 2.1.13. 2019-09-16 07:37:47 +02:00
Claude Paroz b8dff52f44 Fixed #29823 -- Doc'd limitation of DecimalField on SQLite. 2019-09-14 17:10:08 +02:00
Ben Falk 4056558a1c Fixed typos in docs/ref/settings.txt. 2019-09-13 20:36:35 +02:00
Nick Pope 1c66767d4e Refs #27910 -- Improved documentation for model field choice enumeration types. 2019-09-13 15:37:40 +02:00
Carlton Gibson ea25bdc2b9 Added PBKDF2 hasher iteration increase to 3.0 release notes. 
Refs 06670015f7
 2019-09-12 17:24:01 +02:00
Carlton Gibson b5db65c4fb Increased the default PBKDF2 iterations for Django 3.1. 2019-09-12 17:24:01 +02:00
Carlton Gibson 4b63d45d54
Expanded notes on alphas in release How-to. 2019-09-12 10:35:19 +02:00
Mariusz Felisiak 9a2a12d415 Advanced deprecation warnings for Django 3.1. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0ddb4ebf7b Refs #14357 -- Made Meta.ordering not affect GROUP BY queries. 
Per deprecation timeline.
 2019-09-10 12:01:00 +02:00
Mariusz Felisiak d17be88afd Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument. 
Per deprecation timeline.
 2019-09-10 12:01:00 +02:00
Mariusz Felisiak b61ea56789 Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak f1894bae30 Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 81993b47ea Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak b47bb4c4a7 Refs #29598 -- Removed FloatRangeField per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 416c584cab Removed versionadded/changed annotations for 2.2. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 32796826bb Added stub release notes for 3.1. 2019-09-10 12:00:56 +02:00
Mariusz Felisiak 0f2f517298 Bumped version; master is now 3.1 pre-alpha. 2019-09-10 11:54:25 +02:00
Carlton Gibson 513f137cfd Updated man page for 3.0 alpha release. 2019-09-10 10:10:50 +02:00
Simon Charette 34decdebf1 Fixed #30754 -- Prevented inclusion of aliases in partial index conditions. 
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.

Thanks Pēteris Caune for the report.
 2019-09-10 10:03:16 +02:00
Carlton Gibson a624803514 Finalised release notes for 3.0 alpha release. 
* Removed empty sections
* Corrected some typos and wrapping errors.
 2019-09-10 09:58:42 +02:00
Vojtech Bocek b1d37fea8f Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models. 2019-09-09 14:04:46 +02:00
Vojtech Bocek 10d5e439e9 Refs #28107 -- Doc'd how to subclass an existing database engine. 2019-09-09 14:04:41 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header. 
Thanks to James Bennett for the initial implementation.
 2019-09-09 13:35:41 +02:00
Nick Pope 1edbb6c194 Refs #30426 -- Moved release notes into separate security section. 2019-09-09 13:35:31 +02:00
Nick Pope fc62e16291 Standardized links for headers in security middleware documentation. 2019-09-09 13:35:17 +02:00
Johannes Hoppe 7254f1138d Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL. 
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
 2019-09-09 10:51:14 +02:00
Nick Pope b6251956b6 Fixed #30757 -- Added a system check to ensure max_length fits the longest choice. 2019-09-09 10:28:18 +02:00
Katie McLaughlin fee75d2aed Fixed #30767 -- Improved references to deployment documentation. 
* Increased tocdepth to expose more complexity of topics.
* Ensured deployment checklist is linked on main doc page.
 2019-09-09 10:02:33 +02:00
Claude Paroz 05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Tobias Kunze 4a954cfd11 Fixed #30573 -- Rephrased documentation to avoid words that minimise the involved difficulty. 
This patch does not remove all occurrences of the words in question.
Rather, I went through all of the occurrences of the words listed
below, and judged if they a) suggested the reader had some kind of
knowledge/experience, and b) if they added anything of value (including
tone of voice, etc). I left most of the words alone. I looked at the
following words:

- simply/simple
- easy/easier/easiest
- obvious
- just
- merely
- straightforward
- ridiculous

Thanks to Carlton Gibson for guidance on how to approach this issue, and
to Tim Bell for providing the idea. But the enormous lion's share of
thanks go to Adam Johnson for his patient and helpful review.
 2019-09-06 13:27:46 +02:00
Mariusz Felisiak 350123f38c
Moved release note for refs #30158 from deprecated to backwards incompatible changes. 2019-09-05 15:56:52 +02:00
Mariusz Felisiak 053ff7e9e6 Fixed typo in docs/internals/contributing/writing-documentation.txt. 2019-09-05 14:06:46 +02:00
Carlton Gibson ed2d411aa8 Refs #30573 -- Noted to avoid "simple" & co. in Writing Style guide. 
Co-authored-by: Tobias Kunze <r@rixx.de>
 2019-09-05 10:13:31 +02:00
Mariusz Felisiak e2c6a0858d Fixed #30750 -- Added support for check constraints on MySQL 8.0.16+. 2019-09-05 09:18:34 +02:00
Shai Berger 72ebe85a26 Fixed #27910 -- Added enumeration helpers for use in Field.choices. 
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.

