p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
28,508 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

3687 Commits

Author SHA1 Message Date
Mariusz Felisiak 6b16623bd9 [3.1.x] Refs #31956 -- Doc'd consequences of disabling psycopg2's JSONB typecaster. 
Follow up to 0be51d2226.
Backport of 438b85dfab from master
 2020-09-10 11:00:59 +02:00
Brian Helba c69c6886de [3.1.x] Fixed #31941 -- Corrected FileField.deconstruct() with a callable storage. 
Backport of 2d42e23b6d from master
 2020-09-02 11:07:43 +02:00
007gzs 2610a3909e [3.1.x] Added "Bugfixes" section to release notes for 3.1.2. 
Backport of 76e0151ea0 from master
 2020-09-02 07:00:36 +02:00
Carlton Gibson 63787b3ed6 [3.1.x] Added CVE-2020-24583 & CVE-2020-24584 to security archive. 
Backport of d5b526bf78 from master
 2020-09-01 11:38:06 +02:00
Carlton Gibson 2629882095 [3.1.x] Added stub release notes for 3.1.2. 
Backport of 7a60670b78 from master
 2020-09-01 10:45:36 +02:00
Carlton Gibson 1ef38005a7 [3.1.x] Added release date for 3.1.1, 3.0.10, and 2.2.16. 
Backport of 976e2b7420 from master
 2020-09-01 09:57:12 +02:00
Mariusz Felisiak 2b099caa59 [3.1.x] Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 
Backport of f56b57976133129b0b351a38bba4ac882badabf0 from master.
 2020-09-01 09:35:05 +02:00
Mariusz Felisiak 934430d22a [3.1.x] Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+. 
Thanks WhiteSage for the report.

Backport of ea0febbba531a3ecc8c77b570efbfb68ca7155db from master.
 2020-09-01 09:35:05 +02:00
007gzs dfa31f8e87 [3.1.x] Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar. 
Backport of 2bc38bc7ca from master
 2020-09-01 08:19:12 +02:00
Federico Jaramillo Martínez c4e5384e73 [3.1.x] Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships. 
Thanks dacotagh for the report.

Backport of 179d9dc0c2 from master
 2020-08-31 10:40:21 +02:00
Simon Charette 2986ec031d [3.1.x] Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB. 
The optimization introduced in 7acef095d7 did not properly handle
deletion involving filters against aggregate annotations.

It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031.

Thanks Anton Plotkin for the report.

Refs #23576.

Backport of f6405c0b8e from master
 2020-08-31 09:22:59 +02:00
Mariusz Felisiak 655e1ce6b1 [3.1.x] Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL. 
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.

Backport of 0be51d2226 from master
 2020-08-28 19:12:02 +02:00
Kevin Michel 3a42c0447b [3.1.x] Fixed #31928 -- Fixed detecting an async get_response in various middlewares. 
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.

This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.

Thanks Kordian Kowalski for the report.

Backport of 825ce75fae from master
 2020-08-28 12:35:53 +02:00
Mariusz Felisiak 14a19700d8 [3.1.x] Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator. 
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
Backport of e39e727ded from master
 2020-08-28 05:59:11 +02:00
Mariusz Felisiak 9075d1f662 [3.1.x] Fixed #31936 -- Fixed __in lookup on key transforms for JSONField. 
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.

Thanks Sébastien Pattyn for the report.
Backport of 1251772cb8 from master
 2020-08-26 22:14:46 +02:00
Michael Galler b6d2419120 [3.1.x] Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>

Backport of 547a07fa7e from master
 2020-08-26 07:54:55 +02:00
Mariusz Felisiak e81aa7a94a [3.1.x] Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context." 
This reverts commit 4ed534758c.

Backport of bb8f66934d from master
 2020-08-24 11:39:05 +02:00
Mariusz Felisiak f247c66bb5 [3.1.x] Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning." 
This reverts commit 20799cc0a6.

