p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
31,416 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

12724 Commits

Author SHA1 Message Date
Dhanush a0623b117c [4.2.x] Fixed #32813 -- Made runserver display port after binding. 
Thanks Florian Apolloner for the review.

Backport of a18d20ca97 from main
 2023-02-10 09:55:35 +01:00
Mariusz Felisiak 836ae73a89 [4.2.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e.
Backport of 2fd755b361 from main
 2023-02-08 16:39:53 +01:00
Bakdolot 1f193f7f56 [4.2.x] Fixed #34315 -- Preserved admin changelist filters on "Close" button. 
Backport of 325c44ac6c from main
 2023-02-08 10:21:40 +01:00
Nils VAN ZUIJLEN e8a39da396 [4.2.x] Fixed #34285 -- Fixed index/slice lookups on filtered aggregates with ArrayField. 
Thanks Simon Charette for the review.

Backport of ae1fe72e9b from main
 2023-02-07 14:06:08 +01:00
Jacob Walls 714d59d57f [4.2.x] Fixed #33638 -- Fixed GIS lookups crash with geography fields on PostGIS. 
Backport of 4403432b75 from main
 2023-02-07 12:24:24 +01:00
Frederic Mheir d70b2a88e8 [4.2.x] Fixed #34301 -- Made admin's submit_row check add permission for "Save as new" button. 
Backport of 2878938626 from main
 2023-02-07 07:31:51 +01:00
Mariusz Felisiak 9a1848f48c
[4.2.x] Increased the default PBKDF2 iterations for Django 4.2. 
See https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2.

Thanks Markus Holtermann for the report.
 2023-02-04 13:36:06 +01:00
Adam Johnson beaa5f31e1 [4.2.x] Fixed #34259 -- Passed called_from_command_line to command subparsers. 
Backport of 017fa23d3b from main
 2023-02-03 07:54:15 +01:00
skidipap db0e10c037 [4.2.x] Fixed #34286 -- Fixed admindocs markups for case-sensitive template/view names. 
Backport of 1250483ebf from main
 2023-02-02 14:48:10 +01:00
David Smith 80aae83439 [4.2.x] Refs #33476 -- Applied Black's 2023 stable style. 
Black 23.1.0 is released which, as the first release of the year,
introduces the 2023 stable style. This incorporates most of last year's
preview style.

https://github.com/psf/black/releases/tag/23.1.0

Backport of 097e3a70c1 from main
 2023-02-01 11:37:29 +01:00
Nick Pope 8a7b22d4a6 [4.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:45:07 +01:00
sag᠎e 5e0be0873c [4.2.x] Fixed #34304 -- Made MySQL's SchemaEditor.remove_constraint() don't create foreign key index when unique constraint is ignored. 
Regression in b731e88415.
Backport of 110b3b8356 from main
 2023-01-31 11:52:44 +01:00
Stanislav Volyk 7217c11eba [4.2.x] Fixed #34283 -- Escaped title in admin's changelist filters. 
Regression in 27aa7035f5.

Backport of 20a0850099 from main
 2023-01-30 11:58:06 +01:00
Sarah Boyce 4bf3d6dec2 [4.2.x] Fixed #28054 -- Made runserver not return response body for HEAD requests. 
Co-authored-by: jannschu <jannik.schuerg@posteo.de>
Backport of 8acc433e41 from main
 2023-01-27 21:50:40 +01:00
Raj Desai f210ad1b98 [4.2.x] Fixed #34254 -- Fixed return value of Exists() with empty queryset. 
Thanks Simon Charette for reviews.

Backport of 246eb4836a from main
 2023-01-26 20:25:18 +01:00
Mariusz Felisiak 719a14badc [4.2.x] Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e.
Backport of 2b1242abb3 from main
 2023-01-26 09:32:14 +01:00
朱穆穆 f23a85337a [4.2.x] Fixed #34227 -- Fixed QuerySet.select_related() with multi-level FilteredRelation. 
Backport of d3c93cdc59 from main
 2023-01-24 10:52:01 +01:00
Matt Westcott b332a96cd7 [4.2.x] Fixed #34192 -- Preserved callable storage when it returns default_storage. 
Backport of ef85b6bf0b from main
 2023-01-23 11:14:57 +01:00
Francesco Panico 84927e110e [4.2.x] Fixed #34267 -- Fixed sliced QuerySet.union() crash. 
Regression in 3d734c09ff.

Thanks Raphaël Stefanini for the report.