Additional properties make it easy to access the list of names, values
and display labels.

Thanks to the following for ideas and reviews:

Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-09-04 14:42:49 +02:00
Nasir Hussain 25706d7285 Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler. 2019-09-04 08:40:46 +02:00
Min ho Kim 3c6a4fdb6d Changed example git clone URLs to use HTTPS. 2019-09-04 08:11:22 +02:00
Mariusz Felisiak 0d4529d314 Added stub release notes for 2.2.6. 2019-09-04 08:02:32 +02:00
Carlton Gibson 4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Mariusz Felisiak 47f49adc11 Added release dates for 2.2.5, 2.1.12, and 1.11.24. 2019-09-02 07:43:51 +02:00
Daria Kolodzey 3f8ee58ccc Fixed #30738 -- Fixed typo in docs/ref/forms/widgets.txt. 
Thanks Emmanuel Cazenave for the report.
 2019-08-31 10:58:40 +02:00
Mariusz Felisiak 6201141b2c Refs #30736 -- Added missing versionadded annotations for Storage.get_alternative_name(). 
Thanks Simon Charette for the report.
 2019-08-31 07:19:19 +02:00
yukihira1992 0545781764 Fixed #30736 -- Added Storage.get_alternative_name() to allow customization. 2019-08-30 11:32:19 +02:00
Berker Peksag 400ec5125e Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods. 
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
 2019-08-29 19:32:12 +02:00
Carlton Gibson fa7ffc6cb3 Removed unneeded * markers from parameter names. 2019-08-29 12:49:16 +02:00
daniel a rios b5a5c92c72 Fixed #30066 -- Enabled super user creation without email and password 2019-08-29 12:49:16 +02:00
Matthew Schinckel 4137fc2efc Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude(). 
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.

Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.

Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
 2019-08-29 09:45:29 +02:00
Andrew 29adcd215f Fixed #30733 -- Doc'd that datetime lookups require time zone definitions in the database. 
Note was missing for date, year, iso_year, week, time, hour, minute,
and second lookups.
 2019-08-28 08:42:55 +02:00
Matthew Schinckel dba749917f Doc'd for_save argument of Expression.resolve_expression(). 2019-08-27 16:54:01 +02:00
Hasan Ramezani 03dbdfd9bb Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS. 2019-08-26 14:48:40 +02:00
Dulmandakh 06372a8d27 Fixed #30507 -- Updated admin's jQuery to 3.4.1. 2019-08-23 11:00:16 +02:00
Ali Mirlou 33b9b23bbb Fixed typo in docs/ref/applications.txt. 2019-08-23 08:48:26 +02:00
Mads Jensen 85ac838d9e Fixed #21039 -- Added AddIndexConcurrently/RemoveIndexConcurrently operations for PostgreSQL. 
Thanks to Simon Charettes for review.

Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
 2019-08-21 13:10:06 +02:00
François Freitag 9a88e43aeb Fixed broken links and redirects in documentation. 
Removed reference to custom builds, feature removed in
8e6b3bba99.
 2019-08-21 10:57:24 +02:00
Harrison88 1e429df748 Fixed #30695 -- Used relative path in default_storage docs example. 2019-08-20 12:01:10 +02:00
Dan Swain cece802dbb Corrected typo in search docs. (#11673) 2019-08-20 10:37:48 +02:00
Nick Pope 21e559495b Fixed #29979, Refs #17337 -- Extracted AutoField field logic into a mixin and refactored AutoFields. 
This reduces duplication by allowing AutoField, BigAutoField and
SmallAutoField to inherit from IntegerField, BigIntegerField and
SmallIntegerField respectively. Doing so also allows for enabling the
max_length warning check and minimum/maximum value validation for auto
fields, as well as providing a mixin that can be used for other possible
future auto field types such as a theoretical UUIDAutoField.
 2019-08-20 09:22:25 +02:00
Garry Polley 10528a81ed Removed outdated examples of flatpages served sites. 
Removing the lawrence journal flat page examples because one is no longer a web page (404) and the other is no longer served by Django: https://www.reddit.com/r/django/comments/8v0fpb/the_lawrence_journalworld_where_django_was/
 2019-08-19 12:27:10 +02:00
Mariusz Felisiak 49aeabbf27
Fixed broken links and redirects to OGR library in docs. 2019-08-19 11:43:06 +02:00
bcye ac34fccdb9 Fixed broken links to Dive Into Python 3 book. 2019-08-19 07:03:43 +02:00
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Claude Paroz 0468159763 Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. 2019-08-18 13:17:49 +02:00
Claude Paroz 7203efb799 Fixed #30694 -- Documented FileResponse does not seek its file source. 2019-08-17 09:20:36 +02:00
Adnan Umer 6805c0f99f Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231. 2019-08-16 15:25:42 +02:00
zeyneloz 00035672a4 Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering. 
Regression in 6d4e5feb79.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-08-15 10:29:05 +02:00
Mariusz Felisiak 1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params. 
Regression in 4f5b58f5cd.

