p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
32,895 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

4868 Commits

Author SHA1 Message Date
Fabian Braun 944745afe2 Fixed #34977 -- Improved accessibility in the UserChangeForm by replacing the reset password link with a button. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2024-03-27 16:40:41 -03:00
Giannis Terzopoulos d658a3162f Fixed #35233 -- Moved template engine system checks to backend methods. 
Thanks Adam Johnson for reviews.
 2024-03-27 08:14:54 +01:00
Mariusz Felisiak b98271a6e4
Fixed #35329 -- Fixed migrations crash when adding partial unique constraints with nulls_distinct. 
Bug in 595a2abb58.

Thanks Lucas Lemke Saunitti for the report.
 2024-03-26 22:58:47 +01:00
Claude Paroz 10b31eea33 Refs #31014 -- Added srid argument to FromWKB/FromWKT() GIS functions. 2024-03-18 09:45:33 +01:00
Johannes Maron e69019555d Fixed #35273 -- Fixed rendering AdminFileWidget's attributes. 
Regression in 8a6c0203c4.
 2024-03-14 14:03:09 +01:00
Jon Janzen f5c340684b Fixed #34901 -- Added async-compatible interface to session engines. 
Thanks Andrew-Chen-Wang for the initial implementation which was posted
to the Django forum thread about asyncifying contrib modules.
 2024-03-13 17:55:15 +01:00
Ben Cail 1570ef02f3 Fixed #35223 -- Made Model.full_clean() ignore fields with db_default when validating empty values. 
Thanks Brian Ibbotson for the report.

Regression in 7414704e88.
 2024-03-08 05:55:25 +01:00
Dingning 549320946d Fixed #35030 -- Made django.contrib.auth decorators to work with async functions. 2024-03-07 09:59:33 +01:00
Mariusz Felisiak 177e649396
Fixed broken links and redirects in docs. 2024-03-06 08:50:21 +01:00
Adam Johnson eff21d8e7a Fixed #35252 -- Optimized _route_to_regex(). 
co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2024-03-05 13:09:10 +01:00
Mariusz Felisiak 337e37f3bb Added stub release notes for 5.0.4. 2024-03-04 10:29:33 +01:00
Mariusz Felisiak da39ae4b5f Added CVE-2024-27351 to security archive. 2024-03-04 10:10:35 +01:00
Shai Berger f6ad8c7676 Refs CVE-2024-27351 -- Forwardported release notes and tests. 
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2024-03-04 08:22:00 +01:00
Sarah Boyce fad334e1a9 Refs #33497 -- Added connection pool support for PostgreSQL. 
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
Co-authored-by: Ran Benita <ran@unusedvar.com>
 2024-03-01 09:01:18 +01:00
Simon Charette daf7d482db Refs #35234 -- Deprecated CheckConstraint.check in favor of .condition. 
Once the deprecation period ends CheckConstraint.check() can become the
documented method that performs system checks for BaseConstraint
subclasses.
 2024-03-01 07:15:32 +01:00
Shafiya Adzhani a738281265 Fixed #35198 -- Fixed facet filters crash on querysets with no primary key. 
Thanks Simon Alef for the report.

Regression in 868e2fcdda.
 2024-02-29 10:01:18 +01:00
Mariusz Felisiak 977d254169 Added release date for 5.0.3, 4.2.11, and 3.2.25. 2024-02-26 08:21:36 +01:00
Salvo Polizzi 6e1ece7ed5 Fixed #35090 -- Deprecated registering URL converters with the same name. 2024-02-23 15:54:49 +01:00
Sulabh Katila eceb5e2eea
Fixed #34806 -- Made cached_db session backend resilient to cache write errors. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2024-02-21 21:51:58 -03:00
AlexCLeduc a084c5d35a Fixed #35238 -- Fixed database serialization crash when base managers use prefetch_related(). 
Regression in 1391356276
following deprecation in eedbf930287cb72e9afab1f7208c24b1146b0c4ec.
 2024-02-20 22:14:17 +01:00
Fabian Braun e626716c28 Fixed #34429 -- Allowed setting unusable passwords for users in the auth forms. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2024-02-20 12:13:32 -03:00
Mariusz Felisiak d1be05b3e9
Fixed #35187 -- Fixed @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-only builds. 
Thanks Jon Janzen for the implementation idea.

