Commit Graph

13050 Commits

Author SHA1 Message Date
Filip Łajszczak fe6f4bef03 Fixed #26975 -- Clarified how Django looks for fixture files.
Co-Authored-By: Daniel Brotsky <dev@brotsky.com>
2022-09-25 21:37:21 +02:00
Jacob Walls cfe3008123
Fixed typo in docs/releases/3.2.1.txt. 2022-09-19 05:19:01 +02:00
Alexander Kerkum f88fc72da4 Fixed #34016 -- Fixed QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg().
Regression in e06dc4571e.
2022-09-17 19:38:20 +02:00
Ritik Soni c11336cd99
Fixed #34017 -- Doc'd that Argon2id variant is used by Argon2PasswordHasher. 2022-09-17 09:49:09 +02:00
DevilsAutumn 6b0bbaf453 Fixed #34019 -- Removed obsolete references to "model design considerations" note. 2022-09-17 08:02:13 +02:00
Ferran Jovell 6619baab9b Fixed #34018 -- Fixed typo in docs/ref/contrib/flatpages.txt. 2022-09-16 15:12:45 +02:00
Allen Jonathan David 10178197d5 Fixed #33966 -- Added support for using KeyTextTransform from lookup. 2022-09-16 05:36:57 +02:00
Pamela Fox 8e93fc561e Described Article-Reporter relationship in many-to-one topic. 2022-09-15 10:15:50 +02:00
David Sanders e14d08cd89 Fixed #33996 -- Fixed CheckConstraint validation on NULL values.
Bug in 667105877e.

Thanks James Beith for the report.
2022-09-13 12:48:31 +02:00
Dhanush 6df9398cce
Corrected example of redundant all() in docs. 2022-09-09 13:34:14 +02:00
Simon Charette 32536b1324 Fixed #33992 -- Fixed queryset crash when aggregating over a group containing Exists.
A more in-depth solution is likely to make sure that we always GROUP BY
selected annotations or revisit how we use Query.exists() in the Exists
expression but that requires extra work that isn't suitable for a
backport.

Regression in e5a92d400a.

Thanks Fernando Flores Villaça for the report.
2022-09-08 05:50:02 +02:00
Shai Berger 42cd8c390d Fixed #33986 -- Hardened binary lookup in template commands.
Made template commands look up formatters before writing files.
This makes sure files included in the template are not identified
as executable formatter commands, even in case the template is
rendered into the system path (as might easily happen on Windows,
where the current directory is on the system path by default).

While at it, Warned about trusting custom templates for
startapp/startproject.

Thanks Trung Pham of Viettel Cyber Security for reporting the issue,
Django Security Team for discussions, and Adam Johnson and
Carlton Gibson for reviews.
2022-09-07 11:08:43 +02:00
James Beith 19e838daa8 Fixed #33982 -- Fixed migrations crash when adding model with ExclusionConstraint.
Regression in 0e656c02fe.
2022-09-07 08:40:56 +02:00
SirAbhi13 4a1150b41d Fixed #33616 -- Allowed registering callbacks that can fail in transaction.on_commit().
Thanks David Wobrock and Mariusz Felisiak for reviews.
2022-09-06 12:21:36 +02:00
Gav O'Connor be63c78760 Fixed #24179 -- Added filtering to selected side of vertical/horizontal filters. 2022-09-06 10:46:58 +02:00
Mariusz Felisiak 604fadde11 Added stub release notes for 4.1.2. 2022-09-05 06:02:40 +02:00
Mariusz Felisiak aed92f686d Added release date for 4.1.1. 2022-09-05 05:21:23 +02:00
Mariusz Felisiak 753602d0c6
Corrected heading level of "Registering and fetching lookups" section in docs. 2022-09-04 14:32:24 +02:00
Allen Jonathan David cd1afd553f Fixed #29799 -- Allowed registering lookups per field instances.
Thanks Simon Charette and Mariusz Felisiak for reviews and mentoring
this Google Summer of Code 2022 project.
2022-09-02 10:02:24 +02:00
Mariusz Felisiak 974942a750
Fixed #33955, Fixed #33971 -- Reverted "Fixed #32565 -- Moved internal URLResolver view-strings mapping to admindocs."
This reverts commit 7f3cfaa12b.

