Tim Graham
7ecd654497
Removed blank lines from docs/releases/security.txt
2015-01-13 14:37:30 -05:00
Tim Graham
cbbe6a6abb
Added dates to release notes.
2015-01-13 13:08:57 -05:00
Tim Graham
baf2542c4f
Fixed DoS possibility in ModelMultipleChoiceField.
...
This is a security fix. Disclosure following shortly.
Thanks Keryn Knight for the report and initial patch.
2015-01-13 13:03:06 -05:00
Tim Graham
a3bebfdc34
Ensured views.static.serve() doesn't use large memory on large files.
...
This issue was fixed in master by refs #24072 .
2015-01-13 13:03:06 -05:00
Tim Graham
69b5e66738
Fixed is_safe_url() to handle leading whitespace.
...
This is a security fix. Disclosure following shortly.
2015-01-13 13:03:06 -05:00
Carl Meyer
316b8d4974
Stripped headers containing underscores to prevent spoofing in WSGI environ.
...
This is a security fix. Disclosure following shortly.
Thanks to Jedediah Smith for the report.
2015-01-13 13:03:05 -05:00
Tim Graham
958aeda4b5
Added stub release notes for security releases.
2015-01-13 13:03:05 -05:00
Collin Anderson
e7771ec380
Fixed bad model example in admin docs.
2015-01-13 11:53:03 -05:00
Michał Modzelewski
65246de7b1
Fixed #24031 -- Added CASE expressions to the ORM.
2015-01-12 18:15:34 -05:00
Tim Graham
5d7217dce3
Fixed typo in docs/release/1.8.txt & added word for spelling check.
2015-01-12 17:53:32 -05:00
Josh Smeaton
21b858cb67
Fixed #24060 -- Added OrderBy Expressions
2015-01-13 09:39:55 +11:00
Claude Paroz
f48e2258a9
Fixed #24133 -- Replaced formatting syntax in success_url placeholders
...
Thanks Laurent Payot for the report, and Markus Holtermann, Tim Graham
for the reviews.
2015-01-12 22:51:22 +01:00
Aymeric Augustin
79deb6a071
Accounted for multiple template engines in template responses.
2015-01-12 21:01:34 +01:00
Aymeric Augustin
a3e783fe11
Deprecated passing a Context to a generic Template.render.
...
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.
test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
2015-01-12 21:01:34 +01:00
Collin Anderson
26a92619f6
Fixed #24124 -- Changed context_processors in the default settings.py
2015-01-12 13:17:44 -05:00
Ng Zhi An
8f5d6c77b6
Fixed #23878 -- Moved Query and Prefetch documentation
2015-01-12 11:35:20 -05:00
Pavel Shpilev
a7c256cb54
Fixed #9893 -- Allowed using a field's max_length in the Storage.
2015-01-12 09:09:18 -05:00
Marc Tamlyn
b5c1a85b50
Fixed #24118 -- Added --debug-sql option for tests.
...
Added a --debug-sql option for tests and runtests.py which outputs the
SQL logger for failing tests. When combined with --verbosity=2, it also
outputs the SQL for passing tests.
Thanks to Berker, Tim, Markus, Shai, Josh and Anssi for review and
discussion.
2015-01-12 08:16:08 +00:00
Ola Sitarska
d563e3be68
Fixed #23913 -- Deprecated the `=` comparison in `if` template tag.
2015-01-11 15:21:01 -05:00
Tim Graham
28de5cd4de
Fixed spelling errors in docs.
2015-01-11 13:24:13 -05:00
Markus Holtermann
be158e3625
Refs #24110 -- Added a more descriptive release note and fixed a spelling mistake.
2015-01-11 00:30:47 +01:00
Markus Holtermann
fdc2cc9487
Fixed #24110 -- Rewrote migration unapply to preserve intermediate states
2015-01-10 23:14:15 +01:00
Aymeric Augustin
d89019a84d
Improved template ugrading docs.
...
Recommending Template(template_code) was dumb. Described alternatives.
2015-01-10 21:11:58 +01:00
Aymeric Augustin
f01306a6d8
Updated templates API reference.
...
Accounted for multiple template engines and made a few small fixes.
2015-01-10 20:17:22 +01:00
Aymeric Augustin
4797af2bb8
Updated custom template tags how-to.
...
Accounted for multiple template engines and made a few small fixes.
2015-01-10 20:17:22 +01:00
Aymeric Augustin
3d495cfd77
Added release notes and upgrade instructions for templates.
2015-01-10 20:17:20 +01:00
Aymeric Augustin
ee8d5b91e9
Wrote main documentation for templates.
2015-01-10 20:16:19 +01:00
Aymeric Augustin
6c392bb2c0
Moved doc on the DTL's syntax to the ref/ section.