Thanks Marcus Hoffmann for the report.

Regression in 38e391e95f.
 2024-02-17 08:15:59 +01:00
Aaron Linville 7a05b8a2fa Fixed #24018 -- Allowed setting pragma options on SQLite. 2024-02-16 12:59:19 +01:00
Hisham Mahmood 8db593de05
Fixed #35173 -- Fixed ModelAdmin.lookup_allowed() for lookups on foreign keys when not included in ModelAdmin.list_filter. 
Regression in f80669d2f5.

Thanks Sarah Boyce for the review.
 2024-02-14 22:29:49 -03:00
David Smith 222bf2932b Refs #35058 -- Added support for measured geometries to GDAL GeometryCollection and subclasses. 2024-02-12 15:21:11 +01:00
Vašek Dohnal 1b5338d03e Fixed #35174 -- Fixed Signal.asend()/asend_robust() crash when all receivers are asynchronous. 
Regression in e83a88566a.
 2024-02-08 11:36:28 +01:00
Mariusz Felisiak 2f14c2cedc
Fixed #35172 -- Fixed intcomma for string floats. 
Thanks Warwick Brown for the report.

Regression in 55519d6cf8.
 2024-02-08 10:58:54 +01:00
David Smith 6ee37ada32 Fixed #30686 -- Used Python HTMLParser in utils.text.Truncator. 2024-02-07 09:46:25 +01:00
Natalia c650c1412d Added CVE-2024-24680 to security archive. 2024-02-06 12:14:12 -03:00
Natalia f61bc03197 Added stub release notes for 5.0.3. 2024-02-06 12:05:05 -03:00
Adam Johnson 55519d6cf8 Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter. 
Thanks Seokchan Yoon for the report.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Shai Berger <shai@platonix.com>
 2024-02-06 09:07:31 -03:00
Tom Carrick 4ade8386eb Fixed #10743 -- Allowed lookups for related fields in ModelAdmin.list_display. 
Co-authored-by: Alex Garcia <me@alexoteiza.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Nina Menezes <https://github.com/nmenezes0>
 2024-02-05 21:42:04 -03:00
Tim Graham d70b79c6b9
Replaced "Django test runner" with DiscoverRunner in release notes. 
Removed mention of options supported only by runtests.py.
 2024-02-05 09:18:53 -03:00
Simon Charette e67d7d70fa Fixed #35149 -- Fixed crashes of db_default with unresolvable output field. 
Field.db_default accepts either literal Python values or compilables
(as_sql) and wrap the former ones in Value internally.

While 1e38f11 added support for automatic resolving of output fields for
types such as str, int, float, and other unambigous ones it's cannot do
so for all types such as dict or even contrib.postgres and contrib.gis
primitives.

When a literal, non-compilable, value is provided it likely make the
most sense to bind its output field to the field its attached to avoid
forcing the user to provide an explicit `Value(output_field)`.

Thanks David Sanders for the report.
 2024-02-04 09:39:41 +01:00
Simon Charette dfc77637ea Fixed #35162 -- Fixed crash when adding fields with db_default on MySQL. 
MySQL doesn't allow literal DEFAULT values to be used for BLOB, TEXT,
GEOMETRY or JSON columns and requires expression to be used instead.

Regression in 7414704e88.
 2024-02-03 22:47:40 +01:00
Petar Netev 0630ca5725 Fixed #35147 -- Added backward incompatibility note about filtering against overflowing integers. 2024-02-01 18:34:43 +01:00
James Thorniley 11393ab131 Fixed #35059 -- Ensured that ASGIHandler always sends the request_finished signal. 
Prior to this work, when async tasks that process the request are cancelled due
to receiving an early "http.disconnect" ASGI message, the request_finished
signal was not being sent, potentially leading to resource leaks (such as
database connections).

