Ties Jan Hefting
84400d2e9d
Fixed #32905 -- Added CSS class for non-form errors of formsets.
2021-07-15 07:00:39 +02:00
Carlton Gibson
3a45fea083
Fixed #21936 -- Allowed DeleteView to work with custom Forms and SuccessMessageMixin.
...
Thanks to Mariusz Felisiak for review.
Co-authored-by: Demetris Stavrou <demestav@gmail.com>
Co-authored-by: Caroline Simpson <github@hoojiboo.com>
2021-07-14 09:47:03 +02:00
Ian Foote
f42ccdd835
Fixed #27021 -- Allowed lookup expressions in annotations, aggregations, and QuerySet.filter().
...
Thanks Hannes Ljungberg and Simon Charette for reviews.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-09 11:43:06 +02:00
Chris Jerdonek
90ba716bf0
Fixed #24522 -- Added a --shuffle option to DiscoverRunner.
2021-07-08 07:29:04 +02:00
Mariusz Felisiak
77b88fe621
Fixed #32908 -- Allowed select_for_update(skip_locked) on MariaDB 10.6+.
2021-07-08 06:51:10 +02:00
Hannes Ljungberg
a06b977a91
Fixed #32776 -- Added support for Array subqueries on PostgreSQL.
2021-07-06 07:36:52 +02:00
Nick Pope
fa35c8bdbc
Fixed #30934 -- Included database alias in django.db.backends log messages.
...
This is useful when working with database routing as you want to know
where each query is being executed.
Co-authored-by: David Winterbottom <david.winterbottom@gmail.com>
2021-07-02 15:36:53 +02:00
Simon Charette
9f3cce172f
Refs #26430 -- Re-introduced empty aggregation optimization.
...
The introduction of the Expression.empty_aggregate_value interface
allows the compilation stage to enable the EmptyResultSet optimization
if all the aggregates expressions implement it.
This also removes unnecessary RegrCount/Count.convert_value() methods.
Disabling the empty result set aggregation optimization when it wasn't
appropriate prevented None returned for a Count aggregation value.
Thanks Nick Pope for the review.
2021-07-02 07:25:42 +02:00
Mariusz Felisiak
8feb2a49fa
Added CVE-2021-35042 to security archive.
2021-07-01 09:57:08 +02:00
Mariusz Felisiak
bcea1a3193
Added stub release notes for Django 3.2.6.
2021-07-01 09:43:15 +02:00
Mariusz Felisiak
dae83a2451
Forwardported release notes for CVE-2021-35042.
2021-07-01 09:42:54 +02:00
Mariusz Felisiak
8e97698d7b
Added stub release notes for 3.1.13 and release date for 3.2.5.
2021-07-01 06:52:41 +02:00
abhiabhi94
cd124295d8
Fixed #32381 -- Made QuerySet.bulk_update() return the number of objects updated.
...
Co-authored-by: Diego Lima <diego.lima@lais.huol.ufrn.br>
2021-06-29 06:58:46 +02:00
Claude Paroz
495083e3e1
Updated translations from Transifex.
...
Forwardport of 04b744050f
from stable/3.2.x.
2021-06-28 07:08:39 +02:00
Peter Inglesby
1bbb98d9a4
Fixed #32363 -- Ensured sys.__interactivehook__ is called in shell
...
By default, this means that readline is properly registered, so that
.python_history is used.
sys.__interactivehook__ may be set by a $PYTHONSTARTUP file.
2021-06-23 14:53:41 +02:00
Hasan Ramezani
7a9745fed4
Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
...
Regression in b5e12d490a
.
Thanks Iuri de Silvio for the report.
2021-06-22 20:47:15 +02:00
Keryn Knight
854e9b0668
Fixed #32824 -- Improved performance of NodeList.render().
...
This avoids the following:
- checking that each item in the nodelist is a subclass of Node,
- calling str() on the render_annotated() output, because it's
documented that Node.render() must return a string,
- calling mark_safe() on the output, when the value to be wrapped is
definitively known to be a string because the result of ''.join()
is always of that type,
- using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
Mariusz Felisiak
fa0433d05f
Fixed #32832 -- Fixed adding BLOB/TEXT nullable field with default on MySQL 8.0.13+.
...
Regression in d4ac23bee1
.
Thanks Omkar Deshpande for the report.
