Jordi Castells
205c36b58f
Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.
2021-05-07 20:03:46 +02:00
Hasan Ramezani
028f10fac6
Fixed #32712 -- Deprecated django.utils.baseconv module.
2021-05-07 11:57:40 +02:00
Alex Hill
c4ee3b208a
Fixed #32699 -- Fixed comparing to TruncTime() with 0 microseconds on MySQL.
2021-05-07 08:13:40 +02:00
Mariusz Felisiak
65a9d0013d
Removed unused TestHashedFiles._max_post_process_passes.
...
Unused since f1894bae30
2021-05-06 12:26:25 +02:00
Mariusz Felisiak
e1e81aa1c4
Fixed #32713 , Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
...
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
Carlton Gibson
a708f39ce6
Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows.
...
The validate_file_name() sanitation introduced in
0b79eb3691
correctly rejects the example
file name as containing path elements on Windows. This breaks the test
introduced in 914c72be2a
to allow path
components for storages that may allow them.
Test is skipped pending a discussed storage refactoring to support this
use-case.
2021-05-06 07:04:52 +02:00
ecogels
a0a5e0f4c8
Fixed #32705 -- Prevented database cache backend from checking .rowcount on closed cursor.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-05 12:41:59 +02:00
Simon Charette
136ff592ad
Fixed #32690 -- Fixed __in lookup crash when combining with filtered aggregates.
...
Having lookups group by subquery right-hand-sides is likely unnecessary
in the first place but relatively large amount of work would be needed
to achieve that such as making Lookup instances proper resolvable
expressions.
Regression in 3543129822
.
Thanks James A. Munsch for the report.
2021-05-05 11:41:35 +02:00
Maxim Beder
06fd4df41a
Fixed #32479 -- Added fallbacks to subsequent language codes in translations.
...
Thanks Claude Paroz and Nick Pope for reviews.
2021-05-05 09:37:54 +02:00
Simon Charette
96f55ccf79
Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
...
Regression in c8b6594305
.
Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Karthikeyan Singaravelan
f9f6bd63c9
Refs #32074 -- Removed usage of deprecated Thread.setDaemon().
...
Thread.setDaemon() was deprecated in Python 3.10 and will be removed in
Python 3.12.
2021-05-04 12:07:18 +02:00
Florian Apolloner
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
Hasan Ramezani
8de4ca74ba
Fixed #32693 -- Quoted and lowercased generated column aliases.
2021-05-04 07:36:56 +02:00
Mariusz Felisiak
1f643c28b5
Fixed #32653 -- Made quoting names in the Oracle backend consistent with db_table.
2021-04-30 12:59:07 +02:00
Tim Graham
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
Hasan Ramezani
8bcb00858e
Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri().
2021-04-30 08:05:42 +02:00
Nick Pope
2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript".
2021-04-29 20:29:08 +02:00
Simon Charette
c8b6594305
Fixed #32632 , Fixed #32657 -- Removed flawed support for Subquery deconstruction.
...
Subquery deconstruction support required implementing complex and
expensive equality rules for sql.Query objects for little benefit as
the latter cannot themselves be made deconstructible to their reference
to model classes.
Making Expression @deconstructible and not BaseExpression allows
interested parties to conform to the "expression" API even if they are
not deconstructible as it's only a requirement for expressions allowed
in Model fields and meta options (e.g. constraints, indexes).
Thanks Phillip Cutter for the report.
This also fixes a performance regression in bbf141bcdc
.
2021-04-28 12:13:55 +02:00
Mariusz Felisiak
4f600673d7
Refs #32632 -- Added tests for returning a copy when combining Q() objects.
2021-04-28 11:31:17 +02:00
Konstantin Alekseev
6e742dabc9
Fixed #32687 -- Restored passing process’ environment to underlying tool in dbshell on PostgreSQL.
...
Regression in bbe6fbb876
.
2021-04-27 10:43:35 +02:00
Mariusz Felisiak
1871182031
Fixed #32682 -- Made admin changelist use Exists() instead of distinct() for preventing duplicates.
...
Thanks Zain Patel for the report and Simon Charette for reviews.
