p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
30,747 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

30747 Commits

Author SHA1 Message Date
Mariusz Felisiak fc18f36c4a Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads. 
Thanks Alan Ryan for the report and initial patch.
 2022-02-01 07:41:40 +01:00
Markus Holtermann 394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Kirill Safronov 97a7274468 Fixed #33480 -- Fixed makemigrations crash when renaming field of renamed model. 
Regression in aa4acc164d.
 2022-02-01 07:01:41 +01:00
Mariusz Felisiak 71e7c8e737
Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on aggregates with default. 
Thanks Adam Johnson for the report.
 2022-01-31 11:33:24 +01:00
Claude Paroz beb7ddbcee Updated translations from Transifex. 
Updated Bulgarian, Czech, German, Uzbek, and Vietnamese translations.

Forwardport of 7a1c6533eb from stable/4.0.x.
 2022-01-29 19:01:15 +01:00
Keryn Knight 55022f75c1 Fixed #33465 -- Added empty __slots__ to SafeString and SafeData. 
Despite inheriting from the str type, every SafeString instance gains
an empty __dict__ due to the normal, expected behaviour of type
subclassing in Python.

Adding __slots__ to SafeData is necessary, because otherwise inheriting
from that (as SafeString does) will give it a __dict__ and negate the
benefit added by modifying SafeString.
 2022-01-29 13:50:34 +01:00
Mariusz Felisiak 67db54a5a7
Fixed #33452 -- Fixed admin change-form layout for submit buttons on mid-sized displays. 
Thanks David Smith for reviews.
 2022-01-29 11:59:08 +01:00
Keryn Knight c5c7a15b09 Fixed #33461 -- Escaped template errors in the technical 500 debug page. 2022-01-28 07:07:12 +01:00
Thomas Aglassinger 3a9b8b25d4
Fixed #33459 -- Clarified index type in full text search docs. 2022-01-28 06:36:39 +01:00
vgolubev e87f57fdb8 Fixed #26142 -- Allowed model formsets to prevent new object creation. 
Thanks Jacob Walls, David Smith, and Mariusz Felisiak for reviews.

Co-authored-by: parth <parthvin@gmail.com>
 2022-01-27 20:45:21 +01:00
Jörg Breitbart 0af9a5fc7d Fixed #33463 -- Fixed QuerySet.bulk_update() with F() expressions. 2022-01-27 19:03:26 +01:00
Mariusz Felisiak e972620ada
Fixed #33462 -- Fixed migration crash when altering type of primary key with MTI and foreign key. 
This prevents duplicated operations when altering type of primary key
with MTI and foreign key. Previously, a foreign key to the base model
was added twice, once directly and once by the inheritance model.

Thanks bcail for the report.