2021-06-10 20:03:43 +02:00
Mariusz Felisiak
57bc16b38e
Refs #32503 -- Added release notes for 5e04e84d67
.
2021-06-10 20:03:43 +02:00
Sanskar Jaiswal
8c3bd0b708
Fixed #31653 -- Added AddConstraintNotValid()/ValidateConstraint() operations for PostgreSQL.
2021-06-08 07:46:51 +02:00
Takayuki Hirayama
0393b9262d
Fixed #32812 -- Restored immutability of named values from QuerySet.values_list().
...
Regression in 981a072dd4
.
Thanks pirelle for the report.
2021-06-04 07:23:16 +02:00
Mariusz Felisiak
d9cee3f5f2
Fixed docs header underlines in security archive.
2021-06-02 12:16:38 +02:00
Carlton Gibson
ba10772bf6
Added stub release notes for Django 3.2.5.
2021-06-02 11:25:32 +02:00
Carlton Gibson
a39f235ca4
Added CVE-2021-33203 and CVE-2021-33571 to security archive.
2021-06-02 11:15:54 +02:00
Mariusz Felisiak
e1d787f1b3
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
...
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.
[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
Florian Apolloner
46572de2e9
Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs' TemplateDetailView.
2021-06-02 10:58:39 +02:00
Carlton Gibson
f66ae7a2d5
Confirmed release date for Django 3.2.4, 3.1.12, and 2.2.24.
2021-06-02 10:19:19 +02:00
Mariusz Felisiak
e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
...
Regression in 1e38f1191d
.
Thanks Mohsen Tamiz for the report.
2021-06-01 15:11:42 +02:00
Daniyal
a0410ffe8f
Refs #32552 -- Added DiscoverRunner.log() to allow customization.
...
Thanks Carlton Gibson, Chris Jerdonek, and David Smith for reviews.
2021-06-01 13:31:44 +02:00
Gildardo Adrian Maravilla Jacome
91e21836f6
Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage.
2021-05-31 11:09:48 +02:00
David Wobrock
b9df2b74b9
Fixed #32676 -- Prevented migrations from rendering related field attributes when not passed during initialization.
...
Thanks Simon Charette for the implementation idea.
2021-05-28 20:25:59 +02:00
Hannes Ljungberg
b746596f5f
Refs #32779 -- Changed DatabaseSchemaEditor._unique_sql()/_create_unique_sql() to take fields as second parameter.
2021-05-28 10:50:27 +02:00
Mohammadreza Varasteh
e93eb3d971
Fixed #32789 -- Made feeds emit elements with no content as self-closing tags.
2021-05-27 21:05:28 +02:00
Nick Pope
e513fb0e77
Fixed typo in MiddlewareMixin deprecation note.
2021-05-27 06:17:30 +02:00
Mariusz Felisiak
12b19a1d76
Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute.
...
Regression in ec6d2531c5
.
Thanks JonathanNickelson for the report.
2021-05-26 11:19:47 +02:00
Hasan Ramezani
1143f3bb5e
Fixed #32543 -- Added search_help_text to ModelAdmin.
2021-05-26 10:20:13 +02:00
Carlton Gibson
b46dbd4e3e
Added stub release notes and date for Django 3.2.4, 3.1.12, and 2.2.24.
2021-05-26 10:16:05 +02:00
Hasan Ramezani
68357b2ca9
Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes.
2021-05-26 09:41:29 +02:00
Rohith PR
7cca22964c
Fixed #32375 -- Started deprecation toward changing the default sitemap protocol to https.
...
The default sitemap protocol, when it is built outside the context of
a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-21 11:00:54 +02:00
Mariusz Felisiak
66491f08fe
Changed IRC references to Libera.Chat.
2021-05-20 12:23:36 +02:00
David Sanders
736bb9868a
Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods.
2021-05-20 07:29:16 +02:00
Carlton Gibson
c2e6047c72
Fixed #32740 -- Caught possible exception when initializing colorama.
2021-05-19 10:33:15 +02:00
Claude Paroz
8cd55021bc
Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
...
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
Mariusz Felisiak
958cdf65ae
Fixed #32747 -- Prevented initialization of unused caches.
...
Thanks Alexander Ebral for the report.
Regression in 98e05ccde4
.
2021-05-18 18:24:19 +02:00
Rust Saiargaliev
a24fed399c
Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
...
Regression in b5e12d490a
.
