Commit Graph

2195 Commits

Author SHA1 Message Date
Claude Paroz 41ed6338a4 Upgraded OpenLayers version from 2.13 to 2.13.1
Thanks Daniel Hahler for the initial patch.
2015-10-03 12:36:39 +02:00
Kaleb Elwert adcf823359 Fixed #25490 -- Made the logout() view send "no-cache" headers. 2015-10-02 12:29:54 -04:00
Tim Graham 061801e3df Refs #24505 -- Forwardported 1.8.5 release note. 2015-09-30 18:46:11 -04:00
Tim Graham 8d1a001ef6 Fixed #25466 -- Added backwards compatibility aliases for LoaderOrigin and StringOrigin.
Thanks Simon Charette for the DeprecationInstanceCheck class.
2015-09-29 18:31:11 -04:00
Claude Paroz b7ade64529 Fixed #25468 -- Made DjangoJSONEncoder lazy string aware
Thanks Stavros Korokithakis for the report and Tim Graham for the
review.
2015-09-27 22:37:27 +02:00
Mariusz Felisiak a3a6def867 Fixed #25421 -- Fixed test --keepdb option on Oracle. 2015-09-26 19:51:15 -04:00
Samir Shah dfa81bb1df Fixed typo in 1.9 release notes. 2015-09-24 08:01:08 -04:00
Tim Graham 593c9eb660 Increased the default PBKDF2 iterations for the 1.10 release cycle. 2015-09-23 19:31:11 -04:00
Tim Graham 54848a96dd Removed versionadded/changed annotations for 1.8. 2015-09-23 19:31:11 -04:00
Tim Graham 849037af36 Refs #23957 -- Required session verification per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham 5d383549ee Refs #24152 -- Removed deprecated GeoQuerySet aggregate methods.
Per deprecation timeline.
2015-09-23 19:31:10 -04:00
Tim Graham b4002a2143 Refs #22835 -- Removed NoArgsCommand per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham 6a70cb5397 Refs #19973 -- Removed optparse support in management commands per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham 1392aff440 Refs #21977 -- Removed SimpleTestCase.urls per deprecation timeline. 2015-09-23 19:31:09 -04:00
Tim Graham 222d063301 Refs #23269 -- Removed the removetags template tag and related functions per deprecation timeline. 2015-09-23 19:31:09 -04:00
Tim Graham a25d3ce007 Refs #22218 -- Removed conf.urls.patterns() per deprecation timeline. 2015-09-23 19:31:09 -04:00
Tim Graham 04ee4059d7 Refs #24022 -- Removed the ssi tag per deprecation timeline. 2015-09-23 19:31:09 -04:00
Tim Graham c4e2e9de1f Added stub 1.10 release notes. 2015-09-23 19:31:08 -04:00
Tim Graham 6b37719616 Refs #24526 -- Made the django logger handle INFO messages.
Without an explicit 'level', only messages at WARNING or higher
are handled. This makes the config consistent with the docs
which say, "The django catch-all logger sends all messages at
the INFO level or higher to the console."
2015-09-23 11:33:49 -04:00
Tim Graham 0e723ead52 Refs #21927 -- Added examples to urls.include() changes in 1.9 release notes. 2015-09-23 09:32:35 -04:00
Alex Hill 134ca4d438 Fixed #24509 -- Added Expression support to SQLInsertCompiler 2015-09-22 23:35:24 +10:00
Nick Johnson 392f64842f Fixed #25373 -- Added warning logging for exceptions during {% include %} tag rendering. 2015-09-21 19:57:12 -04:00
Aymeric Augustin 91e9f1c972 Fixed #24921 -- set_autocommit(False) + ORM queries.
This commits lifts the restriction that the outermost atomic block must
be declared with savepoint=False. This restriction was overly cautious.

The logic that makes it safe not to create savepoints for inner blocks
also applies to the outermost block when autocommit is disabled and a
transaction is already active.

This makes it possible to use the ORM after set_autocommit(False).
Previously it didn't work because ORM write operations are protected
with atomic(savepoint=False).
2015-09-21 22:21:53 +02:00
ramez 1335aa2fb9 Fixed #15760 -- Added JavaScript events for admin inline forms. 2015-09-21 15:34:44 -04:00
Claude Paroz 65a1055a36 Fixed #25431 -- Readded inline foreign keys to modelformset instances
Too much field exclusions in form's construct_instance() in _post_clean()
could lead to some unexpected missing ForeignKey values.
Fixes a regression from 45e049937. Refs #13776.
2015-09-21 21:30:49 +02:00
Alasdair Nicol fe3fc5210f Fixed #23813 -- Added checks for common URL pattern errors
Thanks jwa and lamby for the suggestions, and timgraham and jarshwah
for their reviews.
2015-09-21 23:46:21 +10:00
Josh Smeaton 534aaf56f4 Fixed #24629 -- Unified Transform and Expression APIs 2015-09-21 19:56:24 +10:00
Tim Graham ebaa24f588 Removed unused sections in 1.9 release notes. 2015-09-19 20:18:42 -04:00
Tim Graham bed83e0fb5 Alphabetized a few sections in the 1.9 release notes + made a few tweaks. 2015-09-19 20:15:39 -04:00
Aymeric Augustin c3904deb91 Fixed #25160 (again) -- Moved data loss check on reverse relations.
Moved data loss check when assigning to a reverse one-to-one relation on
an unsaved instance to Model.save(). This is exactly the same change as
e4b813c but for reverse relations.
2015-09-19 20:27:53 +02:00
Markus Holtermann 43f2eb7ef3 Fixed #25390 -- Allowed specifying a start migration in squashmigrations
Thanks Tim Graham for the review.
2015-09-19 14:55:34 +10:00
Markus Holtermann 5aa55038ca Fixed #24743, #24745 -- Optimized migration plan handling
The change partly goes back to the old behavior for forwards migrations
which should reduce the amount of memory consumption (#24745). However,
by the way the current state computation is done (there is no
`state_backwards` on a migration class) this change cannot be applied to
backwards migrations. Hence rolling back migrations still requires the
precomputation and storage of the intermediate migration states.

This improvement also implies that Django does not handle mixed
migration plans anymore. Mixed plans consist of a list of migrations
where some are being applied and others are being unapplied.

Thanks Andrew Godwin, Josh Smeaton and Tim Graham for the review as well
as everybody involved on the ticket that kept me looking into the issue.
2015-09-19 14:54:53 +10:00
fabrizio ettore messina 186eb21dc1 Fixed #25269 -- Allowed method_decorator() to accept a list/tuple of decorators. 2015-09-18 19:04:29 -04:00
sujayskumar d8d853378b Fixed #24944 -- Added extra_email_context parameter to password_reset() view. 2015-09-18 18:56:04 -04:00
Unai Zalakain aac2a2d2ae Fixed #13110 -- Added support for multiple enclosures in Atom feeds.
The ``item_enclosures`` hook returns a list of ``Enclosure`` objects which is
then used by the feed builder. If the feed is a RSS feed, an exception is
raised as RSS feeds don't allow multiple enclosures per feed item.

The ``item_enclosures`` hook defaults to an empty list or, if the
``item_enclosure_url`` hook is defined, to a list with a single ``Enclosure``
built from the ``item_enclosure_url``, ``item_enclosure_length``, and
``item_enclosure_mime_type`` hooks.
2015-09-18 18:31:58 -04:00
Simon Charette 71ebcb85b9 Fixed #25417 -- Added a field check for invalid default values. 2015-09-18 14:31:36 -04:00
Tim Graham d074926ca1 Dropped support for Oracle 11.1. 2015-09-18 09:18:09 -04:00
Aric Coady f33b3ebd53 Refs #20625 -- Forwardported tests and release notes for queryset chaining fix.
The issue was fixed on master due to the removal of ValuesQuerySet.

