p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
29,339 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

3919 Commits

Author SHA1 Message Date
Carlton Gibson a3a4a0baa3 [3.2.x] Corrected wrapping in 3.2 release notes. 
Partially reverts 0802b404a2.
Backport of 5b05a45c62 from main
 2021-04-07 07:28:09 +02:00
Carlton Gibson 2e8ff5f902 [3.2.x] Added stub release notes for Django 3.2.1. 
Backport of df0a9e6d5c from main
 2021-04-06 11:50:23 +02:00
Carlton Gibson 8df29fc733 [3.2.x] Added release date for Django 3.2. 
Adjusted wrapping in release notes where needed.

Backport of 0802b404a2 from main
 2021-04-06 11:21:32 +02:00
Carlton Gibson 011b92ce98 [3.2.x] Updated asgiref dependency for 3.2 release series. 
Backport of 5aea50e57f from main
 2021-04-06 10:43:40 +02:00
Mariusz Felisiak 29e2df24e7 [3.2.x] Added CVE-2021-28658 to security archive. 
Backport of 1eac8468cb from main
 2021-04-06 09:45:23 +02:00
Mariusz Felisiak 2820fd1be5 [3.2.x] Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files. 
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.

Backport of d4d800ca1a from main.
 2021-04-06 08:24:01 +02:00
William Schwartz a118564ae1 [3.2.x] Refs #32105 -- Moved ExceptionReporter template paths to properties. 
Refs #32316.

Backport of 7248afe12f from main
 2021-03-31 09:11:39 +02:00
Adam Johnson 46bdc3eaf0 [3.2.x] Fixed #32560 -- Fixed test runner with --pdb and --buffer on fail/error. 
Backport of 45814af619 from main
 2021-03-17 21:51:27 +01:00
Jacob Walls 230d5b16b2 [3.2.x] Fixed typos in assertQuerysetEqual() docs and 1.6 release notes. 
Backport of 0c7e880e13 from master
 2021-02-26 09:11:57 +01:00
Mariusz Felisiak 904a889ccc [3.2.x] Added stub release notes for 3.1.8. 
Backport of e0f82d7992 from master
 2021-02-25 20:49:18 +01:00
Markus Holtermann 76873b830c [3.2.x] Updated links to DEPs. 
Backport of 7cc6899d41 from master
 2021-02-25 17:27:32 +01:00
Carlton Gibson 06905243a3 [3.2.x] Added CVE-2021-23336 to security archive. 
Backport of ab58f07250 from master
 2021-02-19 11:03:38 +01:00
Nick Pope be8237c7cc [3.2.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.parse_qsl(). 2021-02-19 09:15:09 +01:00
Nick Pope 6897da6096 [3.2.x] Added documentation extlink for bugs.python.org. 
Backport of d02d60eb0f from master
 2021-02-17 14:25:54 +01:00
Hasan Ramezani dd14e639ad [3.2.x] Fixed #32431 -- Reversed order of security issues history. 
Backport of 17a5e2cff6 from master
 2021-02-10 16:03:24 +01:00
Dan Swain afe34e7237 [3.2.x] Fixed typos in 3.2 release notes. 
Backport of e17bdb953a from master
 2021-02-04 09:56:58 +01:00
Mariusz Felisiak 7d65889345 [3.2.x] Fixed #32403 -- Fixed re-raising DatabaseErrors when using only 'postgres' database. 
Thanks Kazantcev Andrey for the report.

Regression in f48f671223.
Backport of f131841c60 from master
 2021-02-02 21:35:35 +01:00
Mariusz Felisiak b62e767b88 [3.2.x] Added stub release notes for 3.1.7. 
Backport of 8d3c3a5717 from master
 2021-02-01 10:55:07 +01:00
Mariusz Felisiak 10b25e6722 [3.2.x] Added CVE-2021-3281 to security archive. 
Backport of f749148d62 from master
 2021-02-01 10:45:47 +01:00
Mariusz Felisiak f944f79e55 [3.2.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.

Backport of 05413afa8c from master.
 2021-02-01 09:13:37 +01:00
Denis Skulimovskiy d83249b0b9 [3.2.x] Fixed #32391 -- Used CSS flex properties for changelist filter. 
Matched layout adjustment using flex from admin sidebar added in
d24ba1be7a.