2021-05-18 13:02:33 +02:00
Slava Skvortsov
f7691d4812
Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
...
Regression in ba31b01034
.
2021-05-18 09:14:05 +02:00
Nick Pope
c156e36955
Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.
2021-05-17 09:46:09 +02:00
Nick Pope
7c4ee487c7
Refs #32720 -- Fixed some broken links in docs.
2021-05-17 09:22:17 +02:00
Nick Pope
1c3bbcf802
Refs #32720 -- Used full hashes in security archive.
2021-05-17 08:27:46 +02:00
Mariusz Felisiak
df5c96299a
Corrected commit hashes for security patches.
2021-05-17 08:26:06 +02:00
Nick Pope
8c4caee76a
Refs #32720 -- Used :commit: and :source: role in old release notes.
2021-05-17 07:36:57 +02:00
Mariusz Felisiak
820408d842
Added stub release notes for Django 3.2.4.
2021-05-13 09:42:26 +02:00
Mariusz Felisiak
b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
...
- Validate filename returned by FileField.upload_to() not a filename
passed to the FileField.generate_filename() (upload_to() may
completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.
Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.
Regression in 0b79eb3691
.
2021-05-13 08:53:44 +02:00
Simon Charette
b81c7562fc
Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
...
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc
.
Thanks Shaheed Haque for the report.
2021-05-13 07:26:52 +02:00
Raffaele Salmaso
3733ae8957
Fixed #32031 -- Added model class for each model to AdminSite.each_context().
2021-05-13 06:57:09 +02:00
Nick Pope
29e4ccb1a2
Fixed #32738 -- Deprecated django.utils.datetime_safe module.
2021-05-12 14:42:17 +02:00
Nick Pope
1061f52436
Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
...
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).
This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
Mariusz Felisiak
d1f1417cae
Refs #32718 -- Corrected CVE-2021-31542 release notes.
2021-05-12 10:42:01 +02:00
Jordi Castells
205c36b58f
Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.
2021-05-07 20:03:46 +02:00
Hasan Ramezani
028f10fac6
Fixed #32712 -- Deprecated django.utils.baseconv module.
2021-05-07 11:57:40 +02:00
Mariusz Felisiak
29779075d7
Added stub release notes for Django 3.2.3.
2021-05-06 10:08:00 +02:00
Mariusz Felisiak
efebcc429f
Added CVE-2021-32052 to security archive.
2021-05-06 09:58:24 +02:00
Mariusz Felisiak
e1e81aa1c4
Fixed #32713 , Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
...
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
Simon Charette
96f55ccf79
Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
...
Regression in c8b6594305
.
Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Carlton Gibson
62b2e8b37e
Added commits for CVE-2021-31542 to security archive.
2021-05-04 11:09:21 +02:00
Carlton Gibson
607ebbfba9
Added CVE-2021-31542 to security archive.
2021-05-04 11:06:07 +02:00
Carlton Gibson
5a43cfe245
Added stub release notes for Django 3.2.2.
2021-05-04 11:01:33 +02:00
Florian Apolloner
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
Tim Graham
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
Hasan Ramezani
8bcb00858e
Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri().
2021-04-30 08:05:42 +02:00
Carlton Gibson
907d3a7ff4
Refs #32674 -- Noted that auto-created through table PKs cannot be automatically migrated.
2021-04-29 13:53:56 +02:00
Mariusz Felisiak
baba733dcc
Refs #32682 -- Renamed lookup_needs_distinct() to lookup_spawns_duplicates().
...
Follow up to 1871182031
.
2021-04-29 12:04:30 +02:00
David Wobrock
4ab3ef238e
Fixed #32675 -- Doc'd that autodector changes might cause generation of no-op migrations.
...
Follow up to aa4acc164d
.
2021-04-29 07:46:22 +02:00
Simon Charette
c8b6594305
Fixed #32632 , Fixed #32657 -- Removed flawed support for Subquery deconstruction.
...
Subquery deconstruction support required implementing complex and
expensive equality rules for sql.Query objects for little benefit as
the latter cannot themselves be made deconstructible to their reference
to model classes.
Making Expression @deconstructible and not BaseExpression allows
interested parties to conform to the "expression" API even if they are
not deconstructible as it's only a requirement for expressions allowed
in Model fields and meta options (e.g. constraints, indexes).
Thanks Phillip Cutter for the report.