Thanks Florian Apolloner for the report and helping with tests.
 2019-08-14 15:25:35 +02:00
Claude Paroz eed2e740f7 Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path. 
Thanks Nikita Krokosh for the initial patch.
 2019-08-13 19:44:10 +02:00
Akash Agrawal c1b26c77a9 Fixed #30696 -- Removed obsolete mention of CheckConstraint in the AddConstraint docs. 
Follow up to 8eae094638.
 2019-08-11 15:39:48 +02:00
Akash Agrawal af08a54415 Fixed #30670 -- Doc'd SchemaEditor.add/remove_constraint(). 2019-08-11 03:26:44 +02:00
Carlton Gibson 514efa3129 Fixed #30688 -- Clarified base_manager_name docs. 2019-08-09 10:08:06 +02:00
Adnan Umer 8d3519071e Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning. 2019-08-08 21:14:06 +02:00
Andrew Godwin 052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak 1af469e67f Added stub release notes for 2.2.5. 2019-08-02 20:32:21 +02:00
niauah 75f8264083 Corrected StreamingHttpResponse.streaming_content description in docs. 2019-08-02 16:37:49 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
Carlton Gibson a5652eb795 Added CVE-2019-14235 to security release archive. 2019-08-01 12:01:27 +02:00
Carlton Gibson 3a6a2f5eaf Added CVE-2019-14234 to security release archive. 2019-08-01 11:59:45 +02:00
Carlton Gibson 9600f63885 Added CVE-2019-14233 to security release archive. 2019-08-01 11:57:24 +02:00
Carlton Gibson 87750787d1 Added CVE-2019-14232 to the security release archive. 2019-08-01 11:54:24 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection. 
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
 2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope 1692f69e37 Refs #30160 -- Doc'd startapp/startproject support for tarfile templates. 2019-07-31 09:46:24 +02:00
Nick Pope 69a30f620e Refs #30160 -- Simplified archive extension map and added other aliases. 2019-07-31 09:46:17 +02:00
daniel a rios 68aeb90160 Fixed #30656 -- Added QuerySet.bulk_update() to the database optimization docs. 2019-07-29 09:52:29 +02:00
daniel a rios fe33fdc049 Refs #30656 -- Reorganized bulk methods in the database optimization docs. 2019-07-29 09:52:29 +02:00
Jon Dufresne 4122d9d3f1 Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames. 
Regression in 519016e5f2.
 2019-07-27 12:04:56 +02:00
Carlton Gibson f13147c8de Added stub release notes for security releases. 2019-07-25 10:49:30 +02:00
Jon Dufresne 5ed20b3aa3 Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute. 
Allows model fields to override the descriptor class used on the model
instance attribute.
 2019-07-25 08:15:20 +02:00
Tom Forbes fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
terminator14 8323691de0 Fixed typo in docs/topics/http/sessions.txt. 2019-07-23 15:10:58 +02:00
Tom Forbes 2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Mariusz Felisiak fc1182af01 Refs #30083 -- Added a warning about performing queries in pre/post_init receivers. 
Thanks Carlton Gibson the review.
 2019-07-19 16:06:05 +02:00
Mariusz Felisiak a2e1c17f19 Refs #30083 -- Clarified database state of instances in signals.pre_init docs. 2019-07-19 16:06:05 +02:00
Davit Gachechiladze 7f612eda80 Fixed #30648 -- Removed unnecessary overriding get_context_data() from mixins with CBVs docs. 2019-07-18 18:40:40 +02:00
Mariusz Felisiak 230d75f59c
Refs #30547 -- Clarified that partial UniqueConstraints don't affect model validation. 2019-07-18 12:56:25 +02:00
Mads Jensen a3417282ac Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL. 
Thanks to Nick Pope and Mariusz Felisiak for review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-07-16 18:04:41 +02:00
Mads Jensen 7174cf0b00 Refs #29824 -- Added RangeOperators helper class. 2019-07-16 16:57:46 +02:00
Mariusz Felisiak ad4e83a6d1
Fixed heading level typo in docs/ref/contrib/postgres/fields.txt. 2019-07-16 15:08:14 +02:00
Frank Wiles fa65b90a96 Updated WSGI servers ordering according to the more commonly used. 2019-07-16 14:43:59 +02:00
Frank Wiles c1b94e32fb Fixed explanation of how to automatically create tables in database. 2019-07-15 11:04:30 +02:00
Hasan Ramezani 8dd5877f58 Doc'd --no-input option for createsuperuser. 2019-07-11 10:25:39 +02:00
Johannes Hoppe 00d4e6f8b5 Updated Select2 to version 4.0.7. 2019-07-10 12:31:16 +02:00
Mariusz Felisiak 7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type. 
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.