Filters would become squashed when viewport was
constrained or list display table became too wide.

Backport of 269a767146 from master
 2021-01-28 15:52:59 +01:00
Carlton Gibson 4dbbe37479 [3.2.x] Fixed #32348, Refs #29087 -- Corrected tutorial for updated deleting inlines UI. 
Updated tutorial to match change in 24e540fbd7
allowing deletion of original extra inlines.

Backport of f4272d000a from master
 2021-01-27 08:47:27 +01:00
Paul Ganssle a5d70cca12 [3.2.x] Refs #32365 -- Allowed use of non-pytz timezone implementations. 
Backport of 10d1261984 from master
 2021-01-19 12:00:40 +01:00
Carlton Gibson 75182a800a Removed empty sections and adjusted 3.2 release notes. 2021-01-14 14:58:28 +01:00
Jon Moroney 76ae6ccf85 Fixed #31358 -- Increased salt entropy of password hashers. 
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
 2021-01-14 11:20:28 +01:00
Hannes Ljungberg ffe756d624 Refs #26167 -- Changed default value of DatabaseFeatures.supports_expression_indexes to True. 2021-01-14 08:32:26 +01:00
mimi89999 b5cef91a91 Fixed #31259 -- Added admin dark theme. 2021-01-14 08:27:29 +01:00
Nick Pope 9204485396
Fixed #16117 -- Added decorators for admin action and display functions. 
Refs #25134, #32099.
 2021-01-13 17:19:22 +01:00
Hannes Ljungberg 83fcfc9ec8 Fixed #26167 -- Added support for functional indexes. 
Thanks Simon Charette, Mads Jensen, and Mariusz Felisiak for reviews.

Co-authored-by: Markus Holtermann <info@markusholtermann.eu>
 2021-01-13 11:47:50 +01:00
Paolo Melchiorre c412d9af7e
Fixed #32291 -- Added fixtures compression support to dumpdata. 2021-01-12 15:47:58 +01:00
Jon Dufresne ba31b01034
Fixed #31747 -- Fixed model enumeration via admin URLs. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2021-01-12 14:37:56 +01:00
Johannes Maron 3071660acf
Fixed #29010, Fixed #29138 -- Added limit_choices_to and to_field support to autocomplete fields. 
* Fixed #29010 -- Added limit_choices_to support to autocomplete fields.
* Fixed #29138 -- Allowed autocomplete fields to target a custom
  to_field rather than the PK.
 2021-01-12 11:37:38 +01:00
Florian Apolloner 2d6179c819 Fixed #32191 -- Made CookieStorage use RFC 6265 compliant format. 
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
 2021-01-07 13:00:53 +01:00
Matthias Kestenholz 0a802233ec
Fixed #32018 -- Extracted admin colors into CSS variables. 
Defined all colors used in the admin CSS as variables. Implemented the
following standardizations and accessibility improvements while at it:

- Improved the contrast of text to not use ratios of less than 3:1 anymore.
- Most hover states already used desaturated and darkened colors.
  Changed object tools to follow the same rule instead of showing the
  primary color on hover.

Various places used similar colors; those have been merged with the goal
of reducing the count of CSS variables. Contrasts have been improved in
a few places.

- Many borders used slightly different colors (e.g. #eaeaea vs. #eee)
- Help texts used #999, this has been changed to --body-quiet-color
  (#666) which has a better contrast.

Introduced fast color transitions on links and buttons.
 2021-01-07 10:07:19 +01:00
Florian Apolloner 102d92fc09 Refs #32191 -- Added Signer.sign_object()/unsign_object(). 
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
 2021-01-06 20:16:47 +01:00
Carlton Gibson 966ed414b2 Added stub release notes for 3.1.6. 2021-01-04 08:58:03 +01:00
Carlton Gibson 767917ed49 Added release date for 3.1.5. 2021-01-04 08:31:51 +01:00
Mariusz Felisiak e13b71403b
Fixed #32304 -- Fixed prefixing STATIC_URL and MEDIA_URL by SCRIPT_NAME for absolute URLs with no domain. 
Thanks Adam Hooper for the report.