This also fixes a performance regression in bbf141bcdc
.
2021-04-28 12:13:55 +02:00
Konstantin Alekseev
6e742dabc9
Fixed #32687 -- Restored passing process’ environment to underlying tool in dbshell on PostgreSQL.
...
Regression in bbe6fbb876
.
2021-04-27 10:43:35 +02:00
Mariusz Felisiak
1871182031
Fixed #32682 -- Made admin changelist use Exists() instead of distinct() for preventing duplicates.
...
Thanks Zain Patel for the report and Simon Charette for reviews.
The exception introduced in 6307c3f1a1
revealed a possible data loss issue in the admin.
2021-04-27 10:34:47 +02:00
Zain Patel
4e5bbb6ef2
Fixed #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
...
Regression in 84609b3205
.
2021-04-26 07:08:16 +02:00
Simon Charette
6d0cbe42c3
Fixed #32650 -- Fixed handling subquery aliasing on queryset combination.
...
This issue started manifesting itself when nesting a combined subquery
relying on exclude() since 8593e162c9
but
sql.Query.combine never properly handled subqueries outer refs in the
first place, see QuerySetBitwiseOperationTests.test_subquery_aliases()
(refs #27149 ).
Thanks Raffaele Salmaso for the report.
2021-04-21 09:49:15 +02:00
Mariusz Felisiak
34d1905712
Fixed #32665 -- Fixed caches system check crash when STATICFILES_DIRS is a list of 2-tuples.
...
Thanks Jared Lockhart for the report.
Regression in c36075ac1d
.
2021-04-21 09:41:37 +02:00
Carlton Gibson
5c73fbb6a9
Fixed #32647 -- Restored multi-row select with shift-modifier in admin changelist.
...
Regression in 30e59705fc
.
2021-04-21 08:31:06 +02:00
Tobias Bengfort
54e94640ac
Refs #25287 -- Added support for multiplying and dividing DurationField by scalar values on SQLite.
2021-04-20 11:44:41 +02:00
Florian Apolloner
4511d14598
Fixed #32643 -- Fixed decoding of messages in the pre-Django 3.2 format.
...
Thanks Jan Pieter Waagmeester for the report.
Regression in 2d6179c819
.
2021-04-14 22:52:59 +02:00
Mariusz Felisiak
ca98729055
Fixed #32645 -- Fixed QuerySet.update() crash when ordered by joined fields on MySQL/MariaDB.
...
Thanks Matt Westcott for the report.
Regression in 779e615e36
.
2021-04-14 21:11:17 +02:00
Mariusz Felisiak
338eb65b6e
Refs #32548 -- Forwardported 3.2.1 release note.
2021-04-14 20:25:58 +02:00
Arthur Jovart
08c60cce3b
Fixed #32648 -- Fixed VariableDoesNotExist rendering sitemaps template.
2021-04-14 16:50:47 +02:00
Mariusz Felisiak
23fa29f6a6
Fixed #32649 -- Fixed ModelAdmin.search_fields crash when searching against phrases with unbalanced quotes.
...
Thanks Dlis for the report.
Regression in 26a413507a
.
2021-04-14 12:23:47 +02:00
Hasan Ramezani
a77c9a4229
Fixed #32635 -- Fixed system check crash for reverse o2o relations in CheckConstraint.check and UniqueConstraint.condition.
...
Regression in b7b7df5fbc
.
Thanks Szymon Zmilczak for the report.
2021-04-14 10:06:18 +02:00
Mariusz Felisiak
3b8527e32b
Fixed #32637 -- Restored exception message on technical 404 debug page.
...
Thanks Atul Varma for the report.
2021-04-13 09:15:04 +02:00
Iuri de Silvio
9760e262f8
Fixed #32627 -- Fixed QuerySet.values()/values_list() crash on combined querysets ordered by unannotated columns.
2021-04-12 21:11:40 +02:00
Adam Johnson
45a58c31e6
Fixed #32620 -- Allowed subclasses of Big/SmallAutoField for DEFAULT_AUTO_FIELD.
2021-04-08 13:17:08 +02:00
Claude Paroz
30e123ed35
Fixed #32575 -- Added support for SpatiaLite 5.
2021-04-08 09:36:29 +02:00
Claude Paroz
3ae4344bbd
Dropped support for GEOS 3.5 and GDAL 2.0.
