Commit Graph

15973 Commits

Author SHA1 Message Date
Curtis Maloney 4e9f800742 Fixed #21125 -- Removed support for cache URI syntax 2013-09-19 10:01:39 -04:00
Tim Graham 7fec5a2240 Fixed #7557 -- Added type checking to Variable initialization.
Thanks tobias for the suggestion and boblefrag and saz for work on the
patch.
2013-09-19 09:27:19 -04:00
Tim Graham 55b9bff07f Added __pycache__ to gitignore 2013-09-19 06:37:23 -04:00
Tim Graham e23de9e350 Fixed typo in exception message; refs #19414
Thanks Alexey Boriskin for the report.
2013-09-19 06:24:12 -04:00
Russell Keith-Magee 9d3e60aa3e Reworked security issue list to be per-issue, not per-release. 2013-09-19 14:57:01 +08:00
Russell Keith-Magee 8e134c27c9 Corrected markup problems in new security summary page. 2013-09-19 13:57:02 +08:00
Alex Gaynor 8b3bae9466 Fixed two typos in the docs 2013-09-18 23:29:55 -05:00
Alex Gaynor c65ae7c969 Fixed a typo in the docs 2013-09-18 23:26:24 -05:00
Russell Keith-Magee bbabc5325c Merge pull request #1641 from ubernostrum/security-issues-docs-21121
Fix #21121: Add archive of security issues.
2013-09-18 21:19:06 -07:00
James Bennett a2e25e8a83 Fix #21121: Add archive of security issues. 2013-09-18 23:13:04 -05:00
Brian Holdefehr 98514849dc Fixed #19414 -- Added admin registration decorator
Thanks stavros for the suggestion.
2013-09-18 11:44:10 -04:00
Tim Graham d1c9802811 Fixed #21116 -- Made usage of manage.py in docs more consistent.
Thanks daniel.quattro at gmail.com for the report.
2013-09-18 10:35:41 -04:00
Tim Graham 2daada800f Fixed #21098 -- Applied sensitive_post_parameters to MultiValueDict
Thanks simonpercivall for the report and bmispelon for the review.
2013-09-18 09:48:36 -04:00
Tim Graham 4f40b97d97 Fixed #21118 -- Isolated a test that uses the database.
Thanks rmboggs for the report.
2013-09-18 09:42:47 -04:00
Berker Peksag 2f0566fa61 Fixed #4278 -- Added a dirs parameter to a few functions to override TEMPLATE_DIRS.
* django.template.loader.get_template()
* django.template.loader.select_template()
* django.shortcuts.render()
* django.shortcuts.render_to_response()

Thanks amcnabb for the suggestion.
2013-09-18 07:37:08 -04:00
Tim Graham 893198509e Fixed #15625 -- Made message in MultiValueDictKeyError less verbose.
Thanks margieroginski for the suggestion.
2013-09-18 06:44:38 -04:00
Anssi Kääriäinen 50633e7353 Fixed #12568 -- no error when accessing custom field's descriptor
The SubfieldBase's descriptor caused an AttributeError when accessed
from the class. Introspection didn't like that.

Patch by Trac alias supervacuo.
2013-09-18 10:03:52 +03:00
Tim Graham 5be56d0e0d Fixed #21024 -- Documented how to deprecate a feature. 2013-09-17 13:23:32 -04:00
Markus Holtermann a772ea8117 Fixed #21115 -- Fixed NameError in migrate --list command 2013-09-17 12:53:59 -04:00
Florian Apolloner 2c6079775e Destroy selenium before live server threads.
Ensure that selenium quits before the live server thread to
prevent occasional hangs when killing the live server.
2013-09-17 18:39:25 +02:00
Markus Holtermann 5a424c2393 Fixed #21114 -- Migrations must not have a dependency to themselves. 2013-09-17 11:47:19 -04:00
Florian Apolloner 73a610d2a8 Final attempt to solve sporadic test failures.
tearDownClass is not called if setUpClass throws an exception, in our case
this means that LiveServerTestCase leaks LiveServerThread sockets if the
test happens to be skipped later on, and AdminSeleniumWebDriverTestCase
doesn't close it's already open browser window. To prevent this leakage
we catch errors where needed and manually call _tearDownClassInternal.
_tearDownClassInternal should be written as defensively as possible since
it is not allowed to make any assumptions on how far setUpClass got.

This patch should fix the sporadic "Address already in use"-errors on jenkins
and also the "This code isn't under transaction management"-error for sqlite
(also just on jenkins).

After discussion with koniiiik, jezdez, kmtracey, tos9, lifeless, nedbat and
voidspace it was decided that this is the safest approach (thanks to everyone
for their comments and help). Manually calling tearDownClass was shut down
cause we don't know how our users override our classes.

This is a private and very specialized API on purpose and should not be used
without a strong reason!