Backport of 04e87e79a0 from master
 2020-08-24 11:38:57 +02:00
Kaustubh 5d55b878cf [3.1.x] Fixed #31925 -- Fixed typo in docs/releases/3.0.txt. 
Backport of 3e753d3de3 from master
 2020-08-21 09:48:30 +02:00
Mariusz Felisiak 7eaa2776e1 [3.1.x] Fixed #31895 -- Fixed crash when decoding invalid session data. 
Thanks Matt Hegarty for the report.
Regression in d4fff711d4.
Backport of 4376c2c7f8 from master
 2020-08-19 12:06:55 +02:00
Jon Dufresne c5a804207d [3.1.x] Fixed #31892 -- Added backward incompatibility note about Media <script> tags changes. 
Refs 31080.

Backport of dd5173ca1b from master
 2020-08-17 10:51:44 +02:00
Mariusz Felisiak 18e87ac85f [3.1.x] Refs #31863 -- Added release notes for 94ea79be13. 
Backport of 21768a99f4 from master
 2020-08-13 16:30:37 +02:00
Adam Johnson 9ae40d8137 [3.1.x] Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning. 
SimpleLazyObjects cause a crash when filtering.

Thanks Tim L. White for the report.
Regression in 4ed534758c.

Backport of 20799cc0a6 from master
 2020-08-13 13:13:25 +02:00
Daniel Hillier f139372491 [3.1.x] Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()). 
Backport of 60626162f7 from master
 2020-08-11 12:30:31 +02:00
Carlton Gibson 02b474f2a4 [3.1.x] Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging. 
Thanks to Mariusz Felisiak for review.

Backport of 0aeb802cf0 from master
 2020-08-11 11:43:22 +02:00
Mariusz Felisiak daf4f70eae [3.1.x] Added stub release notes for 2.2.16 and 3.0.10. 
Backport of 8a5683b6b2 from master
 2020-08-11 11:12:51 +02:00
Uri cdfdbb3411 [3.1.x] Refs #31864 -- Doc'd that DEFAULT_HASHING_ALGORITHM requires 3.1.1+ in release notes. 
Backport of b2b0711b55 from master
 2020-08-08 17:33:43 +02:00
Mariusz Felisiak c21bbe0883 [3.1.x] Fixed #31864 -- Fixed encoding session data during transition to Django 3.1. 
Thanks אורי for the report.
Backport of 99abfe8f4d from master
 2020-08-07 21:43:46 +02:00
Mariusz Felisiak 1c3d3294c1 [3.1.x] Fixed #31854 -- Fixed wrapping of long model names in admin's sidebar. 
Backport of e70dc506d7 from master
 2020-08-05 10:55:11 +02:00
007gzs ff8e6e83a9 [3.1.x] Fixed #31853 -- Fixed wrapping of translated action labels in admin sidebar. 
Backport of b0af56f639 from master
 2020-08-05 10:27:17 +02:00
Mariusz Felisiak 42e31d4922 [3.1.x] Added stub release notes for 3.1.1. 
Backport of 6c19230297 from master
 2020-08-04 10:42:58 +02:00
Mariusz Felisiak 34b6622ff9 [3.1.x] Finalized release notes for Django 3.1. 
Backport of df37c2ec76 from master
 2020-08-04 09:50:21 +02:00
Mariusz Felisiak 9857352655 [3.1.x] Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting. 
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.

Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.

Backport of d907371ef9 from master.
 2020-08-04 09:39:29 +02:00
Mariusz Felisiak bdad2adb26 [3.1.x] Added release date for 2.2.15 and 3.0.9. 
Backport of b68b8cb89a from master
 2020-08-03 08:56:15 +02:00
Mariusz Felisiak b84b1921da [3.1.x] Refs #27468 -- Added tests and release notes for signing.dumps()/loads() changes. 
Follow up to 71c4fb7beb.

Backport of 1d6fdca557 from master
 2020-07-31 22:07:34 +02:00
Mariusz Felisiak 247bcef6b4 [3.1.x] Fixed #31836 -- Dropped support for JSONField __contains and __contained_by lookups on SQLite. 
The current implementation works only for basic examples without
supporting nested structures and doesn't follow "the general principle
that the contained object must match the containing object as to
structure and data contents, possibly after discarding some
non-matching array elements or object key/value pairs from the
containing object".