Partial forwardport of 7d471fe662 from stable/1.8.x
2015-09-17 19:22:53 -04:00
Aymeric Augustin 4f6a7663bc Refs #14091 -- Fixed connection.queries on SQLite. 2015-09-17 23:01:33 +02:00
Matt Robenolt b0c56b895f Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.
Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews.
2015-09-16 12:21:50 -04:00
Moritz Sichert 535809e121 Fixed #25294 -- Allowed custom BoundFields on forms. 2015-09-16 10:18:07 -04:00
Adam Chainz 3fe3887a2e Fixed #25377 -- Changed Count queries to execute COUNT(*) instead of COUNT('*'). 2015-09-14 13:41:35 -04:00
Ville Skyttä 4d933ad418 Fixed #25393 -- Fixed MySQL crash when adding text/blob field with unhashable default. 2015-09-14 12:25:08 -04:00
Markus Holtermann 84b0a8d2aa Fixed #25384 -- Ordered imports in newly created migration files
Partial forwardport of 3cc5cc7958 from
stable/1.8.x as the issue was already fixed in master in
a7bc00e17b
2015-09-12 21:37:18 +10:00
Markus Holtermann a3c01b0dd8 Fixed #24919 -- Allowed disabling of migrations on a per app basis 2015-09-12 10:38:15 +10:00
Malcolm Box 1d8eb0cae5 Fixed #25374 -- Made ModelAdmin checks work on instances instead of classes.
This allows dynamically-generated attributes to be specified in
checked ModelAdmin attributes without triggering errors.
2015-09-11 09:28:34 -04:00
Aymeric Augustin a32206b365 Documented that the parallel test runner doesn't work on Windows. 2015-09-10 15:41:26 +02:00
Aymeric Augustin 33c7c2a557 Enabled parallel testing by default in runtests.py. 2015-09-10 13:34:05 +02:00
Aymeric Augustin 326bc0955b Allowed a port range for the liveserver by default.
This is required for running tests in parallel.
2015-09-09 23:01:16 +02:00
Aymeric Augustin 0586c061f0 Cloned databases for running tests in parallel. 2015-09-09 23:01:15 +02:00
Aymeric Augustin cd9fcd4e80 Implemented a parallel test runner. 2015-09-09 23:01:10 +02:00
Daniel Hahler acb833081d Fixed #25372 -- Fixed autocompletion for options of non-argparse commands. 2015-09-09 14:51:41 -04:00
Ola Sitarska f2f8972def Fixed #25135 -- Deprecated the contrib.admin allow_tags attribute.
Thanks Jaap Roes for the idea and initial patch.
2015-09-08 19:13:43 -04:00
Raphael Michel 1bbca7961c Fixed #25350 -- Added alias --no-input for --noinput to management commands. 2015-09-08 08:41:03 -04:00
Ryan Hiebert 617eff41ac Fixed #24857 -- Added "python -m django" entry point. 2015-09-07 19:54:32 -04:00
Tim Graham 862de0b254 Fixed #25356 -- Removed default_app_config from startapp template.
Also discouraged its use outside the intended use case.
2015-09-07 15:23:11 -04:00
Zan Anderle f3dc173240 Fixed #24917 -- Made admindocs display model methods that take arguments. 2015-09-07 15:07:39 -04:00
Aymeric Augustin e8bfc1c747 Stopped returning mirrors from setup_databases.
The return value of setup_databases is only used as an argument for
teardown_databases which doesn't need mirrors.
2015-09-06 09:28:16 +02:00
Joshua Kehn ab26b65b2f Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS.
Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests.
2015-09-05 09:19:57 -04:00
Tim Graham 2dc9ec5616 Fixed #24525 -- Fixed AssertionError in some complex queries.
Thanks Anssi Kääriäinen for providing the solution.
2015-09-05 07:51:17 -04:00
Tim Graham 721d8e50ac Fixed #25144 -- Allowed migrate to create tables for apps without migrations. 2015-09-04 09:47:30 -04:00
Tim Graham a8eb715b66 Refs #24152 -- Fixed typos in deprecated GeoQuerySet aggregate names. 2015-09-02 19:57:08 -04:00
Tim Graham 123984ff66 Fixed #25289 -- Updated admin's jQuery to 2.1.4. 2015-08-31 09:39:43 -04:00
Aymeric Augustin fe6ddb837d Fixed #24704 -- Made the autoreloader survive SyntaxErrors.
With this change, it's expected to survive anything except errors
that make it impossible to import the settings. It's too complex
to fallback to a sensible behavior with a broken settings module.

Harcoding things about runserver in ManagementUtility.execute is
atrocious but it's the only way out of the chicken'n'egg problem:
the current implementation of the autoreloader primarily watches
imported Python modules -- and then a few other things that were
bolted on top of this design -- but we want it to kick in even if
the project contains import-time errors and django.setup() fails.

At some point we should throw away this code and replace it by an
off-the-shelf autoreloader that watches the working directory and
re-runs `django-admin runserver` whenever something changes.
2015-08-29 20:49:56 +02:00
Y3K b649f68649 Fixed #25262 -- Removed the enable_comments field from FlatPageAdmin. 2015-08-29 08:55:50 -04:00
Sergey Kolosov e75882332c Fixed #17375 -- Changed makemessages to use xgettext with --files-from
Changed the way makemessages invokes xgettext from one call per
translatable file to one call per locale directory (using --files-from).
This allows to avoid https://savannah.gnu.org/bugs/index.php?35027 and,
as a positive side effect, speeds up localization build.
2015-08-28 15:41:58 -04:00
Tim Graham 01b2b0b654 Fixed #25318 -- Made SILENCED_SYSTEM_CHECKS suppress all messages.
Previously, messages of ERROR level or higher were printed to
the console.
2015-08-28 13:34:56 -04:00
Tim Graham 9607a04041 Fixed #25299 -- Fixed crash with ModelAdmin.list_display value that clashes with a model reverse accessor. 2015-08-28 08:46:26 -04:00
Tim Graham 22a791e608 Refs #20597 -- Fixed spelling of HiDPI. 2015-08-27 19:32:57 -04:00
elky c32b61c6fd Fixed #20597 -- Replaced admin GIF/PNG icons by SVG 2015-08-27 17:21:02 -04:00
Sergey Kolosov 22bb548900 Fixed #22634 -- Made the database-backed session backends more extensible.
Introduced an AbstractBaseSession model and hooks providing the option
of overriding the model class used by the session store and the session
store class used by the model.
2015-08-27 15:00:09 -04:00
Alex Hill 7bec480fe2 Fixed #24201 -- Added order_with_respect_to support to GenericForeignKey. 2015-08-27 09:20:17 -04:00
Claude Paroz 9324935c3e Fixed #25295 -- Restored 'no active translation' after language override
Thanks David Nelson Adamec for the report and Tim Graham for the review.
2015-08-25 10:32:10 +02:00
Maxime Lorant 4ce433e811 Fixed #25302 -- Prevented BrokenLinkEmailsMiddleware from reporting 404s when Referer = URL. 2015-08-24 19:35:49 -04:00
Tim Graham 26dcf739ea Forwardported release note for refs #25040. 2015-08-22 08:50:49 -04:00
Tim Graham d3bc86ec11 Fixed #25284 -- Documented removal of implicit QuerySet __in lookups. 2015-08-21 11:04:22 -04:00
Tim Graham 333cbdcd2d Fixed #24951 -- Fixed AssertionError in delete queries involving a foreign/primary key.
Thanks Anssi Kääriäinen for help.
2015-08-20 08:14:16 -04:00
Tim Graham 47201371d2 Refs #24451 -- Corrected Django version for {% cycle %} deprecation. 2015-08-19 08:37:27 -04:00
Tim Graham 84335e3d1f Added stub release notes for 1.8.5. 2015-08-18 19:52:45 -04:00
Anton Strogonoff 20787b5c29 Used consistent capitalization and hyphenation of "class-based views" in docs. 2015-08-18 19:07:10 -04:00
Tim Graham 068a80d717 Added today's issue to the security archive. 2015-08-18 13:46:47 -04:00
Tim Graham 8cc41ce7a7 Fixed DoS possiblity in contrib.auth.views.logout()
Thanks Florian Apolloner and Carl Meyer for review.