Regression in c574bec092.
 2020-12-31 13:18:57 +01:00
Mariusz Felisiak 74fd233b14
Fixed #32303 -- Bumped minimum supported SQLite to 3.9.0. 2020-12-30 09:01:56 +01:00
Mariusz Felisiak 98ad327864
Fixed #32299 -- Prevented mutating handlers when processing middlewares marking as unused in an async context. 
Thanks Hubert Bielenia for the report.
 2020-12-29 09:04:35 +01:00
Nick Pope bb64b99b78 Fixed #29867 -- Added support for storing None value in caches. 
Many of the cache operations make use of the default argument to the
.get() operation to determine whether the key was found in the cache.
The default value of the default argument is None, so this results in
these operations assuming that None is not stored in the cache when it
actually is. Adding a sentinel object solves this issue.

Unfortunately the unmaintained python-memcached library does not support
a default argument to .get(), so the previous behavior is preserved for
the deprecated MemcachedCache backend.
 2020-12-17 09:57:21 +01:00
Tom Forbes b5e12d490a Fixed #31007 -- Allowed specifying type of auto-created primary keys. 
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
 2020-12-15 11:25:46 +01:00
Ayush Bansal b960e4ed72 Fixed #32261 -- Added error logging to Signal.send_robust(). 2020-12-15 11:00:26 +01:00
Jon Dufresne 550297d20d
Added backticks to code literals in various docs. 2020-12-15 07:19:00 +01:00
sage 8d7085e0fd Fixed #32252 -- Fixed __isnull=True on key transforms on SQLite and Oracle. 
__isnull=True on key transforms should not match keys with NULL values.
 2020-12-11 09:15:42 +01:00
Hasan Ramezani 275dd4ebba
Fixed #32178 -- Allowed database backends to skip tests and mark expected failures. 
Co-authored-by: Tim Graham <timograham@gmail.com>
 2020-12-10 18:00:57 +01:00
Mariusz Felisiak 5ce31d6a71
Fixed #32193 -- Deprecated MemcachedCache. 2020-12-09 21:27:32 +01:00
Timo Ludwig d8dfff2ab0 Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default. 2020-12-03 09:32:08 +01:00
Artur Beltsov 48b4bae983 Fixed #32179 -- Added JSONObject database function. 2020-12-02 09:30:50 +01:00
Mariusz Felisiak adb40d217e Added stub release notes for 3.1.5. 2020-12-01 07:12:49 +01:00
Mariusz Felisiak 670261b8d6 Added release date for 3.1.4. 2020-12-01 06:24:16 +01:00
Mariusz Felisiak 931c6e982c Refs #32230 -- Made LayerMapping support pathlib.Path. 2020-11-28 07:41:54 +01:00
Hasan Ramezani b37be072a2 Fixed #32230 -- Made DataSource support pathlib.Path. 2020-11-28 07:36:19 +01:00
Ian Foote 3828879eee Fixed #32220 -- Added durable argument to transaction.atomic(). 2020-11-27 21:43:15 +01:00
Ian Foote 8b040e3cbb Fixed #25534, Fixed #31639 -- Added support for transform references in expressions. 
Thanks Mariusz Felisiak and Simon Charette for reviews.
 2020-11-27 20:42:04 +01:00
Hannes Ljungberg 33403bf80f Refs #27095 -- Allowed (non-nested) arrays containing expressions for ArrayField lookups. 2020-11-26 10:57:58 +01:00
sage fe6e582421 Fixed #32203 -- Fixed QuerySet.values()/values_list() crash on key transforms with non-string values on SQLite. 
Thanks Gordon Wrigley for the report.
 2020-11-25 14:51:35 +01:00
Mariusz Felisiak f5e5aac59e
Fixed #32224 -- Avoided suppressing connection errors in supports_json_field on SQLite.` 
Regression in 6789ded0a6.

Thanks Juan Garcia Alvite for the report.
 2020-11-25 12:19:45 +01:00
Hasan Ramezani fe9c7ded29 Fixed #32200 -- Fixed grouping by ExpressionWrapper() with Q objects. 
Thanks Gordon Wrigley for the report.