The exception introduced in 6307c3f1a1
revealed a possible data loss issue in the admin.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
cd74aad90e
Refs #32682 -- Renamed use_distinct variable to may_have_duplicates.
...
QuerySet.distinct() is not the only way to avoid duplicate, it's also
not preferred.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
4074f38e1d
Refs #32682 -- Fixed QuerySet.delete() crash on querysets with self-referential subqueries on MySQL.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
158eca4f93
Refs #19080 -- Added tests for preserving select_related() in the admin changelist.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
d68be0494b
Refs 32637 -- Made technical 404 debug page display exception message when URL is resolved.
...
Follow up to 3b8527e32b
.
2021-04-27 08:40:52 +02:00
Hannes Ljungberg
eab71f7690
Fixed #32686 -- Removed unnecessary semicolon on collected multiline SQL for RunSQL.
2021-04-27 08:01:07 +02:00
Hannes Ljungberg
95754dbc9b
Refs #32686 -- Added tests for adding a semicolon when collecting SQL for RunSQL.
2021-04-27 07:59:41 +02:00
Zain Patel
4e5bbb6ef2
Fixed #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
...
Regression in 84609b3205
.
2021-04-26 07:08:16 +02:00
Mariusz Felisiak
af609c2f4d
Fixed isolation of test_rename_table_renames_deferred_sql_references().
2021-04-26 06:11:13 +02:00
Simon Charette
170b006ce8
Fixed #32673 -- Fixed lookups crash when comparing against lookups on PostgreSQL.
...
Regression in 3a505c70e7
.
Nonlitteral right-hand-sides of lookups need to be wrapped in
parentheses to avoid operator precedence ambiguities.
Thanks Charles Lirsac for the detailed report.
2021-04-23 15:38:32 +02:00
Mariusz Felisiak
2f435e75ab
Fixed isolation of test_showmigrations_unmigrated_app().
...
Follow up to 90916f050c
.
2021-04-23 10:06:08 +02:00
Mariusz Felisiak
ac2e6e6869
Fixed isolation of i18n.tests.FormattingTests.test_get_custom_format().
2021-04-22 19:57:27 +02:00
Mariusz Felisiak
90916f050c
Fixed isolation of test_showmigrations_unmigrated_app().
2021-04-22 17:43:58 +02:00
Mariusz Felisiak
c3278bb71f
Used assertCountEqual() in ExcludeTests.test_exclude_subquery().
2021-04-22 10:47:10 +02:00
Simon Charette
6d0cbe42c3
Fixed #32650 -- Fixed handling subquery aliasing on queryset combination.
...
This issue started manifesting itself when nesting a combined subquery
relying on exclude() since 8593e162c9
but
sql.Query.combine never properly handled subqueries outer refs in the
first place, see QuerySetBitwiseOperationTests.test_subquery_aliases()
(refs #27149 ).
Thanks Raffaele Salmaso for the report.
2021-04-21 09:49:15 +02:00
Mariusz Felisiak
34d1905712
Fixed #32665 -- Fixed caches system check crash when STATICFILES_DIRS is a list of 2-tuples.
...
Thanks Jared Lockhart for the report.
Regression in c36075ac1d
.
2021-04-21 09:41:37 +02:00
Carlton Gibson
5c73fbb6a9
Fixed #32647 -- Restored multi-row select with shift-modifier in admin changelist.
...
Regression in 30e59705fc
.
2021-04-21 08:31:06 +02:00
Tobias Bengfort
54e94640ac
Refs #25287 -- Added support for multiplying and dividing DurationField by scalar values on SQLite.
2021-04-20 11:44:41 +02:00
François Freitag
6b0b3eafd6
Fixed #32664 -- Made PasswordResetTokenGenerator.secret validation lazy.
...
Django apps initialization to run management command triggers the admin
autodiscovery. Importing django.contrib.auth.tokens creates an instance
of PasswordResetTokenGenerator which required a SECRET_KEY.
For several management commands, the token generator is unused. It
should only complain about a missing SECRET_KEY when it is used.
2021-04-20 07:34:53 +02:00
François Freitag
b13af4752f
Refs #28017 -- Added test for PasswordResetTokenGenerator subclass with a custom secret.
