af10e97531
Added stub release notes for Django 3.2.8.
2021-09-01 09:48:32 +02:00
f3a0dc5b2a
Added release date for 3.2.7.
2021-09-01 07:40:01 +02:00
b667ac24ea
Fixed #25264 -- Allowed suppressing base command options in --help output.
...
This also suppresses -verbosity and --trackback options in the
runserver's help.
2021-08-31 11:04:02 +02:00
cbba49971b
Fixed #32992 -- Restored offset extraction for fixed offset timezones.
...
Regression in 10d1261984
2021-08-30 10:12:46 +02:00
d89f976bdd
Fixed #33054 -- Made TestCase.captureOnCommitCallbacks() capture callbacks recursively.
2021-08-30 07:06:22 +02:00
5942ab5eb1
Refs #32338 -- Made RadioSelect/CheckboxSelectMultiple render in <div> tags.
...
This improves accessibility for screen reader users.
2021-08-27 06:14:01 +02:00
b263f4b69d
Fixed #32552 -- Added logger argument to DiscoverRunner.
2021-08-24 09:23:01 +02:00
7800596924
Fixed #33014 -- Made ProjectState raise exception when real_apps argument is not a set.
2021-08-19 10:18:51 +02:00
c23aa73626
Fixed #32964 -- Corrected 'setup'/'set up' usage in docs.
2021-08-17 12:18:07 +02:00
d3c4696596
Fixed #27590 -- Allowed customizing a manifest file storage in ManifestFilesMixin.
2021-08-05 12:40:34 +02:00
4fe3774c72
Refs #32986 -- Moved TRANSLATOR_COMMENT_MARK to django.utils.translation.template.
2021-08-05 06:11:40 +02:00
4f3acf9579
Fixed #32984 -- Allowed customizing a deletion field widget in formsets.
2021-08-03 13:12:50 +02:00
ae89daf46f
Fixed #31621 -- Added support for '--parallel auto' to test management command.
2021-08-03 09:57:04 +02:00
947bdec60c
Added stub release notes for Django 3.2.7.
2021-08-02 08:41:29 +02:00
74a86e9b5e
Confirmed release date for Django 3.2.6.
2021-08-02 06:55:40 +02:00
fbb1984046
Refs #32956 -- Updated words ending in -wards.
...
AP styleguide: Virtually none of the words ending with -wards end with
an s.
2021-07-30 20:34:50 +02:00
7c30bdbdb1
Refs #32916 -- Replaced request.csrf_cookie_needs_reset with request.META['CSRF_COOKIE_NEEDS_UPDATE'].
2021-07-29 11:55:36 +02:00
1024b5e74a
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
2021-07-29 06:24:12 +02:00
5b8ef8aa5b
Refs #32946 -- Changed Query.add_filter() to take two arguments.
2021-07-28 09:38:42 +02:00
1cba320786
Refs #32956 -- Changed "afterwards" to "afterward" in docs and comments.
...
This also removes unnecessary comments with the previous spelling.
AP Stylebook has a short entry to advise the preferred spelling for
"en-us". "Afterwards" is preferred in British English.
2021-07-27 10:41:51 +02:00
20226fcd46
Fixed #32947 -- Fixed hash() crash on reverse M2M relation when through_fields is a list.
...
Regression in c32d8f33d8
2021-07-26 06:09:29 +02:00
1783b3cb24
Fixed #32275 -- Added scrypt password hasher.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-22 12:40:33 +02:00
c35b81b864
Fixed #32951 -- Removed Query.where_class & co.
...
Unused since 3caf957ed5
2021-07-22 08:49:20 +02:00
012f38f959
Refs #32949 -- Adjusted release note wording.
2021-07-21 11:34:47 +02:00
c542d0a072
Fixed #32949 -- Restored invalid number handling in DecimalField.validate().
...
DecimalField must itself validate() values, such as NaN, which cannot be
passed to validators, such as MaxValueValidator, during the
run_validators() phase.