...
This makes room for a more general introduction about templating.
Updated some links to point to the new location, but kept those that
didn't talk specifically about the DTL.
2015-01-10 19:41:14 +01:00
Simon Charette
07988744b3
Fixed #13165 -- Added edit and delete links to admin foreign key widgets.
...
Thanks to Collin Anderson for the review and suggestions and Tim for the
final review.
2015-01-10 12:24:52 -05:00
Marc Tamlyn
48ad288679
Fixed #24001 -- Added range fields for PostgreSQL.
...
Added support for PostgreSQL range types to contrib.postgres.
- 5 new model fields
- 4 new form fields
- New validators
- Uses psycopg2's range type implementation in python
2015-01-10 16:18:19 +00:00
Serafeim Papastefanos
74f02557e0
Fixed #23967 -- Added formats for Greek
2015-01-10 11:10:26 -05:00
Claude Paroz
d7bc37d611
Fixed #24097 -- Prevented AttributeError in redirect_to_login
...
Thanks Peter Schmidt for the report and the initial patch.
Thanks to Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
2015-01-10 10:05:02 +01:00
Josh Smeaton
f5c3a8bff5
Added Josh Smeaton bio to team
2015-01-10 13:48:37 +11:00
Markus Holtermann
e174cce9dc
Added my bio to the core team.
2015-01-10 00:53:09 +01:00
Tim Graham
7102b99653
Added best practices for versionadded/changed annotations.
2015-01-09 13:23:29 -05:00
Loic Bistuer
8f4877c89d
Fixed #22583 -- Allowed RunPython and RunSQL to provide hints to the db router.
...
Thanks Markus Holtermann and Tim Graham for the review.
2015-01-10 00:30:48 +07:00
Markus Holtermann
c8bac4b556
Fixed #24098 -- Added no-op attributes to RunPython and RunSQL
...
Thanks Loïc Bistuer and Tim Graham for the discussion and review.
2015-01-09 10:31:32 -05:00
Tim Graham
67d6a8c4e6
Fixed #24108 -- Updated Wilson's bio due to new Django Project Web site design.
2015-01-09 10:25:57 -05:00
Thomas Chaumeny
8fb7a0987c
Fixed a typo in 1.8 release notes.
2015-01-09 07:38:11 -05:00
Sylvain Fankhauser
c1493879d9
Fixed a typo in 1.8 release notes.
2015-01-08 16:02:18 -05:00
Tim Graham
13e4156518
Fixed a typo in 1.8 release notes.
2015-01-08 15:12:40 -05:00
Anssi Kääriäinen
0c7633178f
Fixed #24020 -- Refactored SQL compiler to use expressions
...
Refactored compiler SELECT, GROUP BY and ORDER BY generation.
While there, also refactored select_related() implementation
(get_cached_row() and get_klass_info() are now gone!).
Made get_db_converters() method work on expressions instead of
internal_type. This allows the backend converters to target
specific expressions if need be.
Added query.context, this can be used to set per-query state.
Also changed the signature of database converters. They now accept
context as an argument.
2015-01-08 14:07:54 -05:00
Claude Paroz
543df07720
Fixed #24073 -- Returned None for get_language when translations are deactivated
...
This fixes a regression caused by f7c287fca9
. Thanks Markus Holtermann
for identifying the regression.
2015-01-08 17:43:07 +01:00
Aymeric Augustin
eaa1a22341
Added a request argument to render_to_string.
...
This is for consistency with Template.render.
It adds a little bit of knowledge about HTTP requests in
django.template.loader but I think consistency trumps purity.
2015-01-07 21:54:22 +01:00
Claude Paroz
f7c287fca9
Fixed #24073 -- Deactivated translations when leave_locale_alone is False
...
Thanks Tim Graham and Markus Holtermann for the reviews.
2015-01-07 20:11:24 +01:00
Claude Paroz
2c0f64b5f6
Updated migration docs to match changes from a159b1fac
2015-01-07 20:10:30 +01:00
Josh Smeaton
5a4ac4ead9
Fixed #24078 -- Removed empty strings from GenericIPAddressField
2015-01-07 08:08:36 -05:00
Tim Graham
9b057b51ce
Added 'loopback' to spelling word list.
2015-01-06 20:02:03 -05:00
Daniel Pyrathon
fb48eb0581
Fixed #12663 -- Formalized the Model._meta API for retrieving fields.
...
Thanks to Russell Keith-Magee for mentoring this Google Summer of
Code 2014 project and everyone else who helped with the patch!
2015-01-06 19:25:12 -05:00
Danilo Bargen
2e65d56156
Fixed #20003 -- Improved and extended URLValidator
...