Regression in 6b048b364c.
 2019-07-10 10:33:36 +02:00
Simon Charette ee6e93ec87 Fixed #30628 -- Adjusted expression identity to differentiate bound fields. 
Expressions referring to different bound fields should not be
considered equal.

Thanks Julien Enselme for the detailed report.

Regression in bc7e288ca9.
 2019-07-10 07:46:08 +02:00
Mariusz Felisiak 24e8f7f7d3 Fixed typos in docs/ref/django-admin.txt. 2019-07-09 13:38:11 +02:00
Mariusz Felisiak 08e69cad9c Added stub release notes for 2.2.4. 2019-07-09 07:39:35 +02:00
can febe136d4c Fixed #30397 -- Added app_label/class interpolation for names of indexes and constraints. 2019-07-08 14:57:56 +02:00
Johannes Hoppe bc91f27a86 Refs #29444 -- Added support for fetching a returned non-integer insert values on Oracle. 
This is currently not actively used, since the ORM will ask the
SQL compiler to only return auto fields.
 2019-07-08 08:53:08 +02:00
Nuno 34a88b21da Fixed #30620 -- Made an example of admin-compliant custom user app pep8 compliant. 2019-07-08 07:39:28 +02:00
can 53209f7830 Fixed #30613 -- Moved index name validation to system checks. 2019-07-05 09:30:21 +02:00
sp1rs f197c3dd91 Fixed #30600 -- Clarified that ValueError raised by converter.to_python() means no match. 2019-07-04 13:14:51 +02:00
luto d37ea5f09b Fixed #28581 -- Moved django.core.paginator documentation to API Reference. 
Co-Authored-By: Arman <armansabyrov@gmail.com>
 2019-07-04 11:04:39 +02:00
luto 93b611c797 Refs #28581 -- Doc's how to paginate a ListView. 2019-07-04 11:04:31 +02:00
swatantra c13e3715f5 Fixed #28667 -- Clarified how to override list of forms fields for custom UserAdmin with a custom user model. 2019-07-04 08:05:20 +02:00
Hasan Ramezani a5308514fb Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields. 2019-07-02 12:55:09 +02:00
Carlton Gibson 4b32d039db Fixed #28588 -- Doc'd User.has_perm() & co. behavior for active superusers. 
Equivalent note for PermissionsMixin was added in d33864ed13.
 2019-07-02 11:20:53 +02:00
Min ho Kim fbb83fefd4 Fixed typos in comments and docs. 2019-07-02 09:36:17 +02:00
aitoehigie c2f381ef17 Fixed #30589 -- Clarified that urlize should be applied only to email addresses without single quotes. 2019-07-01 11:39:31 +02:00
Mariusz Felisiak 868cd56f05 Added CVE-2019-12781 to the security release archive. 2019-07-01 10:14:36 +02:00
Mariusz Felisiak fc41401f33 Added release date for 2.2.3. 2019-07-01 07:48:45 +02:00
Carlton Gibson 54d0f5e62f Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. 
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.

HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.

Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
 2019-07-01 07:48:04 +02:00
Mariusz Felisiak 30b3ee9d0b Added stub release notes for security releases. 2019-07-01 06:57:27 +02:00
Claude Paroz d54baf6970 Updated translations from Transifex 
Forward port of b3f7262e6e from stable/2.2.x
 2019-06-29 16:17:16 +02:00
nsasaki128 a289e79679 Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator. 2019-06-26 09:25:24 +02:00
Tom Forbes 8454f6dea4 Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute. 2019-06-26 06:44:10 +02:00
Meysam 833878411c Fixed typo in docs/topics/db/models.txt. 2019-06-24 09:04:33 +02:00
Alexey Opalev 2f91e7832f Fixed typo in docs/ref/models/indexes.txt. 2019-06-24 08:58:56 +02:00
Claude Paroz 8590726a5d Removed unneeded non-breaking spaces added in 00169bc36 2019-06-22 10:26:14 +02:00
Nadège Michel 87b1ad6e73 Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField. 2019-06-21 15:03:17 +02:00
Jon Dufresne 2ef6f209f7 Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes. 2019-06-21 07:07:23 +02:00
Mariusz Felisiak 9aeac29949
Removed unnecessary backslashes from docs. 2019-06-20 14:04:36 +02:00
Andrew Godwin a415ce70be Fixed #30451 -- Added ASGI handler and coroutine-safety. 
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
 2019-06-20 12:29:43 +02:00
Chris Jerdonek cce47ff65a Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object. 2019-06-20 11:48:49 +02:00
Chris Jerdonek 533311782f Refs #30565 -- Doc'd HttpResponse.close() method. 2019-06-20 11:48:49 +02:00
Swat009 00169bc361 Fixed #30547 -- Doc'd how Meta.constraints affect model validation. 2019-06-20 10:44:02 +02:00
Hasan Ramezani a7038adbd0 Fixed typos in signals and custom management commands docs. 2019-06-19 08:40:46 +02:00
Hasan Ramezani 036362e0cf Fixed typos and example in signals.pre_init docs. 2019-06-18 14:51:17 +02:00
Sanyam Khurana 87f5d07eed Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names. 2019-06-14 18:20:29 +02:00
Joachim Jablon 0c2ffdd526 Fixed an example of email with display name in EmailMessage.from_email. 2019-06-13 16:22:15 +02:00
Mariusz Felisiak fc2536fe66
Refs #29548 -- Doc'd MariaDB support for GIS database functions. 2019-06-13 10:26:21 +02:00
can fde9b7d35e Fixed #30128 -- Fixed handling timedelta timezone in database functions. 2019-06-13 09:29:43 +02:00
Mariusz Felisiak b616f65855
Added missing support for PointOnSurface function on MariaDB. 2019-06-12 10:51:43 +02:00
Jon Dufresne 9e38ed0536 Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters. 
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692.