Backport of cc8aa6bf9c from main
 2023-01-20 09:25:26 +01:00
David Wobrock 3b6f307344 [4.2.x] Fixed #34272 -- Fixed floatformat crash on zero with trailing zeros to zero decimal places. 
Regression in 08c5a78726.

Thanks Andrii Lahuta for the report.

Backport of 4b066bde69 from main
 2023-01-19 10:47:52 +01:00
Mariusz Felisiak 0e2649fdf4 Fixed #34255 -- Made PostgreSQL backend use client-side parameters binding with psycopg version 3. 
Thanks Guillaume Andreu Sabater for the report.

Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
 2023-01-17 08:24:08 +01:00
Mariusz Felisiak c8a76059ff Refs #34255 -- Bumped required psycopg version to 3.1.8. 2023-01-17 08:24:08 +01:00
sarahboyce 05bcd5baaf Refs #30129 -- Added test for create() with F() expression in Subquery. 
Fixed in 3543129822.
 2023-01-16 08:26:34 +01:00
Leo 5da5f3773e Fixed #34234 -- Dropped support for PROJ 4. 2023-01-13 12:31:41 +01:00
Mariusz Felisiak c2118d72d6
Fixed #34240 -- Preserved headers of requests made with django.test.Client in assertRedirects(). 
Bug in 67da22f08e.
 2023-01-13 11:30:27 +01:00
Jarosław Wygoda 32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Jarosław Wygoda 1ec3f0961f Fixed #26029 -- Allowed configuring custom file storage backends. 2023-01-12 06:20:57 +01:00
Mariusz Felisiak d02a9f0cee
Fixed thread termination in servers.tests.LiveServerPort on Python 3.10.9+, 3.11.1+, and 3.12+. 
Class cleanups registered in TestCase subclasses are no longer called
as TestCase.doClassCleanups() only cleans up the particular class, see

c2102136be
 2023-01-12 06:04:10 +01:00
Mariusz Felisiak 829f4d1448
Refs #31546, Refs #34118 -- Corrected CommandTests.test_requires_system_checks_specific(). 
System checks are never called without skip_checks=False. Moreover,
called_once_with() is not a proper assertion and raise AttributeError
on Python 3.12.
 2023-01-11 05:36:40 +01:00
Mariusz Felisiak 552384fa97
Refs #31014 -- Added FromWKB and FromWKT GIS database functions. 
Co-authored-by: Ondřej Böhm <ondrej.bohm@firma.seznam.cz>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
 2023-01-10 11:51:09 +01:00
Francesco Panico 72efd840a8 Fixed #34110 -- Added in-memory file storage. 
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
 2023-01-10 10:56:59 +01:00
Simon Charette dd68af62b2 Fixed #34176 -- Fixed grouping by ambiguous aliases. 
Regression in b7b28c7c18.

Refs #31377.

Thanks Shai Berger for the report and reviews.

test_aggregation_subquery_annotation_values_collision() has been
updated as queries that are explicitly grouped by a subquery should
always be grouped by it and not its outer columns even if its alias
collides with referenced table columns. This was not possible to
accomplish at the time 10866a10 landed because we didn't have compiler
level handling of colliding aliases.
 2023-01-09 10:52:51 +01:00
Tim Graham 016bead6a2
Renamed 'requests' test package. 
This avoids a collision when third-party database backends depend on the
Requests HTTP library.
 2023-01-07 11:41:40 +01:00
Nick Pope b47f2f5b90 Fixed #33865 -- Optimized LimitedStream wrapper. 
The current implementation of LimitedStream is slow because .read()
performs an extra copy into a buffer and .readline() performs two
extra copies. The stream being wrapped is already typically a BytesIO
object so this is unnecessary.

This implementation has largely been untouched for 12 years and,
inspired by a simpler implementation in werkzeug, it was possible to
achieve the following performance improvement:

LimitedStream.read() (single line):
  Mean +- std dev: [bench_limitedstream-main] 286 ns +- 6 ns
  -> [bench_limitedstream-patch] 227 ns +- 6 ns: 1.26x faster
LimitedStream.readline() (single line):
  Mean +- std dev: [bench_limitedstream-main] 507 ns +- 11 ns
  -> [bench_limitedstream-patch] 232 ns +- 8 ns: 2.18x faster
LimitedStream.read(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 360 ns +- 8 ns
  -> [bench_limitedstream-patch] 297 ns +- 6 ns: 1.21x faster
LimitedStream.readline(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 602 ns +- 10 ns
  -> [bench_limitedstream-patch] 305 ns +- 10 ns: 1.98x faster
LimitedStream.read() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 290 ns +- 5 ns
  -> [bench_limitedstream-patch] 236 ns +- 6 ns: 1.23x faster
LimitedStream.readline() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 517 ns +- 19 ns
  -> [bench_limitedstream-patch] 239 ns +- 7 ns: 2.16x faster
LimitedStream.read(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 363 ns +- 8 ns
  -> [bench_limitedstream-patch] 311 ns +- 11 ns: 1.17x faster
LimitedStream.readline(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 601 ns +- 12 ns
  -> [bench_limitedstream-patch] 308 ns +- 7 ns: 1.95x faster