Regression in cc3d24d7d5
2021-07-21 10:20:24 +02:00
fee8734596
Refs #10929 -- Deprecated forced empty result value for PostgreSQL aggregates.
...
This deprecates forcing a return value for ArrayAgg, JSONBAgg, and
StringAgg when there are no rows in the query. Now that we have a
``default`` argument for aggregates, we want to revert to returning the
default of ``None`` which most aggregate functions return and leave it
up to the user to decide what they want to be returned by default.
2021-07-19 13:41:16 +02:00
501a8db465
Fixed #10929 -- Added default argument to aggregates.
...
Thanks to Simon Charette and Adam Johnson for the reviews.
2021-07-19 13:04:27 +02:00
56f9579105
Fixed #32655 -- Deprecated extra_tests argument for DiscoverRunner.build_suite()/run_tests().
2021-07-16 20:46:41 +02:00
00c724f2f2
Fixed typo in docs/releases/3.1.13.txt.
2021-07-16 20:30:21 +02:00
84400d2e9d
Fixed #32905 -- Added CSS class for non-form errors of formsets.
2021-07-15 07:00:39 +02:00
3a45fea083
Fixed #21936 -- Allowed DeleteView to work with custom Forms and SuccessMessageMixin.
...
Thanks to Mariusz Felisiak for review.
Co-authored-by: Demetris Stavrou <demestav@gmail.com>
Co-authored-by: Caroline Simpson <github@hoojiboo.com>
2021-07-14 09:47:03 +02:00
f42ccdd835
Fixed #27021 -- Allowed lookup expressions in annotations, aggregations, and QuerySet.filter().
...
Thanks Hannes Ljungberg and Simon Charette for reviews.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-09 11:43:06 +02:00
90ba716bf0
Fixed #24522 -- Added a --shuffle option to DiscoverRunner.
2021-07-08 07:29:04 +02:00
77b88fe621
Fixed #32908 -- Allowed select_for_update(skip_locked) on MariaDB 10.6+.
2021-07-08 06:51:10 +02:00
a06b977a91
Fixed #32776 -- Added support for Array subqueries on PostgreSQL.
2021-07-06 07:36:52 +02:00
fa35c8bdbc
Fixed #30934 -- Included database alias in django.db.backends log messages.
...
This is useful when working with database routing as you want to know
where each query is being executed.
Co-authored-by: David Winterbottom <david.winterbottom@gmail.com>
2021-07-02 15:36:53 +02:00
9f3cce172f
Refs #26430 -- Re-introduced empty aggregation optimization.
...
The introduction of the Expression.empty_aggregate_value interface
allows the compilation stage to enable the EmptyResultSet optimization
if all the aggregates expressions implement it.
This also removes unnecessary RegrCount/Count.convert_value() methods.
Disabling the empty result set aggregation optimization when it wasn't
appropriate prevented None returned for a Count aggregation value.
Thanks Nick Pope for the review.
2021-07-02 07:25:42 +02:00
8feb2a49fa
Added CVE-2021-35042 to security archive.
2021-07-01 09:57:08 +02:00
bcea1a3193
Added stub release notes for Django 3.2.6.
2021-07-01 09:43:15 +02:00
dae83a2451
Forwardported release notes for CVE-2021-35042.
2021-07-01 09:42:54 +02:00
8e97698d7b
Added stub release notes for 3.1.13 and release date for 3.2.5.
2021-07-01 06:52:41 +02:00
cd124295d8
Fixed #32381 -- Made QuerySet.bulk_update() return the number of objects updated.
...
Co-authored-by: Diego Lima <diego.lima@lais.huol.ufrn.br>
2021-06-29 06:58:46 +02:00
495083e3e1
Updated translations from Transifex.
...
Forwardport of 04b744050f
2021-06-28 07:08:39 +02:00
1bbb98d9a4
Fixed #32363 -- Ensured sys.__interactivehook__ is called in shell
...