2021-04-20 07:28:06 +02:00
Chris Jerdonek
413c15ef2e
Refs #32609 -- Simplified test_labels_set construction in runtests.py's setup().
...
Follow up to 7cf3a5786b
.
2021-04-19 11:01:48 +02:00
Chris Jerdonek
a41ed8f1b9
Refs #32611 -- Removed initial "Testing against ..." log message calls from --bisect/--pair runtests options.
2021-04-19 09:18:46 +02:00
Chris Jerdonek
9fa8460081
Fixed #32611 -- Prevented unecessary setup()/teardown() calls when using --bisect/--pair runtests options.
...
This commit changes runtests.py's bisect_tests() and paired_tests() to
change settings only when necessary, namely when specific test names
aren't provided.
2021-04-19 09:14:35 +02:00
David Wobrock
aa4acc164d
Fixed #29899 -- Made autodetector use model states instead of model classes.
...
Thanks Simon Charette and Markus Holtermann for reviews.
2021-04-16 11:18:10 +02:00
girishsontakke
a815a6a315
Fixed #32641 -- Made DiscoverRunner print the number of found tests.
...
Thanks Chris Jerdonek for reviews.
2021-04-15 11:42:46 +02:00
Florian Apolloner
4511d14598
Fixed #32643 -- Fixed decoding of messages in the pre-Django 3.2 format.
...
Thanks Jan Pieter Waagmeester for the report.
Regression in 2d6179c819
.
2021-04-14 22:52:59 +02:00
Mariusz Felisiak
ca98729055
Fixed #32645 -- Fixed QuerySet.update() crash when ordered by joined fields on MySQL/MariaDB.
...
Thanks Matt Westcott for the report.
Regression in 779e615e36
.
2021-04-14 21:11:17 +02:00
Arthur Jovart
08c60cce3b
Fixed #32648 -- Fixed VariableDoesNotExist rendering sitemaps template.
2021-04-14 16:50:47 +02:00
Mariusz Felisiak
23fa29f6a6
Fixed #32649 -- Fixed ModelAdmin.search_fields crash when searching against phrases with unbalanced quotes.
...
Thanks Dlis for the report.
Regression in 26a413507a
.
2021-04-14 12:23:47 +02:00
Hasan Ramezani
a77c9a4229
Fixed #32635 -- Fixed system check crash for reverse o2o relations in CheckConstraint.check and UniqueConstraint.condition.
...
Regression in b7b7df5fbc
.
Thanks Szymon Zmilczak for the report.
2021-04-14 10:06:18 +02:00
Hasan Ramezani
33abc55601
Refs #31530 -- Added test for joined OneToOneField in CheckConstraint.check
2021-04-14 09:37:55 +02:00
Mariusz Felisiak
3b8527e32b
Fixed #32637 -- Restored exception message on technical 404 debug page.
...
Thanks Atul Varma for the report.
2021-04-13 09:15:04 +02:00
Adam Johnson
b8bb9e1549
Reduced the garbage collection frequency in runtests.py.
2021-04-13 07:43:29 +02:00
Iuri de Silvio
9760e262f8
Fixed #32627 -- Fixed QuerySet.values()/values_list() crash on combined querysets ordered by unannotated columns.
2021-04-12 21:11:40 +02:00
Chris Jerdonek
823a9e6bac
Fixed #32416 -- Made ThreadedWSGIServer close connections after each thread.
...
ThreadedWSGIServer is used by LiveServerTestCase.
2021-04-12 10:23:56 +02:00
Claude Paroz
e4430f22c8
Fixed #31937 -- Eased translation of time strings in some languages.
2021-04-10 20:23:12 +02:00
Adam Johnson
45a58c31e6
Fixed #32620 -- Allowed subclasses of Big/SmallAutoField for DEFAULT_AUTO_FIELD.
2021-04-08 13:17:08 +02:00
Claude Paroz
30e123ed35
Fixed #32575 -- Added support for SpatiaLite 5.
2021-04-08 09:36:29 +02:00
Claude Paroz
3ae4344bbd
Dropped support for GEOS 3.5 and GDAL 2.0.
2021-04-07 20:39:30 +02:00
Adam Johnson
d9de74141e
Fixed #32442 -- Used converters on returning fields from INSERT statements.