This branch ensures that the request_finished signal is sent even in the case
of early termination of the response.

Regression in 64cea1e48f.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2024-01-31 14:40:57 -03:00
Mariusz Felisiak 38eaf2f21a
Fixed #35159 -- Fixed dumpdata crash when base querysets use prefetch_related(). 
Regression in 1391356276
following deprecation in edbf930287.

Thanks Andrea F for the report.
 2024-01-31 16:10:05 +01:00
David Smith d3922e9e5a
Refs #35058 -- Added support for measured geometries to GDAL Polygon. 2024-01-31 13:11:16 +01:00
Marijke Luttekes b9e2a3fc63 Fixed #35143 -- Improved accessibility of 404/500 debug pages. 
This:
- changes the header, main, and footer content areas to be rendered
  in a <header>, <main>, and <footer> tags,
- adds scope attributes to <th>,
- uses <code> for a patterns list,
- uses <small> instead of <span>.
 2024-01-31 12:26:00 +01:00
Anže Pečar a0204ac183 Fixed #29280 -- Made the transactions behavior configurable on SQLite. 2024-01-30 11:42:34 +01:00
Nicolas Delaby 820c5f1bac Fixed #35135 -- Made FilteredRelation raise ValueError on querysets as rhs. 
Regression in 59f4754704.
 2024-01-29 20:29:49 +01:00
Natalia 06d0a1bd56 Added stub release notes and release date for 5.0.2, 4.2.10, and 3.2.24. 2024-01-29 11:41:53 -03:00
David Smith 1df8983aa3 Refs #35058 -- Added support for measured geometries to GDAL LineString. 2024-01-29 08:44:42 +01:00
Claude Paroz 41aaf5aafa Updated translations from Transifex. 
Forwardport of 3cc35aafab from stable/5.0.x.
 2024-01-29 06:10:52 +01:00
David Smith 2005530920 Refs #35058 -- Made centroid available on all geometry types. 
Centroid is available on all geometry types since GDAL 1.8.0.
Previously it was restricted to Polygon.

https://gdal.org/doxygen/classOGRGeometry.html#a91787f669b2a148169667e270e7e40df
 2024-01-28 14:40:19 +01:00
Mariusz Felisiak 305757aec1
Applied Black's 2024 stable style. 
https://github.com/psf/black/releases/tag/24.1.0
 2024-01-26 12:45:07 +01:00
David Smith 3f6d939c62 Refs #35058 -- Added support for measured geometries to GDAL Point. 
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2024-01-25 08:59:16 +01:00
Marijke Luttekes e412d85b46
Fixed #35115 -- Made admin's footer render in <footer> tag. 2024-01-24 14:11:54 +01:00
David Smith f4c5973464 Refs #35058 -- Deprecated OGRGeometry.coord_dim setter. 
Reflecting a change in the underlying GDAL library (since GDAL 2.1)
using coord_dim to set a geometries dimensions is deprecated in favor
of set_3d().
 2024-01-23 05:37:59 +01:00
Mariusz Felisiak 4879907223
Fixed #35127 -- Made Model.full_clean() ignore GeneratedFields. 
Thanks Claude Paroz for the report.

Regression in f333e3513e.
 2024-01-19 08:55:50 +01:00
Salvo Polizzi 10c7c7320b Fixed #35121 -- Corrected color for links in the admin. 
Thanks Collin Anderson for the report.