Thanks Tom Carrick and Greg Kaleka for reports.
2022-09-01 21:09:16 +02:00
Mariusz Felisiak cb06f5ef8c
Reverted "Fixed #30711 -- Doc'd django.contrib.postgres.fields.hstore.KeyTransform()."
This reverts commit 7faf25d682. The same
can be achieved with F() so there is no need to expose an extra API.
2022-08-31 22:12:30 +02:00
Alex Morega 838cc0f449 Fixed #33965 -- Improved file-like object example of ImageField in docs.
This uses a valid image.
2022-08-31 12:33:04 +02:00
Swara 08303f4f06 Added Central Kurdish (Sorani) language. 2022-08-30 11:56:11 +02:00
Alex Morega de6c9c7054 Refs #30947 -- Changed tuples to lists where appropriate. 2022-08-30 09:57:17 +02:00
Iván Camilo Triviño López 411a6ec93a
Fixed #33958 -- Added imports to examples in "Expressions can reference transforms" section. 2022-08-30 06:03:53 +02:00
Ilia Peterov 0010721e89
Improved example of index on SearchVector in full text search docs. 2022-08-29 19:28:00 +02:00
Mariusz Felisiak 4483a9b12f
Fixed #33960 -- Fixed migrations crash on SQLite < 3.26.
Regression in 0b95a96ee1.

Thanks Aristotelis Mikropoulos for the report.
2022-08-29 09:55:45 +02:00
David Wobrock 806e9e2d0d Fixed #33952 -- Reallowed creating reverse foreign key managers on unsaved instances.
Thanks Claude Paroz for the report.

Regression in 7ba6ebe914.
2022-08-27 15:03:48 +02:00
Mariusz Felisiak 081871bc20
Refs #30511 -- Updated docs about auto-incrementing primary keys on PostgreSQL.
Follow up to 2eea361eff.
2022-08-26 21:42:44 +02:00
Iuri de Silvio 166a3b3263 Fixed #33953 -- Reverted "Fixed #33201 -- Made RenameModel operation a noop for models with db_table."
Regression in afeafd6036.
This reverts afeafd6036.

Thanks Timothy Thomas for the report.
2022-08-26 06:14:44 +02:00
Simon Charette 71902e0d9f Fixed #33938 -- Fixed migration crash for m2m with a through model in another app.
Regression in aa4acc164d.

Thanks bryangeplant for the report.
2022-08-25 10:03:57 +02:00
Daniel Hahler 6f49b7b69b Refs #18707 -- Corrected django.test.Client signature in docs. 2022-08-25 07:24:25 +02:00
Willem Van Onsem 16fffc829c Fixed #33916 -- Added support for serialization of enum.Flag in migrations. 2022-08-25 06:43:48 +02:00
Kanza 5f5401b114 Fixed #33920 -- Doc'd dependency of LOGGING_CONFIG callback on non-empty LOGGING. 2022-08-24 11:38:43 +02:00
Alex Morega 7e6b537f5b
Fixed #33939 -- Used functools.partial() in transaction.on_commit() examples. 2022-08-23 11:55:30 +02:00
Jacob Rief aed60aee38 Fixed #33930 -- Eased customization of delete_confirmation.html template in the admin. 2022-08-18 10:51:12 +02:00
Benoît Vinot e3cb8bcb7d Fixed #33932 -- Fixed altering AutoFields to OneToOneField on PostgreSQL.
Regression in 2eea361eff.
2022-08-17 17:06:00 +02:00
Tom Carrick d46cc15c51 Fixed #33878 -- Switched to system fonts in CSS. 2022-08-17 10:19:00 +02:00
Youssef 0cbbed49f4 Fixed #33909 -- Corrected django.dispatch.receiver() signature. 2022-08-16 06:13:15 +02:00
Youssef 247e25897b Fixed #33778 -- Updated build-system configuration.
This removes unnecessary wheel dependency and __legacy__ fallback.
2022-08-15 11:31:33 +02:00
Simon Charette 242499f2dc Fixed #26780 -- Added prefetch_related() support for sliced queries.
This was made possible by window function filtering support added in
f387d024fc.
2022-08-15 10:25:20 +02:00
Simon Charette f387d024fc Refs #28333 -- Added partial support for filtering against window functions.
Adds support for joint predicates against window annotations through
subquery wrapping while maintaining errors for disjointed filter
attempts.