This is a security fix.
2015-08-18 08:03:43 -04:00
Tim Graham b0ab74dfca Added stub release notes for security releases. 2015-08-18 08:03:39 -04:00
Caio Ariede dad8434d6f Fixed #25180 -- Prevented varchar_patterns_ops and text_patterns_ops indexes for ArrayField. 2015-08-15 10:02:08 -04:00
Valentina Mukhamedzhanova 1f7b25c1a7 Fixed #24986 -- Added support for annotations in DISTINCT queries. 2015-08-15 08:23:32 -04:00
Sambhav Satija d0bd533043 Fixed #25254 -- Added JsonResponse json_dumps_params parameter. 2015-08-12 10:39:07 -04:00
Doug Beck b7508896fb Fixed #24257 -- Corrected i18n handling of percent signs.
Refactored tests to use a sample project.

Updated extraction:
* Removed special handling of single percent signs.
* When extracting messages from template text, doubled all percent signs
  so they are not interpreted by gettext as string format flags. All
  strings extracted by gettext, if containing a percent sign, will now
  be labeled "#, python-format".

Updated translation:
* Used "%%" for "%" in template text before calling gettext.
* Updated {% trans %} rendering to restore "%" from "%%".
2015-08-12 10:23:34 -04:00
Tim Graham 5980b05c1f Fixed #25160 -- Moved unsaved model instance data loss check to Model.save()
This mostly reverts 5643a3b51b and
81e1a35c36.

Thanks Carl Meyer for review.
2015-08-10 08:51:32 -04:00
Claude Paroz e9c5c39631 Updated various links in docs 2015-08-08 13:57:15 +02:00
Claude Paroz 64982cc2fb Updated Wikipedia links to use https 2015-08-08 12:02:32 +02:00
mlavin 69db1c7455 Fixed #25231 -- Added recording of squashed migrations in the migrate command.
Ensured squashed migrations are recorded as applied when the
migrate command is run and all of the original migrations
have been previously applied.
2015-08-07 17:59:18 -04:00
Tim Graham a7b7f27c05 Fixed #25233 -- Fixed HStoreField.has_changed() handling of initial values.
Thanks Simon Charette for review.
2015-08-07 13:26:17 -04:00
Caio Ariede ec9004728e Fixed #25175 -- Renamed the postgresql_psycopg2 database backend to postgresql. 2015-08-07 09:33:17 -04:00
Sergey Kolosov 244404227e Fixed #22404 -- Added a view that exposes i18n catalog as a JSON
Added django.views.i18n.json_catalog() view, which returns a JSON
response containing translations, formats, and a plural expression
for the specified language.
2015-08-05 09:05:21 -04:00
Matt Robenolt 4dcfbd7923 Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting. 2015-08-04 09:50:57 -04:00
Curtis Maloney 9f73009e98 Fixed #25215 -- Solved reference to forms.HStoreField in declaration of HStoreField
Correct test which was using the model field in a test form.
2015-08-04 19:15:22 +10:00
Rigel Di Scala 3bdaaf6777 Fixed #25146 -- Allowed method_decorator() to decorate classes. 2015-08-01 08:38:03 -04:00
Adam Chainz 0abb06930f Fixed #25176 -- Prevented TestCase.setUpTestData() exception from leaking transaction. 2015-08-01 07:33:22 -04:00
Flavio Curella 1e2362ca0f Refs #25184 -- Started deprecation for contrib.gis.geoip. 2015-07-31 10:09:06 -04:00
Flavio Curella 7f0953ce1f Fixed #25184 -- Added support for MaxMind GeoLite2 database format 2015-07-31 09:45:03 -04:00
Tim Graham 70912e137d Fixed #25168 -- Documented how to avoid foreign key constraint error after upgrading to 1.8. 2015-07-31 08:19:39 -04:00
elky 35901e64b0 Fixed #24444 -- Updated contrib.admin to use django-flat-theme 2015-07-30 15:18:22 -04:00
Tim Graham d27e0f04a6 Fixed #25190 -- Deprecated callable_obj parameter to assertRaisesMessage().
Thanks Aymeric Augustin for review.
2015-07-30 10:12:41 -04:00
Piper Merriam 537818af87 Fixed #25185 -- Added support for functools.partial serialization in migrations 2015-07-29 10:15:50 -04:00
Tim Graham adc0c4fbac Fixed #18556 -- Allowed RelatedManager.add() to execute 1 query where possible.
Thanks Loic Bistuer for review.
2015-07-28 09:28:25 +07:00
Flavio Curella c2e70f0265 Fixed #21127 -- Started deprecation toward requiring on_delete for ForeignKey/OneToOneField 2015-07-27 18:28:13 -04:00
Marten Kenbeek bc7923beff Fixed #24127 -- Changed the default current_app to the current namespace.
Changed the url template tag to use request.resolver_match.namespace as a
default for the current_app argument if request.current_app is not set.
2015-07-27 09:14:48 -04:00
Claude Paroz c296e55dc6 Fixed #22258 -- Added progress status for dumpdata when outputting to file
Thanks Gwildor Sok for the report and Tim Graham for the review.
2015-07-24 18:37:55 +02:00
Matt Johnson e063ac2fae Fixed #12768 -- Fixed QuerySet.raw() regression on FK with custom db_column. 2015-07-23 18:07:38 -04:00
Tim Graham 8eeb566aca Fixed #25149 -- Replaced window.__admin_utc_offset__ with a data attribute. 2015-07-22 17:09:52 -04:00
lukasz.wojcik 927b30a6ab Fixed #24126 -- Deprecated current_app parameter to auth views. 2015-07-21 08:26:41 -04:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Claude Paroz 1ef4aeab40 Fixed #25078 -- Added support for disabled form fields
Thanks Keryn Knight and Tim Graham for the reviews.
2015-07-16 19:36:56 +02:00
Tim Graham 1fed8dd715 Fixed #25120 -- Deprecated egg template loader. 2015-07-16 09:32:42 -04:00
Thomas Stephenson 035b0fa60d Fixed #24716 -- Deprecated Field._get_val_from_obj()
The method duplicates the functionality of Field.value_from_object()
and has the additional downside of being a privately named public
API method.
2015-07-14 09:13:22 -04:00
Tim Graham 64f731e77d Added 1.4.22 release notes. 2015-07-14 07:28:55 -04:00
Vlastimil Zíma 8f8c54f70b Fixed #25099 -- Cleaned up HttpRequest representations in error reporting. 2015-07-13 19:22:39 -04:00
Daniel Roseman 24620d71f2 Fixed #25079 -- Added warning if both TEMPLATES and TEMPLATE_* settings are defined.
Django ignores the value of the TEMPLATE_* settings if TEMPLATES is also
set, which is confusing for users following older tutorials. This change
adds a system check that warns if any of the TEMPLATE_* settings have
changed from their defaults but the TEMPLATES dict is also non-empty.

Removed the TEMPLATE_DIRS from the test settings file; this was marked
for removal in 1.10 but no tests fail if it is removed now.
2015-07-13 17:50:22 -04:00
Andrei Kulakov db97a88495 Fixed #24375 -- Added Migration.initial attribute
The new attribute is checked when the `migrate --fake-initial` option
is used. initial will be set to True for all initial migrations (this
is particularly useful when initial migrations are split) as well as
for squashed migrations.
2015-07-13 15:57:40 -04:00
Razvan Andrei Ionescu 97bc875234 Fixed #25117 -- Added Romanian char map for Javascript slug generation 2015-07-13 13:31:12 -04:00
Claude Paroz 2e05ef4e18 Added release note for the UUID serialization backport
Refs #25019.
2015-07-10 09:00:19 +02:00
Claude Paroz 846cb6fef7 Added stub release notes for 1.8.4 2015-07-10 08:51:16 +02:00
Tim Graham 3d650e80ad Added today's security issues to the archive. 2015-07-08 17:41:48 -04:00
Shai Berger 17d3a6d804 Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham 014247ad19 Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham 125eaa19b2 Added security release note stubs. 2015-07-08 15:23:03 -04:00
Luke Plant f87e552d98 Corrected example code for get_query_set upgrade in 1.6 release notes
The conditional setting of `get_query_set` is required for correct behaviour
if running Django 1.8. The full gory details are here:

http://lukeplant.me.uk/blog/posts/handling-django%27s-get_query_set-rename-is-hard/
2015-07-08 10:58:07 +01:00
Chris Bainbridge e5cfa394d7 Refs #23882 -- Added detection for moved files when using inotify polling
Commit 15f82c7 ("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
2015-07-07 12:23:04 -04:00
David Wolever 0d71349773 Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer
Thanks Jaap Roes for completing the patch.
2015-07-07 11:44:37 -04:00
Alexey Sveshnikov bc98bc56a5 Fixed #25059 -- Allowed Punycode TLDs in URLValidator 2015-07-06 15:08:43 -04:00
Sylvain Fankhauser f5d5867a4a Fixed #24877 -- Added middleware handling of response.render() errors. 2015-07-03 12:06:40 -04:00
Rigel Di Scala b91a2a499f Fixed #23190 -- Made Paginator.page_range an iterator 2015-07-03 11:34:34 -04:00
Jan Pazdziora a570701e02 Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication. 2015-07-02 17:38:10 -04:00
William Schwartz 9a5cfa05a0 Fixed #24997 -- Enabled bulk_create() on proxy models 2015-07-02 13:53:51 -04:00
Curtis 11cac1bd8e Fixed #4960 -- Added "strip" option to CharField 2015-07-01 17:47:05 -04:00
Jon Dufresne b44dee16e6 Fixed #20916 -- Added Client.force_login() to bypass authentication. 2015-07-01 13:01:08 -04:00
Matthew Somerville 839edcebb3 Fixed #21695 -- Added asvar option to blocktrans.
Thanks Bojan Mihelac for the initial patch.
2015-07-01 10:03:00 -04:00
Jean-Michel Vourgère b64c0d4d61 Fixed #23658 -- Provided the password to PostgreSQL dbshell command
The password from settings.py is written in a temporary .pgpass file
file whose name is given to psql using the PGPASSFILE environment
variable.
2015-06-30 18:21:51 -04:00
Shai Berger eecd42ea7d Removed datetime_cast_sql, which is never overridden or used anywhere in Django.
Thanks Tim Graham for review.
2015-07-01 00:43:45 +03:00
Andreas Pelme 00a1d4d042 Fixed #21803 -- Added support for post-commit callbacks
Made it possible to register and run callbacks after a database
transaction is committed with the `transaction.on_commit()` function.

This patch is heavily based on Carl Meyers django-transaction-hooks
<https://django-transaction-hooks.readthedocs.org/>. Thanks to
Aymeric Augustin, Carl Meyer, and Tim Graham for review and feedback.
2015-06-30 14:51:00 -04:00
Tim Graham 9f0d67137c Fixed #25038 -- Reverted incorrect documentation about inspectdb introspecting views.
This reverts commit bd691f4586 (refs #24177).
2015-06-30 14:23:29 -04:00
Luke Plant aef2a0ec59 Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output.
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.

Thanks to Tim Graham for the review.
2015-06-29 08:16:19 -04:00
Noam e291fc4757 Fixed #25031 -- Fixed a regression in the unordered_list template filter. 2015-06-27 09:37:41 -04:00
sujayskumar 2e70bf3785 Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response 2015-06-27 08:46:23 -04:00
Jason Hoos a50b66da30 Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children. 2015-06-26 09:09:09 -04:00
薛丞宏 d3e12c9017 Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3. 2015-06-26 08:30:05 -04:00
Tim Graham aed437d567 Updated release process for new release schedule. 2015-06-25 11:36:17 -04:00
Tim Graham aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap.
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Daniel Wiesmann c078021555 Refs #24840 -- Added GDALRaster Warp and transform methods
Thanks to Tim Graham for the review.
2015-06-24 18:31:22 +02:00
Tim Graham 7f155a0703 Refs #25006 -- Added a '6 p.m.' option to the admin's time picker. 2015-06-22 07:24:57 -04:00
Marten Kenbeek 738c0de300 Fixed #14200 -- Added a fallback if HttpRequest.urlconf is None.
Made BaseHandler fall back to settings.ROOT_URLCONF if
HttpRequest.urlconf is set to None, rather than raising
ImproperlyConfigured.
2015-06-20 18:52:33 -04:00
Claude Paroz 9368f51e12 Fixed #20197 -- Made XML serializer fail loudly when outputting unserializable chars
Thanks Tim Graham for the review.
2015-06-19 20:54:46 +02:00
Daniel Wiesmann b769bbd4f6 Fixed #23804 -- Added RasterField for PostGIS.
Thanks to Tim Graham and Claude Paroz for the reviews and patches.
2015-06-19 14:36:43 -04:00
Markus Holtermann d3d66d4722 Fixed #24940 -- Made model managers hashable
Thanks Federico Jaramillo Martínez for the report and Tim Graham for the
test and review.
2015-06-19 19:02:01 +02:00
Nick Pope b3d5dc6932 Fixed #24834 -- Fixed get_current_site() when Host header contains port.
When the Host header contains a port, looking up the Site record fails
as the host will never match the domain.
2015-06-18 10:18:12 -04:00
Tim Graham 7f1168e387 Removed support for Python 3.3. 2015-06-18 08:36:50 -04:00
Markus Holtermann e5cb4e1411 Fixed #24914 -- Added authentication mixins for CBVs
Added the mixins LoginRequiredMixin, PermissionRequiredMixin and
UserPassesTestMixin to contrib.auth as counterparts to the respective
view decorators.

The authentication mixins UserPassesTestMixin, LoginRequiredMixin and
PermissionRequiredMixin have been inspired by django-braces
<https://github.com/brack3t/django-braces/>

Thanks Raphael Michel for the initial patch, tests and docs on the PR
and Ana Balica, Kenneth Love, Marc Tamlyn, and Tim Graham for the
review.
2015-06-17 23:19:10 +02:00
ana-balica 2f615b10e6 Fixed #24829 -- Allowed use of TemplateResponse in view error handlers. 2015-06-17 17:11:50 -04:00
Andriy Sokolovskiy cf6ce279c7 Fixed #24948 -- Fixed crash when uploading bitmap images in forms.ImageField 2015-06-16 14:37:58 -04:00
Mounir Messelmeni e6dd7f995a Fixed #24971 -- Made startapp generate an apps.py 2015-06-16 07:08:04 -04:00
Adam Brenecki 65296b3be3 Fixed #24972 -- Fixed removing unique_together indexes on MySQL. 2015-06-15 17:28:13 -04:00
Adam Chainz d34d39ade7 Fixed #24894 -- Added contrib.postgres.functions.TransactionNow 2015-06-15 14:03:17 -04:00
Tim Graham 4b600ed244 Removed django.utils.functional.total_ordering() 2015-06-15 13:15:24 -04:00
Brian King bfb5b7150f Fixed #24912 -- Fixed prefetch_related failure for UUIDField primary keys
This resolves a problem on databases besides PostgreSQL when using
prefetch_related with a source model that uses a UUID primary key.
2015-06-15 09:37:38 -04:00
Carson Gee e93e0c03b2 Fixed #24963 -- Added File.seekable() on Python 3. 2015-06-12 10:17:21 -04:00
Tim Graham 55b3bd8468 Refs #16860 -- Minor edits and fixes to password validation. 2015-06-10 07:41:01 -04:00
Rivo Laks a0047c6242 Fixed #24769 -- Cast optparse verbosity argument to an integer for better backwards compatibility.
Using `BaseCommand.options_list` makes Django use the legacy optparse
parser, which does not set the verbosity attribute correctly. Now the
verbosity argument is always cast to int. Regression in 8568638 (#19973).