Regression in 6ad2738a8f.
 2024-01-18 12:22:06 +01:00
David Smith cfacd69ab8 Refs #35058 -- Added is_3d and set_3d() to OGRGeometry. 2024-01-18 10:48:40 +01:00
Amir Karimi 27a3eee721 Fixed #31700 -- Made makemigrations command display meaningful symbols for each operation. 2024-01-17 14:00:02 +01:00
Alexis Athlani c7e986fc9f Fixed #35117 -- Added support for the hectare unit in Area. 2024-01-16 20:31:46 +01:00
Aivars Kalvans f92641a636 Fixed #28344 -- Allowed customizing queryset in Model.refresh_from_db()/arefresh_from_db(). 
The from_queryset parameter can be used to:
- use a custom Manager
- lock the row until the end of transaction
- select additional related objects
 2024-01-15 10:55:14 +01:00
Nick Pope 40b5b1596f Fixed #35100 -- Reworked GeoIP2 database initialization. 2024-01-11 12:01:35 +01:00
Nick Pope f50184a84b
Fixed #35092 -- Exposed extra fields for GeoIP2.country() and GeoIP2.city() responses. 2024-01-10 12:09:44 +01:00
Sarah Boyce a9094ec1f4 Fixed #35087 -- Reallowed filtering against foreign keys not listed in ModelAdmin.list_filters. 
Regression in f80669d2f5.
 2024-01-08 09:21:54 +01:00
Nick Pope cc56c22a24
Fixed #35091 -- Allowed GeoIP2 querying using IPv4Address/IPv6Address. 2024-01-07 08:15:40 +01:00
Nick Pope 53fc6ac649
Fixed #35088 -- Added support for Collect on MySQL 8.0.24+. 2024-01-06 15:07:49 +01:00
David Smith 45f59d0eab Fixed #35086 -- Added support for BoundedCircle on Spatialite 5.1+. 
Spatialite 5.1 added support for BoundingCircle
(GEOSMinimumBoundingCircle). GEOS 3.7 is required which is lower than
Django's currently supported minmum of 3.8.

https://groups.google.com/g/spatialite-users/c/hAJ2SgitN4M

https://www.gaia-gis.it/gaia-sins/spatialite-sql-5.1.0.html
 2024-01-05 11:55:44 +01:00
David Wobrock 8fb0be3500 Fixed #33277 -- Disallowed database connections in threads in SimpleTestCase. 2024-01-03 13:02:26 +01:00
Nick Pope 45f778eded Fixed #35075 -- Added deduplicate_items parameter to BTreeIndex. 2024-01-02 12:55:12 +01:00
Mariusz Felisiak f412add786 Added stub release notes for 5.0.2. 2024-01-02 10:29:47 +01:00
Mariusz Felisiak f82a2c3b3d Added release date for 5.0.1 and 4.2.9. 2024-01-02 09:57:41 +01:00
Salvo Polizzi 3915d4c70d Fixed #35060 -- Deprecated passing positional arguments to Model.save()/asave(). 2024-01-02 08:42:33 +01:00
Nick Pope 94b6f101f7
Fixed #29049 -- Added slicing notation to F expressions. 
Co-authored-by: Priyansh Saxena <askpriyansh@gmail.com>
Co-authored-by: Niclas Olofsson <n@niclasolofsson.se>
Co-authored-by: David Smith <smithdc@gmail.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Abhinav Yadav <abhinav.sny.2002@gmail.com>
 2023-12-30 08:24:30 +01:00
Mariusz Felisiak 751d732a38
Fixed #35056 -- Fixed system check crash on reverse m2m relations with related_name in ModelAdmin.filter_horizontal/vertical. 
Thanks Thomas Feldmann for the report.

Regression in 107865780a.
 2023-12-27 20:36:22 +01:00
David Wobrock 14917c9ae2 Fixed #35050 -- Fixed prefixing field names in FilteredRelation(). 
Thanks Mark Zorn for the report.