By default, this means that readline is properly registered, so that
.python_history is used.
sys.__interactivehook__ may be set by a $PYTHONSTARTUP file.
2021-06-23 14:53:41 +02:00
7a9745fed4
Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
...
Regression in b5e12d490a
2021-06-22 20:47:15 +02:00
854e9b0668
Fixed #32824 -- Improved performance of NodeList.render().
...
This avoids the following:
- checking that each item in the nodelist is a subclass of Node,
- calling str() on the render_annotated() output, because it's
documented that Node.render() must return a string,
- calling mark_safe() on the output, when the value to be wrapped is
definitively known to be a string because the result of ''.join()
is always of that type,
- using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
fa0433d05f
Fixed #32832 -- Fixed adding BLOB/TEXT nullable field with default on MySQL 8.0.13+.
...
Regression in d4ac23bee1
2021-06-10 20:03:43 +02:00
57bc16b38e
Refs #32503 -- Added release notes for 5e04e84d67.
2021-06-10 20:03:43 +02:00
8c3bd0b708
Fixed #31653 -- Added AddConstraintNotValid()/ValidateConstraint() operations for PostgreSQL.
2021-06-08 07:46:51 +02:00
0393b9262d
Fixed #32812 -- Restored immutability of named values from QuerySet.values_list().
...
Regression in 981a072dd4
2021-06-04 07:23:16 +02:00
d9cee3f5f2
Fixed docs header underlines in security archive.
2021-06-02 12:16:38 +02:00
ba10772bf6
Added stub release notes for Django 3.2.5.
2021-06-02 11:25:32 +02:00
a39f235ca4
Added CVE-2021-33203 and CVE-2021-33571 to security archive.
2021-06-02 11:15:54 +02:00
e1d787f1b3
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
...
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.
[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
46572de2e9
Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs' TemplateDetailView.
2021-06-02 10:58:39 +02:00
f66ae7a2d5
Confirmed release date for Django 3.2.4, 3.1.12, and 2.2.24.
2021-06-02 10:19:19 +02:00
e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
...
Regression in 1e38f1191d
2021-06-01 15:11:42 +02:00
a0410ffe8f
Refs #32552 -- Added DiscoverRunner.log() to allow customization.
...
Thanks Carlton Gibson, Chris Jerdonek, and David Smith for reviews.
2021-06-01 13:31:44 +02:00
91e21836f6
Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage.
2021-05-31 11:09:48 +02:00
b9df2b74b9
Fixed #32676 -- Prevented migrations from rendering related field attributes when not passed during initialization.
...
Thanks Simon Charette for the implementation idea.
2021-05-28 20:25:59 +02:00
b746596f5f
Refs #32779 -- Changed DatabaseSchemaEditor._unique_sql()/_create_unique_sql() to take fields as second parameter.
2021-05-28 10:50:27 +02:00
e93eb3d971
Fixed #32789 -- Made feeds emit elements with no content as self-closing tags.
2021-05-27 21:05:28 +02:00
e513fb0e77
Fixed typo in MiddlewareMixin deprecation note.
2021-05-27 06:17:30 +02:00
12b19a1d76
Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute.
...
Regression in ec6d2531c5
2021-05-26 11:19:47 +02:00
1143f3bb5e
Fixed #32543 -- Added search_help_text to ModelAdmin.
2021-05-26 10:20:13 +02:00
b46dbd4e3e
Added stub release notes and date for Django 3.2.4, 3.1.12, and 2.2.24.
2021-05-26 10:16:05 +02:00
68357b2ca9
Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes.
2021-05-26 09:41:29 +02:00
7cca22964c
Fixed #32375 -- Started deprecation toward changing the default sitemap protocol to https.
...
The default sitemap protocol, when it is built outside the context of
a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-21 11:00:54 +02:00
66491f08fe
Changed IRC references to Libera.Chat.
2021-05-20 12:23:36 +02:00
736bb9868a
Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods.
2021-05-20 07:29:16 +02:00
c2e6047c72
Fixed #32740 -- Caught possible exception when initializing colorama.
