Carlton Gibson
63869ab1f1
Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security archive.
2022-01-04 11:30:11 +01:00
Carlton Gibson
f38c66b555
Added stub release notes for Django 4.0.2.
2022-01-04 11:10:53 +01:00
Carlton Gibson
155e06a50b
Corrected merge error in release notes.
2022-01-04 10:50:23 +01:00
Florian Apolloner
6d343d01c5
Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
...
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner
761f449e0d
Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
...
Thanks to Dennis Brinkrolf for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Florian Apolloner
968a3d01fa
Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
...
Thanks Chris Bailey for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Luke Plant
ccafad2e42
Avoided suggestion of plain text database password in sessions topic.
2022-01-04 06:47:24 +01:00
David Wobrock
482ee63b6f
Fixed #33402 -- Optimized multiple AlterFooTogether operations.
2022-01-04 06:24:03 +01:00
Keryn Knight
0ed2919814
Fixed #33406 -- Avoided creation of MaxLengthValidator(None) when resolving Value.output_field for strings.
...
This brings the behaviour in line with Field subclasses which append to
the validators within __init__(), like BinaryField, and prevents the
creation of a validator which incorrectly throws a TypeError, if it
were used.
2022-01-04 05:51:00 +01:00
Keryn Knight
b894199eb0
Refs #33406 -- Added test for not creating broken validators when resolving Value.output_field.
2022-01-04 05:51:00 +01:00
Mariusz Felisiak
30613d6a74
Fixed #33408 -- Fixed adding nullable unique fields on SQLite.
...
Regression in 2f73e5406d
.
Thanks Alan Crosswell for the report.
2022-01-04 05:50:00 +01:00
Jacob Walls
0ab58c1209
Refs #29026 -- Allowed customizing InteractiveMigrationQuestioner's prompt destination.
...
Previously, the questioner did not obey the value of stdout provided
to the command.
2022-01-03 12:30:51 +01:00
Jacob Walls
03a6488116
Refs #31026 -- Changed @jinja2_tests imports to be relative.
2022-01-03 06:11:30 +01:00
Mariusz Felisiak
4400d8568a
Fixed #33391 -- Clarified Aggregate.empty_result_set_value docs.
2021-12-31 06:49:10 +01:00
Mariusz Felisiak
a21a63cc28
Refs #27753 -- Removed unused django.utils.text._replace_entity() and _entity_re.
...
Unused since 157ab32f34
.
2021-12-30 13:19:25 +01:00
Mariusz Felisiak
826701232c
Removed obsolete Oracle's test_client_encoding() test.
...
encoding and nencoding parameters were deprecated in cx_Oracle 8.2.
Moreover, encoding is handled internally between cx_Oracle and Oracle
Database and there is no need to test it.
2021-12-30 12:42:37 +01:00
mangelozzi
eb901681ab
Improved @display(empty_value) example in ModelAdmin.empty_value_display docs.
2021-12-30 11:39:04 +01:00
Jacob Walls
6174814dbe
Fixed #27936 -- Rewrote spanning multi-valued relationships docs.
2021-12-30 08:38:04 +01:00
Mariusz Felisiak
1283458baa
Added default values to Entry's fields in making queries docs.
...
This makes it easier to create a data in examples.
2021-12-30 08:38:04 +01:00
Shubh1815
aecfc40c88
Fixed #33300 -- Ensured hidden elements are not displayed on small screens.
2021-12-30 07:57:36 +01:00
Jacob Walls
92412aa94c
Fixed #23273 -- Avoided creation of django_migrations table when there are no migrations to apply.
2021-12-30 06:36:55 +01:00
Mariusz Felisiak
361bb8f786
Refs #26872 -- Fixed wrapping of long choices in ModelAdmin.list_filter.
...
Regression in 269a767146
.
2021-12-29 10:57:23 +01:00
Keryn Knight
d5f2d5d604
Fixed wrapping of long values in technical 500 debug page.
2021-12-29 07:59:45 +01:00
David Smith
950d697b95
Refs #31617 -- Removed redundant title text in filter.html.
...
Unnecessary since 269a767146
.