Initial report and patch from blueyed.
2015-06-09 19:03:23 -04:00
Tim Graham 90c59db7a3 Forwardported release notes for refs #24903. 2015-06-09 17:57:21 -04:00
Marten Kenbeek 1e82094f1b Fixed #21927 -- Made application and instance namespaces more distinct.
Made URL application namespaces be set in the included URLconf and
instance namespaces in the call to include(). Deprecated other ways
to set application and instance namespaces.
2015-06-08 15:12:20 -04:00
Raphael Michel 39937de7e6 Fixed #24929 -- Allowed permission_required decorator to take any iterable 2015-06-08 13:44:39 -04:00
Trey Hunner 788071e22d Moved jQuery to a vendor/jquery subdirectory. 2015-06-07 22:23:42 +02:00
Erik Romijn 1daae25bdc Fixed #16860 -- Added password validation to django.contrib.auth. 2015-06-07 19:31:20 +02:00
David Bannon f4416b1a8b Fixed #24915 -- Added stricter session key validation
Changed _session_key attribute to a property and implemented basic
validation in the setter. The session key must be 'truthy' and
at least 8 characters long. Otherwise, the value is set to None.
2015-06-06 20:04:20 -04:00
Marten Kenbeek bc77eb6d08 Fixed #24906 -- Fixed ResolverMatch.app_name for nested namespaces.
Set ResolverMatch.app_name to the full path of nested application
namespaces.
2015-06-06 10:44:43 -04:00
Matthew Somerville a391b17ad2 Fixed #23516 -- Added caching of include tag Template objects
This also speeds up for loops that render the same template
multiple times.
2015-06-06 09:25:11 -04:00
Andriy Sokolovskiy 08232ef84d Fixed #24744 - Fixed relabeled_clone for the Transform 2015-06-06 09:04:53 -04:00
Matthew Somerville 2926559cce Fixed #24937 -- fix serialization of Date(Time)RangeField.
Use the DjangoJSONEncoder so that datetime and date are encoded
appropriately.
2015-06-05 22:01:42 +01:00
Mark Lavin 541f4ea546 Fixed #24924 -- Join promotion for multiple Case expressions 2015-06-05 12:22:43 -04:00
Andriy Sokolovskiy 286d0e6ab1 Refs #24833 -- Forwardported some of "Fixed Case expressions with exclude()."
Partial forwardport of 469f1e362b from stable/1.8.x
as the issue was already fixed in master.
2015-06-05 11:21:31 -04:00
Tim Graham 2fbea621e6 Capitalized "Python" in docs. 2015-06-05 08:24:53 -04:00
Russell Keith-Magee 5c35b4a8c9 Added release notes for feature added in fe21fb81 2015-06-05 11:42:58 +01:00
Ian Foote 4ab53a558a Fixed #24767 -- Added Greatest and Least expressions
Greatest and Least are row-level Function versions of Min and Max.
2015-06-05 11:15:33 +01:00
Matthew Somerville 2dc93bb10a Fixed #22316 -- Added time filters to TimeField on SQLite.
This was implemented for non-SQLite backends in 1.7 (as a
side effect of #16187).
2015-06-04 22:27:13 -04:00
Raphael Michel 6700c90935 Fixed #19210 -- Added leap year support to django.utils.timesince() 2015-06-04 21:36:12 -04:00
Loek van Gent 0207bdd2d4 Fixed #24474 -- Allowed configuring the admin's empty change list value. 2015-06-04 21:06:26 -04:00
Matthew Somerville 40f0a84cb1 Fixed #24159 -- Made compilemessages run across all apps.
Updated the command to match the documentation, which states it
runs over all .po files.
2015-06-04 21:02:02 -04:00
Marc Tamlyn 7bda2d8ebc Fixed #24837 -- field__contained_by=Range
Provide `contained_by` lookups for the equivalent single valued fields
related to the range field types. This acts as the opposite direction to
rangefield__contains.

With thanks to schinckel for the idea and initial tests.
2015-06-04 19:29:59 +01:00
Raphael Michel 5c125f63f7 Fixed #24728 -- Renamed mime_type to content_type for syndication feeds
Renamed the mime_type properties of RssFeed and Atom1Feed to
content_type and start deprecation for the old names.
2015-06-04 13:24:18 -04:00
Carl Meyer 492537ac18 Fixed #24628 -- Fixed applied status for squashed migrations. 2015-06-02 16:15:13 -06:00
Adam Chainz 23048d186c Fixed #24866 -- Added Now() database function 2015-06-02 17:59:01 -04:00
Tomáš Ehrlich 002b3d87b5 Fixed #24230 -- Added translated language name for i18n template tag/filter. 2015-06-02 16:04:01 -04:00
Carl Meyer 84522c0d16 Fixed #24895 -- Fixed loading a pair of squashed migrations with a dependency. 2015-06-02 12:07:54 -06:00
zauddelig 262d4db8c4 Fixed #24897 -- Allowed using choices longer than 1 day with DurationField 2015-06-02 12:39:34 -04:00
Andriy Sokolovskiy 2913d6b77d Fixed #24831 -- Fixed pickling queryset with prefetch_related() after deleting objects. 2015-06-02 09:54:53 -04:00
Tim Graham e1e6399c2c Fixed #24893 -- Fixed lack of unique constraint when changing a field from primary_key=True to unique=True 2015-06-02 09:25:47 -04:00
Tim Graham 5ab8680983 Fixed #24892 -- Fixed quoting of SQL when renaming a field to AutoField in PostgreSQL 2015-06-02 09:13:55 -04:00
Jon Dufresne 44f3ee7716 Fixed #9596 -- Added date transform for DateTimeField. 2015-06-02 08:49:10 -04:00
Marc Tamlyn 33ea472f69 Fixed #24604 -- Added JSONField to contrib.postgres. 2015-05-30 23:10:30 +01:00
Tim Graham ad0f0daf8c Fixed #24851 -- Fixed crash with reverse one-to-one relation in ModelAdmin.list_display
Forwardport of 2456276b02 from stable/1.8.x
2015-05-28 10:52:50 -04:00
Andriy Sokolovskiy 80ad5472ce Fixed #24817 -- Prevented loss of null info in MySQL field renaming. 2015-05-28 10:07:52 -04:00
Paweł Marczewski 300e8baf94 Fixed #24847 -- Prevented items set on a RequestContext from being lost. 2015-05-27 10:04:57 -04:00
Tim Graham 70be31bba7 Fixed #24836 -- Made force_text() resolve lazy objects. 2015-05-27 09:48:53 -04:00
Tim Graham f4cb350c79 Added release notes for refs #24844. 2015-05-25 21:03:41 -04:00
Paweł Marczewski 801a84ae32 Fixed #24835 -- Fixed QuerySet.exists() after an annotation with Count()
QuerySet.exists() incorrectly handled query.group_by = True
case (grouping by all select fields), causing GROUP BY
expressions to be wiped along with select fields.
2015-05-25 20:46:20 -04:00
Paweł Marczewski 4df7e8483b Fixed #24788 -- Allowed Forms to specify a prefix at the class level. 2015-05-25 20:23:31 -04:00
Marten Kenbeek d73176a842 Fixed #24848 -- Fixed ValueError for faulty migrations module.
Added apps to unmigrated apps if the migrations module is a file
or a folder missing __init__.py.

Thanks to Ernest0x for the bug report.
2015-05-25 13:47:50 -04:00
Villiers Strauss 614bec41b5 Fixed #24841 -- Made BaseRangeField.prepare_value() call base_field's prepare_value() 2015-05-25 12:06:55 -04:00
Andy McKay 4525a0c466 Fixed #24773 -- Added a json() method on test client responses. 2015-05-25 10:42:30 -04:00
Alexander Sosnovskiy 04e8d890ae Fixed #16891 -- Made Model/QuerySet.delete() return the number of deleted objects. 2015-05-22 13:27:16 -04:00
Preston Timmons 655f524915 Fixed #17085, #24783 -- Refactored template library registration.
* Converted the ``libraries`` and ``builtins`` globals of
  ``django.template.base`` into properties of the Engine class.
* Added a public API for explicit registration of libraries and builtins.
2015-05-21 09:12:06 -05:00
Tim Graham 7b8008a078 Added stub release notes for 1.8.3. 2015-05-20 14:17:59 -04:00
Tim Graham c940940fe4 Added today's security issue to archive. 2015-05-20 14:04:56 -04:00
Tim Graham ebe994a42c Added release date for 1.8.2. 2015-05-20 13:48:06 -04:00
Tim Graham 088579638b Fixed incorrect session.flush() in cached_db session backend.
This is a security fix; disclosure to follow shortly.