2021-05-19 10:33:15 +02:00
8cd55021bc
Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
...
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
958cdf65ae
Fixed #32747 -- Prevented initialization of unused caches.
...
Thanks Alexander Ebral for the report.
Regression in 98e05ccde4
2021-05-18 18:24:19 +02:00
a24fed399c
Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
...
Regression in b5e12d490a
2021-05-18 13:02:33 +02:00
f7691d4812
Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
...
Regression in ba31b01034
2021-05-18 09:14:05 +02:00
c156e36955
Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.
2021-05-17 09:46:09 +02:00
7c4ee487c7
Refs #32720 -- Fixed some broken links in docs.
2021-05-17 09:22:17 +02:00
1c3bbcf802
Refs #32720 -- Used full hashes in security archive.
2021-05-17 08:27:46 +02:00
df5c96299a
Corrected commit hashes for security patches.
2021-05-17 08:26:06 +02:00
8c4caee76a
Refs #32720 -- Used :commit: and :source: role in old release notes.
2021-05-17 07:36:57 +02:00
820408d842
Added stub release notes for Django 3.2.4.
2021-05-13 09:42:26 +02:00
b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
...
- Validate filename returned by FileField.upload_to() not a filename
passed to the FileField.generate_filename() (upload_to() may
completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.
Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.
Regression in 0b79eb3691
2021-05-13 08:53:44 +02:00
b81c7562fc
Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
...
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc
2021-05-13 07:26:52 +02:00
3733ae8957
Fixed #32031 -- Added model class for each model to AdminSite.each_context().
2021-05-13 06:57:09 +02:00
29e4ccb1a2
Fixed #32738 -- Deprecated django.utils.datetime_safe module.
2021-05-12 14:42:17 +02:00
1061f52436
Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
...
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).
This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
d1f1417cae
Refs #32718 -- Corrected CVE-2021-31542 release notes.
2021-05-12 10:42:01 +02:00
205c36b58f
Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.
2021-05-07 20:03:46 +02:00
028f10fac6
Fixed #32712 -- Deprecated django.utils.baseconv module.
2021-05-07 11:57:40 +02:00
29779075d7
Added stub release notes for Django 3.2.3.
2021-05-06 10:08:00 +02:00
efebcc429f
Added CVE-2021-32052 to security archive.
2021-05-06 09:58:24 +02:00
e1e81aa1c4
Fixed #32713 , Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
...
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
96f55ccf79
Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
...
Regression in c8b6594305
2021-05-05 08:43:57 +02:00
62b2e8b37e
Added commits for CVE-2021-31542 to security archive.
2021-05-04 11:09:21 +02:00
607ebbfba9
Added CVE-2021-31542 to security archive.
2021-05-04 11:06:07 +02:00
5a43cfe245
Added stub release notes for Django 3.2.2.
2021-05-04 11:01:33 +02:00
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
8bcb00858e
Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri().
2021-04-30 08:05:42 +02:00
907d3a7ff4
Refs #32674 -- Noted that auto-created through table PKs cannot be automatically migrated.
2021-04-29 13:53:56 +02:00
Mariusz Felisiak
Jan Szoja
Carlton Gibson
Eugene Morozov
David Smith
Chris Jerdonek
Andrew Northall
Jarosław Wygoda
Ties Jan Hefting
Adam Johnson
David Smith
Keryn Knight
Tom Wojcik
ryowright
Nick Pope
yakimka
Jacob Walls
Ian Foote
Hannes Ljungberg
Simon Charette
abhiabhi94
Claude Paroz
Peter Inglesby
Hasan Ramezani
Sanskar Jaiswal
Takayuki Hirayama
Florian Apolloner
Daniyal
Gildardo Adrian Maravilla Jacome
David Wobrock
Mohammadreza Varasteh
Rohith PR
David Sanders
Rust Saiargaliev
Slava Skvortsov
Raffaele Salmaso
Jordi Castells
Tim Graham