Tim Graham
011a54315e
Made is_safe_url() reject URLs that start with control characters.
...
This is a security fix; disclosure to follow shortly.
2015-03-18 19:20:07 -04:00
Tim Graham
1c83fc88d6
Fixed an infinite loop possibility in strip_tags().
...
This is a security fix; disclosure to follow shortly.
2015-03-18 19:20:07 -04:00
Tim Graham
9ddfe9b301
Added stub release notes for security releases.
2015-03-18 19:20:07 -04:00
Karl Hobley
81e1a35c36
Fixed #24495 -- Allowed unsaved model instance assignment check to be bypassed.
2015-03-18 19:00:09 -04:00
Claude Paroz
a0c2eb46dd
Fixed #23960 -- Removed http.fix_location_header
...
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
Tim Graham
c5c8751147
Refs #24487 -- Added upgrade tips about removal of SortedDict.
...
Thanks Pascal Chambon for the initial patch.
2015-03-17 13:41:11 -04:00
Andriy Sokolovskiy
81c2d9f60b
Fixed #15579 -- Added ability to delete only child models in multi-table inheritance.
2015-03-17 08:33:16 -04:00
Daniel Wiesmann
f269c1d6f6
Added write support for GDALRaster
...
- Instantiation of GDALRaster instances from dict or json data.
- Retrieve and write pixel values in GDALBand objects.
- Support for the GDALFlushCache in gdal C prototypes
- Added private flush method to GDALRaster to make sure all
data is written to files when file-based rasters are changed.
- Replaced ``ptr`` with ``_ptr`` for internal ptr variable
Refs #23804 . Thanks Claude Paroz and Tim Graham for the reviews.
2015-03-16 19:37:43 +01:00
John Giannelos
8758a63ddb
Fixed #24427 -- Stopped writing migration files in dry run mode when merging.
...
Also added display of migration to stdout when verbosity=3.
2015-03-16 14:04:37 -04:00
Preston Timmons
388e79e9fc
Fixed #24493 -- Added BaseContext.setdefault()
2015-03-16 13:13:02 -04:00
Thomas Tanner
28986da4ca
Fixed #5986 -- Added ability to customize order of Form fields
2015-03-16 09:12:57 -04:00
Steven Das
4f494ed0c6
Added comma to improve readability in 1.7 release notes.
2015-03-16 08:15:17 -04:00
Tomáš Ehrlich
8414fcf16b
Fixes #23643 -- Added chained exception details to debug view.
2015-03-14 16:08:23 -04:00
Matthew Wilkes
ae87ad005f
Refs #24354 -- Prevented repointing of relations on superclasses when migrating a subclass's name change
...
Forwardport of test and release note from stable/1.7.x
2015-03-14 15:37:40 -04:00
Berker Peksag
34fb909180
Fixed #12982 -- Added a get_or_set() method to the BaseCache backend.
2015-03-14 20:07:16 +02:00
Claude Paroz
aa5ab114e3
Fixed #24122 -- Redirected to translated url after setting language
...
Thanks gbdlin for the initial patch and Tim Graham for the review.
2015-03-13 16:46:40 +01:00
Jon Dufresne
d861f95c44
Fixed #24139 -- Changed HttpResponse.reason_phrase to evaluate based on status_code.
2015-03-12 20:18:06 -04:00
Tim Graham
e4a578e70e
Fixed #24226 -- Changed admin EMPTY_CHANGELIST_VALUE from (None) to -
2015-03-12 09:40:56 -04:00
Tim Graham
0cb6a85f5e
Added yesterday's security issue to archive.
2015-03-10 11:01:18 -04:00
Tim Graham
ea9157f681
Added stub release notes for 1.7.7.
2015-03-09 13:09:39 -04:00
Baptiste Mispelon
82c9169077
Refs #24461 -- Added test/release notes for XSS issue in ModelAdmin.readonly_fields
...
This issue was fixed by refs #24464 .
2015-03-09 10:12:21 -04:00
Tim Graham
300fdbbebb
Clarified an item in 1.7.6 release notes.
2015-03-09 10:06:18 -04:00
Erik Romijn
fa350e2f30
Fixed #24464 -- Made built-in HTML template filter functions escape their input by default.
...
This may cause some backwards compatibility issues, but may also
resolve security issues in third party projects that fail to heed warnings
in our documentation.
Thanks Markus Holtermann for help with tests and docs.
2015-03-09 09:29:58 -04:00
Tim Graham
9eab328444
Forwardported 1.7.6 release note.
