Commit Graph

28893 Commits

Author SHA1 Message Date
Hasan Ramezani 2808cdc8fb Fixed #31962 -- Made SessionMiddleware raise SessionInterrupted when session destroyed while request is processing. 2020-09-09 09:04:28 +02:00
Petr Čermák fc1446073e Fixed #31987 -- Fixed Cast() with DurationField on MySQL. 2020-09-09 07:01:18 +02:00
Francisco Couzo 5ea1621c72
Fixed #31985 -- Corrected salted_hmac()'s docstring about supported algorithms.
salted_hmac() validates supported algorithms by checking hashlib
methods.
2020-09-07 10:59:36 +02:00
François Freitag 57dadfac3c Fixed #31944 -- Used addCleanup() to register TestContextDecorator cleanups.
Cleanups from addCleanup() are scheduled to happen in reverse order to
the order they are added (LIFO). Ensures each cleanup is executed from
the innermost to the outermost.
2020-09-07 08:07:26 +02:00
Jon Dufresne 11ebc6479f Fixed #31791 -- Made technical 404 debug page display the tried URL patterns for Http404. 2020-09-07 06:54:19 +02:00
Tim Graham 83dea65ed6
Refs #21231 -- Corrected parse_qsl() fallback.
An oversight in fd209f62f1.
2020-09-07 06:25:56 +02:00
Hasan Ramezani d2d08c8cf6 Fixed #31982 -- Made HttpResponse.set_cookie() cast max_age argument to an integer. 2020-09-05 10:07:23 +02:00
Mariusz Felisiak e6b5108acc
Fixed #27417 -- Made RenameField operation a noop for field name case changes on Oracle.
Field names are always uppercased in the Oracle backend. Changing case
should be a noop to avoid database errors: "ORA-00957: duplicate column
name".
2020-09-04 20:27:23 +02:00
jpribyl 17407eca59 Fixed #31894 -- Added note about using JSONField key lookups with QuerySet.exclude() in docs. 2020-09-04 09:04:38 +02:00
jpribyl 94e2238107 Refs #31894 -- Added tests for JSONField key lookups with QuerySet.exclude(). 2020-09-04 09:04:24 +02:00
Nick Pope fd209f62f1 Refs #21231 -- Backport urllib.parse.parse_qsl() from Python 3.8. 2020-09-03 14:24:42 +02:00
Mariusz Felisiak 8d59075184 Refs #31224 -- Made sync_to_async() examples use thread sensitive with ORM calls. 2020-09-03 12:06:42 +02:00
Jon Dufresne 0b8871ab67
Fixed #31979 -- Made django.test.utils.setup_databases()'s time_keeper argument optional. 2020-09-03 09:48:40 +02:00
Collin Anderson daa26acc4e Fixed #31978 -- Added username hint to admin's password reset confirmation form. 2020-09-03 09:25:21 +02:00
Mariusz Felisiak 6a881197e9
Refs #31901 -- Fixed SeleniumTests.test_list_editable_popups with headless mode. 2020-09-02 15:16:03 +02:00
Brian Helba 2d42e23b6d Fixed #31941 -- Corrected FileField.deconstruct() with a callable storage. 2020-09-02 11:06:18 +02:00
Tim Park ece18207cb Fixed #31858 -- Reallowed whitespaces in URL paths outside of parameters.
Regression in 22394bd3a1.