For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.

For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
 2019-06-11 20:34:59 +02:00
Jon Dufresne 175656e166 Fixed intword example in docs/ref/contrib/humanize.txt. 2019-06-11 20:18:36 +02:00
Vyacheslav Ver 76b3fc5c8d Fixed #30486 -- Fixed the default value of Aggregate.distinct and updated example of custom aggregate functions. 2019-06-11 11:40:48 +02:00
Mykola Nicholas f3a03d5b61 Changed charset and collation link to MySQL docs. 2019-06-11 11:16:27 +02:00
swatantra 03cd3d137e Fixed #30553 -- Clarified the default value of disable_existing_loggers. 2019-06-10 13:38:49 +02:00
Hasan Ramezani dcb8f00d06 Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields. 
Thank you to Nick Pope for review.

Co-authored-by: CHI Cheng <cloudream@gmail.com>
 2019-06-07 12:44:39 +02:00
Tobias Bengfort 581a0f4545 Refs #30226 -- Added User.get_user_permissions() method. 
Added to mirror the existing User.get_group_permissions().
 2019-06-05 13:56:37 +02:00
Tobias Bengfort 75337a6050 Fixed #30226 -- Added BaseBackend for authentication. 2019-06-05 13:39:46 +02:00
Étienne Beaulé 4b6dfe1622 Fixed #30542 -- Fixed crash of numerical aggregations with filter. 
Filters in annotations crashed when used with numerical-type
aggregations (i.e. Avg, StdDev, and Variance). This was caused as the
source expressions no not necessarily have an output_field (such as the
filter field), which lead to an AttributeError: 'WhereNode' object has
no attribute output_field.

Thanks to Chuan-Zheng Lee for the report.

Regression in c690afb873 and two following
commits.
 2019-06-05 08:06:26 +02:00
Mariusz Felisiak 1f81e2df69 Added stub release notes for 2.2.3. 2019-06-05 06:57:44 +02:00
Carlton Gibson 8a187bfa3b Updated release process notes for oss-security list content guidelines. 
c.f. https://oss-security.openwall.org/wiki/mailing-lists/oss-security#list-content-guidelines
 2019-06-04 16:40:25 +02:00
Caio Ariede 5248abe9b0 Fixed #30505 -- Doc'd how changes in the order of Field.choices affect migrations. 2019-06-04 14:11:41 +02:00
Nick Pope 21b1d23912 Added CVE-2019-12308 to the security release archive. 2019-06-03 21:44:55 +02:00
Nick Pope 8fb0ea5583 Added CVE-2019-11358 to the security release archive. 2019-06-03 21:44:55 +02:00
Mariusz Felisiak 100ec901ae Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes. 2019-06-03 14:08:51 +02:00
Mariusz Felisiak 5ab75adb90 Removed redundant object descriptions to prevent warnings with Sphinx 2.1.0. 2019-06-03 14:08:51 +02:00
Carlton Gibson 34ec52269a Applied jQuery patch for CVE-2019-11358. 2019-06-03 11:36:12 +02:00
Carlton Gibson deeba6d920 Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link. 2019-06-03 11:36:12 +02:00
Carlton Gibson 98c0fe19ee Added stub release notes for security releases. 2019-06-03 10:48:52 +02:00
parth 8543647306 Fixed #28831 -- Doc'd that InlineModelAdmin methods' obj argument is the parent object. 2019-05-31 12:35:15 +02:00
Hasan Ramezani e2de49ec2e Fixed #28520 -- Added --start-at/--start-after options to runtests.py. 2019-05-31 07:01:12 +02:00
Tom Forbes 480492fe70 Fixed #30523 -- Fixed updating file modification times on seen files in auto-reloader when using StatReloader. 
Previously we updated the file mtimes if the file has not been seen
before - i.e on the first iteration of the loop.

