Commit Graph

22387 Commits

Author SHA1 Message Date
Bob McDonald b388c294eb Fixed #26312 -- Documented "create database" requirement in tutorial 2. 2016-03-05 09:09:00 -05:00
Tim Graham e19fc9f08a Removed claim that you can use different database backends for Django's tests.
Such as a setup isn't tested through continuous integration and therefore
isn't likely to work reliably.
2016-03-05 08:42:18 -05:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Tim Graham cecbf1bdef Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
Tim Graham 2f0c785a4c Added stub release notes for 1.8.11. 2016-03-04 09:47:43 -05:00
Tim Graham de8a11ba18 Fixed #26321 -- Added missing "for_save" parameter in expressions example.
Thanks tomaszn for the patch.
2016-03-03 19:36:03 -05:00
Akshesh b886f166b3 Fixed #26316 -- Factored duplicated code in model/field migration operations. 2016-03-03 18:24:36 -05:00
Moritz Sichert 87994b40b3 Refs #25653 -- Corrected help text for runtests.py --selenium option. 2016-03-03 18:21:07 -05:00
Tim Graham c0181f2c1f Fixed #26310 -- Documented that a queryset ordering must be specified to ensure ordered results.
Thanks Simon Charette for review.
2016-03-03 17:54:07 -05:00
Jon Dufresne 4e2da368db Cleaned up TestStaticFilePermissions to use call_command(). 2016-03-03 21:58:23 +01:00
Jon Dufresne 394b7f90d3 Passed proper default value to int-type 'verbosity' option 2016-03-03 20:42:43 +01:00
Simon Charette d0451e4cad Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf.
Thanks Tim for the review.
2016-03-03 12:08:49 -05:00
Alasdair Nicol 2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Simon Charette c92123cc1d Fixed #26226 -- Made related managers honor the queryset used for prefetching their results.
Thanks Loïc for the suggested improvements and Tim for the review.
2016-03-02 16:10:18 -05:00
Simon Charette 5d240b070d Refs #17001 -- Added a test for custom prefetch related queryset on generic relations. 2016-03-02 16:08:37 -05:00
Tim Graham 1d17bb4f7d Refs #19527 -- Fixed typo in docs/ref/models/querysets.txt. 2016-03-02 15:54:46 -05:00
Marc Tamlyn 8ddc79a799 Fixed #26285 -- Deprecated the MySQL-specific __search lookup. 2016-03-02 14:41:56 -05:00
acrefoot 04240b2365 Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects.
PostgreSQL support only.

Thanks Vladislav Manchev and alesasnouski for working on the patch.
2016-03-02 14:29:09 -05:00
Matthew Schinckel 60633ef3de Fixed #26304 -- Ignored unmanaged through model in table introspection. 2016-03-02 13:54:27 -05:00
Dmitry Dygalo 5155c2b458 Fixed typo in 1.9.3/1.8.10 release date. 2016-03-02 07:08:36 -05:00
Jon Dufresne fb3540d6a4 Removed obsolete, unused option 'hide_empty' from loaddata command.
Unused since 67235fd4ef.
2016-03-01 19:48:32 -05:00
Alasdair Nicol 8c42cf0cbd Fixed #26303 -- Updated links to mod_wsgi docs. 2016-03-01 19:22:32 -05:00
Tim Graham 33db899a21 Fixed #25814 -- Added changing #django topic to release checklist. 2016-03-01 13:02:03 -05:00
Tim Graham 2e895d2870 Added stub release notes for 1.9.4. 2016-03-01 12:39:01 -05:00
Tim Graham 24fc935218 Added CVE-2016-2512/2513 to security release archive. 2016-03-01 12:32:42 -05:00
Florian Apolloner 67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham f43291639b Added stub release notes for security issues. 2016-03-01 11:25:28 -05:00
Michal Petrucha fe8ea3ba3b Fixed #26217 -- Added a warning about format strings to WeekArchiveView docs. 2016-03-01 10:29:52 -05:00
acemaster a1b1688c7d Fixed #26165 -- Added some FAQs about CSRF protection.
Thanks Florian Apolloner and Shai Berger for review.
2016-03-01 08:45:05 -05:00
Taranjeet 11a8207d42 Fixed typos in docs/ref/models/meta.txt. 2016-03-01 08:33:27 -05:00
Alasdair Nicol 65bd053f11 Fixed #26229 -- Improved check for model admin check admin.E124
Refs #22792
2016-03-01 08:20:14 -05:00
Simon Charette 0223e213dd Fixed #26186 -- Documented how app relative relationships of abstract models behave.
This partially reverts commit bc7d201bdb.

Thanks Tim for the review.

Refs #25858.
2016-02-29 22:07:05 -05:00
Jon Dufresne eac1423f9e Removed obsolete test CreatesuperuserManagementCommandTestCase.test_nolocale.
Test was added in 4c934f3921 to verify that
the commend works when locale.getdefaultlocale() doesn't return a locale.
getdefaultlocale() no longer runs at runtime, so the test isn't needed.
2016-02-29 08:46:37 -05:00
Adam Chainz 6a383f773a Removed unused 'Between' lookup.
It was added in 20bab2cf9d and stopped being
used for `Range` in 00aa562884 when
`bilateral` was added to `Transform`.
2016-02-29 08:00:04 -05:00
Shai Berger 72e5778b23 Minor fixes for release-process doc fix
As suggested by Tim Graham
2016-02-28 19:30:18 +02:00
Shai Berger 3dd4e9203a Fixed docs: release-process, Supported Versions section, concrete example
Security & data loss fixes are applied to the two last feature releases,
not just one.

Thanks Loic Bistuer for review
2016-02-28 18:44:47 +02:00
chenesan b84f5ab4ec Fixed #26230 -- Made default_related_name affect related_query_name. 2016-02-27 08:48:32 -05:00
inondle 5fb9756eba Fixed #26275 -- Noted difference between o and Y date format chars. 2016-02-27 08:05:12 -05:00
Attila Tovt 5e2c4d7afb Fixed #26264 -- Fixed prefetch_related() crashes with values_list(flat=True) 2016-02-26 19:26:15 -05:00
Tore Lundqvist 3389c5ea22 Fixed #21608 -- Prevented logged out sessions being resurrected by concurrent requests.
Thanks Simon Charette for the review.
2016-02-26 18:56:56 -05:00
Simon Charette 3938b3ccaa Fixed #26286 -- Prevented content type managers from sharing their cache.
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.

Thanks Tim for the review.

Refs #23822.
2016-02-26 16:18:16 -05:00
Tim Graham b9519b2730 Added 'prefetches to docs/spelling_wordlist. 2016-02-26 16:06:34 -05:00
Adam Chainz ef33bc2d4d Fixed #25279 -- Made prefetch_related_objects() public. 2016-02-26 14:55:01 -05:00
Yoong Kang Lim d5f89ff6e8 Fixed #24974 -- Fixed inheritance of formfield_callback for modelform_factory forms. 2016-02-26 12:27:27 -05:00
Simon Charette 766afc22a1 Fixed #24793 -- Unified temporal difference support. 2016-02-26 12:25:12 -05:00
Simon Charette 31098e3288 Used setUpTestData for the timedelta expression tests. 2016-02-26 12:25:12 -05:00
zshimanchik 65aa94200b Fixed #24653 -- Fixed MySQL database introspection when using read_default_file. 2016-02-26 12:02:13 -05:00
Simon Charette 62ea86448e Cleaned up session backends tests.
Made SessionTestsMixin backend agnostic and removed code obsoleted by the test
discovery refactor.
2016-02-26 11:22:33 -05:00