Regression in 325d7710ce.
 2022-01-27 18:51:39 +01:00
Mariusz Felisiak 2eed554c3f
Fixed wrapping of long messages in the admin. 2022-01-26 21:14:13 +01:00
Carlton Gibson d15a10afb5
Adjusted CBV resolver_match example in testing tools docs. 
The view_class is available on the view callback, allowing that to be
checked, rather than the __name__.
 2022-01-26 20:58:22 +01:00
Mariusz Felisiak f38c3cbadc
Increased test coverage for django.contrib.gis.gdal.layer.Layer. 2022-01-26 17:47:03 +01:00
Tom Forbes f97401d1b1 Used GitHub actions for Windows tests. 2022-01-26 12:03:55 +01:00
Kaushik Chintam 1625a8c8eb Fixed #33048 -- Doc'd that DEBUG static files requests don't use middleware chain. 2022-01-26 11:22:13 +01:00
Carlton Gibson 85f2a9fb0f Fixed #33407 -- Fixed .radiolist admin CSS. 
Regression in 5942ab5eb1.
 2022-01-26 09:26:48 +01:00
Ian Foote a93a1ba347
Fixed broken link to cx_Oracle docs. 2022-01-25 20:14:24 +01:00
Collin Anderson 890bfa368c Refs #20349 -- Avoided loading testing libraries when not needed. 2022-01-25 11:41:01 +01:00
Mariusz Felisiak 34aba9c06e
Fixed typo in docs/releases/4.1.txt. 2022-01-25 10:57:05 +01:00
Mariusz Felisiak eeca934238 Added stub release notes and release date for 4.0.2, 3.2.12, and 2.2.27. 2022-01-25 07:21:57 +01:00
Jacob Walls edbf930287 Fixed #29984 -- Added QuerySet.iterator() support for prefetching related objects. 
Co-authored-by: Raphael Kimmig <raphael.kimmig@ampad.de>
Co-authored-by: Simon Charette <charette.s@gmail.com>
 2022-01-25 06:12:04 +01:00
Keryn Knight c27932ec93 Fixed #33460 -- Used VALUES clause for insert in bulk on SQLite. 
SQLite 3.7.11 introduced the ability to use multiple values directly.
SQLite 3.8.8 made multiple values not subject to the
SQLITE_LIMIT_COMPOUND_SELECT (500).
 2022-01-24 20:51:32 +01:00
Mariusz Felisiak 4ac0bf6acd
Fixed wrapping of long values in technical 500 debug page. 
Follow up to d5f2d5d604.
 2022-01-24 11:54:41 +01:00
Hrushikesh Vaidya 89d137f3be
Fixed #33457 -- Fixed "Local vars" scrolling in technical 500 debug page. 
Thanks Keryn Knight for the report and the initial patch.
 2022-01-24 07:42:52 +01:00
Timothy McCurrach efb4478e48 Fixed #33458 -- Fixed encoding of messages with empty string as extra_tags. 2022-01-24 07:05:53 +01:00
Claude Paroz 7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00
My-Name-Is-Nabil 9dc65263d4 Fixed #33455 -- Improved error message when selenium is not installed. 2022-01-21 21:54:10 +01:00
Jacob Walls 2d8232fa71 Fixed #26760 -- Added --prune option to migrate command. 2022-01-21 17:10:31 +01:00
Fabian Büchler eeff1787b0 Fixed #33449 -- Fixed makemigrations crash on models without Meta.order_with_respect_to but with _order field. 
Regression in aa4acc164d.
 2022-01-21 06:44:53 +01:00
Mariusz Felisiak f605e85af9
Fixed #33453 -- Dropped support for GDAL 2.1. 2022-01-20 18:54:29 +01:00
Tilak 2c76c27a95 Improved wording in running Django’s test suite in contributing tutorial. 2022-01-20 10:02:47 +01:00
Hrushikesh Vaidya 3fadf141e6 Fixed #33062 -- Made MultiPartParser remove non-printable chars from file names. 2022-01-20 07:19:52 +01:00
sean_c_hsu 0f6946495a Fixed #31685 -- Added support for updating conflicts to QuerySet.bulk_create(). 
Thanks Florian Apolloner, Chris Jerdonek, Hannes Ljungberg, Nick Pope,
and Mariusz Felisiak for reviews.
 2022-01-19 20:17:42 +01:00
Moritz Duchêne ba9de2e74e Updated GEOS/GDAL links in docs and comments. 2022-01-19 19:06:12 +01:00
Mariusz Felisiak 4a8ac604b1
Added tests for SpatialReference.to_esri()/from_esri(). 2022-01-19 16:03:04 +01:00
Adam Johnson dc8bb35e39 Fixed #33446 -- Added CSS source map support to ManifestStaticFilesStorage. 2022-01-18 12:53:14 +01:00
Nick Pope fac26684fd
Removed unused buf_size argument to LimitedStream(). 
Unused since its introduction in 269e921756.
 2022-01-18 05:55:14 +01:00
Mariusz Felisiak 30a0144134
Fixed #29338 -- Allowed using combined queryset in Subquery. 
Thanks Eugene Kovalev for the initial patch, Simon Charette for the
review, and Chetan Khanna for help.
 2022-01-17 18:01:07 +01:00
My-Name-Is-Nabil f37face331 Fixed #33435 -- Fixed invalid SQL generatered by Subquery.as_sql(). 2022-01-17 09:00:46 +01:00
Brad Solomon b55ebe3241 Fixed #33443 -- Clarified when PasswordResetView sends an email. 2022-01-17 07:44:46 +01:00
Ayush Joshi 0a17666045 Fixed #28135 -- Made simplify_regex() handle non-capturing groups. 2022-01-14 11:01:02 +01:00
Adam Johnson fdfa97fb16 Fixed #33441 -- Restored immutability of models.Field.__hash__(). 
Regression in 502e75f9ed.
 2022-01-14 07:00:48 +01:00
Adam Johnson 652c68ffee
Clarified how contrib.auth picks a password hasher for verification. 2022-01-13 20:46:18 +01:00
Ayush Joshi 827bc07047 Refs #28135 -- Refactored out _find_groups()/_get_group_start_end() hooks in admindocs. 2022-01-13 16:33:19 +01:00
Adam Johnson 45a42aabfa Fixed #29708 -- Deprecated PickleSerializer. 2022-01-13 13:50:20 +01:00
Adam Johnson c920387fab Optimized SessionBase.get_expire_at_browser_close(). 2022-01-13 13:05:46 +01:00
Adam Johnson 436862787c Refs #29708 -- Made SessionBase store expiry as string. 2022-01-13 13:05:42 +01:00
Adam Johnson c6cb5a0277 Refs #29708 -- Stopped inheriting from PickleSerializer by RedisSerializer. 2022-01-13 12:28:06 +01:00