If the mtime has been changed we triggered the notify_file_changed()
method which in all cases except the translations will result in the
process being terminated. To be strictly correct we need to update the
mtime for either branch of the conditional.

Regression in 6754bffa2b.
 2019-05-29 09:41:24 +02:00
Tom Forbes 0344565179 Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with custom signature. 
Regression in c8720e7696.
 2019-05-29 08:08:50 +02:00
Brad Solomon 67b6cb7723 Fixed #30491 -- Clarified when save() on object with pk executes INSERT. 2019-05-28 11:02:26 +02:00
Caio Ariede a3f91891d2 Fixed #30315 -- Fixed crash of ArrayAgg and StringAgg with ordering when used in Subquery. 2019-05-28 10:05:50 +02:00
Tom Forbes b2790f74d4 Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when using StatReloader. 
Regression in c8720e7696.
 2019-05-28 08:31:33 +02:00
Mariusz Felisiak b6c4766f53
Refs #29548 -- Updated docs for MariaDB support. 2019-05-27 19:59:49 +02:00
Mariusz Felisiak 8bdc7a6778
Doc'd that extra_email_context can be used to override default template context values in PasswordResetView. 2019-05-27 12:05:48 +02:00
Johan Lübcke 0670b1b403 Fixed #30485 -- Adjusted django.utils.http.urlencode for doseq=False case. 2019-05-24 17:15:34 +02:00
Mariusz Felisiak 1d25354fb5 Updated release process in the "How is Django Formed?" documentation. 
* Fixed Trac's post release step.
* Doc'd the use of robots_txt for updating robots.docs.txt.
 2019-05-24 11:05:51 +02:00
Rob 58df8aa40f Fixed #28780 -- Allowed specyfing a token parameter displayed in password reset URLs. 
Co-authored-by: Tim Givois <tim.givois.mendez@gmail.com>
 2019-05-24 08:40:25 +02:00
Shashank Parekh 8000767769 Fixed #30504 -- Corrected redirect() signature in docs. 2019-05-24 08:26:29 +02:00
Caio Ariede 753b67c58d Fixed #30497 -- Ignored document type in assertXMLEqual()/assertXMLNotEqual(). 2019-05-24 07:29:42 +02:00
Caio Ariede 4fb9e7b057 Doc'd that assertXMLEqual()/assertXMLNotEqual() ignores XML declaration and comments. 2019-05-24 07:27:11 +02:00
Akshesh 888fdf182e Fixed #30419 -- Favored Meta.indexes over Meta.index_together in optimization docs. 2019-05-22 07:34:54 +02:00
Alex Gaynor f011d9ea56 Fixed datetime string format examples in docs/howto/custom-template-tags.txt. 2019-05-22 06:47:32 +02:00
Hasan Ramezani 9d6f981a66 Fixed #28763 -- Allowed overriding the session cookie age with SessionStore.get_session_cookie_age(). 2019-05-21 08:50:09 +02:00
Mariusz Felisiak df28ebd6c8 Fixed typo in docs/releases/3.0.txt. 2019-05-21 08:21:35 +02:00
GwynBleidD 5402061c80 Refs #30062 -- Corrected UniqueConstraint signature in docs. 2019-05-20 10:52:57 +02:00
mentix02 fa422dd78b Changed poll_id to poll_ids in examples of custom management commands. 2019-05-20 10:11:38 +02:00
Thomasina Lee c38e7a79f4 Fixed #30488 -- Removed redundant Coalesce call in SQL generated by SearchVector. 
Regression in 405c836336.
 2019-05-20 08:34:06 +02:00
ruchit2801 04042b2b44 Fixed #30463 -- Fixed crash of deprecation message when Meta.ordering contains expressions. 
Regression in 1b1f64ee5a.
 2019-05-18 19:29:00 +02:00
Jon Dufresne e86cc14bd3 Changed docs to link to Python's description of iterable. 2019-05-17 17:27:19 +02:00
Daniel Hepper ccb7f7c6d2 Fixed #25633 -- Updated macOS Spatialite installation instructions. 
Updated the Spatialite installation instruction to refer to the latest
available version from KyngChaos, as Gaia-SINS does not provide MacOS
binaries anymore.
 2019-05-17 16:23:08 +02:00
Tobias Kunze a309821c97 Fixed #30395 -- Doc'd a limitation of ModelForm.Meta.widgets. 2019-05-17 12:27:47 +02:00
Alex 1686dce06c Fixed #30199 -- Adjusted QuerySet.get_or_create() docs to highlight atomicity warning. 2019-05-17 12:23:10 +02:00
ShingenPizza de4832c49b Fixed #30196 -- Made FileResponse set Content-Disposition inline if filename is available. 2019-05-17 12:07:27 +02:00
Johannes Hoppe 8d010f3986 Fixed #30220 -- Added support for headless mode in selenium tests. 2019-05-17 08:14:54 +02:00
Claude Paroz e286987a27 Fixed #30459 -- Delegated hide/show JS toggle to parent div. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2019-05-17 07:46:45 +02:00
Curtis Maloney 4442ee8a51 Added filename caption to LOGGING documentation examples. 2019-05-16 16:51:36 +02:00
Vyacheslav Ver 60b6a7ea9d Fixed typo in expression documentation. 2019-05-16 16:03:27 +02:00
Jon Dufresne 97d3321e89 Changed tuple choices to list in docs. 2019-05-15 14:31:42 +02:00
Ahisahar Pretel 717362d810 Fixed #30316 -- Added source code link to the default logging configuration in logging docs. 2019-05-15 12:16:10 +02:00
Jonatas C. Damasceno 8aad3321ed Fixed #30437 -- Clarified that urlpatterns can be a sequence. 2019-05-13 21:48:54 +02:00
Troon a3a4f5c144 Fixed #30310 -- Added support for looking up HttpHeaders.headers using underscores. 2019-05-09 16:26:52 +02:00
Jon Dufresne 48235ba807 Refs #30399 -- Made assertHTMLEqual normalize character and entity references. 2019-05-09 15:55:32 +02:00
Przemysław Suliga af5ec222cc Used time.monotonic() instead of time.time() where applicable. 
time.monotonic() available from Python 3.3:

- Nicely communicates a narrow intent of "get a local system monotonic
  clock time" instead of possible "get a not necessarily accurate Unix
  time stamp because it needs to be communicated to outside of this
  process/machine" when time.time() is used.
  
- Its result isn't affected by the system clock updates.

There are two classes of time.time() uses changed to time.monotonic()
by this change:

- measuring time taken to run some code.

- setting and checking a "close_at" threshold for for persistent db
  connections (django/db/backends/base/base.py).
 2019-05-08 18:34:22 +02:00
Mariusz Felisiak 30dd43884e
Added stub release notes for 2.2.2. 2019-05-08 14:41:16 +02:00
Hasan Ramezani f038214d91 Fixed #29056 -- Fixed HTML5 validation of required SelectDateWidget. 
placeholder is required for "select" with "required" attribute.
 2019-05-08 12:46:30 +02:00
Jon Dufresne b915b9f10f Refs #27753 -- Deprecated django.utils.text.unescape_entities(). 
The function was undocumented and only required for compatibility with
Python 2.

Code should use Python's html.unescape() that was added in Python 3.4.
 2019-05-08 08:00:59 +02:00
Chris Adkins 705ef6cfeb Fixed #30447 -- Added 'is_in_european_union' in GeoIP2.city() dict. 2019-05-07 13:31:44 +02:00
Daniel Musketa 59de9494e7 Fixed typo in docs/ref/django-admin.txt. 2019-05-07 11:17:24 +02:00
Tobias Kunze a44a21a22f Fixed #26678 -- Doc'd that RelatedManager.add()/remove()/set() accepts the field the relation points to. 2019-05-07 08:55:45 +02:00
Tobias Kunze 3166880301 Fixed #29352 -- Allowed specifying a Feed language. 2019-05-06 15:10:54 +02:00
Daniel Hahler 29601bca9b Ignored pywatchman.SocketTimeout in Watchman autoreloader. 
Bumped minimum supported pywatchman version to 1.2.0.

These exceptions don't require checking a server status.
 2019-05-03 13:56:49 +02:00
Tobias Kunze e3968df527 Refs #20122 -- Corrected documentation of pluralize template filter. 2019-05-03 11:35:19 +02:00
Mykola Kokalko ef082ebb84 Fixed #29529 -- Allowed models.fields.FilePathField to accept a callable path. 2019-05-02 11:11:56 +02:00
can bceadd2788 Fixed #30396 -- Added system checks for uniqueness of indexes and constraints names. 
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-05-02 09:13:20 +02:00
Mariusz Felisiak 2106b983c4
Added release date for 2.2.1. 2019-05-01 07:05:47 +02:00
François Freitag 568eed9e79 Fixed #30245 -- Added -k option to DiscoverRunner. 2019-04-30 16:20:51 +02:00
can 719b746620 Fixed #30412 -- Fixed crash when adding check constraints with OR'ed condition on Oracle and SQLite. 2019-04-30 12:32:27 +02:00
Jon Dufresne 6866c91b63 Fixed #30418 -- Added --skip-checks management command option. 2019-04-30 10:48:30 +02:00
Tobias Kunze eb16c7260e Fixed #20629 -- Rephrased custom user models admonition. 2019-04-30 09:09:16 +02:00
Simon Charette a8b3f96f6a Fixed #30408 -- Fixed crash when adding check constraints with LIKE operator on Oracle and PostgreSQL. 
The LIKE operator wildcard generated for contains, startswith, endswith and
their case-insensitive variant lookups was conflicting with parameter
interpolation on CREATE constraint statement execution.

