p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
29,342 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

457 Commits

Author SHA1 Message Date
Mariusz Felisiak 246a31a843 [3.2.x] Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute. 
Regression in ec6d2531c5.

Thanks JonathanNickelson for the report.
Backport of 12b19a1d76 from main
 2021-05-26 11:20:05 +02:00
Simon Charette 386caa5445 [3.2.x] Fixed #32717 -- Fixed filtering of querysets combined with the | operator. 
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc.

Thanks Shaheed Haque for the report.

Backport of b81c7562fc from main
 2021-05-13 07:53:56 +02:00
Florian Apolloner c98f446c18 [3.2.x] Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:43:52 +02:00
Adam Johnson 15a8518388 [3.2.x] Refs #31732 -- Fixed django.utils.inspect caching for bound methods. 
Thanks Alexandr Artemyev for the report, and Simon Charette for the
original patch.

Backport of 562898034f from main
 2021-03-22 20:49:15 +01:00
Adam Johnson 2420fd2d5c [3.2.x] Refs #31372 -- Added django.utils.inspect tests for bound methods. 
Backport of ac72a216a7 from main
 2021-03-22 20:49:09 +01:00
Markus Holtermann e078747290 [3.2.x] Updated Git branch "master" to "main". 
This change follows a long discussion on django-develops:

https://groups.google.com/g/django-developers/c/tctDuKUGosc/

Backport of d9a266d657 from main
 2021-03-09 09:33:50 +01:00
Nick Pope be8237c7cc [3.2.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.parse_qsl(). 2021-02-19 09:15:09 +01:00
Mariusz Felisiak f944f79e55 [3.2.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.

Backport of 05413afa8c from master.
 2021-02-01 09:13:37 +01:00
Paul Ganssle a5d70cca12 [3.2.x] Refs #32365 -- Allowed use of non-pytz timezone implementations. 
Backport of 10d1261984 from master
 2021-01-19 12:00:40 +01:00
William Schwartz ec6d2531c5 Fixed #32314 -- Fixed detection when started non-django modules with "python -m" in autoreloader. 
django.utils.autoreload.get_child_arguments() detected when Python was
started with the `-m` option only for `django` module. This commit
changes the logic to check __spec__, see
https://docs.python.org/3/reference/import.html#main-spec

Now packages can implement their own __main__ with the runserver
command.
 2021-01-05 21:03:29 +01:00
starryrbs 2a76f43134 Fixed #32269 -- Fixed parse_duration() for negative days in ISO 8601 format. 2020-12-21 10:28:07 +01:00
starryrbs 57d05f94c3 Added more assertions for parse_duration() with negative timedeltas. 2020-12-21 10:15:22 +01:00
Hasan Ramezani 577f2338f1 Fixed #32208 -- Allowed adding lazy() objects. 
Co-authored-by: Claude Paroz <claude@2xlibre.net>
 2020-12-21 09:24:41 +01:00
Florian Apolloner 98e05ccde4 Fixed #32233 -- Cleaned-up duplicate connection functionality. 2020-12-08 08:55:44 +01:00
Carlton Gibson ead37dfb58
Fixed #32202 -- Fixed autoreloader argument generation for Windows with Python 3.7-. 2020-11-19 12:07:15 +01:00
Nick Pope 0cbccaebeb
Simplified TimeFormat.g(). 2020-11-12 15:19:17 +01:00
Sam 895f6e4992 Fixed #32149 -- Added support for years < 1000 to DateFormat.y(). 2020-11-12 12:43:06 +01:00
Tom Forbes 658bcc16f1 Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
Nick Pope 966b5b49b6 Updated MultiValueDict.update() to mirror dict.update() behavior. 
Changes in behavior include:

- Accepting iteration over empty sequences, updating nothing.
- Accepting iterable of 2-tuples providing key-value pairs.
- Failing with the same or comparable exceptions for invalid input.