The "qualify" wording was used to refer to predicates against window
annotations as it's the name of a specialized Snowflake extension to
SQL that is to window functions what HAVING is to aggregates.

While not complete the implementation should cover most of the common
use cases for filtering against window functions without requiring
the complex subquery pushdown and predicate re-aliasing machinery to
deal with disjointed predicates against columns, aggregates, and window
functions.

A complete disjointed filtering implementation should likely be
deferred until proper QUALIFY support lands or the ORM gains a proper
subquery pushdown interface.
2022-08-15 08:26:26 +02:00
Mohammadtaher Abbasi e30d667842
Fixed #33921 -- Added release note for 5b8699e723. 2022-08-12 22:38:19 +02:00
Mariusz Felisiak 5c803bc070
Fixed #33919 -- Fixed adding AutoFields on PostgreSQL.
Thanks Jack Calvin Brown for the report.

Regression in 2eea361eff.
2022-08-12 17:30:23 +02:00
Claude Paroz 4fcba800b8 Fixed #33924 -- Deprecated BaseGeometryWidget.map_height/map_width attributes. 2022-08-12 13:26:35 +02:00
Jarosław Wygoda 9e7cb27a5b Refs #26029 -- Doc'd django.core.files.storage.default_storage. 2022-08-10 12:23:13 +02:00
David Sanders e0ae1363ec Fixed #33905 -- Fixed CheckConstraint() validation on range fields.
Bug in 667105877e.
2022-08-09 20:13:21 +02:00
Ramil Yanbulatov cccfb45d00 Refs #33842 -- Removed incorrect :file: role in contrib docs.
The file role is not appropriate for URLs and URL path-components.
2022-08-09 14:51:59 +02:00
Ramil Yanbulatov d699594462 Refs #33842 -- Added :ttag: role in translations docs. 2022-08-09 14:51:59 +02:00
Ramil Yanbulatov c6290bae9d Fixed #33842 -- Used :source: role for links to repo files on GitHub. 2022-08-09 14:44:51 +02:00
Mariusz Felisiak 63884829ac
Fixed #33902 -- Fixed Meta.constraints validation crash with F() expressions.
Thanks Adam Zahradník for the report.

Bug in 667105877e.
2022-08-09 06:08:48 +02:00
Alessandro Baccini c614e811f8
Fixed typo in docs/topics/i18n/translation.txt. 2022-08-08 19:43:36 +02:00
Kamil Turek e03cdf76e7 Fixed #31721 -- Allowed ModelForm meta to specify form fields. 2022-08-08 09:46:05 +02:00
Fiza Ashraf c0beff2123 Fixed #33899 -- Fixed migration crash when removing indexed field on SQLite 3.35.5+.
Regression in 702819227fd0cdd9b581cd99e11d1561d51cbeb.

Thanks cessor for the report.
2022-08-08 06:28:53 +02:00
Mariusz Felisiak fd93db97c7
Fixed #33898 -- Fixed Window() expression crash with ArrayAgg().
Thanks Kia for the report.