Ideally we'd delegate parameters interpolation in DDL statements on backends
that support it but that would require backward incompatible changes to the
Index and Constraint SQL generating methods.

Thanks David Sanders for the report.
 2019-04-30 07:38:22 +02:00
kingbuzzman 673fe2e3ec Fixed #30148 -- Logged COPY ... TO statements in connection.queries on PostgreSQL. 2019-04-29 14:20:17 +02:00
Tom Forbes 6754bffa2b Fixed #30323 -- Fixed detecting changes by autoreloader when using StatReloader. 2019-04-29 11:41:00 +02:00
Tom Forbes 0636d4d2aa Refs #30323 -- Prevented crash of autoreloader when get_resolver().urlconf_module raising an exception. 2019-04-29 11:41:00 +02:00
Carlton Gibson 98296f86b3
Fixed #30351 -- Handled pre-existing permissions in proxy model permissions data migration. 
Regression in 181fb60159.
 2019-04-27 20:18:22 +02:00
Jacob Green ed3c59097a
Fixed #30361 -- Increased the default timeout of watchman client to 5 seconds and made it customizable. 
Made the default timeout of watchman client customizable via
DJANGO_WATCHMAN_TIMEOUT environment variable.
 2019-04-26 12:55:49 +02:00
Aarni Koskela efeceba589
Fixed #30312 -- Relaxed admin check from django.contrib.sessions to SessionMiddleware subclasses. 2019-04-26 11:31:06 +02:00
Mariusz Felisiak 85676979a4
Refs #30388 -- Added release note for 0f22671ecb. 2019-04-25 15:45:00 +02:00
Jon Dufresne 8d76443aba Fixed #30399 -- Changed django.utils.html.escape()/urlize() to use html.escape()/unescape(). 2019-04-25 15:09:07 +02:00
Alasdair Nicol a5accc0368 Fixed #30318 -- Added check for importability of arguments of custom error handler views. 
Thanks to Jon on Stack Overflow for reporting the issue.
 2019-04-25 11:08:22 +02:00
Mariusz Felisiak 5df3301aab Fixed #30362 -- Noted partial indexes and constraints restrictions with abstract base classes. 
Thanks Carlton Gibson for the review.
 2019-04-25 07:36:07 +02:00
Mariusz Felisiak f8f0f92ed9 Fixed UniqueConstraint example in ref/models/constraints.txt. 2019-04-25 07:36:07 +02:00
Matthias Kestenholz 80482e9249 Fixes #30342 -- Removed a system check for LANGUAGES_BIDI setting. 
This partly reverts commit 4400d8296d.
 2019-04-24 10:54:03 +02:00
Luke Plant 0c916255eb Changed tuple Mate.unique_together/permissions to lists in docs. 2019-04-24 10:06:00 +02:00
Daniel Musketa 6fd9c9daa6 Fixed #30365 -- Fixed syntax highlighting in SQL examples. 
Sphinx interprets some "%[a-z]" in SQL statements as a
"Literal.String.Interpol" which leads to incorrect highlighting.
 2019-04-23 12:37:50 +02:00
Ramiro Morales 25b5eea8cd Fixed #30387 -- Enhanced docs CLI examples in Unit tests and Install Django on Windows. 
Follow up to 37c17846ad.
 2019-04-23 09:32:55 +02:00
Simon Charette 405c836336 Fixed #30385 -- Restored SearchVector(config) immutability. 
Regression in 1a28dc3887.

The usage of CONCAT to allow SearchVector to deal with non-text fields
made the generated expression non-IMMUTABLE which prevents a functional
index to be created for it.

Using a combination of COALESCE and ::text makes sure the expression
preserves its immutability.

Refs #29582. Thanks Andrew Brown for the report, Nick Pope for the
review.
 2019-04-23 08:11:33 +02:00
Ville Skyttä 34a68c2cbe Fixed typo in docs/internals/contributing/committing-code.txt. 2019-04-21 12:47:33 +02:00
Dustin Neighly 49fb3f5f3e Fixed #30341 -- Added support for the furlong unit in Distance. 2019-04-19 08:54:23 +02:00
Mariusz Felisiak 753580ecd1
Made cosmetic edits in docs/releases/2.2.1.txt. 2019-04-19 08:27:06 +02:00
Scott Fitsimones a14c0fda15 Fixed #30328 -- Fixed crash of IntegerField.validators when limit_value in a custom validator is callable. 2019-04-19 07:58:27 +02:00
Ramiro Morales aed89adad5 Fixed #30367 -- Changed "pip install" to "python -m pip install" in docs, comments and hints. 2019-04-18 14:41:15 +02:00