2021-04-07 20:39:30 +02:00
girishsontakke
98abc0c90e
Fixed #32501 -- Added support for returning fields from INSERT statements on SQLite 3.35+.
2021-04-07 20:09:56 +02:00
Carlton Gibson
3f2920ae1d
Corrected release number format in 3.2.1 release notes.
2021-04-07 19:44:29 +02:00
Claude Paroz
e3cfba0029
Fixed #32544 -- Confirmed support for GDAL 3.2 and GEOS 3.9.
2021-04-07 15:54:24 +02:00
Carlton Gibson
5b05a45c62
Corrected wrapping in 3.2 release notes.
...
Partially reverts 0802b404a2
.
2021-04-07 07:27:31 +02:00
Carlton Gibson
df0a9e6d5c
Added stub release notes for Django 3.2.1.
2021-04-06 11:49:48 +02:00
Carlton Gibson
0802b404a2
Added release date for Django 3.2.
...
Adjusted wrapping in release notes where needed.
2021-04-06 11:20:59 +02:00
Carlton Gibson
5aea50e57f
Updated asgiref dependency for 3.2 release series.
2021-04-06 10:38:43 +02:00
Mariusz Felisiak
1eac8468cb
Added CVE-2021-28658 to security archive.
2021-04-06 09:42:31 +02:00
Mariusz Felisiak
d4d800ca1a
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
...
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
Adam Johnson
e32722d160
Fixed #32383 -- Added source map support to ManifestStaticFilesStorage.
2021-04-02 12:21:21 +02:00
Maxim Milovanov
d915dd1c58
Fixed #32204 -- Added quick filter to admin's navigation sidebar.
2021-03-31 09:31:37 +02:00
William Schwartz
7248afe12f
Refs #32105 -- Moved ExceptionReporter template paths to properties.
...
Refs #32316 .
2021-03-31 08:41:57 +02:00
bankc
db5b75f10f
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
...
Thanks Adam Johnson and Tim Graham for the reviews.
Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Chris Jerdonek
038940cf55
Fixed #29127 -- Prevented DiscoverRunner from hiding tagged test with syntax errors.
...
This mades _FailedTest objects always match tags in DiscoverRunner.
2021-03-30 10:26:20 +02:00
Nick Pope
2f13c476ab
Fixed #31487 -- Added precision argument to Round().
2021-03-29 09:43:08 +02:00
Florian Demmer
3a185cee2a
Fixed #32573 -- Fixed bounds in __iso_year lookup optimization.
2021-03-23 21:27:55 +01:00
Baptiste Mispelon
41e6b2a3c5
Fixed #32556 -- Fixed handling empty string as non-boolean attributes value by assertHTMLEqual().
2021-03-19 20:41:57 +01:00
Daniyal
474cc420bf
Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.core.
2021-03-19 08:04:37 +01:00
Tim Graham
2411b8b5eb
Fixed #16010 -- Added Origin header checking to CSRF middleware.
...
Thanks David Benjamin for the original patch, and Florian
Apolloner, Chris Jerdonek, and Adam Johnson for reviews.
2021-03-18 20:25:20 +01:00
Tim Graham
dba44a7a7a
Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme.
2021-03-18 20:00:22 +01:00
Adam Johnson
f6713cda89
Fixed #31370 -- Added support for parallel tests with --buffer.
2021-03-18 15:30:47 +01:00
Adam Johnson
45814af619
Fixed #32560 -- Fixed test runner with --pdb and --buffer on fail/error.
2021-03-17 20:56:09 +01:00
Chris Jerdonek
d828beb68f
Fixed #32529 -- Delayed creating a test suite in build_suite().
2021-03-11 10:02:06 +01:00
Mariusz Felisiak
ba9a2b7544
Refs #32508 -- Raised TypeError instead of using "assert" on unsupported operations for sliced querysets.
2021-03-10 09:16:28 +01:00
Johan Schiff
d01709aae2
Fixed #24141 -- Added QuerySet.contains().
2021-03-06 20:40:29 +01:00
tim-mccurrach
f55f3ce831
Fixed #32493 -- Removed redundant never_cache uses from admin views.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2021-03-03 09:13:07 +01:00
Hasan Ramezani
8380fe08a0
Fixed #32456 -- Added dbshell support for specifying a password file on PostgreSQL.