2021-04-07 17:10:00 +02:00
Claude Paroz
e3cfba0029
Fixed #32544 -- Confirmed support for GDAL 3.2 and GEOS 3.9.
2021-04-07 15:54:24 +02:00
Mariusz Felisiak
c6859f1a68
Refs #32074 -- Backported Enum.__repr__() from Python 3.10.
...
Enum.__repr__() was changed in [1], we should use the same format in
Python < 3.10.
[1] https://bugs.python.org/issue40066
2021-04-07 10:28:40 +02:00
Carlton Gibson
5aea50e57f
Updated asgiref dependency for 3.2 release series.
2021-04-06 10:38:43 +02:00
Mariusz Felisiak
d4d800ca1a
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
...
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
Mariusz Felisiak
78fea27f69
Fixed #32614 -- Fixed MiddlewareSyncAsyncTests tests with asgiref 3.3.2+.
2021-04-06 08:03:43 +02:00
Claude Paroz
90b95d2959
Updated translations from Transifex.
...
Forwardport of 1ea5e98315
from stable/3.2.x.
2021-04-06 06:19:31 +02:00
Hugo Cachitas
8f6a7a0e9e
Fixed #32594 -- Doc'd and tested that Signal.disconnect() with lazy references returns None.
2021-04-03 14:57:43 +02:00
Chris Jerdonek
a89e975caf
Fixed #32532 -- Made DiscoverRunner raise RuntimeError when a test label is a file path.
2021-04-02 12:54:08 +02:00
Adam Johnson
e32722d160
Fixed #32383 -- Added source map support to ManifestStaticFilesStorage.
2021-04-02 12:21:21 +02:00
William Schwartz
9ee693bd6c
Fixed #32316 -- Deferred accessing __file__.
...
Deferred accessing the module-global variable __file__ because the
Python import API does not guarantee it always exists—in particular, it
does not exist in certain "frozen" environments. The following changes
advanced this goal.
Thanks to Carlton Gibson, Tom Forbes, Mariusz Felisiak, and Shreyas
Ravi for review and feedback.
2021-04-01 14:33:30 +02:00
Hugo Cachitas
f83214a3e1
Refs #32594 -- Added Signal.disconnect() test with a model class.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-03-31 11:01:48 +02:00
Maxim Milovanov
d915dd1c58
Fixed #32204 -- Added quick filter to admin's navigation sidebar.
2021-03-31 09:31:37 +02:00
bankc
db5b75f10f
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
...
Thanks Adam Johnson and Tim Graham for the reviews.
Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Mariusz Felisiak
f6018c1e63
Fixed #32595 -- Fixed SchemaEditor.quote_value() crash with bytes.
2021-03-30 11:42:15 +02:00
Mariusz Felisiak
3c75f1f3ca
Refs #32595 -- Added MySQL's SchemaEditor.quote_value() tests for values with Unicode chars.
2021-03-30 11:42:15 +02:00
Chris Jerdonek
038940cf55
Fixed #29127 -- Prevented DiscoverRunner from hiding tagged test with syntax errors.
...
This mades _FailedTest objects always match tags in DiscoverRunner.
2021-03-30 10:26:20 +02:00
Daniyal
7c08f26bf0
Fixed #32260 -- Made View.as_view() do not use update_wrapper().
...
View.as_view() should not use update_wrapper() for copying attributes
it's unintended and have side-effects such as adding `self` to the
signature.
This also fixes system check for arguments of custom error handler
views with class-based views.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2021-03-30 07:58:09 +02:00
Nick Pope
41850eec99
Fixed #32572 -- Improved ResolverMatch.__repr__().
...
When a partial function was passed as the view, the __repr__() would
show the `func` argument as `functools.partial` which isn't very
helpful, especially as it doesn't reveal the underlying function or
arguments provided.
2021-03-29 11:28:56 +02:00
Nick Pope
2f13c476ab
Fixed #31487 -- Added precision argument to Round().
2021-03-29 09:43:08 +02:00
Hasan Ramezani
ed0cc52dc3
Fixed #32585 -- Fixed Value() crash with DecimalField on SQLite.