Regression in 59f4754704.
 2023-12-23 17:35:13 +01:00
Mariusz Felisiak 6c08dba517
Fixed #35054 -- Fixed crash on Oracle when fetching JSONFields with oracledb 2.0.0. 2023-12-22 09:43:45 +01:00
Nicolas Lupien 2bf46c3825 Fixed #34658 -- Added SimpleTestCase.assertNotInHTML(). 2023-12-22 08:27:59 +01:00
David Smith c709a748ce Fixed #35049 -- Dropped support for GDAL 2.4. 2023-12-20 21:44:11 +01:00
David Smith fa1d0b11e4 Fixed #35048 -- Dropped support for PROJ 5.x. 2023-12-20 21:06:43 +01:00
Emanuel Andrecut e72b2826ff Fixed #35032 -- Corrected Char32UUIDField implementation in 5.0 release notes. 
This fixes Char32UUIDField implementation in 5.0 release notes causing
records with UUIDFields created using pre-Django 5.0 and CHAR(32) not
being able to be saved anymore after upgrading and keeping the CHAR(32)
columns.

Regression in 7cd187a5ba.
 2023-12-14 09:26:24 +01:00
Tom Carrick 4aae864463 Fixed #35012 -- Restored wrapping admin fieldsets with multiple fields per line. 
Thanks James Gillard for the report.

Regression in 729266c6f2.
 2023-12-13 06:04:18 +01:00
Simon Charette b0ad41198b Fixed #34013 -- Added QuerySet.order_by() support for annotation transforms. 
Thanks Eugene Morozov and Ben Nace for the reports.
 2023-12-12 05:51:33 +01:00
Mariusz Felisiak fcf95e5927
Fixed #35018 -- Fixed migrations crash on GeneratedField with BooleanField as output_field on Oracle < 23c. 
Thanks Václav Řehák for the report.

Regression in f333e3513e.
 2023-12-12 05:39:11 +01:00
Sarah Boyce b287af5dc9 Fixed #35019 -- Fixed save() on models with both GeneratedFields and ForeignKeys. 
Thanks Deb Kumar Das for the report.

Regression in f333e3513e.
 2023-12-08 09:46:11 +01:00
Mariusz Felisiak 5b3b791e90
Fixed #35024 -- Fixed model instance creation crash on GeneratedField.output_field with backend converters. 
Regression in d9de74141e.

This is a long standing issue, however it caused a crash of
GeneratedFields for all output fields that have backend-specific
converters when the RETURNING clause is not supported
(MySQL and SQLite < 3.35).
That's why severity was exacerbated.
 2023-12-07 20:50:18 +01:00
Sarah Boyce f80669d2f5 Fixed #35020 -- Fixed ModelAdmin.lookup_allowed() for non-autofield primary keys. 
Thanks Joshua Goodwin for the report.

Regression in 45ecd9acca.
 2023-12-07 06:16:35 +01:00
Nick Pope 07f9f9960c Deprecated django.contrib.gis.geoip2.GeoIP2.open(). 2023-12-05 08:21:19 +01:00
Mariusz Felisiak 464af0975c Added stub release notes for 4.2.9. 2023-12-05 06:07:51 +01:00
Mariusz Felisiak 689306c745 Updated expected release date for 5.0.1. 2023-12-05 06:02:36 +01:00
Natalia 14884b6be8 Added stub release notes for 5.0.1. 2023-12-04 10:21:37 -03:00
Natalia 1994a26438 Finalized release notes for Django 5.0. 2023-12-04 09:25:23 -03:00
Mariusz Felisiak 8fcb9f1f10 Added release date for 4.2.8. 2023-12-04 09:24:31 +01:00
Nick Pope b925fefd7d Deprecated django.contrib.gis.geoip2.GeoIP2.coords(). 
The `ordering` argument is undocumented and of limited use, so this is
effectively the same as `GeoIP2.lon_lat()`.
 2023-12-01 08:38:42 +01:00
Mariusz Felisiak 37fc832a54
Fixed #35006 -- Fixed migrations crash when altering Meta.db_table_comment on SQLite. 
Thanks Юрий for the report.