Regression in df32fd42b8.
 2020-11-19 21:00:04 +01:00
Carlton Gibson ead37dfb58
Fixed #32202 -- Fixed autoreloader argument generation for Windows with Python 3.7-. 2020-11-19 12:07:15 +01:00
Nick Pope 477c800443
Changed docs and a code comment to use gender-neutral pronouns. 
Follow up to e1b7723817.
 2020-11-13 22:26:30 +01:00
manav014 f63f3cdf09 Fixed #29712 -- Made makemessages warn if locales have hyphens and skip them. 2020-11-13 09:25:42 +01:00
MinchinWeb f1585c54d0
Fixed #31216 -- Added support for colorama terminal colors on Windows. 
Modern setups on Windows support terminal colors.
The colorama library may also be used, as an
alternative to the ANSICON library.
 2020-11-11 14:27:10 +01:00
Hannes Ljungberg 0773837e15 Fixed #32182 -- Fixed crash of JSONField nested key transforms with subquery annotations on PostgreSQL. 2020-11-10 07:09:58 +01:00
Hasan Ramezani 3f7b327562 Fixed #31235 -- Made assertQuerysetEqual() compare querysets directly. 
This also replaces assertQuerysetEqual() to
assertSequenceEqual()/assertCountEqual() where appropriate.

Co-authored-by: Peter Inglesby <peter.inglesby@gmail.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2020-11-06 09:24:50 +01:00
Tom Forbes 658bcc16f1 Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
Jon Dufresne 859cd7c6b4
Fixed #22276 -- Fixed crash when formset management form is invalid. 
Co-authored-by: Patryk Zawadzki <patrys@room-303.com>
 2020-11-05 10:40:41 +01:00
Artur Beltsov 18c8ced81e Fixed #32169 -- Added distinct support to JSONBAgg. 2020-11-04 21:22:54 +01:00
Carlton Gibson ebb08d1942
Fixed #32159 -- Ensured AsyncRequestFactory correctly sets headers. 2020-11-04 11:07:15 +01:00
Patrick Arminio 542b4b3ab4 Fixed #32162 -- Fixed setting Content-Length header in AsyncRequestFactory. 2020-11-03 10:12:40 +01:00
Carlton Gibson c8785b473f Added stub release notes for 3.1.4. 2020-11-02 09:20:53 +01:00
Carlton Gibson 7fc07b9b2b Set release date for 3.1.3, 3.0.11, and 2.2.17. 2020-11-02 08:35:24 +01:00
Simon Charette bbe6fbb876 Refs #32061 -- Unified DatabaseClient.runshell() in db backends. 2020-10-29 22:22:58 +01:00
Christian Klus 4ac2d4fa42 Fixed #32152 -- Fixed grouping by subquery aliases. 
Regression in 42c08ee465.

Thanks Simon Charette for the review.
 2020-10-29 09:56:09 +01:00
Josh Santos 36bc47069c Fixed #32127 -- Fixed admin change-form textarea layout for mid-sized displays. 2020-10-27 16:06:11 +01:00
Carlton Gibson e17ee44688 Fixed #32128 -- Added asgiref 3.3 compatibility. 
Thread sensitive parameter is True by default from asgiref v3.3.0.
Added an explicit thread_sensitive=False to previously implicit uses.
 2020-10-27 11:24:07 +01:00
Tim Graham 7734337bcb Made OracleSpatialAdapter clone geometries rather than mutate them. 2020-10-27 07:14:16 +01:00
Carlton Gibson ad11f5b8c9 Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior. 2020-10-22 14:15:19 +02:00
Mariusz Felisiak 3418092238
Fixed #32130 -- Fixed pre-Django 3.1 password reset tokens validation. 
Thanks Gordon Wrigley for the report and implementation idea.