Thanks Sam Cooke for the report and draft patch.
2015-05-20 13:48:06 -04:00
Simon Charette c15b0c2792 Fixed #24652 -- Disallowed query execution in SimpleTestCase subclasses.
Thanks to Tim and Anssi for the review.
2015-05-20 12:50:41 -04:00
Anssi Kääriäinen bc87061a3c Fixed #24705 -- Fixed negated Q objects in expressions.
Avoided split_exclude() for Q when used as an expression.
2015-05-20 09:41:04 -04:00
Tim Graham fb94e7b8cf Fixed #24784 -- Fixed visibility regression in admin's FK widget. 2015-05-19 13:01:48 -04:00
Claude Paroz 1046c8afec Fixed #24739 -- Documented translation fallback change
Refs #24503.
2015-05-18 18:40:37 +02:00
Aymeric Augustin da2c6959c8 Dropped the needs_datetime_string_cast feature.
It has been superseded by the converter infrastructure.
2015-05-17 10:23:13 +02:00
Aymeric Augustin ed83881e64 Fixed #23820 -- Supported per-database time zone.
The primary use case is to interact with a third-party database (not
primarily managed by Django) that doesn't support time zones and where
datetimes are stored in local time when USE_TZ is True.

Configuring a PostgreSQL database with the TIME_ZONE option while USE_TZ
is False used to result in silent data corruption. Now this is an error.
2015-05-17 09:40:28 +02:00
Aymeric Augustin 54026f1e8d Renamed value_to_db_xxx to adapt_xxxfield_value.
This mirrors convert_xxxfield_value nicely, taking advantage of the
adapter/converter terminology which is commonly used by DB-API modules.
2015-05-17 09:39:34 +02:00
Aymeric Augustin d9521f66b1 Removed global timezone-aware datetime adapters.
Refs #23820.

Fixed #19738.

Refs #17755. In order not to introduce a regression for raw queries,
parameters are passed through the connection.ops.value_to_db_* methods,
depending on their type.
2015-05-17 09:38:48 +02:00
Aymeric Augustin ec186572e6 Removed global timezone-aware datetime converters.
Refs #23820.
2015-05-17 09:36:23 +02:00
Piotr Jakimiak 70e3e2e08e Fixed #24774 -- Made contrib.site's Site.domain field unique 2015-05-16 08:43:42 -04:00
Claude Paroz 3226050358 Fixed #24791 -- Added fallback when 'postgres' database isn't available
Thanks Carl Meyer and Tim Graham for the reviews.
2015-05-15 18:44:20 +02:00
Bo Lopker 2dee853ed4 Fixed #24799 -- Fixed session cookie deletion when using SESSION_COOKIE_DOMAIN 2015-05-15 11:23:41 -04:00
Claude Paroz ae635cc365 Fixed #24757 -- Recreated MySQL index when needed during combined index removal
Thanks Thomas Recouvreux for the report and Tim Graham for the tests and
review.
2015-05-15 17:07:14 +02:00
Tim Graham 3c8fe5dddf Fixed #24751 -- Fixed HStoreField isnull lookup. 2015-05-13 10:31:59 -04:00
Tim Graham 81d4ce4a6d Refs #24743 -- Clarified migrations performance note in 1.8.1 release notes. 2015-05-13 10:11:05 -04:00
Abhaya Agarwal 9de9c24017 Fixed #24105 -- Called Storage.get_valid_name() when upload_to is callable 2015-05-12 20:08:22 -04:00
Abhaya Agarwal 7c7b855106 [1.8.x] Refs #24698, #24712 -- Forwardported ForeignKey.get_db_prep_value() test and release notes.
Fixed in master by b68212f539.

Forwardport of 290c9d6654 from stable/1.8.x
2015-05-12 19:42:42 -04:00
Claude Paroz 70779d9c1c Fixed #24733 -- Passed the triggering exception to 40x error handlers
Thanks Tim Graham for the review.
2015-05-11 22:02:14 +02:00
Riccardo Magliocchetti bd53db5eab Fixed #24553 -- Added the list of available applications to AdminSite.each_context() 2015-05-11 12:07:36 -04:00
Anssi Kääriäinen adc57632bc Fixed #24748 -- Fixed incorrect GROUP BY on MySQL in some queries
When the query's model had a self-referential foreign key, the
compiler.get_group_by() code incorrectly used the self-referential
foreign key's column (for example parent_id) as GROUP BY clause
when it should have used the model's primary key column (id).
2015-05-11 11:42:27 -04:00
Anssi Kääriäinen be9d645346 Fixed #24766 -- Added join promotion for Case expressions 2015-05-11 11:16:16 -04:00
David Krisch 1a62f19707 Fixed #24763 -- Moved DoesNotExist exception to model docs. 2015-05-08 13:05:50 -04:00
Michael Blatherwick 3baebf52aa Fixed typo in 1.8 release notes. 2015-05-07 08:52:06 -04:00
Preston Timmons adff499e47 Fixed #24119, #24120 -- Formalized debug integration for template backends. 2015-05-06 17:33:47 -05:00
Dan Watson fe914341c8 Fixed #24564 -- Moved AbstractBaseUser and BaseUserManager so they can be used without auth in INSTALLED_APPS 2015-05-05 12:03:48 -04:00
Anssi Kääriäinen 7b05d2fdae Fixed #24752 -- query crash when reusing Case expressions
Case expressions weren't copied deep enough (self.cases list was
reused resulting in an error).
2015-05-05 11:38:12 -04:00
Tim Graham 17b1f7886c Used a simpler word that doesn't fail the spelling checker. 2015-05-04 10:55:03 -04:00
Aymeric Augustin 81f7651728 Added release notes for previous commit. 2015-05-04 07:42:31 +02:00
Tim Graham 3cb386b8c2 Added stub release notes for 1.8.2. 2015-05-01 16:52:19 -04:00
Tim Graham 06aaed41a4 Added dates to release notes. 2015-05-01 16:24:39 -04:00
Tim Graham 3c4fca271b Fixed #24724 -- Fixed GIS initialization crash on Windows. 2015-05-01 15:47:34 -04:00
Tim Graham 2c3ce26beb Fixed #24676 -- Fixed help text positioning in ``contrib.admin`` filter_* widgets. 2015-05-01 15:32:05 -04:00
Dave Hodder 08c980d752 Updated capitalization in the word "JavaScript" for consistency 2015-05-01 13:26:42 -04:00
daphshez 57202a112a Fixed #23271 -- Fixed makemessages crash/test failure for some locales. 2015-05-01 10:27:28 -04:00
Tim Graham be66173ad7 Forwardport of 1.8.1 release notes. 2015-04-30 09:55:18 -04:00
Markus Holtermann 63f9b633f9 Fixed #24725 -- Allowed renaming of target models in ManyToMany relations
This is a regression caused by introducing rendered migration states in
1aa3e09c20 and the _meta refactoring in fb48eb0581.