Regression in 78f163a4fb.
 2023-11-30 10:10:27 +01:00
Mariusz Felisiak a4931cd75a
Refs #34380 -- Added FORMS_URLFIELD_ASSUME_HTTPS transitional setting. 
This allows early adoption of the new default "https".
 2023-11-28 20:04:21 +01:00
Tom Carrick 729266c6f2 Fixed #34982 -- Fixed admin's read-only password widget and help texts alignment for tablet screen size. 
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2023-11-27 14:42:25 -03:00
Mariusz Felisiak a652f07596 Fixed #34978, Refs #31331 -- Added backward incompatibility note about raw aggregations on MySQL. 
Thanks Matthew Somerville for the report.
 2023-11-27 11:57:07 +01:00
Nathaniel Conroy 0257426fe1 Fixed #34992 -- Fixed DatabaseFeatures.allows_group_by_selected_pks on MariaDB with ONLY_FULL_GROUP_BY sql mode. 
Regression in 041551d716.
 2023-11-27 09:20:10 +01:00
Adam Johnson 0203771b62 Refs #34380 -- Improved docs for forms.URLField.assume_scheme. 2023-11-25 17:08:50 +01:00
Nick Pope 5e28cd3f2c
Fixed #34983 -- Deprecated django.utils.itercompat.is_iterable(). 2023-11-24 12:06:29 +01:00
Tom Carrick a89c715c3b Fixed #34994 -- Fixed checkbox layout in admin's change page for narrow screen widths. 
Regression in d687febce5.
 2023-11-23 15:18:07 -03:00
Tom Carrick 4eb9c3d90a Fixed #34991 -- Fixed pagination links and input layout in admin's change list page when using list_editable. 
Regression in b4817d20b9.

Thanks Tom Carrick for the report and fix.
 2023-11-23 09:39:57 -03:00
Tom Carrick a03593967f Fixed #14611 -- Added query_params argument to RequestFactory and Client classes. 2023-11-23 10:39:29 +01:00
Simon Charette e76cc93b01
Fixed #34987 -- Fixed queryset crash when mixing aggregate and window annotations. 
Regression in f387d024fc.

Just like `OrderByList` the `ExpressionList` expression used to wrap
`Window.partition_by` must implement `get_group_by_cols` to ensure the
necessary grouping when mixing window expressions with aggregate
annotations is performed against the partition members and not the
partition expression itself.

This is necessary because while `partition_by` is implemented as
a source expression of `Window` it's actually a fragment of the WINDOW
expression at the SQL level and thus it should result in a group by its
members and not the sum of them.

Thanks ElRoberto538 for the report.
 2023-11-23 06:09:08 +01:00
Mariusz Felisiak ecfea054ee Refs #34118 -- Doc'd Python 3.12 compatibility in Django 4.2.x. 2023-11-19 16:31:46 +01:00
Simon Charette 7530cf3900 Fixed #34975 -- Fixed crash of conditional aggregate() over aggregations. 
Adjustments made to solve_lookup_type to defer the resolving of
references for summarized aggregates failed to account for similar
requirements for lookup values which can also reference annotations
through Aggregate.filter.

Regression in b181cae2e3.

Refs #25307.

Thanks Sergey Nesterenko for the report.
 2023-11-18 15:38:04 +01:00
David Smith eec7e9ba89 Refs #32819 -- Established relationship between form fieldsets and their help text. 
This adds aria-describedby for widgets rendered in a fieldset such as
radios. aria-describedby for these widgets is added to the <fieldset>
element rather than each <input>.
 2023-11-17 08:12:36 +01:00
David Smith 292f1ea90f Refs #32819 -- Used auto_id instead of id_for_label as unique identifier for the field. 
`id_for_label` is blank for widgets with multiple inputs such as radios
and multiple checkboxes. Therefore , `help_text` for fields using these
widgets cannot currently be associated using `aria-describedby`.
`id_for_label` is being used as a guard to avoid incorrectly adding
`aria-describedby` to those widgets.