Title text should provide advisory information and should not be the
same or very similar to the element text.
2021-12-28 13:42:35 +01:00
Sergey Fursov
feeb0685c6
Updated example of YAML serialization format in docs.
2021-12-28 12:44:41 +01:00
Mariusz Felisiak
ad6bb20557
Avoided counting attributes and methods in docs.
2021-12-28 12:36:57 +01:00
Carlton Gibson
b13d920b7b
Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases.
2021-12-28 08:47:33 +01:00
Mariusz Felisiak
2d07e1aaeb
Refs #22983 -- Added tests for squashing migrations with functions from migration files.
...
Follow up to ebb13bbd88
.
2021-12-27 18:49:19 +01:00
Hannes Ljungberg
59a66f0512
Refs #33342 -- Deprecated ExclusionConstraint.opclasses.
2021-12-27 08:55:18 +01:00
Tim Graham
ff225fac1d
Refs #29517 -- Removed obsolete PositiveIntegerField test skip.
2021-12-27 06:16:59 +01:00
Hannes Ljungberg
0e656c02fe
Fixed #33342 -- Added support for using OpClass() in exclusion constraints.
2021-12-24 11:39:00 +01:00
David Smith
a0d43a7a6e
Refs #31617 -- Changed dark mode primary-fg to give higher contrast to secondary.
2021-12-23 21:10:25 +01:00
Adam Johnson
5f6a727a6a
Refs #33355 -- Constructed SQLite list aggregate types once.
2021-12-23 12:08:33 +01:00
Adam Johnson
ec7554f1c2
Refs #33355 -- Removed @none_guard from SQLite functions.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 12:00:29 +01:00
Adam Johnson
deec15a9a6
Refs #33355 -- Made trunc functions raise ValueError on invalid lookups on SQLite.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 11:47:13 +01:00
Adam Johnson
2d991ff661
Refs #33355 -- Moved SQLite functions to separate module.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 11:47:08 +01:00
David
cb82ded4b2
Refs #32339 -- Added rendering tests for forms with CheckboxSelectMultiple and SelectMultiple widgets.
2021-12-23 07:38:05 +01:00
Adam Johnson
fa4b2c15f2
Refs #33355 -- Optimized LPad() database function on SQLite.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 06:56:30 +01:00
Mariusz Felisiak
ca04659b4b
Refs #32355 -- Bumped required psycopg2 version to 2.8.4.
...
psycopg2 2.8.4 is the first release to support Python 3.8.
2021-12-22 20:32:55 +01:00
Adam Johnson
c4328c2f4e
Refs #33355 -- Optimized Trunc() on SQLite by using f-strings.
...
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-22 11:47:55 +01:00
Adam Johnson
a8fa3e5cd7
Refs #33355 -- Added missing tests for database functions and expression on null values.
2021-12-22 11:46:18 +01:00
David Smith
78f062f63e
Refs #31026 -- Updated TemplatesSetting docs to refer to forms.
2021-12-22 08:03:47 +01:00
Adam Johnson
fde425051c
Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs.
2021-12-22 07:59:24 +01:00
Brenton Partridge
19fb838803
Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64.
2021-12-21 13:00:09 +01:00
Baptiste Mispelon
e95e6425ac
Refs #24121 -- Added __repr__() to BaseFormSet.
2021-12-21 12:06:05 +01:00
Baptiste Mispelon
61b332499d
Used assertRaisesMessage() in test_client_regress.AssertFormErrorTests.
2021-12-21 11:09:45 +01:00
vavanade
6045b1f041
Fixed typo in django/forms/widgets.py.
2021-12-21 09:14:58 +01:00
Adam Johnson
33401cba93
Optimized MiddlewareMixin coroutine check.
2021-12-21 08:41:29 +01:00
Adam Johnson
cc752c1c3a
Optimized django.template.autoreload.get_template_directories() a bit.
2021-12-21 08:39:40 +01:00
David Wobrock
72b23c04d8
Fixed #33374 -- Fixed ExpressionWrapper annotations with full queryset.
2021-12-21 06:17:04 +01:00