Commit Graph

10445 Commits

Author SHA1 Message Date
Tim Graham 97b7dd59bb Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
Thanks James Davis for suggesting the fix.
2018-03-06 08:30:40 -05:00
Tim Graham 8618271caa Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
Thanks Florian Apolloner for assisting with the patch.
2018-03-06 08:30:40 -05:00
Tim Graham 4d2a2c83c7 Added stub release notes for security releases. 2018-03-06 08:30:34 -05:00
jblang94 84398897a7 Improved clarity of docs/topics/install.txt. 2018-03-05 10:17:23 -05:00
Patryk Zawadzki a20aae414e Fixed #29144 -- Made untranslated strings for territorial language variants use translations from the generic language variant. 2018-03-03 12:08:24 -05:00
Daniel Hahler 939e0a5995 Fixed typo in docs/topics/forms/media.txt. 2018-03-02 14:47:47 -05:00
Christophe Mehay 40bac28faa Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. 2018-03-02 11:32:53 -05:00
Tim Graham 4c02e3cda3 Refs #27728 -- Made cosmetic edits to admin template tag template overriding. 2018-03-01 11:45:08 -05:00
Tomáš Ehrlich fa352626c2 Fixed #29172 -- Fixed crash with Window expression in a subquery. 2018-03-01 10:24:14 -05:00
Claude Paroz 75527c0f83 Updated translations from Transifex
Forward port of 2126e9317e from stable/2.0.x.
2018-02-28 20:06:52 +01:00
Mariusz Felisiak 54f80430be
Fixed #29166 -- Fixed crash in When() expression with a list argument.
Thanks Matthew Pava for the report and Tim Graham and Carlton Gibson for
reviews.
Regression in 19b2dfd1bf.
2018-02-28 18:05:23 +01:00
Raffaele Salmaso 5cc28dc752 Fixed #27728 -- Allowed overriding admin templatetags templates. 2018-02-28 08:49:40 +01:00
René Fleschenberg 6e52e2554d Fixed incorrect regex in re_path() example. 2018-02-26 19:57:52 -05:00
Tim Graham 5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS. 2018-02-26 09:05:18 -05:00
Srinivas Reddy Thatiparthy (శ్రీనివాస్ రెడ్డి తాటిపర్తి) c4fa0143f7 Removed "Remove any old versions of Django" install instructions.
They are obsolete given the prevalence of pip.
2018-02-26 08:58:56 -05:00
Becky Smith 8116e588db Fixed #17962 -- Added ModelAdmin.get_deleted_objects(). 2018-02-24 20:41:43 -05:00
Sebastian Sangervasi 7905815510 Fixed #27449 -- Added django.utils.translation.get_supported_language_variant(). 2018-02-23 14:49:00 -05:00
bobort f82de6bfb1 Refs #28643 -- Added Ord, Chr, Left, and Right database functions. 2018-02-23 10:23:22 -05:00
Jon Dufresne f5c6fc045a Added backticks around obj argument in admin docs. 2018-02-22 11:15:04 -05:00
Roger Erens a94fd8a8d9 Used a CSS positioning in tutorial 6 that doesn't differ across browsers.
Otherwise in Firefox, the <html> and <body> elements take just as much height
is needed for the content and so the image doesn't appear at the bottom of the
window.
2018-02-21 12:07:24 -05:00
Sebastian Sangervasi 5c4c87e55c Changed "language-code" to the more commonly used "language code". 2018-02-21 09:31:05 -05:00
Seohong Park 9716860596 Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. 2018-02-20 21:31:30 -05:00
Tim Graham 548f78ba46
Removed redundant lookup name in register_lookup() calls. 2018-02-19 13:12:13 -05:00
Dylan Verheul 9b1125bfc7 Fixed #28379 -- Made AccessMixin raise Permissiondenied for authenticated users. 2018-02-16 13:58:55 -05:00
Andreas Pelme e307ff29d2 Fixed #27810 -- Allowed query expressions in admin_order_field. 2018-02-15 21:00:31 -05:00
Tim Graham e917ea6bec Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. 2018-02-15 13:17:37 -05:00
Tim Graham b95c49c954 Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. 2018-02-12 14:52:32 -05:00
Carlton Gibson 43b148f41f Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. 2018-02-12 09:42:56 -05:00
Tim Graham d63c00a428 Corrected doc'd type of some parameters from string to str. 2018-02-12 09:16:57 -05:00
Stanislav Karpov 6d794fb762 Fixed #28960 -- Added GEOSGeometry.buffer_with_style(). 2018-02-10 19:45:58 -05:00
Matthew Wilkes 2162f0983d Fixed #24747 -- Allowed transforms in QuerySet.order_by() and distinct(*fields). 2018-02-10 19:08:55 -05:00
Raphael Gaschignard bf26f66029 Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). 2018-02-10 18:35:57 -05:00
Manatsawin Hanmongkolchai 1a1264f149 Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. 2018-02-10 16:05:41 -05:00
Tim Graham ff61a25081
Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. 2018-02-08 10:10:28 -05:00
Simon Charette d61fe24601 Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets.
Regression in 4acae21846.
Thanks Stephen Brooks for the report.
2018-02-08 09:59:25 -05:00
Sergey Fedoseev 01bfa9219b Fixed typo in bulk_create() documentation. 2018-02-08 10:33:45 +01:00
Jonas Haag 8c709d79cb Fixed #17419 -- Added json_tag template filter. 2018-02-07 18:38:12 -05:00
Alexander Gaevsky ef2512b2ff Fixed #25790 -- Allowed disable column sorting in the admin changelist.
Thanks Ramiro Morales for completing the patch.
2018-02-07 17:46:28 -05:00
Mariusz Felisiak 34b52f8572
Renamed the allow_sliced_subqueries database feature to allow_sliced_subqueries_with_in.
After 0899d583bd this database feature is
false only on MySQL which doesn't support sliced subqueries only with
IN/ALL/ANY/SOME.
2018-02-07 08:27:47 +01:00
Nick Sarbicki 47268242b0 Fixed #29082 -- Allowed the test client to encode JSON request data. 2018-02-06 18:29:04 -05:00
Tom 272f685794 Fixed #27999 -- Added test client support for HTTP 307 and 308 redirects. 2018-02-06 09:03:43 -05:00
Simon Charette 7515e1f3fc Added stub release notes for 2.0.3. 2018-02-05 10:12:47 -05:00
Raffaele Salmaso da3df5b878 Fixed #8500 -- Allowed overriding the default admin site instance. 2018-02-03 18:51:10 -05:00
Tim Graham 66119ed642 Added CVE-2018-6188 to the security release archive. 2018-02-01 10:14:17 -05:00
Tim Graham af33fb250e Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.
Reverted 359370a8b8 (refs #28645).

This is a security fix.
2018-02-01 09:05:14 -05:00
Tim Graham 552abffab1 Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields.
Regression in 2f9861d823.

Thanks Carel Burger for the report and fix.
2018-02-01 08:36:36 -05:00
Chris Hasbrouck 92fe161e69 Made minor edits and corrections to docs/internals/git.txt. 2018-01-31 13:04:19 -05:00
Rodrigo 4fe0e619e7 Disambiguated "settings" in SpatiaLite note. 2018-01-31 12:20:24 -05:00
Rodrigo 9817add9e0 Doc'd specifying the ENGINE setting as part of configuring contrib.gis. 2018-01-31 12:09:26 -05:00
Rodrigo 7c5cf33127 Fixed location of spatialite_source label. 2018-01-31 11:27:55 -05:00