This adds support for authentication data (`user:password`) in URLs,
IPv6 addresses, and unicode domains.
The test suite has been improved by adding test URLs from
http://mathiasbynens.be/demo/url-regex (with a few adjustments,
like allowing local and reserved IPs).
The previous URL validation regex failed this test suite on 13
occasions, the validator was updated based on
https://gist.github.com/dperini/729294 .
2015-01-06 14:04:25 -05:00
Tim Graham
6288fccfda
Updated release instructions with latest process.
2015-01-06 13:51:19 -05:00
Claude Paroz
e0080cf577
Fixed #24083 -- Corrected is_bound nature in forms topic docs
...
Thanks ajenhl Trac user for the report.
2015-01-06 08:56:53 +01:00
Claude Paroz
27dd7e7271
Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware
...
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
2015-01-06 08:42:58 +01:00
Preston Timmons
de9ebdd39c
Fixed #24022 -- Deprecated the ssi tag.
2015-01-05 19:35:02 -05:00
Tim Graham
ce17b045bf
Added 1.4.18 release notes.
2015-01-05 14:24:34 -05:00
Tim Graham
c87ee41954
Fixed #23861 -- Added an API to deprecate model fields.
...
Thanks Markus Holterman and Berker Peksag for review.
2015-01-05 11:35:36 -05:00
Claude Paroz
6e1c9c6568
Fixed #8280 -- Allowed management command discovery for eggs
...
Thanks jdetaeye for the report, bhuztez and jdetaeye for the
initial patches, Tim Graham and Berker Peksag for the reviews.
2015-01-05 17:19:35 +01:00
Tim Graham
d94fe42ae5
Forwardported release note for 4aed731154
.
2015-01-05 10:55:48 -05:00
Collin Anderson
3d2cae0896
Fixed #24072 -- Added FileResponse for streaming binary files.
2015-01-05 10:51:52 -05:00
Tim Graham
572ad9a92e
Added release note for PBKDF2 iteration count increase.
...
refs 6732566967
2015-01-03 13:43:13 -05:00
Tim Graham
439f15beab
Added 1.7.3 release notes stub.
2015-01-03 13:27:08 -05:00
Alfred Perlstein
db3f7c15cb
Fixed #23749 -- Documented how to use the database alias in RunPython.
...
Thanks Markus Holtermann for review and feedback.
2015-01-03 12:06:40 -05:00
Bibhas
b738178825
Fixed #24070 -- Added tutorial topics to doc index.
2015-01-03 08:48:31 -05:00
Tim Graham
15cd71ed24
Added dates to release notes.
2015-01-02 19:20:18 -05:00
Tim Graham
52f0b2b622
Updated six to 1.9.0.
2015-01-02 12:35:41 -05:00
Andriy Sokolovskiy
23f1a8dad2
Added return value to Signal.disconnect().
2015-01-02 12:00:41 -05:00
Daniel Pyrathon
8958170755
Fixed #9104 -- Moved FieldDoesNotExist to core.exceptions
2015-01-02 10:46:04 -05:00
Tim Graham
f60c35cddc
Removed release note for refs #23891 as the backport proved too difficult.
2015-01-01 13:59:38 -05:00
Tim Graham
40a8504357
Fixed #23891 -- Moved deprecation of IPAddressField to system check framework.
...
Thanks Markus Holtermann for review.
2015-01-01 13:30:52 -05:00
Tim Graham
a7aaabfaf1
Removed doc note about PasswordResetForm requiring an integer PK.
...
This limitation was lifted in refs #14881 .
2015-01-01 11:38:53 -05:00
Tim Graham
e80f59e3bb
Added showmigrations to spelling wordlist.
2015-01-01 09:18:57 -05:00
Tim Graham
c4e796aa1b
Fixed typo in docs/ref/contrib/admin/index.txt.
2015-01-01 08:18:39 -05:00
Tim Graham
b4bdd5262b
Fixed #23366 -- Fixed a crash with the migrate --list command.
2014-12-31 17:26:15 -05:00
Thomas Tanner
46068d850d
Fixed #22295 -- Replaced permission check for displaying admin user-tools
2014-12-31 16:31:59 -05:00
Andrey Maslov
7a878ca5cb
Fixed #24008 -- Fixed ValidationError crash with list of dicts.
2014-12-31 14:43:13 -05:00
Markus Holtermann
a1487deebf
Fixed #23359 -- Added showmigrations command to list migrations and plan.
...
Thanks to Collin Anderson, Tim Graham, Gabe Jackson, and Marc Tamlyn
for their input, ideas, and review.
2014-12-31 14:14:28 -05:00
Tim Graham
09bce0b2cb
Fixed #22340 -- Removed DatabaseCreation deprecation from timeline.