This change uses `auto_id` as the unique identified for the fields
`help_text`. A guard is added to avoid incorrectly adding
`aria-describedby` to inputs by checking the widget's `use_fieldset`
attribute. Fields rendered in a `<fieldset>` should have
`aria-describedby` added to the `<fieldset>` and not every `<input>`.
 2023-11-16 12:23:42 +01:00
Mariusz Felisiak 5875f03ce6 Fixed #34944 -- Made GeneratedField.output_field required. 
Regression in f333e3513e.
 2023-11-14 20:22:07 +01:00
Adam Johnson f7389c4b07 Fixed #34457 -- Restored output for makemigrations --check. 
Co-authored-by: David Sanders <shang.xiao.sanders@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2023-11-09 10:03:19 -03:00
Mariusz Felisiak 36173cf29d Added stub release notes for 4.2.8. 2023-11-01 08:22:47 +01:00
Mariusz Felisiak 7caf262183 Added CVE-2023-46695 to security archive. 2023-11-01 08:16:14 +01:00
Mariusz Felisiak 05ba4130ee Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows. 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
 2023-11-01 06:10:30 +01:00
Akash Kumar Sen 40b3975e7d Fixed #34462 -- Made admin log actions in bulk. 
This also deprecates ModelAdmin.log_deletion() and
LogEntryManager.log_action().
 2023-10-31 18:06:44 +01:00
Sarah Boyce e4d012ca05 Refs #29850 -- Added exclusion support to window frames. 2023-10-30 12:04:55 +01:00
Tom Carrick 34b411762b Fixed #34932 -- Restored varchar_pattern_ops/text_pattern_ops index creation when deterministic collaction is set. 
Regression in f3f9d03edf (4.2) and
8ed25d65ea (5.0).
 2023-10-30 07:37:40 +01:00
Sarah Boyce 6375cee490 Refs #29850 -- Added RowRange support for positive integer start and negative integer end. 2023-10-28 15:16:07 +02:00
Tom Carrick e67d3580ed Fixed #10941 -- Added {% query_string %} template tag. 2023-10-26 09:57:21 +02:00
Mariusz Felisiak fdd1323b9c Added stub release notes and release date for 4.2.7, 4.1.13, and 3.2.23. 2023-10-25 05:37:57 +02:00
Claire Pritchard 61cc0e6f2c
Fixed typo in docs/releases/4.2.txt. 2023-10-22 11:02:12 +02:00
Carlton Gibson 3b255d72cf
Refs #34043 -- Tweaked wording in release note. 2023-10-18 21:40:50 +02:00
Sarah Boyce be56c982c0 Refs #34043 -- Added --screenshots option to runtests.py and selenium tests. 2023-10-18 06:14:40 +02:00
Simon Charette 3b4a571275 Fixed #34798 -- Fixed QuerySet.aggregate() crash when referencing expressions containing subqueries. 
Regression in 59bea9efd2,
complements e5c844d6f2.

Refs #28477, #34551.

Thanks Haldun Komsuoglu for the report.
 2023-10-16 05:37:30 +02:00
Adam Johnson 73b2c63127
Refs #34840 -- Improved release note describing index regression. 2023-10-15 10:27:11 +02:00
Mariusz Felisiak 54b23b1835
Added backticks to setuptools in docs. 2023-10-09 09:55:52 +02:00
Natalia 4e790271e3 Added CVE-2023-43665 to security archive. 2023-10-04 13:05:00 -03:00
Natalia 034457941a Added stub release notes for 4.2.7. 2023-10-04 12:33:08 -03:00
Natalia 17b51094d7 Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 
Thanks Wenchao Li of Alibaba Group for the report.
 2023-10-04 09:22:26 -03:00
Chinmoy Chakraborty 1dae65dc63 Fixed #34657 -- Made assert(Not)Contains/assertInHTML display haystacks in error messages. 2023-10-03 10:44:36 +02:00
Mariusz Felisiak 679212a47a
Refs #34657 -- Made msg_prefix handling in assertURLEqual()/assertInHTML consistent with other assertions. 
Co-authored-by: Chinmoy Chakraborty <chinmoy12c@gmail.com>
 2023-10-03 09:25:48 +02:00
Carlton Gibson 35bbb2c9c0 Fixed #34883 -- Allowed template tags to set extra data on templates. 
By setting a value in the `parser.extra_data` mapping, template tags
pass additional data out of the parsing context.