Backport of ba691933ce from master.
 2020-07-28 13:08:19 +02:00
Tim Graham d004bcee0c [3.1.x] Reverted "Fixed #30300 -- Allowed migrations to be loaded from directories without __init__.py file." 
This reverts commit 3cd3bebe89.
Backport of ff55adbd0d from master
 2020-07-22 07:04:52 +02:00
Florian Apolloner bfe404deb9 [3.1.x] Fixed #31784 -- Fixed crash when sending emails on Python 3.6.11+, 3.7.8+, and 3.8.4+. 
Fixed sending emails crash on email addresses with display names longer
then 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+.

Wrapped display names were passed to email.headerregistry.Address()
what caused raising an exception because address parts cannot contain
CR or LF.

See https://bugs.python.org/issue39073

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>

Backport of 96a3ea39ef from master
 2020-07-20 07:15:04 +02:00
Mariusz Felisiak 474f65406f [3.1.x] Pinned asgiref to 3.2 series with minimum version to 3.2.10. 2020-07-17 11:08:39 +02:00
Mariusz Felisiak 54dce8148a [3.1.x] Refs #31790 -- Removed incorrect item from 2.2.15 and 3.0.9 release notes. 
Django 2.2 and 3.0 don't support settings samesite='None' in
HttpResponse.set_cookie() so fix is not necessary and will not be
backported.
Backport of 9bc8b1ad2d from master
 2020-07-16 09:27:39 +02:00
Mariusz Felisiak 3ca8cc0df1 [3.1.x] Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in HttpResponse.delete_cookie(). 
Cookies with the "SameSite" flag set to None and without the "secure"
flag will be soon rejected by latest browser versions.

This affects sessions and messages cookies.
Backport of 240cbb63bf from master
 2020-07-16 08:17:45 +02:00
Kelechi Precious Nwachukwu 6b273a2165 [3.1.x] Added Igbo language. 
Backport of 2cd3e7eeaf from master
 2020-07-14 21:05:55 +02:00
Resulkary 2160481066 [3.1.x] Added Turkmen language. 
Backport of af2b3fee08 from master
 2020-07-08 09:03:22 +02:00
Tom Forbes 7598ba01aa [3.1.x] Refs #12990 -- Added example to JSONField release notes. 
Backport of 5d4b9c1cab from master
 2020-07-03 12:58:33 +02:00
David Smith 8904895a80 [3.1.x] Fixed #30945 -- Doc'd plural equations changes in 2.2. release notes. 
Backport of 392036be29 from master
 2020-07-03 09:38:52 +02:00
Mariusz Felisiak 4e3b0f56ba [3.1.x] Added stub release notes for 3.0.9. 
Backport of c2a835703f from master
 2020-07-01 07:12:40 +02:00
Mariusz Felisiak df66b2fba0 [3.1.x] Added release date for 2.2.14 and 3.0.8. 
Backport of 0f3aecf581 from master
 2020-07-01 06:18:30 +02:00
Mariusz Felisiak 3b5e307bbc [3.1.x] Fixed #31751 -- Fixed database introspection with cx_Oracle 8. 
Backport of 615e32162f from master
 2020-06-30 09:54:42 +02:00
Simon Charette b8cb14e8a0 [3.1.x] Fixed #31735 -- Fixed migrations crash on namespaced inline FK addition on PostgreSQL. 
The namespace of the constraint must be included when making the
constraint immediate.

Regression in 22ce5d0031.

Thanks Rodrigo Estevao for the report.

Backport of 2e8941b6f9 from master
 2020-06-24 08:59:43 +02:00
David Smith 9b95c3bc09 [3.1.x] Refs #31670 -- Removed whitelist/blacklist terminology in docs and comments. 
Backport of 10df5b7177 from master
 2020-06-17 13:16:17 +02:00