p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
30,956 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

4299 Commits

Author SHA1 Message Date
Mariusz Felisiak 90aabd730a
Fixed #33724 -- Doc'd exclude argument changes in model validation. 
Thanks אורי for the report.

Follow up to 1ea7e3157d.
 2022-05-24 10:02:53 +02:00
Sankalp 90dcf27114 Fixed #33725 -- Made hidden quick filter in admin's navigation sidebar not focusable. 
Regression in d915dd1c58.

Follow up to 780473d756.
 2022-05-21 13:37:53 +02:00
Mariusz Felisiak 981c23c0cc
Fixed #33717 -- Dropped support for PostgreSQL 11. 2022-05-19 09:26:48 +02:00
David Wobrock 9f55489529 Fixed #33705 -- Fixed crash when using IsNull() lookup in filters. 
Thanks Florian Apolloner for the report.
Thanks Simon Charette for the review.
 2022-05-19 07:02:22 +02:00
Mariusz Felisiak 19297de2fe
Fixed #33713 -- Dropped support for MariaDB 10.3. 2022-05-18 08:38:08 +02:00
Carlton Gibson 3c6f1fd1f8 Increased the default PBKDF2 iterations for Django 4.2. 2022-05-17 14:22:06 +02:00
Carlton Gibson d10e569ea5 Added stub release notes for 4.2. 2022-05-17 14:22:06 +02:00
Carlton Gibson d6e3756946 Removed empty sections from 4.1 release notes. 2022-05-17 11:21:08 +02:00
David Smith d126eba363 Refs #32339 -- Deprecated default.html form template. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2022-05-17 11:16:54 +02:00
Alokik Vijay 6af8673255 Update docs/releases/4.1.txt 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-05-17 10:50:09 +02:00
Alokik Vijay 7f3cfaa12b Fixed #32565 -- Moved internal URLResolver view-strings mapping to admindocs. 
Moved the functionality of URLResolver._is_callback(),
URLResolver._callback_strs, URLPattern.lookup_str() to
django.contrib.admindocs.
 2022-05-17 10:50:09 +02:00
David Wobrock 97f124f39e Refs #27064 -- Made migrations generate RenameIndex operations when moving indexes from index_together to Meta.indexes. 2022-05-17 07:21:36 +02:00
David Wobrock c6cec3c2d2 Refs #27064 -- Made migrations generate RenameIndex operations when renaming Meta.indexes. 2022-05-16 17:46:24 +02:00
Marcelo Galigniana 76af861356 Fixed #27550 -- Allowed GEOSGeometry.normalize() to return a normalized clone. 2022-05-16 06:46:53 +02:00
Mariusz Felisiak d27e6b233f
Fixed #33681 -- Made Redis client pass CACHES["OPTIONS"] to a connection pool. 
Thanks Ben Picolo for the report.
 2022-05-16 06:17:40 +02:00
David Wobrock eacd4977f6 Refs #27064 -- Added RenameIndex migration operation. 2022-05-12 20:44:03 +02:00
Kapil Bansal 3a82b5f655 Fixed #32559 -- Added 'step_size’ to numeric form fields. 
Co-authored-by: Jacob Rief <jacob.rief@uibk.ac.at>
 2022-05-12 14:16:52 +02:00
Mariusz Felisiak 68da6b389c
Fixed #33543 -- Deprecated passing nulls_first/nulls_last=False to OrderBy and Expression.asc()/desc(). 
Thanks Allen Jonathan David for the initial patch.
 2022-05-12 11:30:03 +02:00
Mariusz Felisiak 02dbf1667c
Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher. 2022-05-11 09:13:45 +02:00
Marc Seguí Coll 262fde94de Fixed #33622 -- Allowed customizing error messages for invalid number of forms. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-05-10 13:42:31 +02:00
Gagaro 667105877e Fixed #30581 -- Added support for Meta.constraints validation. 
Thanks Simon Charette, Keryn Knight, and Mariusz Felisiak for reviews.
 2022-05-10 11:22:23 +02:00
David Smith ec5659382a Fixed #32339 -- Added div.html form template. 2022-05-05 14:32:43 +02:00
Mariusz Felisiak 37470bbd90
Fixed #33675 -- Dropped support for PostgreSQL 10 and PostGIS 2.4. 2022-05-04 06:28:51 +02:00
Carlton Gibson c5fd5e3cc3 Updated release date for Django 4.0.5. 2022-05-03 09:18:42 +02:00
David ce586ed693 Removed hyphen from pre-/re- prefixes. 
"prepopulate", "preload", and "preprocessing" are already in the
spelling_wordlist.