Any extra data set is exposed on the template via the matching
`.extra_data` attribute.

Library authors should use a key to namespace extra data. The 'django'
namespace is reserved for internal use.
 2023-10-02 16:16:43 +02:00
Natalia 5e4b75b78a Added stub release notes and release date for 4.2.6, 4.1.12, and 3.2.22. 2023-09-27 14:18:40 -03:00
Mariusz Felisiak f9e9526800
Fixed #34873 -- Added QuerySet.explain() support for GENERIC_PLAN option on PostgreSQL 16+. 2023-09-26 12:05:26 +02:00
lstaana 357365a64e Fixed #34835 -- Made admin's changelist filters render in <nav> tag. 2023-09-26 08:45:07 +02:00
Mariusz Felisiak 779cd28acb
Fixed #34840 -- Avoided casting string base fields on PostgreSQL. 
Thanks Alex Vandiver for the report.

Regression in 09ffc5c121.
 2023-09-22 06:01:11 +02:00
Mariusz Felisiak 2c6ebb65c9
Fixed #34851 -- Dropped support for PostgreSQL 12 and PostGIS 2.5. 2023-09-20 13:45:51 +02:00
Paolo Melchiorre 0b506bfe1a
Refs #31300 -- Added example to GeneratedField release notes. 2023-09-20 09:00:30 +02:00
Mariusz Felisiak 3623a0c079
Fixed #34850 -- Dropped support for MariaDB 10.4. 2023-09-19 15:06:05 +02:00
Mariusz Felisiak 909f8e4c24
Fixed typo in docs/releases/5.0.txt. 2023-09-19 09:27:28 +02:00
Mariusz Felisiak 0e560edf32 Increased the default PBKDF2 iterations for Django 5.1. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak f72f420f17 Refs #26029 -- Removed DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 
This also removes django.core.files.storage.get_storage_class().

Per deprecation timeline.
 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 3a3e737694 Refs #33199 -- Removed support for passing positional arguments to Signer/TimestampSigner. 
Per deprecation timeline.
 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 5e4c1793b7 Refs #33308 -- Removed support for passing encoded JSON string literals to JSONField & co. 
Per deprecation timeline.
 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 69af3bea99 Refs #33990 -- Removed TransactionTestCase.assertQuerysetEqual() per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak c35fd9e275 Refs #33990 -- Removed SimpleTestCase.assertFormsetError() per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 7433237664 Refs #33924 -- Removed BaseGeometryWidget.map_height/map_width attributes per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 04eb1b4567 Refs #33872 -- Removed django.contrib.postgres.fields.CIText/CICharField/CIEmailField/CITextField. 
Per deprecation timeline.
 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 6e4e5523a8 Refs #33691 -- Removed insecure password hashers per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 14ef92fa9e Refs #33864 -- Removed length_is template filter per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 2abf417c81 Refs #27236 -- Removed Meta.index_together per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 00e1879610 Refs #33764 -- Removed BaseUserManager.make_random_password() per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak 590a31eb10 Added stub release notes for 5.1. 2023-09-18 22:12:40 +02:00
Natalia 613b7ba212 Made cosmetic edits to docs/releases/5.0.txt. 2023-09-18 10:21:25 -03:00
Natalia a7aaba0f85 Removed empty sections from 5.0 release notes. 2023-09-18 09:51:35 -03:00
Clément Escolano cac94dd8aa Fixed #33651 -- Added support for prefetching GenericForeignKey. 
Co-authored-by: revanthgss <revanthgss@almabase.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2023-09-18 13:23:21 +02:00