2021-03-01 09:33:49 +01:00
Jacob Walls
0c7e880e13
Fixed typos in assertQuerysetEqual() docs and 1.6 release notes.
2021-02-26 09:10:52 +01:00
Mariusz Felisiak
e0f82d7992
Added stub release notes for 3.1.8.
2021-02-25 20:27:10 +01:00
Markus Holtermann
7cc6899d41
Updated links to DEPs.
2021-02-25 17:22:07 +01:00
Simon Charette
3089018e95
Fixed #32446 -- Deprecated SERIALIZE test database setting.
...
Whether or not the state of a test database should be serialized can be
inferred from the set of databases allowed to be access from discovered
TestCase/TransactionTestCase enabling the serialized_rollback feature
which makes this setting unnecessary.
This should make a significant test suite bootstraping time difference
on large projects that didn't explicitly disable test database
serialization.
2021-02-24 20:31:11 +01:00
Hannes Ljungberg
3aa545281e
Fixed #30916 -- Added support for functional unique constraints.
...
Thanks Ian Foote and Mariusz Felisiak for reviews.
2021-02-23 20:19:53 +01:00
Carlton Gibson
ab58f07250
Added CVE-2021-23336 to security archive.
2021-02-19 11:02:32 +01:00
Nick Pope
0ad9fa02e0
Refs CVE-2021-23336 -- Updated tests and release notes for affected versions.
2021-02-19 09:03:06 +01:00
Nick Pope
d02d60eb0f
Added documentation extlink for bugs.python.org.
2021-02-17 14:24:42 +01:00
manav014
3119a6deca
Fixed #26607 -- Allowed customizing formset kwargs with ModelAdmin.get_formset_kwargs().
...
Thanks Nick Pope for reviews.
2021-02-15 11:37:35 +01:00
Tim Graham
3fa1ed53be
Refs #32394 -- Rephrased release note for STATIC_URL change.
2021-02-13 20:07:55 +01:00
Ramon Saraiva
dcb094abe8
Fixed #32421 -- Made admindocs ModelDetailView show model cached properties.
2021-02-11 06:50:50 +01:00
Hasan Ramezani
17a5e2cff6
Fixed #32431 -- Reversed order of security issues history.
2021-02-10 16:02:35 +01:00
Mariusz Felisiak
ec0ff40631
Fixed #32355 -- Dropped support for Python 3.6 and 3.7
2021-02-10 10:20:54 +01:00
ThinkChaos
b99d6c9cbc
Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView.
2021-02-08 21:08:05 +01:00
Markus Holtermann
9d05add447
Fixed #32394 -- Changed project template settings to use relative STATIC_URL.
...
Refs #25598 which added original support for relative STATIC_URL and
MEDIA_URL.
2021-02-06 13:34:00 +01:00
Simon Charette
f23b05696e
Fixed #32395 -- Allowed capturing stdout of migration signals.
2021-02-04 11:19:49 +01:00
Jim Xie
ce60d28929
Fixed #31527 -- Allowed admindocs index to handle non-string URLconfs.
2021-02-04 10:11:58 +01:00
Dan Swain
e17bdb953a
Fix typos
2021-02-04 09:48:40 +01:00
Mariusz Felisiak
f39634ff22
Refs #32390 -- Bumped required cx_Oracle to 7.0.
2021-02-03 10:03:33 +01:00
Mariusz Felisiak
84283ab9cd
Fixed #32390 -- Dropped support for Oracle 12.2 and 18c.
2021-02-03 10:03:33 +01:00
Mariusz Felisiak
f131841c60
Fixed #32403 -- Fixed re-raising DatabaseErrors when using only 'postgres' database.
...
Thanks Kazantcev Andrey for the report.
Regression in f48f671223
.
2021-02-02 21:34:36 +01:00
Mariusz Felisiak
8d3c3a5717
Added stub release notes for 3.1.7.
2021-02-01 10:51:16 +01:00
Mariusz Felisiak
f749148d62
Added CVE-2021-3281 to security archive.
2021-02-01 10:24:22 +01:00
Mariusz Felisiak
05413afa8c
Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
...
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.
Thanks Wang Baohua for the report.
2021-02-01 09:07:36 +01:00
Denis Skulimovskiy
269a767146
Fixed #32391 -- Used CSS flex properties for changelist filter.
...
Matched layout adjustment using flex from admin sidebar added in
d24ba1be7a
.