2015-03-07 08:12:44 -05:00
Jean-Louis Fuchs
f4f0060fea
Fixed #24447 -- Made migrations add FK constraints for existing columns
...
When altering from e.g. an IntegerField to a ForeignKey, Django didn't
add a constraint.
2015-03-07 14:09:56 +01:00
Tim Graham
c36b60836b
Fixed #24451 -- Deprecated comma-separated {% cycle %} syntax.
2015-03-07 07:42:39 -05:00
Grzegorz Slusarek
668d53cd12
Fixed #21495 -- Added settings.CSRF_HEADER_NAME
2015-03-05 15:03:40 -05:00
Tim Graham
d61ebc8fed
Fixed #19538 -- Removed window.__admin_media_prefix__ from admin templates.
2015-03-05 06:44:16 -05:00
Preston Timmons
70123cf084
Fixed #24399 -- Made filesystem loaders use more specific exceptions.
2015-03-03 21:20:46 +01:00
Tim Graham
71820721a1
Added stub release notes for 1.7.6.
2015-02-25 09:11:19 -05:00
Tim Graham
aca73737da
Added release date for 1.7.5 release.
2015-02-25 08:47:11 -05:00
Tim Graham
d298b1ba50
Reverted "Fixed #24325 -- Documented change in ModelForm.save() foreign key access."
...
This reverts commit 0af3822dc3
.
It's obsoleted by refs #24395 .
2015-02-24 11:50:21 -05:00
Kenneth Kam
e83aba0e2c
Fixed #23762 -- clarified CACHE_MIDDLEWARE_ANONYMOUS_ONLY deprecation in docs
2015-02-23 09:23:07 -05:00
Emin Mastizada
dda2a3cf4c
Added formats for the Azerbaijani locale.
2015-02-23 07:37:13 -05:00
Michael Manfre
7fa7dd48c4
Fixed signature of BaseDatabaseOperations.date_interval_sql() and document the change.
2015-02-22 23:23:16 -05:00
Sean Wang
eba6dff581
Fixed #24358 -- Corrected code-block directives for console sessions.
2015-02-22 09:35:39 -05:00
Loic Bistuer
bed504d70b
Fixed #24351 , #24346 -- Changed the signature of allow_migrate().
...
The new signature enables better support for routing RunPython and
RunSQL operations, especially w.r.t. reusable and third-party apps.
This commit also takes advantage of the deprecation cycle for the old
signature to remove the backward incompatibility introduced in #22583 ;
RunPython and RunSQL won't call allow_migrate() when when the router
has the old signature.
Thanks Aymeric Augustin and Tim Graham for helping shape up the patch.
Refs 22583.
2015-02-20 21:34:09 +07:00
Tim Graham
dd0b487872
Fixed typo in path to is_safe_url()
2015-02-20 09:21:39 -05:00
Tim Graham
3adc5f1ee6
Fixed #24335 -- Bumped required psycopg2 version to 2.4.5 (2.5 for contrib.postgres).
2015-02-16 18:07:27 -05:00
Aymeric Augustin
15b711b5ee
Deprecated TEMPLATE_DEBUG setting.
2015-02-15 20:47:04 +01:00
Aymeric Augustin
76356d963c
Fixed #24318 -- Set the transaction isolation level with psycopg >= 2.4.2.
2015-02-14 18:51:11 +01:00
Tim Graham
0af3822dc3
Fixed #24325 -- Documented change in ModelForm.save() foreign key access.
2015-02-14 08:08:05 -05:00
Claude Paroz
1791a7e75a
Fixed #15779 -- Allowed 'add' primary key in admin edition
...
Thanks Marwan Alsabbagh for the report, and Simon Charette and
Tim Graham for the reviews.
2015-02-14 11:19:55 +01:00
Markus Holtermann
f287bec583
Fixed #24184 -- Prevented automatic soft-apply of migrations
...
Previously Django only checked for the table name in CreateModel
operations in initial migrations and faked the migration automatically.
This led to various errors and unexpected behavior. The newly introduced
--fake-initial flag to the migrate command must be passed to get the
same behavior again. With this change Django will bail out in with a
"duplicate relation / table" error instead.
Thanks Carl Meyer and Tim Graham for the documentation update, report
and review.
2015-02-13 14:29:59 +01:00
Loic Bistuer
00a889167f
Fixed #24295 -- Allowed ModelForm meta to specify form field classes.
...
Thanks Carl Meyer and Markus Holtermann for the reviews.
2015-02-13 19:13:05 +07:00
Tim Graham
e8cf4f8abe
Fixed #24332 -- Fixed contrib.sites create_default_site() when 'default' DATABASES is empty.