Notably this replaces the previous attempt to catch TypeError which was
unreachable as the call to .items() resulted in AttributeError on
non-dict objects.
 2020-10-30 10:44:44 +01:00
Nick Pope c3d9b8b28f Increased test coverage for django.utils.datastructures.MultiValueDict. 
Co-authored-by: Mads Jensen <mje@inducks.org>
 2020-10-30 10:44:44 +01:00
Mads Jensen 825f8470f5 Increased test coverage for django.utils.datastructures.OrderedSet. 
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
 2020-10-30 10:44:44 +01:00
Simon Charette 4c675523bd Refs #29838, Refs #28507 -- Made make_hashable() ignore key order. 2020-10-05 20:42:46 +02:00
Nick Pope fd209f62f1 Refs #21231 -- Backport urllib.parse.parse_qsl() from Python 3.8. 2020-09-03 14:24:42 +02:00
David Smith b6dfdaff33 Completed test coverage for colorize(). 2020-07-29 07:57:06 +02:00
Jon Dufresne e1e4fd707f
Used context manager version of tempfile.TemporaryDirectory() in utils_tests.test_autoreload. 2020-07-20 11:08:23 +02:00
Tom Forbes 730711e828 Used temporary directory in RestartWithReloaderTests.test_manage_py(). 
Using the current directory can cause a PermissionError.
 2020-07-20 09:16:16 +02:00
Tim Park 8fa9a6d29e Fixed #31623 -- Allowed specifying number of adjacent time units in timesince()/timeuntil(). 2020-07-16 09:44:28 +02:00
Ad Timmering ec5aa2161d
Fixed #30807 -- Fixed TestArchive.test_extract_file_permissions() when umask is 0o000. 
Fixed test that checks permissions on files extracted from archives
with no permissions set, to not assume a default umask of 0o002.

Test regression in c95d063e77.
 2020-06-29 07:51:43 +02:00
Tom Forbes 8a902b7ee6
Fixed #31716 -- Fixed detection of console scripts in autoreloader on Windows. 2020-06-18 13:04:10 +02:00
Jon Dufresne f47d5aac62
Refs #27804 -- Used subTest() in tests.utils_tests.test_text. 2020-06-04 11:16:21 +02:00
David Smith 0382ecfe02 Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores. 2020-05-29 06:47:51 +02:00
David Smith dde05e192c Added more tests for slugify(). 2020-05-29 06:28:57 +02:00
Mariusz Felisiak 0668164b4a
Fixed E128, E741 flake8 warnings. 2020-05-12 08:52:23 +02:00
Adam Johnson d17b380653 Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments. 2020-05-04 12:10:47 +02:00
Rasmus Wriedt Larsen f6d0bd208a
Corrected opts argument of colorize in TermColorTests.test_colorize_empty_text(). 2020-05-04 11:34:08 +02:00
Hasan Ramezani f121621073 Fixed #31521 -- Skipped test_parsing_rfc850 test on 32-bit systems. 2020-04-30 06:51:47 +02:00
Jon Dufresne 505fec6bad Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
Claude Paroz e663f695fb Fixed #31359 -- Deprecated get_random_string() calls without an explicit length. 2020-03-11 13:16:44 +01:00
Hasan Ramezani bc1c034076 Fixed #28280 -- Prevented numberformat.format() from formatting large/tiny floats in scientific notation. 2020-02-26 16:02:53 +01:00
Claude Paroz 4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes. 
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2020-02-18 20:03:44 +01:00
Hasan Ramezani fc4f45ebdc Used assertRaisesMessage() in various tests. 2020-02-07 12:46:23 +01:00
Claude Paroz 50cf183d21 Refs #27468 -- Added algorithm parameter to django.utils.crypto.salted_hmac(). 2020-01-27 12:42:21 +01:00
Claude Paroz b5a62bd17d Refs #27468 -- Added explicit tests for django.utils.crypto.salted_hmac() 2020-01-15 12:53:21 +01:00
Sjbrgsn b2bd08bb7a Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ". 
Thanks Luis Nell for the implementation idea and very detailed report.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2019-12-30 20:47:22 +01:00
Mads Jensen 62727e65fb Increased test coverage of django.utils.inspect. 2019-12-27 10:08:24 +01:00
Jon Dufresne e703b93a65 Fixed #31080 -- Removed redundant type="text/javascript" attribute from <script> tags. 2019-12-11 09:49:54 +01:00
Farhaan Bukhsh 1f817daa20 Fixed #30803 -- Allowed comma separators for milliseconds in django.utils.dateparse functions. 
Co-Authored-By: Ben Wilber <benwilber@gmail.com>
 2019-11-27 09:43:12 +01:00
Farhaan Bukhsh 42b23d1e79 Refs #30803 -- Allowed comma separators for decimal fractions in parse_duration(). 2019-11-27 09:43:12 +01:00
Baptiste Mispelon 8929afb8ec Fixed #9762 -- Made DateFormat.r() locale-independent. 
Thanks to Antonio Melé for the original report all those years ago
and to all the contributors who helped along the way.
 2019-11-22 12:41:53 +01:00
Baptiste Mispelon 76ec032712 Refs #26281 -- Added a helpful error message for an invalid "r" specifier to dateformat.format(). 2019-11-22 12:32:30 +01:00