2014-12-31 09:37:13 -05:00
Piotr Pawlaczek
41fc1c0b5e
Fixed #23758 -- Allowed more than 5 levels of subqueries
...
Refactored bump_prefix() to avoid infinite loop and allow more than
than 5 subquires by extending the alphabet to use multi-letters.
2014-12-31 08:48:28 -05:00
Tim Graham
93d73dac91
Moved DatabaseCreation.data_types properties to DatabaseWrapper.
...
refs #22340 .
2014-12-31 08:29:17 -05:00
Claude Paroz
66f9a74b45
Added ignore_warnings decorator
...
And removed Ignore*DeprecationWarningsMixin, now obsolete.
Thanks Berker Peksag and Tim Graham for the review.
2014-12-30 18:16:25 +01:00
Tim Graham
d7fc6eb8ca
Revert "Updated some docs for the delayed deprecation of legacy table creation; refs #22340."
...
This reverts commit a2e3c96948
.
The deprecation was moved back to 1.9 in
61da5f3f02
.
2014-12-30 11:50:50 -05:00
Andriy Sokolovskiy
8c99b7920e
Fixed #12118 -- Added shared cache support to SQLite in-memory testing.
2014-12-30 10:14:33 -05:00
Tim Graham
ab4f709da4
Fixed #23581 -- Prevented extraneous DROP DEFAULT statements.
...
Thanks john_scott for the report and Markus Holtermann for review.
2014-12-30 07:54:05 -05:00
Tim Graham
2d63889365
Removed release note for refs #23938 as it couldn't be backported to 1.7.
2014-12-29 15:38:16 -05:00
Markus Holtermann
623ccdd598
Fixed #23938 -- Added migration support for m2m to concrete fields and vice versa
...
Thanks to Michael D. Hoyle for the report and Tim Graham for the review.
2014-12-29 13:41:12 -05:00
Claude Paroz
1d24f073e6
Fixed #21255 -- Closed connections after management command ran
...
Thanks kabakov.as@gmail.com for the report, and Aymeric Augustin,
Simon Charette for the reviews.
2014-12-29 19:02:45 +01:00
Florian Apolloner
1ee9507eb3
Fixed a vesionadded directive.
2014-12-29 10:22:19 +01:00
Aymeric Augustin
9eb4f28e89
Deprecated TEMPLATE_CONTEXT_PROCESSORS.
2014-12-28 17:02:31 +01:00
Aymeric Augustin
d3205e3e2e
Deprecated TEMPLATE_DIRS.
2014-12-28 17:02:30 +01:00
Aymeric Augustin
cf0fd65ed4
Deprecated TEMPLATE_LOADERS.
2014-12-28 17:02:30 +01:00
Aymeric Augustin
d3a982556d
Deprecated TEMPLATE_STRING_IF_INVALID.
2014-12-28 17:02:30 +01:00
Aymeric Augustin
3dc01aaaaf
Deprecated ALLOWED_INCLUDE_ROOTS.
2014-12-28 17:02:30 +01:00
Aymeric Augustin
cf1f36bb6e
Deprecated current_app in TemplateResponse and render(_to_response).
2014-12-28 17:02:29 +01:00
Aymeric Augustin
fdbfc98003
Deprecated some arguments of django.shortcuts.render(_to_response).
...
dictionary and context_instance and superseded by context.
Refactored tests that relied context_instance with more modern idioms.
2014-12-28 17:02:29 +01:00
Aymeric Augustin
92e8f1f302
Moved context_processors from django.core to django.template.
2014-12-28 17:00:07 +01:00
Aymeric Augustin
90805b240f
Supported multiple template engines in render_to_string.
...
Adjusted its API through a deprecation path according to the DEP.
2014-12-28 16:23:02 +01:00
Aymeric Augustin
f50a09f2cd
Removed private API get_template_from_string.
...
It wasn't documented and it wasn't used anywhere.
2014-12-28 16:23:01 +01:00
Aymeric Augustin
5523e4cdbb
Removed private API find_template.
...
It wasn't documented and it wasn't used anywhere, except in a few tests
that don't test it specifically and can be rewritten with get_template.
2014-12-28 16:23:01 +01:00
Aymeric Augustin
1acfd624d6
Added initial support for loading template engines.
2014-12-28 16:08:31 +01:00
Aymeric Augustin
7eefdbf7ab
Cleaned up the django.template namespace.
...
Since this package is going to hold both the implementation of the Django
Template Language and the infrastructure for Multiple Template Engines,
it should be untied from the DTL as much as possible within our
backwards-compatibility policy.
Only public APIs (i.e. APIs mentioned in the documentation) were left.
2014-12-28 14:47:31 +01:00