Thanks David Smith for the review.
2020-09-02 10:24:14 +02:00
Nick Pope a629139425 Refs #29887, Refs #24212 -- Added servers configuration hook for memcached backends.
The servers property can be overridden to allow memcached backends to
alter the server configuration prior to it being passed to instantiate
the client. This allows avoidance of documentation for per-backend
differences, e.g. stripping the 'unix:' prefix for pylibmc.
2020-09-02 08:51:17 +02:00
Carlton Gibson 0bf627f0b2
Refs #11390 -- Clarified dual-calling of ChoiceField.choices callable. 2020-09-02 08:29:01 +02:00
Joe Jackson 9d5d865fd6 Fixed #31948 -- Added tzinfo parameter to TruncDate() and TruncTime(). 2020-09-02 07:42:27 +02:00
007gzs 76e0151ea0 Added "Bugfixes" section to release notes for 3.1.2. 2020-09-02 06:32:47 +02:00
Carlton Gibson d5b526bf78 Added CVE-2020-24583 & CVE-2020-24584 to security archive. 2020-09-01 11:32:57 +02:00
Nick Pope cc1f2c6a19 Refs #29887 -- Simplified memcached client instantiation. 2020-09-01 10:51:00 +02:00
Carlton Gibson 7a60670b78 Added stub release notes for 3.1.2. 2020-09-01 10:45:12 +02:00
Carlton Gibson 976e2b7420 Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
Mariusz Felisiak 1853724aca Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 2020-09-01 09:17:23 +02:00
Mariusz Felisiak 8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
007gzs 2bc38bc7ca Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar. 2020-09-01 07:51:22 +02:00
Abdullah Dursun fcad0b1324
Corrected note about long names in search docs. 2020-08-31 22:36:25 +02:00
Hasan Ramezani 70731fc6fe Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers. 2020-08-31 10:57:41 +02:00
Federico Jaramillo Martínez 179d9dc0c2 Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
Simon Charette f6405c0b8e Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
The optimization introduced in 7acef095d7 did not properly handle
deletion involving filters against aggregate annotations.

It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031.

Thanks Anton Plotkin for the report.

Refs #23576.
2020-08-31 08:11:28 +02:00
Simon Charette 38fce49c82 Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations. 2020-08-31 06:42:40 +02:00
Simon Charette 40894f2967 Refs #30446 -- Added tests for resolving output_field of CombinedExpression. 2020-08-31 06:40:39 +02:00
Mariusz Felisiak 0be51d2226 Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
Mariusz Felisiak 2210539142 Refs #31956 -- Added test for ordering by JSONField with a custom decoder. 2020-08-28 19:09:41 +02:00
Koen De Wit 4c0b4720b0 Fixed #31954 -- Fixed migration optimization for MTI model creation with parent model with mixed case app label. 2020-08-28 13:35:13 +02:00
Kevin Michel 225261b701 Refs #31928 -- Added various middlewares tests for detecting when get_response is coroutine. 2020-08-28 12:33:29 +02:00
Kevin Michel 825ce75fae Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.

This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.

Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
Kevin Michel ea57a2834f Refs #31928 -- Made SessionMiddleware call super().__init__(). 2020-08-28 12:33:15 +02:00
Kevin Michel 68d7cf4054 Refs #26601 -- Added various middlewares tests for deprecation of passing None as get_response. 2020-08-28 12:33:15 +02:00
Kevin Michel abbdd3a622 Added tests for cache middlewares constructors. 2020-08-28 10:00:39 +02:00
Mariusz Felisiak e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator.
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
2020-08-28 05:57:36 +02:00
Phil Gyford e02738bf55 Refs #31913 -- Corrected comment in PasswordResetTokenGenerator.
Follow up to da4923ea87.
2020-08-27 12:57:16 +02:00
Alexander 20d38fd759 Fixed #31947 -- Made QuerySet.update_or_create() reuse get_or_create(). 2020-08-27 11:46:47 +02:00
Mariusz Felisiak 1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.

Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
Jeremy Lainé 9c92924cd5 Fixed #31942 -- Made settings cleansing work with dictionary settings with non-string keys. 2020-08-26 11:59:37 +02:00
Kaustubh b9be11d442 Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field. 2020-08-26 09:43:39 +02:00
Michael Galler 547a07fa7e Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
Mariusz Felisiak 0b0658111c Removed trailing whitespace in 3.2 release notes. 2020-08-25 10:02:56 +02:00