Geometric mean: 1.59x faster
 2023-01-05 19:26:56 +01:00
Nick Pope 57f5669d23 Refs #33865 -- Improved implementation of FakePayload. 
FakePayload is a wrapper around io.BytesIO and is expected to
masquerade as though it is a file-like object. For that reason it makes
sense that it should inherit the correct signatures from io.BytesIO
methods.

Crucially an implementation of .readline() is added which will be
necessary for this to behave more like the expected file-like objects as
LimitedStream will be changed to defer to the wrapped stream object
rather than rolling its own implementation for improved performance.

It should be safe to adjust these signatures because FakePayload is
only used internally within test client helpers, is undocumented, and
thus private.
 2023-01-05 19:25:25 +01:00
Nick Pope 95182a8593 Refs #33865 -- Corrected signature of ExplodingBytesIO.read(). 
These subclasses of io.BytesIO should inherit the correct signature.
 2023-01-05 19:17:56 +01:00
Nick Pope 7a1543d9f6 Refs #33865 -- Made RequestsTests.test_set_encoding_clears_GET use FakePayload. 
The input stream, wsgi.input, must be a file-like object. The existing
implementation of LimitedStream was lax and allowed an empty string to
be passed incorrectly.

See https://wsgi.readthedocs.io/en/latest/definitions.html#envvar-wsgi.input
 2023-01-05 19:16:49 +01:00
Mariusz Felisiak 63d1cb0092
Refs #32355 -- Bumped minimum supported versions of 3rd-party packages. 
This bumps minimum supported versions of 3rd-party packages to the first
releases to support Python 3.8.
 2023-01-05 18:09:33 +01:00
sag᠎e 8cf3831822
Fixed #34243 -- Fixed timesince() crash with timezone-aware dates and interval longer than 1 month. 
Regression in 8d67e16493.
 2023-01-05 16:38:19 +01:00
Mariusz Felisiak 7d9329935a
Refs #32355 -- Bumped mysqlclient requirement to >= 1.4.3. 
mysqlclient 1.4.3 is the first release to support Python 3.8.
 2023-01-05 16:34:14 +01:00
Nick Pope 65477fd7da Added support for datetime.date to DateFormat.r(). 2023-01-05 12:51:55 +01:00
Nick Pope 0fdc5d79b6 Simplified django.utils.formats.date_format()/time_format() calls. 
This removes redundant get_format() calls and passing a default value
for the format argument.
 2023-01-04 11:47:14 +01:00
GianpaoloBranca 8d67e16493
Fixed #33879 -- Improved timesince handling of long intervals. 2023-01-04 11:14:06 +01:00
David Wobrock 99bd5fb4c2 Refs #34074 -- Used headers argument for RequestFactory and Client in docs and tests. 2023-01-04 09:11:36 +01:00
Mike Crute 0b78ac3fc7 Fixed #34200 -- Made the session role configurable on PostgreSQL. 2023-01-03 09:30:53 +01:00
Claude Paroz 2a14b8df39 Fixed #33783 -- Added IsEmpty GIS database function and __isempty lookup on PostGIS. 2023-01-03 05:47:44 +01:00
Mariusz Felisiak 6774e9359c
Fixed #23842 -- Fixed flaky GeoQuerySetTest.test_make_line() test. 2023-01-03 05:46:40 +01:00
Florian Apolloner afa2e28205 Fixed #34235 -- Added ManifestFilesMixin.manifest_hash attribute. 
This adds ManifestFilesMixin.manifest_hash attribute exposing a "hash"
of the full manifest. This allows applications to determine when their
static files have changed.
 2023-01-02 09:53:52 +01:00
Francesco Panico c179ad9fe7 Refs #34100 -- Made file upload tests use Storage.exists() where appropriate. 2022-12-30 13:28:47 +01:00
Mariusz Felisiak 6e9e7ec472
Fixed random delete.tests.DeletionTests.test_deletion_order failures. 2022-12-30 12:22:30 +01:00