Thanks to Danilo Bargen for reporting the issue and Marten Kenbeek and
Tim Graham for triaging the bug and providing the initial test case.
2015-04-30 13:27:29 +02:00
Markus Bertheau 4a438e400b Fixed #13008 -- Added more Cache-Control headers to never_cache() decorator. 2015-04-28 12:07:02 -04:00
Tim Graham 82162b4499 Fixed typo in 1.8.1 release notes. 2015-04-28 10:55:56 -04:00
Aric Coady 9c2d8cde77 Fixed #24719 -- Restored the ability to use interators as queryset related object filters. 2015-04-28 10:51:27 -04:00
Tim Graham 2d76b61dc2 Fixed #24649 -- Allowed using Avg aggregate on non-numeric field types. 2015-04-25 13:06:14 -04:00
Tim Graham 26996e2d55 Fixed #24499 -- Dropped support for PostGIS 1.5. 2015-04-25 12:21:16 -04:00
Markus Holtermann faad6070ee Fixed #24701 -- Converted model manager names to unicode in migrations
Thanks to Reto Aebersold for reporting the issue and Tim Graham and
Claude Paroz for the review.
2015-04-25 18:17:06 +02:00
Michal Čihař 76d26d8922 Fixed #24063 -- Allowed locale variants supported by gettext.
The locale code can contain a variant after @, so allowed that.
2015-04-24 20:31:16 -04:00
Andrei Kulakov 8a1824d465 Fixed #24643 -- Added get_context_data() method to FormMixin 2015-04-24 20:17:29 -04:00
Josh Smeaton 143255c8bb Fixed #22598 -- Allowed make_aware() to work with ambiguous datetime 2015-04-24 13:55:40 -04:00
Tim Graham 8efea1b8d5 Fixed #24526 -- Combined django.request/security loggers with the root logger.
Thanks Carl Meyer for review.
2015-04-24 11:07:42 -04:00
Preston Timmons 8ae04e7630 Added docs for new template loader api.
Refs #15053.
2015-04-22 14:49:22 -05:00
Claude Paroz 1b1b58bc7b Documented GeoQuerySet replacement by functions 2015-04-22 19:54:17 +02:00
Claude Paroz ea27e26b09 Deprecated legacy GeoManager/GeoQuerySet methods 2015-04-22 19:54:17 +02:00
Tim Graham 6ea9819f89 Clarified "AbstractUser.last_login allows null values" in 1.8 release notes. 2015-04-22 08:48:01 -04:00
Markus Holtermann b93690c465 Fixed #24573 -- Considered new related models for reloading
Thanks tttomekkk for the report.
2015-04-21 11:35:45 +02:00
Tim Graham c331eeb89c Forwardported 1.8.1 release notes. 2015-04-20 19:26:31 -04:00
Jon Dufresne b5e0eede40 Fixed #22394 -- Refactored built-in datetime lookups to transforms. 2015-04-20 15:11:11 -04:00
Anoop Thomas Mathew 2400329508 Fixed #24349 -- Limited domain name labels to 63 characters in EmailValidator 2015-04-17 18:08:33 -04:00
Tim Graham b98dfc2177 Forwardported 1.8.1 release note. 2015-04-17 11:26:39 -04:00
Claude Paroz 02260ea3f6 Fixed #24595 -- Prevented loss of null info in MySQL field alteration
Thanks Simon Percivall for the report, and Simon Charette and Tim
Graham for the reviews.
2015-04-17 10:25:15 +02:00
Anssi Kääriäinen 355c5edd93 Fixed #24605 -- Fixed incorrect reference to alias in subquery.
Thanks to charettes and priidukull for investigating the issue, and to
kurevin for the report.
2015-04-16 09:22:00 -04:00
Anssi Kääriäinen fb5c7748da Fixed #24615 -- ordering by expression not part of SELECT
Fixed queries where an expression was used in order_by() but the
expression wasn't in the query's select clause (for example the
expression could be masked by .values() call)

Thanks to Trac alias MattBlack85 for the report.
2015-04-16 09:40:47 +02:00
Simon Charette 28e8978325 Fixed typos in the 1.7.7 release notes. 2015-04-14 22:11:40 -04:00
Tim Graham 6b8c969878 Removed docs for removed transaction APIs. 2015-04-14 13:52:45 -04:00
Markus Holtermann 825bb0ab08 Fixed title in 1.7.8 release notes
Refs f8e8853b51
2015-04-14 19:25:45 +02:00
Andrew Pinkham 0b5abb0321 Fixed #24635 -- Updated deprecated urls.py examples in default project template. 2015-04-14 12:48:17 -04:00
peterfarrell f8e8853b51 Fixed #24637 -- Fixed database introspection with SQLite 3.8.9. 2015-04-14 11:29:59 -04:00
Tommy Beadle 6bfd864ff2 Fixed #24603 -- Allowed Context.update() to be used as a context manager. 2015-04-14 08:01:16 -04:00
Craig Oldford 75bc5bc634 Fixed #12199 -- Added the ability to use "as" with the firstof template tag. 2015-04-14 07:19:47 -04:00
Jay Wineinger 923da0274a Fixed #24611 -- Fixed update() crash with related UUID pk object. 2015-04-13 12:18:24 -04:00
Markus Holtermann 09595b4fc6 Fixed #24625 -- Prevented arbitrary file inclusion in admindocs
Thanks Tim Graham for the review.
2015-04-11 20:36:10 +02:00
Claude Paroz 4e7ed8d0d3 Fixed #24624 -- Replaced obsoleted rel.opts in admindocs view
Thanks Scott Sanders for the report, and Markus Holtermann and
Tim Graham for the reviews. Refs #24381.
2015-04-11 15:29:02 +02:00
Adam Chainz 5564d0f2ee Fixed #24560 -- Added a --dry-run mode to the createcachetable command. 2015-04-09 12:15:50 -04:00
Tim Graham a10b4c010a Fixed #24578 -- Fixed crash with QuerySet.update() on FK to O2O fields.
Thanks Anssi Kääriäinen for review.
2015-04-09 06:50:21 -04:00
Tim Graham 1273a7a0e8 Revert "Fixed #24474 -- Allowed configuring the admin's empty change list value."
This reverts commit 72f769f494.

There are several test failures that need to be fixed.
2015-04-08 20:39:59 -04:00
Loek van Gent 72f769f494 Fixed #24474 -- Allowed configuring the admin's empty change list value. 2015-04-08 20:27:01 -04:00
Christopher Luc e37d52bd5e Fixed #22993 -- Deprecated skipIfCustomUser decorator 2015-04-07 09:45:32 -04:00
Patryk Zawadzki 0385dad073 Fixed #24513 -- Made sure a model is only rendered once during reloads
This also prevents state modifications from corrupting previous states.
Previously, when a model defining a relation was unregistered first,
clearing the cache would cause its related models' _meta to be cleared
and would result in the old models losing track of their relations.
2015-04-07 14:49:47 +02:00
Jon Dufresne 2cf58e80d1 Fixed #24584 -- Fixed microsecond handling with older MySQLdb 2015-04-06 22:43:51 +02:00
Marten Kenbeek e8e4f978dd Fixed #24278 -- Fixed serialization of migration operations.
Fixed MigrationWriter.serialize() to correctly handle migration
operations by utilizing OperationWriter.

Thanks Piotr Maliński for the report.
2015-04-05 20:26:21 +02:00
Claude Paroz 7a0d9b5cda Fixed #24569 -- Made some translation functions accept None value
get_language() can return None when translations are deactivated.
Thanks Nicola Peduzzi for the reporti and Tim Graham for the review.
2015-04-04 10:54:16 +02:00
Claude Paroz 426b63ba04 Fixed #24571 -- Restored testserver positional arguments parsing
Thanks Domas Lapinskas for the report and Tim Graham for the
review.
2015-04-04 10:46:29 +02:00
Ian Lee 90c4c300a8 Fixed minor typo in Cryptography section of 1.8 release notes 2015-04-03 00:12:27 -07:00
Simon Charette 5bc3123479 Fixed #24558 -- Made dumpdata mapping ordering deterministic.
Thanks to gfairchild for the report and Claude for the review.
2015-04-02 15:21:43 -04:00
Baptiste Mispelon 30a3c2f74c Fixed #24566 -- Added support for serializing timedelta
Thanks to knbk for the report.
2015-04-02 17:21:20 +02:00
Krzysztof Gogolewski 2350b78dab Fixed typo in 1.9 release notes. 2015-04-01 19:00:50 -04:00
Tim Graham 1b605838bf Added stub release notes for 1.8.1. 2015-04-01 16:08:15 -04:00
Tim Graham 61d6c5d02e Added release date for Django 1.8. 2015-04-01 15:30:32 -04:00
Tim Graham 56286542db Documented jinja2 install requirement. 2015-03-30 20:56:50 -04:00
Tim Graham b86abbceb9 Fixed #24115 -- Allowed bcrypt hashers to upgrade passwords on rounds change.
Thanks Florian Apolloner for the review.
2015-03-30 18:52:59 -04:00
Andriy Sokolovskiy e4cf8c8420 Fixed #24301 -- Added PostgreSQL-specific aggregate functions 2015-03-30 10:44:37 -04:00
Markus Holtermann c5cc332bf2 Fixed #24550 -- Added migration operation description to sqlmigrate output
Thanks Tim Graham for the review.
2015-03-30 16:31:20 +02:00
Caroline Simpson dc5b01ad05 Fixed #18773 -- Added logging for template variable resolving
Added a django.template logger without a default handler. Added
logging if there is an exception while resolving variables in a
template.
2015-03-27 19:19:48 -04:00
Tim Graham 0c91a419f8 Dropped support for PostgreSQL 9.0. 2015-03-27 12:10:55 -04:00
Bertrand Bordage 3e64f3d0fc Fixed #24531 -- Improved CommaSeparatedIntegerField validation.
`','`, `'1,,1'`, `',1'` etc. are no longer considered as valid
comma-separated integer lists.
2015-03-25 18:49:59 -04:00
Alex Hill 720ff740e7 Fixed #24215 -- Refactored lazy model operations
This adds a new method, Apps.lazy_model_operation(), and a helper function,
lazy_related_operation(), which together supersede add_lazy_relation() and
make lazy model operations the responsibility of the App registry. This
system no longer uses the class_prepared signal.
2015-03-25 16:48:17 -04:00
Fabio Natali cb506aed2a Fixed #23814 -- Documented apps refactored out of Django. 2015-03-25 08:46:23 -04:00
Anssi Kääriäinen 8f30556329 Renamed Field.rel attribute to remote_field
Field.rel is now deprecated. Rel objects have now also remote_field
attribute. This means that self == self.remote_field.remote_field.