This patch partially reverts the earlier attempts to fix those issues,
namely:
	2fa0dd73b1 and
	3c5775d36f

Final note: If this patch breaks in a later version of Django, please be
very careful on how you fix it, you might not see test failures locally.
That said, this patch hopefully doesn't produce even more failures.
2013-09-17 16:41:01 +02:00
Beshr Kayali 8e04ad9fc2 Added Arabic mapping to contrib/admin/static/admin/js/urlify.js 2013-09-17 10:34:12 -04:00
Simon Charette f5f662fa5f Fixed #21112 -- Make sure sitemaps with no lastmod date work correctly.
Thanks to Matthias Kestenholz for the report and patch.
2013-09-17 10:21:11 -04:00
Anssi Kääriäinen 9400142132 Fixed #21109 -- made db cursor error wrapping faster 2013-09-17 12:18:55 +03:00
Aymeric Augustin 5abc43cabf Updated examples in the docs after eade315d. 2013-09-17 10:05:45 +02:00
Ramiro Morales 9d12f68a53 Reworded a paragraph in the logging docs. 2013-09-16 17:49:46 -03:00
Tim Graham 1234225068 Fixed test failures introduced in previous commit. 2013-09-16 13:12:50 -04:00
Tim Graham f40c82213f Added backwards compatability shims for util modules.
refs #17627
2013-09-16 12:53:42 -04:00
Tim Graham 18ffdb1772 Fixed #17627 -- Renamed util.py files to utils.py
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Tim Graham 8d29005524 Cleaned up 1.5.4/1.4.8 release notes 2013-09-15 14:14:26 -04:00
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Florian Apolloner 351a061497 Fixed a timing edge case in the RelatedFieldWidgetSeleniumFirefoxTests.
By settings an implicit wait timeout for the find_* methods we can wait
till the javascript code add the new option to the DOM.

See http://ci.djangoproject.com/job/Django/database=mysql_gis,python=python3.3/3174/testReport/junit/admin_widgets.tests/RelatedFieldWidgetSeleniumFirefoxTests/test_foreign_key_using_to_field/

Stacktrace:
Traceback (most recent call last):
  File "/var/lib/jenkins/jobs/Django/workspace/database/mysql_gis/python/python3.3/tests/admin_widgets/tests.py", line 1060, in test_foreign_key_using_to_field
      self.assertEqual(username_value, new_option.get_attribute('value'))
      AssertionError: 'newuser' != 'testser'
      - newuser
      + testser
2013-09-15 01:11:07 +02:00
Florian Apolloner 2fa0dd73b1 Fixed error handling in 3c5775d36f for non-operational webdrivers. 2013-09-14 23:24:48 +02:00
Florian Apolloner 3c5775d36f Delayed initialization of Selenium webdrivers.
If setUpClass throws an exception (in this case "Address already in use" if the
super call can't find any open port to bind too) tearDownClass is not called.
This results in open browser windows from the webdriver, hence we only construct
it once we are sure there is no code afterwards which could error out.
2013-09-14 22:58:30 +02:00
Alex Gaynor bac86ad1a3 REmoved some unused imports 2013-09-14 12:34:57 -07:00
Alex Gaynor 5c645ec81a Merge branch 'master' of https://github.com/django/django 2013-09-14 12:32:45 -07:00
Alex Gaynor 496b4d0331 Removed an import * that was masking importing stuff from the wrong location 2013-09-14 12:32:25 -07:00
Anssi Kääriäinen ff723d894d Fixed #20950 -- Instantiate OrderedDict() only when needed
The use of OrderedDict (even an empty one) was surprisingly slow. By
initializing OrderedDict only when needed it is possible to save
non-trivial amount of computing time (Model.save() is around 30% faster
for example).

This commit targetted sql.Query only, there are likely other places
which could use similar optimizations.
2013-09-14 20:52:17 +03:00
Tim Graham 886bb9d878 Revert "Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique"
This reverts commit c1ec08998d.

There are backwards compatability concerns with this.
2013-09-14 07:19:32 -04:00
Anssi Kääriäinen 74b91b3888 Added tests for double-pickling a QuerySet
Refs #21102.
2013-09-14 10:33:15 +03:00
Michael Manfre c89d80e2cc Fixed #21097 - Added DatabaseFeature.can_introspect_autofield 2013-09-14 09:48:59 +03:00
Juan Catalano 6feb75129f Fixed #21060 -- Refactored admin's autodiscover method to make it reusable.
We want to be able to use it for instance for discovering `tasks.py` modules
inside the INSTALLED_APPS.

This commit therefore moves the logic to `autodiscover_modules` method in
django.utils.module_loading.
2013-09-13 20:09:41 -04:00
Goetz 39b49fd339 Fixed #21101 -- Updated urlize documentation to mention email addresses 2013-09-13 12:42:06 -04:00
Tim Graham ec89e1725a Fixed #21100 -- Noted that Create/UpdateViews.fields is new in 1.6
Thanks AndrewIngram for the suggestion.
2013-09-13 09:34:12 -04:00
Tim Graham e4aab1bb8d Fixed #21094 -- Updated reuseable apps tutorial to use pip for installation.
Thanks ylb415 at gmail.com for the suggestion.
2013-09-13 09:29:21 -04:00
Kevin Christopher Henry 990ce9aab9 Documentation -- added instructions on working with pull requests
Since non-core contributors are asked to review patches, instructions
on working with pull requests were added to the Working with Git and
GitHub page (based on the existing instructions in the core
committers page).
2013-09-13 08:26:46 -04:00
e0ne c1ec08998d Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique 2013-09-13 08:09:21 -04:00
Daniel Sokolowski ad6fcdb8d2 Fixed #20844 -- Made AdminEmailHandler respect LOGGING 'formatter' setting. 2013-09-13 07:27:54 -04:00
Matt Austin 9451d8d558 Fixed #21095 -- Documented new requirement for dates lookups.
Day, month, and week_day lookups now require time zone definitions in the database.
2013-09-13 09:56:19 +02:00