Backport of 728548e4 from master.
Squashed commit of the following:
commit 63ddb271a44df389b2c302e421fc17b7f0529755
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun Sep 29 22:51:00 2013 +0200
Clarified interactions between atomic and exceptions.
commit 2899ec299228217c876ba3aa4024e523a41c8504
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun Sep 22 22:45:32 2013 +0200
Fixed TransactionManagementError in tests.
Previous commit introduced an additional check to prevent running
queries in transactions that will be rolled back, which triggered a few
failures in the tests. In practice using transaction.atomic instead of
the low-level savepoint APIs was enough to fix the problems.
commit 4a639b059ea80aeb78f7f160a7d4b9f609b9c238
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Tue Sep 24 22:24:17 2013 +0200
Allowed nesting constraint_checks_disabled inside atomic.
Since MySQL handles transactions loosely, this isn't a problem.
commit 2a4ab1cb6e83391ff7e25d08479e230ca564bfef
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sat Sep 21 18:43:12 2013 +0200
Prevented running queries in transactions that will be rolled back.
This avoids a counter-intuitive behavior in an edge case on databases
with non-atomic transaction semantics.
It prevents using savepoint_rollback() inside an atomic block without
calling set_rollback(False) first, which is backwards-incompatible in
tests.
Refs #21134.
commit 8e3db393853c7ac64a445b66e57f3620a3fde7b0
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun Sep 22 22:14:17 2013 +0200
Replaced manual savepoints by atomic blocks.
This ensures the rollback flag is handled consistently in internal APIs.
Added it to the settings reference. We used to have it in comment form
in our old, bigger default project template settings.py file.
5866a49369 from master.
Increases the default PBKDF2 iterations, since computers have gotten
faster since 2011. In the future, we plan to increment by 10% per
major version.
Backport of a075e2ad0d from master
* Limit the password length to 4096 bytes
* Password hashers will raise a ValueError
* django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change
Thanks to Josh Wright for the report, and Donald Stufft for the patch.
This is a security fix; disclosure to follow shortly.
Backport of aae5a96d57 from master.
Since non-core contributors are asked to review patches, instructions
on working with pull requests were added to the Working with Git and
GitHub page (based on the existing instructions in the core
committers page).
Backport of 990ce9aab9 from master
- Fixed some grammar and formatting mistakes
- Added the type and default for CULL_FREQUENCY
- Made the note on culling the entire cache more precise. (It's actually
slower on the filesystem backend.)
Backport of 5eca021d48 from master
Curtis Maloney
Aymeric Augustin
Ramiro Morales
Tim Graham
Baptiste Mispelon
Brett Koonce
Louis Fill
Daley Chetwynd
Ben Huckvale
Tim Garner
mlissner
Michael DiBernardo
Paul McMillan
Markus Amalthea Magnuson
Russell Keith-Magee
James Bennett
Goetz
Kevin Christopher Henry
Matt Austin
Phaneendra Chiruvella
Tarjei Husøy
oz123
e0ne
Keith Edmiston
Eric Boersma