Regression in 226ebb1729.
 2020-10-22 13:21:14 +02:00
Carlton Gibson 257f8495d6 Fixed #32069 -- Fixed admin change-form layout on small screens. 
Restored flex-wrap CSS declaration to form elements at smallest breakpoint.
This was present since the responsive admin was introduced in dc37e8846e.
Regression in 8ee4bb6ffc, where it was accidentally removed.
 2020-10-21 15:06:43 +02:00
Tom Carrick f5e07601b2 Fixed #32046 -- Added CreateCollation/RemoveCollation operations for PostgreSQL. 2020-10-21 10:53:44 +02:00
Jacob Walls 0362b0e986 Fixed #26615 -- Made password reset token invalidate when changing email. 
Co-Authored-By: Silas Barta <sbarta@gmail.com>
 2020-10-21 09:29:53 +02:00
Jacob Walls 7f9e4524d6
Fixed typo in docs/releases/3.2.txt. 2020-10-21 08:06:24 +02:00
Hasan Ramezani 3b1746d519 Fixed #32107 -- Fixed ProtectedError.protected_objects and RestrictedError.restricted_objects. 
Regression in 4ca5c565f4 and
ab3cbd8b9a.

Thanks Vitaliy Yelnik for the report.
 2020-10-19 12:43:32 +02:00
Aarni Koskela 68e33b347d Fixed #32105 -- Added template paths as ExceptionReporter class attributes. 
This allows replacement of the debugging templates without having to
copy-paste the `get_traceback_html` and `get_traceback_text` functions
into a subclass.

Thanks to Nick Pope for review.
 2020-10-15 13:56:15 +02:00
Mariusz Felisiak 220c4d5c05
Refs #32096 -- Removed JSONBAgg from 3.1.3 release notes. 
JSONBAgg doesn't support ordering in Django 3.1.

Follow up to 1f31027bb3.
 2020-10-15 07:11:11 +02:00
Mariusz Felisiak ee0abac169 Refs #32096 -- Fixed ExclusionConstraint crash with JSONField key transforms in expressions. 
Regression in 6789ded0a6.
 2020-10-14 20:56:04 +02:00
Mariusz Felisiak bbd55e5863 Refs #32096 -- Fixed ExpressionWrapper crash with JSONField key transforms. 
Regression in 6789ded0a6.

Thanks Simon Charette and Igor Jerosimić for the report.
 2020-10-14 20:56:04 +02:00
Mariusz Felisiak 7e1e198494 Refs #32096 -- Fixed __in lookup crash against key transforms for JSONField. 
Regression in 6789ded0a6 and
1251772cb8.

Thanks Simon Charette and Igor Jerosimić for the report.
 2020-10-14 20:56:04 +02:00
Mariusz Felisiak 1f31027bb3 Refs #32096 -- Fixed crash of ArrayAgg/StringAgg/JSONBAgg with ordering over JSONField key transforms. 
Regression in 6789ded0a6.

Thanks Igor Jerosimić for the report.
 2020-10-14 20:56:04 +02:00
David-Wobrock ee005328c8 Fixed #31640 -- Made Trunc() truncate datetimes to Date/TimeField in a specific timezone. 2020-10-14 20:06:26 +02:00
Jacob Walls ac6c426007 Fixed #20601 -- Allowed forcing format with thousand separators in floatformat filter. 
Thanks Claude Paroz and Nick Pope for reviews.
 2020-10-13 10:36:46 +02:00
Mariusz Felisiak e18156b6c3
Refs #31040 -- Doc'd Python 3.9 compatibility. 2020-10-13 08:35:01 +02:00
Tim Schilling b7da588e88 Fixed #32091 -- Fixed admin search bar width on filtered admin page. 2020-10-09 11:39:22 +02:00
Qi Zhao de81676b51 Fixed #32080 -- Fixed displaying Unicode chars in forms.JSONField and read-only JSONField values in admin. 2020-10-09 08:14:17 +02:00
Julien Rebetez b790883065 Fixed #31181 -- Added links to related models for admin's readonly fields. 2020-10-08 19:53:49 +02:00
Tom Carrick dcb69043d0 Fixed #32002 -- Added headers parameter to HttpResponse and subclasses. 2020-10-07 09:19:57 +02:00
Tom Carrick 342a41740d Fixed #32072 -- Fixed admin search bar height. 
Thanks şuayip üzülmez for the report.

Regression in 8ee4bb6ffc.
 2020-10-06 11:33:48 +02:00
Nick Pope 06c5d3fafc Fixed #32060 -- Added Random database function. 2020-10-02 06:58:03 +02:00
Mariusz Felisiak 85fa24e3eb Added stub release notes for 3.1.3. 2020-10-01 07:52:45 +02:00