In addition, made the Rel objects a bit more like Field objects. Still,
marked ManyToManyFields as null=True.
2015-03-25 08:16:12 -04:00
Bas Peschier b4382b7055 Fixed #16362 -- Allowed lookaround assertions in URL patterns. 2015-03-23 09:00:07 -04:00
Jon Dufresne 966a29c2b8 Fixed #24479 -- Added system check to prevent both ordering and order_wrt. 2015-03-21 08:16:28 -04:00
Moritz Sichert 6bb2175ed6 Fixed #22106 -- Allowed using more than one instance of javascript_catalog per project. 2015-03-20 17:27:41 -04:00
Loek van Gent d898ba1bec Fixed #24419 -- Added sendtestemail management command 2015-03-20 12:03:50 -04:00
Loek van Gent 35b3158d52 Fixed #24417 -- Added ModelAdmin.get_list_select_related() 2015-03-19 08:52:28 -04:00
Tim Graham e40581870a Added today's security issues to archive. 2015-03-18 20:36:50 -04:00
Tim Graham 011a54315e Made is_safe_url() reject URLs that start with control characters.
This is a security fix; disclosure to follow shortly.
2015-03-18 19:20:07 -04:00
Tim Graham 1c83fc88d6 Fixed an infinite loop possibility in strip_tags().
This is a security fix; disclosure to follow shortly.
2015-03-18 19:20:07 -04:00
Tim Graham 9ddfe9b301 Added stub release notes for security releases. 2015-03-18 19:20:07 -04:00
Karl Hobley 81e1a35c36 Fixed #24495 -- Allowed unsaved model instance assignment check to be bypassed. 2015-03-18 19:00:09 -04:00
Claude Paroz a0c2eb46dd Fixed #23960 -- Removed http.fix_location_header
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
Tim Graham c5c8751147 Refs #24487 -- Added upgrade tips about removal of SortedDict.
Thanks Pascal Chambon for the initial patch.
2015-03-17 13:41:11 -04:00
Andriy Sokolovskiy 81c2d9f60b Fixed #15579 -- Added ability to delete only child models in multi-table inheritance. 2015-03-17 08:33:16 -04:00
Daniel Wiesmann f269c1d6f6 Added write support for GDALRaster
- Instantiation of GDALRaster instances from dict or json data.
- Retrieve and write pixel values in GDALBand objects.
- Support for the GDALFlushCache in gdal C prototypes
- Added private flush method to GDALRaster to make sure all
  data is written to files when file-based rasters are changed.
- Replaced ``ptr`` with ``_ptr`` for internal ptr variable

Refs #23804. Thanks Claude Paroz and Tim Graham for the reviews.
2015-03-16 19:37:43 +01:00
John Giannelos 8758a63ddb Fixed #24427 -- Stopped writing migration files in dry run mode when merging.
Also added display of migration to stdout when verbosity=3.
2015-03-16 14:04:37 -04:00
Preston Timmons 388e79e9fc Fixed #24493 -- Added BaseContext.setdefault() 2015-03-16 13:13:02 -04:00
Thomas Tanner 28986da4ca Fixed #5986 -- Added ability to customize order of Form fields 2015-03-16 09:12:57 -04:00
Steven Das 4f494ed0c6 Added comma to improve readability in 1.7 release notes. 2015-03-16 08:15:17 -04:00
Tomáš Ehrlich 8414fcf16b Fixes #23643 -- Added chained exception details to debug view. 2015-03-14 16:08:23 -04:00
Matthew Wilkes ae87ad005f Refs #24354 -- Prevented repointing of relations on superclasses when migrating a subclass's name change
Forwardport of test and release note from stable/1.7.x
2015-03-14 15:37:40 -04:00
Berker Peksag 34fb909180 Fixed #12982 -- Added a get_or_set() method to the BaseCache backend. 2015-03-14 20:07:16 +02:00
Claude Paroz aa5ab114e3 Fixed #24122 -- Redirected to translated url after setting language
Thanks gbdlin for the initial patch and Tim Graham for the review.
2015-03-13 16:46:40 +01:00
Jon Dufresne d861f95c44 Fixed #24139 -- Changed HttpResponse.reason_phrase to evaluate based on status_code. 2015-03-12 20:18:06 -04:00
Tim Graham e4a578e70e Fixed #24226 -- Changed admin EMPTY_CHANGELIST_VALUE from (None) to - 2015-03-12 09:40:56 -04:00
Tim Graham 0cb6a85f5e Added yesterday's security issue to archive. 2015-03-10 11:01:18 -04:00
Tim Graham ea9157f681 Added stub release notes for 1.7.7. 2015-03-09 13:09:39 -04:00
Baptiste Mispelon 82c9169077 Refs #24461 -- Added test/release notes for XSS issue in ModelAdmin.readonly_fields
This issue was fixed by refs #24464.
2015-03-09 10:12:21 -04:00
Tim Graham 300fdbbebb Clarified an item in 1.7.6 release notes. 2015-03-09 10:06:18 -04:00
Erik Romijn fa350e2f30 Fixed #24464 -- Made built-in HTML template filter functions escape their input by default.
This may cause some backwards compatibility issues, but may also
resolve security issues in third party projects that fail to heed warnings
in our documentation.

Thanks Markus Holtermann for help with tests and docs.
2015-03-09 09:29:58 -04:00
Tim Graham 9eab328444 Forwardported 1.7.6 release note. 2015-03-07 08:12:44 -05:00
Jean-Louis Fuchs f4f0060fea Fixed #24447 -- Made migrations add FK constraints for existing columns
When altering from e.g. an IntegerField to a ForeignKey, Django didn't
add a constraint.
2015-03-07 14:09:56 +01:00
Tim Graham c36b60836b Fixed #24451 -- Deprecated comma-separated {% cycle %} syntax. 2015-03-07 07:42:39 -05:00
Grzegorz Slusarek 668d53cd12 Fixed #21495 -- Added settings.CSRF_HEADER_NAME 2015-03-05 15:03:40 -05:00
Tim Graham d61ebc8fed Fixed #19538 -- Removed window.__admin_media_prefix__ from admin templates. 2015-03-05 06:44:16 -05:00
Preston Timmons 70123cf084 Fixed #24399 -- Made filesystem loaders use more specific exceptions. 2015-03-03 21:20:46 +01:00
Tim Graham 71820721a1 Added stub release notes for 1.7.6. 2015-02-25 09:11:19 -05:00
Tim Graham aca73737da Added release date for 1.7.5 release. 2015-02-25 08:47:11 -05:00
Tim Graham d298b1ba50 Reverted "Fixed #24325 -- Documented change in ModelForm.save() foreign key access."
This reverts commit 0af3822dc3.
It's obsoleted by refs #24395.
2015-02-24 11:50:21 -05:00
Kenneth Kam e83aba0e2c Fixed #23762 -- clarified CACHE_MIDDLEWARE_ANONYMOUS_ONLY deprecation in docs 2015-02-23 09:23:07 -05:00
Emin Mastizada dda2a3cf4c Added formats for the Azerbaijani locale. 2015-02-23 07:37:13 -05:00
Michael Manfre 7fa7dd48c4 Fixed signature of BaseDatabaseOperations.date_interval_sql() and document the change. 2015-02-22 23:23:16 -05:00