Filters would become squashed when viewport was
constrained or list display table became too wide.
2021-01-28 15:51:05 +01:00
Carlton Gibson
f4272d000a
Fixed #32348 , Refs #29087 -- Corrected tutorial for updated deleting inlines UI.
...
Updated tutorial to match change in 24e540fbd7
allowing deletion of original extra inlines.
2021-01-27 08:44:36 +01:00
Jerin Peter George
1adc09064f
Fixed #32347 -- Made ModelChoiceField include the value in ValidationError for invalid_choice.
2021-01-26 09:31:53 +01:00
Hasan Ramezani
dcb3ad3319
Fixed #32292 -- Added support for connection by service name to PostgreSQL.
2021-01-20 17:30:37 +01:00
muskanvaswan
ab7478d1d4
Fixed #32324 -- Added template block to override the admin site header.
2021-01-19 12:27:07 +01:00
Mariusz Felisiak
5371342ed6
Fixed #32357 -- Dropped support for PostgreSQL 9.6 and PostGIS 2.3.
2021-01-19 12:25:20 +01:00
Paul Ganssle
10d1261984
Refs #32365 -- Allowed use of non-pytz timezone implementations.
2021-01-19 11:59:37 +01:00
Hasan Ramezani
34aa4f1997
Fixed #32296 -- Added --skip-checks option to runserver command.
2021-01-18 12:51:35 +01:00
Mariusz Felisiak
a948d9df39
Increased the default PBKDF2 iterations for Django 4.0.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
0aa6a602b2
Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
e7208f13c0
Refs #25236 -- Removed {% ifequal %} and {% ifnotequal %} template tags per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
2dd6a83d2d
Refs #12990 -- Removed django.contrib.postgres.forms.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
8fdb5a656a
Refs #12990 -- Removed django.contrib.postgres.fields.jsonb.KeyTransform/KeyTextTransform.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
7cb5712edc
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
98ae3925e5
Refs #31534 -- Removed django.conf.urls.url() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
be6e468130
Refs #31359 -- Made get_random_string()'s length argument required.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
d992f4e3c2
Refs #31369 -- Removed models.NullBooleanField per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
06eec31970
Refs #7098 -- Removed support for passing raw column aliases to order_by().
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
bf770cc825
Refs #8760 -- Removed "list" message for ModelMultipleChoiceField per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
1adcf20385
Refs #31327 -- Removed providing_args argument for Signal per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
4bb30fe5d5
Refs #26601 -- Made get_response argument required and don't accept None in middleware classes.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
6b4941dd57
Refs #27468 -- Removed support for the pre-Django 3.1 user sessions.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
d32a232fe9
Refs #27468 -- Removed support for the pre-Django 3.1 signatures in Signer and signing.dumps()/loads().
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
8250145a0c
Refs #31274 -- Removed support for the pre-Django 3.1 encoding format of sessions.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
66b4046d68
Refs #27468 -- Removed support for the pre-Django 3.1 password reset tokens.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
831a05b185
Refs #27604 -- Removed support for the pre-Django 3.1 encoding format in CookieStorage.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
d08977a0f0
Refs #30997 -- Removed HttpRequest.is_ajax() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
90c59b4e12
Refs #23433 -- Removed django-admin.py entry point per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
68e3ca13d7
Refs #30988 -- Removed InvalidQuery exception per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
396da8b94c
Refs #30841 -- Made isnull lookup raise ValueError for non-boolean values.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
12ac4916af
Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
9e456f3166
Refs #30747 -- Removed django.utils.http.is_safe_url() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
157ab32f34
Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
5e33ec80d1
Refs #30158 -- Made alias argument required in signature of Expression.get_group_by_cols() subclasses.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
d134b0b93e
Refs #15902 -- Stopped set_language() storing user's language in the session.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
52a238ddf2
Refs #30165 -- Removed ugettext(), ugettext_lazy(), ugettext_noop(), ungettext(), and ungettext_lazy() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
810f037b29
Refs #27753 -- Removed django.utils.encoding.force_text() and smart_text() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
88ed1c8d08
Refs #27753 -- Removed django.utils.http urllib aliases per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
8774b1144c
Added stub release notes for 4.0.
2021-01-14 17:50:04 +01:00
Carlton Gibson
75182a800a
Removed empty sections and adjusted 3.2 release notes.