This also removes hyphen from double "e" combinations with "pre" and
"re", e.g. preexisting, preempt, reestablish, or reenter.

See also:
- https://ahdictionary.com/word/search.html?q=rerun
- https://ahdictionary.com/word/search.html?q=recreate
- https://ahdictionary.com/word/search.html?q=predetermined
- https://ahdictionary.com/word/search.html?q=reuse
- https://ahdictionary.com/word/search.html?q=reopening
 2022-04-28 10:44:14 +02:00
David 33e89de8ca Changed "stdlib" to "Standard Library" in docs/releases/1.9.txt. 2022-04-28 10:44:14 +02:00
David 51874dd160 Added backticks to code literals in various docs. 2022-04-28 10:44:14 +02:00
David 15b888bb83 Changed "refactorings" to "refactoring" in docs/releases/1.0.txt. 2022-04-28 10:44:09 +02:00
David 1c2bf80acb Changed "ie." to "i.e." in docs. 2022-04-28 10:37:06 +02:00
Carlton Gibson 476d4d5087 Refs #32339 -- Allowed renderer to specify default form and formset templates. 
Co-authored-by: David Smith <smithdc@gmail.com>
 2022-04-27 10:21:04 +02:00
Andrew Godwin 58b27e0dbb Fixed #33646 -- Added async-compatible interface to QuerySet. 
Thanks Simon Charette for reviews.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-04-26 20:25:23 +02:00
Mariusz Felisiak eeb0bb6379
Refs #27674 --- Deprecated django.contrib.gis.admin.OpenLayersWidget. 2022-04-22 11:36:27 +02:00
Aymeric Augustin 12576bd371 Refactored out RedirectURLMixin.get_redirect_url(). 
This also renames SuccessURLAllowedHostsMixin to RedirectURLMixin.

This doesn't change the behavior of LogoutView.get_next_page() because
next_page == "" implies url_is_safe == False before the refactoring.
 2022-04-20 10:04:29 +02:00
Carlton Gibson bf7c51a5f4 Fixed #33639 -- Enabled cached template loader in development. 2022-04-19 12:13:27 +02:00
Carlton Gibson deedf5bbc3 Refs #31169 -- Added release note for parallel test running changes. 2022-04-14 12:38:31 +02:00
Florian Apolloner 2eea361eff Fixed #30511 -- Used identity columns instead of serials on PostgreSQL. 2022-04-13 21:51:51 +02:00
Mariusz Felisiak b54fd0e36e Added stub release notes for 4.0.5. 2022-04-11 10:45:57 +02:00
Mariusz Felisiak 78eeff8d33 Added CVE-2022-28346 and CVE-2022-28347 to security archive. 2022-04-11 10:32:22 +02:00
Mariusz Felisiak 6723a26e59 Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL. 2022-04-11 08:59:58 +02:00
Mariusz Felisiak 93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases. 
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
 2022-04-11 08:59:33 +02:00
Manel Clos 62739b6e26 Fixed #33628 -- Ignored directories with empty names in autoreloader check for template changes. 
Regression in 68357b2ca9.
 2022-04-11 07:37:30 +02:00
Carlton Gibson 9ffd4eae2c
Fixed #33611 -- Allowed View subclasses to define async method handlers. 2022-04-07 07:05:59 +02:00
sarahboyce 65effbdb10 Fixed #33471 -- Made AlterField operation a noop when changing "choices". 
This also allows customizing attributes of fields that don't affect
a column definition.
 2022-04-06 13:05:57 +02:00
Baptiste Mispelon 50e1e7ef8e Fixed #33348 -- Changed SimpleTestCase.assertFormError()/assertFormsetErrors() to take form/formset. 
Instead of taking a response object and a context name for
the form/formset, the two methods now take the object directly.
 2022-04-06 07:58:52 +02:00
Mariusz Felisiak 78277faafd Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28. 2022-04-04 10:31:57 +02:00
David c8459708a7 Refs #32339 -- Added use_fieldset to Widget. 2022-03-30 16:28:14 +02:00
Mariusz Felisiak fac662f479
Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_relation argument from Query methods." 
Thanks lind-marcus for the report.

This reverts commit 0c71e0f9cf.