2021-03-29 06:22:36 +02:00
Chris Jerdonek
dcb06c2c68
Fixed #32591 -- Made DiscoverRunner order _FailedTest objects first.
...
Failures detected when loading tests are ordered before all of the
above for quicker feedback. This includes things like test modules that
couldn't be found or that couldn't be loaded due to syntax errors.
2021-03-26 12:18:27 +01:00
Chris Jerdonek
ff514309e1
Fixed #32578 -- Fixed crash in CsrfViewMiddleware when a request with Origin header has an invalid host.
2021-03-25 10:34:58 +01:00
Mariusz Felisiak
5b618f239c
Fixed RemoteTestResultTest tests without tblib.
...
Follow up to e3bca22e7e
.
2021-03-25 10:33:54 +01:00
Girish Sontakke
5388ff2a52
Fixed #32582 -- Removed unnecessary dot in names of cloned test databases on SQLite.
2021-03-25 06:37:01 +01:00
Mariusz Felisiak
83443e62d3
Optimized FkConstraintsTests.test_check_constraints by specifying a database table.
2021-03-24 12:18:00 +01:00
Adam Donaghy
cdd0b213a8
Fixed #29606 -- Added type check for ALLOWED_HOSTS setting.
2021-03-24 09:18:44 +01:00
Nick Pope
a96c730431
Fixed #32460 -- Allowed "label"/"do_not_call_in_templates" members in model choice enums.
2021-03-24 07:45:33 +01:00
Nick Pope
41e39c41c9
Refs #32460 -- Doc'd and tested that property names of model choice enums cannot be used as members.
2021-03-24 07:45:33 +01:00
Florian Demmer
3a185cee2a
Fixed #32573 -- Fixed bounds in __iso_year lookup optimization.
2021-03-23 21:27:55 +01:00
Mariusz Felisiak
2cd4026334
Refs #32353 , Refs #32352 -- Fixed GIS tests with PROJ 7.X.
...
Different PROJ versions use different transformations, all are correct
as having a 1 meter accuracy.
These are differences in PROJ versions that cannot and should not be
handled in Django itself.
Thanks Jani Tiainen and David Smith for reports.
See: https://github.com/OSGeo/gdal/issues/3377
2021-03-23 09:16:33 +01:00
Mariusz Felisiak
71ec102b01
Fixed #32483 -- Fixed QuerySet.values()/values_list() on JSONField key transforms with booleans on SQLite.
...
Thanks Matthew Cornell for the report.
2021-03-23 08:28:47 +01:00
Mariusz Felisiak
c4df8b86c7
Refs #32483 -- Added tests QuerySet.values()/values_list() on key transforms with structures containing booleans.
2021-03-23 08:27:14 +01:00
Mariusz Felisiak
037607ff19
Refs #31936 -- Added tests for __in lookup on JSONField key transforms with booleans.
2021-03-23 08:27:14 +01:00
Adam Johnson
562898034f
Refs #31732 -- Fixed django.utils.inspect caching for bound methods.
...
Thanks Alexandr Artemyev for the report, and Simon Charette for the
original patch.
2021-03-22 13:17:54 +01:00
Adam Johnson
ac72a216a7
Refs #31372 -- Added django.utils.inspect tests for bound methods.
2021-03-22 13:17:46 +01:00
Mariusz Felisiak
717b5e633a
Made CsrfViewMiddlewareTestMixin._get_GET_no_csrf_cookie_request() return GET requests.
2021-03-22 08:22:58 +01:00
Claude Paroz
d11b9ffcc0
Fixed #32581 -- Prevented to_locale() from corrupting locale names.
2021-03-22 07:08:58 +01:00
Claude Paroz
9d130920e6
Added to_locale() tests for 3-char language codes.
2021-03-22 06:58:44 +01:00
Baptiste Mispelon
41e6b2a3c5
Fixed #32556 -- Fixed handling empty string as non-boolean attributes value by assertHTMLEqual().
2021-03-19 20:41:57 +01:00
Adam Donaghy
e49fdfa405
Fixed #32571 -- Made CsrfViewMiddleware handle invalid URLs in Referer header.
2021-03-19 11:19:19 +01:00