2021-01-14 14:58:28 +01:00
Jon Moroney
76ae6ccf85
Fixed #31358 -- Increased salt entropy of password hashers.
...
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2021-01-14 11:20:28 +01:00
Hannes Ljungberg
ffe756d624
Refs #26167 -- Changed default value of DatabaseFeatures.supports_expression_indexes to True.
2021-01-14 08:32:26 +01:00
mimi89999
b5cef91a91
Fixed #31259 -- Added admin dark theme.
2021-01-14 08:27:29 +01:00
Nick Pope
9204485396
Fixed #16117 -- Added decorators for admin action and display functions.
...
Refs #25134 , #32099 .
2021-01-13 17:19:22 +01:00
Hannes Ljungberg
83fcfc9ec8
Fixed #26167 -- Added support for functional indexes.
...
Thanks Simon Charette, Mads Jensen, and Mariusz Felisiak for reviews.
Co-authored-by: Markus Holtermann <info@markusholtermann.eu>
2021-01-13 11:47:50 +01:00
Paolo Melchiorre
c412d9af7e
Fixed #32291 -- Added fixtures compression support to dumpdata.
2021-01-12 15:47:58 +01:00
Jon Dufresne
ba31b01034
Fixed #31747 -- Fixed model enumeration via admin URLs.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2021-01-12 14:37:56 +01:00
Johannes Maron
3071660acf
Fixed #29010 , Fixed #29138 -- Added limit_choices_to and to_field support to autocomplete fields.
...
* Fixed #29010 -- Added limit_choices_to support to autocomplete fields.
* Fixed #29138 -- Allowed autocomplete fields to target a custom
to_field rather than the PK.
2021-01-12 11:37:38 +01:00
Florian Apolloner
2d6179c819
Fixed #32191 -- Made CookieStorage use RFC 6265 compliant format.
...
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
2021-01-07 13:00:53 +01:00
Matthias Kestenholz
0a802233ec
Fixed #32018 -- Extracted admin colors into CSS variables.
...
Defined all colors used in the admin CSS as variables. Implemented the
following standardizations and accessibility improvements while at it:
- Improved the contrast of text to not use ratios of less than 3:1 anymore.
- Most hover states already used desaturated and darkened colors.
Changed object tools to follow the same rule instead of showing the
primary color on hover.
Various places used similar colors; those have been merged with the goal
of reducing the count of CSS variables. Contrasts have been improved in
a few places.
- Many borders used slightly different colors (e.g. #eaeaea vs. #eee)
- Help texts used #999 , this has been changed to --body-quiet-color
(#666 ) which has a better contrast.
Introduced fast color transitions on links and buttons.
2021-01-07 10:07:19 +01:00
Florian Apolloner
102d92fc09
Refs #32191 -- Added Signer.sign_object()/unsign_object().
...
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
2021-01-06 20:16:47 +01:00
Carlton Gibson
966ed414b2
Added stub release notes for 3.1.6.
2021-01-04 08:58:03 +01:00
Carlton Gibson
767917ed49
Added release date for 3.1.5.
2021-01-04 08:31:51 +01:00
Mariusz Felisiak
e13b71403b
Fixed #32304 -- Fixed prefixing STATIC_URL and MEDIA_URL by SCRIPT_NAME for absolute URLs with no domain.
...
Thanks Adam Hooper for the report.
Regression in c574bec092
.
2020-12-31 13:18:57 +01:00
Mariusz Felisiak
74fd233b14
Fixed #32303 -- Bumped minimum supported SQLite to 3.9.0.
2020-12-30 09:01:56 +01:00
Mariusz Felisiak
98ad327864
Fixed #32299 -- Prevented mutating handlers when processing middlewares marking as unused in an async context.
...
Thanks Hubert Bielenia for the report.
2020-12-29 09:04:35 +01:00
Nick Pope
bb64b99b78
Fixed #29867 -- Added support for storing None value in caches.
...
Many of the cache operations make use of the default argument to the
.get() operation to determine whether the key was found in the cache.
The default value of the default argument is None, so this results in
these operations assuming that None is not stored in the cache when it
actually is. Adding a sentinel object solves this issue.
Unfortunately the unmaintained python-memcached library does not support
a default argument to .get(), so the previous behavior is preserved for
the deprecated MemcachedCache backend.
2020-12-17 09:57:21 +01:00