Regression in 0c71e0f9cf.
 2022-03-30 07:31:56 +02:00
Carlton Gibson 59ab3fd0e9 Refs #32365 -- Deprecated django.utils.timezone.utc. 2022-03-29 14:47:44 +02:00
Alokik Vijay baf9604ed8 Fixed #16406 -- Added ResolveMatch.captured_kwargs and extra_kwargs. 
Thanks Florian Apolloner for the review and implementation idea.
 2022-03-29 10:27:40 +02:00
Mariusz Felisiak 83c803f161
Updated Oracle docs links to Oracle 21c. 2022-03-29 09:41:57 +02:00
René Fleschenberg eb07b5be0c Fixed #15619 -- Deprecated log out via GET requests. 
Thanks Florian Apolloner for the implementation idea.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-03-29 06:42:14 +02:00
adontz 2bee0b4328 Fixed #7497 -- Allowed overriding the order of apps and models in admin. 2022-03-25 10:33:44 +01:00
Mariusz Felisiak 94d8ed55fa
Refs #15619 -- Logged out with POST requests in admin. 2022-03-24 17:41:53 +01:00
Thomas Schmidt 1cf60ce601 Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value. 2022-03-23 19:33:36 +01:00
Mariusz Felisiak 39ae8d740e
Added missing backticks to function names. 2022-03-17 11:10:03 +01:00
Mariusz Felisiak be80aa55ec
Removed outdated handling of length parameter to If-Modified-Since header. 
The length parameter is not described in RFC-7232 and it's against
HTTP/1.0 and HTTP/1.1 specifications. It was an old and unofficial
extension set by some ancient versions of IE.
 2022-03-15 13:07:44 +01:00
Mariusz Felisiak 6ffe48b8e4
Moved log_response() release notes into backwards incompatible changes section. 
Follow up to 90cf963264.
 2022-03-11 22:16:46 +01:00
Adrian Torres d90e34c61b Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend. 2022-03-10 12:57:19 +01:00
David Smith 67b5f506a6
Changed some words to use inline markup. 2022-03-10 10:18:31 +01:00
Luke Plant ae2da5ba65 Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_age argument. 2022-03-07 07:57:14 +01:00
Ryan Heard c6b4d62fa2 Fixed #29865 -- Added logical XOR support for Q() and querysets. 2022-03-04 12:55:37 +01:00
Carlton Gibson 9652a118ce Added stub release notes for Django 4.0.4. 2022-03-01 09:58:35 +01:00
Carlton Gibson 47143e27d4 Updated release date for version 4.0.3. 2022-03-01 09:32:18 +01:00
Mariusz Felisiak 445b075def
Fixed #33547 -- Fixed error when rendering invalid inlines with readonly fields in admin. 
Regression in de95c82667.

Thanks David Glenck for the report.
 2022-03-01 08:09:58 +01:00
Albert Defler 2b6a3baebe Fixed #31486 -- Deprecated passing unsaved objects to related filters. 
Co-Authored-By: Hasan Ramezani <hasan.r67@gmail.com>
 2022-02-25 07:51:37 +01:00
Shubh1815 11cc227344 Fixed #33267 -- Added link to related item to related widget wrapper in admin. 2022-02-25 06:33:05 +01:00
Claude Paroz eabc22f919
Fixed #33328 -- Transformed formset:added/removed to native JS events. 2022-02-23 10:33:07 +01:00
David Wobrock 7c318a8bdd Fixed #27844 -- Added optimizemigration management command. 2022-02-22 10:30:40 +01:00
Albert Defler 7ba6ebe914 Fixed #19580 -- Unified behavior of reverse foreign key and many-to-many relations for unsaved instances. 2022-02-22 09:16:40 +01:00
Theo Alexiou 659d2421c7 Fixed #20296 -- Prevented mark_safe() from evaluating lazy objects. 2022-02-21 10:11:26 +01:00
Hasan Ramezani 9ac3ef59f9 Fixed #33379 -- Added minimum database version checks. 
Thanks Tim Graham for the review.
 2022-02-18 13:37:49 +01:00
Mariusz Felisiak 1e2e1be02b
Fixed #33515 -- Prevented recreation of migration for ManyToManyField to lowercased swappable setting. 
Thanks Chris Lee for the report.

Regression in 4328970780.

Refs #23916.
 2022-02-16 21:09:24 +01:00
Carlton Gibson d113b5a837 Refs #33476 -- Made management commands use black. 
Run black on generated files, if it is available on PATH.
 2022-02-11 12:23:26 +01:00
Theo Alexiou f9ec777a82 Fixed #26287 -- Added support for addition operations to SimpleLazyObject. 2022-02-10 11:24:51 +01:00
Claude Paroz 4c76ffc2d6 Fixed #29490 -- Added support for object-based Media CSS and JS paths. 2022-02-10 08:48:27 +01:00
Carlton Gibson ba94488196 Refs #33476 -- Adjusted docs and config files for Black. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-02-07 20:36:04 +01:00
David Smith 770d3e6a4c
Fixed typo in release notes. 2022-02-02 07:17:57 +01:00
tschilling 0dcd549bbe Fixed #30360 -- Added support for secret key rotation. 
Thanks Florian Apolloner for the implementation idea.

Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
 2022-02-01 11:12:24 +01:00
Mariusz Felisiak ba4a6880d1 Added stub release notes for 4.0.3. 2022-02-01 09:10:20 +01:00
Mariusz Felisiak 9e0df0d6dd Added CVE-2022-22818 and CVE-2022-23833 to security archive. 2022-02-01 08:17:25 +01:00
Mariusz Felisiak fc18f36c4a Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads. 
Thanks Alan Ryan for the report and initial patch.
 2022-02-01 07:41:40 +01:00
Markus Holtermann 394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Kirill Safronov 97a7274468 Fixed #33480 -- Fixed makemigrations crash when renaming field of renamed model. 
Regression in aa4acc164d.
 2022-02-01 07:01:41 +01:00
Mariusz Felisiak 71e7c8e737
Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on aggregates with default. 
Thanks Adam Johnson for the report.
 2022-01-31 11:33:24 +01:00
Claude Paroz beb7ddbcee Updated translations from Transifex. 
Updated Bulgarian, Czech, German, Uzbek, and Vietnamese translations.

Forwardport of 7a1c6533eb from stable/4.0.x.
 2022-01-29 19:01:15 +01:00
vgolubev e87f57fdb8 Fixed #26142 -- Allowed model formsets to prevent new object creation. 
Thanks Jacob Walls, David Smith, and Mariusz Felisiak for reviews.

Co-authored-by: parth <parthvin@gmail.com>
 2022-01-27 20:45:21 +01:00
Mariusz Felisiak e972620ada
Fixed #33462 -- Fixed migration crash when altering type of primary key with MTI and foreign key. 
This prevents duplicated operations when altering type of primary key
with MTI and foreign key. Previously, a foreign key to the base model
was added twice, once directly and once by the inheritance model.

Thanks bcail for the report.

Regression in 325d7710ce.
 2022-01-27 18:51:39 +01:00
Carlton Gibson 85f2a9fb0f Fixed #33407 -- Fixed .radiolist admin CSS. 
Regression in 5942ab5eb1.
 2022-01-26 09:26:48 +01:00
Mariusz Felisiak 34aba9c06e
Fixed typo in docs/releases/4.1.txt. 2022-01-25 10:57:05 +01:00
Mariusz Felisiak eeca934238 Added stub release notes and release date for 4.0.2, 3.2.12, and 2.2.27. 2022-01-25 07:21:57 +01:00
Jacob Walls edbf930287 Fixed #29984 -- Added QuerySet.iterator() support for prefetching related objects. 
Co-authored-by: Raphael Kimmig <raphael.kimmig@ampad.de>
Co-authored-by: Simon Charette <charette.s@gmail.com>
 2022-01-25 06:12:04 +01:00
Claude Paroz 7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00
Jacob Walls 2d8232fa71 Fixed #26760 -- Added --prune option to migrate command. 2022-01-21 17:10:31 +01:00
Fabian Büchler eeff1787b0 Fixed #33449 -- Fixed makemigrations crash on models without Meta.order_with_respect_to but with _order field. 
Regression in aa4acc164d.
 2022-01-21 06:44:53 +01:00
Mariusz Felisiak f605e85af9
Fixed #33453 -- Dropped support for GDAL 2.1. 2022-01-20 18:54:29 +01:00
sean_c_hsu 0f6946495a Fixed #31685 -- Added support for updating conflicts to QuerySet.bulk_create(). 
Thanks Florian Apolloner, Chris Jerdonek, Hannes Ljungberg, Nick Pope,
and Mariusz Felisiak for reviews.
 2022-01-19 20:17:42 +01:00
Adam Johnson dc8bb35e39 Fixed #33446 -- Added CSS source map support to ManifestStaticFilesStorage. 2022-01-18 12:53:14 +01:00
Adam Johnson 45a42aabfa Fixed #29708 -- Deprecated PickleSerializer. 2022-01-13 13:50:20 +01:00
Adam Johnson 90cf963264 Changed django.utils.log.log_response() to take exception instance. 
There's little point retrieving a fresh reference to the exception in
the legacy tuple format, when it's all available via the exception
instance we already have.
 2022-01-12 20:23:42 +01:00
Jacob Walls dc9deea8e8 Fixed #11715 -- Changed default value of ModelAdmin.actions/inlines to empty tuples. 
This clarifies the intended pattern of overwriting the default value
rather than mutating it.
 2022-01-11 12:22:49 +01:00