Regression in e06dc4571e.
2022-08-06 17:59:31 +02:00
Mariusz Felisiak 00370342ca
Fixed typo in docs/ref/forms/renderers.txt.
Thanks Josh for the report.
2022-08-06 13:43:16 +02:00
Fab 0756c61f2a Fixed #33893 -- Reverted "Fixed #28889 -- Prevented double submission of admin forms."
Regression in fe7dbef586.
2022-08-05 16:38:52 +02:00
Mariusz Felisiak d4db417c8e
Fixed #33891 -- Fixed test command crash when running in parallel using spawn.
Thanks Kevin Renskers for the report.

Regression in 41c4cb253c.
2022-08-04 09:16:38 +02:00
Claude Paroz 0638b4e23d Fixed #33888 -- Fixed get_select2_language() crash with no language activated.
Regression in 3079133c73.
2022-08-03 19:51:25 +02:00
NOTHING a2792d09ad
Fixed typo in docs/releases/4.2.txt. 2022-08-03 18:40:42 +02:00
Aarni Koskela e7afb8a180 Fixed #33886 -- Reallowed using GeoIP2() when GEOS is not installed.
Regression in 31bef51d8e.
2022-08-03 16:55:23 +02:00
Mariusz Felisiak cb791a2540
Fixed #33872 -- Deprecated django.contrib.postgres.fields.CIText/CICharField/CIEmailField/CITextField. 2022-08-03 11:42:51 +02:00
Carlton Gibson 09e837c5d9 Added stub release notes for 4.1.1. 2022-08-03 10:52:38 +02:00
Carlton Gibson a4cb1dae63 Updated release notes for Django 4.1 release. 2022-08-03 10:26:00 +02:00
Carlton Gibson 57c7220280 Added CVE-2022-36359 to security archive. 2022-08-03 09:09:48 +02:00
Carlton Gibson bd062445cf Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.
Thanks to Motoyasu Saburi for the report.
2022-08-03 08:46:31 +02:00
Carlton Gibson 9062c23de8 Adjusted version 4.0.7 release notes. 2022-08-03 08:36:32 +02:00
Sarah Abderemane bc7aa2a5e9 Fixed #33690 -- Added switch button for dark mode in the admin. 2022-08-02 17:14:24 +02:00
Carlton Gibson 5028a02352 Doc'd TextField.db_collation as optional.
Matches CharField.db_collation docs.

Thanks to Paolo Melchiorre for the report.
2022-08-02 15:16:42 +02:00
Claude Paroz 44c24bf028 Refs #25706 -- Removed inline CSS in the openlayers widget template. 2022-08-01 20:29:49 +02:00
Claude Paroz 1e5bbbb2a8 Fixed #33442 -- Allowed GeoIP2 to use DB-IP Lite datasets. 2022-07-30 19:29:45 +02:00
rharri 6654289f5b Fixed typo in docs/topics/testing/tools.txt. 2022-07-29 08:26:27 +02:00
Carlton Gibson cadd864f68 Adjusted release notes for 4.0.7 and 3.2.15. 2022-07-27 10:03:06 +02:00
Carlton Gibson 0c1675781e Added release date and stub release notes for 4.0.7 and 3.2.15 releases. 2022-07-27 09:23:40 +02:00
Mariusz Felisiak e20e5d1557
Fixed #33820 -- Doc'd "true"/"false"/"null" caveat for JSONField key transforms on SQLite.
Thanks Johnny Metz for the report.