2015-02-13 07:01:28 -05:00
Tim Graham
a93c5fb2bf
Forwardported item in 1.7.5 release notes.
2015-02-12 14:05:52 -05:00
Josh Smeaton
1fbe8a2de3
Fixed #24200 -- Made introspection bypass statement cache
2015-02-10 23:24:34 +02:00
Markus Holtermann
2832a9b028
Revert "Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth"
...
This reverts commit 737d24923a
.
2015-02-07 20:14:49 +01:00
Loic Bistuer
71ada3a8e6
Fixed #6707 -- Added RelatedManager.set() and made descriptors' __set__ use it.
...
Thanks Anssi Kääriäinen, Carl Meyer, Collin Anderson, and Tim Graham for the reviews.
2015-02-05 12:45:08 +07:00
Preston Timmons
5bc5ddd8b5
Fixed #24235 -- Removed is_usable attribute from template loaders.
2015-02-04 07:47:28 -05:00
darkryder
9ec8aa5e5d
Fixed #24149 -- Normalized tuple settings to lists.
2015-02-03 14:59:45 -05:00
Preston Timmons
cd4282816d
Fixed #18651 -- Enabled optional assignments for simple_tag().
2015-02-03 10:44:33 -05:00
Anssi Kääriäinen
8adc59038c
Fixed #23617 -- Added get_pk_value_on_save()
...
The method is mainly intended for use with UUIDField. For UUIDField we
want to call the field's default even when primary key value is
explicitly set to None to match the behavior of AutoField.
Thanks to Marc Tamlyn and Tim Graham for review.
2015-02-03 09:23:44 -05:00
Tim Graham
75303b01a9
Fixed #24245 -- Added introspection for database defaults.
...
Needed for tests for migrations handling of database defaults.
2015-01-31 12:33:11 -05:00
Tim Graham
888054bff7
Fixed #24208 -- Documented changes in private model relations.
2015-01-31 11:01:55 -05:00
Claude Paroz
a0b5f15ea5
Fixed #14483 -- Allowed using subqueries with GIS lookups
2015-01-30 20:27:18 +01:00
Loic Bistuer
4c3bfe9053
Fixed #24211 -- Removed ValuesQuerySet() and ValuesListQuerySet().
...
Thanks Anssi Kääriäinen, Marc Tamlyn, and Tim Graham for the reviews.
2015-01-30 22:02:58 +07:00
Tim Graham
29c0073335
Fixed #24164 -- Fixed Oracle GIS limited aggregation test failure.
2015-01-30 06:28:47 -05:00
Jon Dufresne
24b2bc635e
Fixed #24137 -- Switched to HTTP reason phrases from Python stdlib.
2015-01-28 06:59:40 -05:00
Tim Graham
ac6033d883
Added stub 1.7.5 release notes.
2015-01-28 06:38:31 -05:00
Loic Bistuer
332139d23d
Fixed typo in docs. Thanks Berker.
2015-01-28 01:50:05 +07:00
Markus Holtermann
335df82a3f
Corrected naming of method and attribute
2015-01-27 19:45:52 +01:00
Tim Graham
6f8418089c
Added 1.4.19 release notes.
2015-01-27 11:48:04 -05:00
Loic Bistuer
728b6fd9ca
Fixed #24219 -- Moved SelectDateWidget together with the other widgets
...
and deprecated django.forms.extras.
Thanks Berker Peksag and Tim Graham for the reviews.
2015-01-27 22:40:02 +07:00
Markus Holtermann
da224d6be0
Refs #24104 -- Added missing release notes
...
Forwardport of 3d4a826174
from stable/1.7.x
2015-01-27 15:35:34 +01:00
seanwestfall
7a90b53d60
Fixed #24053 -- Removed admin CSS & images for IE6 & 7.
2015-01-27 07:48:11 -05:00
Josh Smeaton
e77c1bc181
Refs #24154 -- Added deprecation release notes
2015-01-27 15:30:59 +11:00
Florian Apolloner
16ee52d21d
Fixed #24205 -- Deprecated Signal.disconnect weak parameter.
2015-01-23 14:37:12 -05:00
Claude Paroz
f8e4e4a935
Fixed warning leak in static.serve() test
...
Partial forward port of b1bf8d64fb
from 1.7.x. Refs #24193 .
2015-01-23 09:09:48 +01:00
Fabio C. Barrionuevo da Luz
bd691f4586
Fixed #24177 -- Added documentation about database view support in inspectdb
2015-01-20 01:07:34 +01:00
Tim Graham
33457cd3b0
Removed IPAddressField per deprecation timeline; refs #20439 .
2015-01-19 11:12:57 -05:00
Markus Holtermann
5792e6a88c
Fixed #24163 -- Removed unique constraint after index on MySQL
...
Thanks Łukasz Harasimowicz for the report.
2015-01-19 16:52:26 +01:00
Tim Graham
8e435a5640
Added deprecation docs for legacy lookup support; refs #16187 .
2015-01-19 09:42:26 -05:00
Tim Graham
840f2bfae6
Copied additional items from deprecation timeline to 1.9 release notes.
2015-01-18 21:57:38 -05:00
Tim Graham
ecf109f215
Added missing items to deprecation timeline/1.7 release notes.
2015-01-18 21:23:06 -05:00
Tim Graham
89e9f81601
Clarified deprecation of forms.forms.get_declared_fields(); refs #19617 .
2015-01-18 16:06:56 -05:00
Tim Graham
7e8cf74dc7
Removed support for syncing apps without migrations per deprecation timeline.
...
Kept support for creating models without migrations when running tests
(especially for Django's test suite).
2015-01-18 15:58:06 -05:00
Tim Graham
7468c948b6
Clarified deprecation of test.utils.TestTemplateLoader.
2015-01-18 14:18:53 -05:00
Tim Graham
ba27f89587
Clarified a contrib.sites deprecation and added to 1.7 release notes.
2015-01-18 13:33:19 -05:00
Tim Graham
d029fafea1
Removed utils.module_loading.import_by_path() per deprecation timeline; refs #21674 .
2015-01-18 12:51:15 -05:00
Tim Graham
20e4e8fc79
Added removal of check management command to deprecation timeline.
2015-01-17 19:14:44 -05:00
Tim Graham
0622bca5d1
Removed the validate management command per deprecation timeline.
2015-01-17 19:12:03 -05:00
Tim Graham
4aa089a9a9
Removed support for custom SQL per deprecation timeline.
2015-01-17 10:16:06 -05:00
Collin Anderson
a420f83e7d
Fixed #24055 -- Keep reference to view class for resolve()
2015-01-17 22:09:10 +07:00
Tim Graham
d038c547b5
Removed django.core.cache.get_cache() per deprecation timeline; refs #21012 .
2015-01-17 09:55:18 -05:00
Tim Graham
f6463bb380
Removed the syncdb command per deprecation timeline.
2015-01-17 09:20:12 -05:00
Tim Graham
f4f24d30e0
Removed pre_syncdb and post_syncdb signals per deprecation timeline.
2015-01-17 09:07:00 -05:00
Tim Graham
c820892eed
Removed django.utils.datastructures.SortedDict per deprecation timeline.
2015-01-17 08:40:23 -05:00
Tim Graham
41f0d3d3bc
Removed FastCGI support per deprecation timeline; refs #20766 .
2015-01-17 08:32:31 -05:00
Tim Graham
c51258882b
Increased the default PBKDF2 iterations.
2015-01-16 19:27:10 -05:00
Tim Graham
3fe3bddc28
Added stub release notes for Django 1.9.
2015-01-16 18:00:45 -05:00
Jannis Leidel
a17724b791
Fixed the length of a headline in the 1.8 release notes.
...
This broke the website design in the sidebar because the line could not be wrapped.
2015-01-16 21:29:28 +01:00
Tim Graham
8e8daf7c9b
Removed empty sections in 1.8 minor features.
2015-01-16 14:41:05 -05:00
Claude Paroz
b4ac232907
Fixed #24099 -- Removed contenttype.name deprecated field
...
This finsishes the work started on #16803 .
Thanks Simon Charette, Tim Graham and Collin Anderson for the
reviews.
2015-01-16 20:21:34 +01:00
Claude Paroz
a79e6b6717
Fixed #24152 -- Deprecated GeoQuerySet aggregate methods
...
Thanks Josh Smeaton and Tim Graham for the reviews.
2015-01-16 19:53:02 +01:00
Tim Graham
28db4af80a
Fixed #24135 -- Made RenameModel rename many-to-many tables.
...
Thanks Simon and Markus for reviews.
2015-01-15 20:34:33 -05:00
Tim Graham
28308078f3
Fixed #22603 -- Reorganized classes in django.db.backends.
2015-01-14 14:16:20 -05:00
Markus Holtermann
737d24923a
Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth
...
Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.
2015-01-14 19:59:39 +01:00
Tim Graham
ec7ef5afbb
Added stub release notes for 1.7.4.
2015-01-14 09:47:29 -05:00