Regression in 71ec102b01.
2022-07-26 20:21:27 +02:00
Mariusz Felisiak 7e3c9c3205 Refs #27236 -- Doc'd that AlterIndexTogether is no longer officially supported for Django 4.2+ migration files. 2022-07-26 11:42:54 +02:00
Mariusz Felisiak a1e9e9abc5 Refs #27236 -- Reverted "Refs #27236 -- Added generic mechanism to handle the deprecation of migration operations."
This reverts commit 41019e48bb.
2022-07-26 11:41:19 +02:00
Mariusz Felisiak c773d5794e Refs #27236 -- Reverted AlterIndexTogether deprecation.
This partly reverts a6385b382e.
2022-07-26 11:41:19 +02:00
Claude Paroz 2d23a07817 Fixed #33866 -- Added pathlib.Path support to GDALRaster constructor. 2022-07-25 20:48:33 +02:00
Claude Paroz 3b79dab19a Refs #33691 -- Deprecated insecure password hashers.
SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher
are now deprecated.
2022-07-23 21:29:31 +02:00
Claude Paroz a46dfa87d0
Refs #25756 -- Doc'd inability to use file fields with PostgreSQL ArrayField. 2022-07-23 16:12:01 +02:00
Nick Pope 4d4bf55e0e Fixed #33864 -- Deprecated length_is template filter. 2022-07-23 12:36:21 +02:00
Victor 2fac0a1808
Fixed #33317 -- Added note about unconditional evaluation of {% block %} tags. 2022-07-22 10:09:29 +02:00
Mariusz Felisiak e59d1ff562
Fixed #33850 -- Confirmed support for GEOS 3.11. 2022-07-18 20:03:26 +02:00
cheng d4c5d2b52c Fixed #33631 -- Marked {% blocktranslate asvar %} result as HTML safe. 2022-07-14 11:09:19 +02:00
Alokik Vijay 7faf25d682 Fixed #30711 -- Doc'd django.contrib.postgres.fields.hstore.KeyTransform(). 2022-07-13 10:56:46 +02:00
David Wobrock a6385b382e
Fixed #27236 -- Deprecated Meta.index_together in favor of Meta.indexes.
This also deprecates AlterIndexTogether migration operation.
2022-07-12 09:04:31 +02:00
Mariusz Felisiak 5e2f4ddf29
Refs CVE-2022-34265 -- Unified DatabaseOperations._convert_*_to_tz() hook names. 2022-07-09 13:02:07 +02:00
Mariusz Felisiak eb3699ea77
Fixed #33718 -- Dropped support for MySQL 5.7. 2022-07-08 13:30:12 +02:00
David Wobrock 41019e48bb Refs #27236 -- Added generic mechanism to handle the deprecation of migration operations. 2022-07-08 07:05:55 +02:00
Simon Charette 877c800f25 Refs CVE-2022-34265 -- Properly escaped Extract() and Trunc() parameters.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-07-06 07:40:07 +02:00
Mariusz Felisiak d12d7c4c42 Added CVE-2022-34265 to security archive. 2022-07-04 10:27:14 +02:00
Mariusz Felisiak c6932ea2ea Added stub release notes for 4.0.7. 2022-07-04 10:06:07 +02:00
Mariusz Felisiak 54eb8a374d Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
2022-07-04 08:13:41 +02:00
Aristotelis Mikropoulos 5eb6a2b33d
Fixed typo in docs/topics/signals.txt. 2022-07-02 16:45:24 +02:00
Michael Manfre 03eec9ff6c Updated vendored _urlsplit() to strip newline and tabs.
Refs Python CVE-2022-0391. Django is not affected, but others who
incorrectly use internal function url_has_allowed_host_and_scheme()
with unsanitized input could be at risk.
2022-07-01 08:48:38 +02:00
Arslan Noor 5c93a84f44 Corrected various typos in contributing docs. 2022-06-30 11:09:06 +02:00
Pablo Montepagano bb2c5f69f4
Fixed #32749 -- Doc'd PyMemcacheCache defaults. 2022-06-28 21:56:51 +02:00
Mariusz Felisiak 154dd1c0ed
Refs #33697 -- Added backward incompatibility note about removing multipartparser.parse_header(). 2022-06-28 21:45:03 +02:00
Hrushikesh Vaidya 72e41a0df6 Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script(). 2022-06-28 10:54:38 +02:00