Commit Graph

17732 Commits

Author SHA1 Message Date
Alex Gaynor 58176dee88 Use the stdlib's compare_digest for constant time comparisons when available 2014-04-22 14:45:00 -07:00
Tim Graham 9fb95dfc9f Added 1.6.4 release note stub. 2014-04-22 11:44:03 -04:00
Florian Apolloner f286721f7f Fixed #22426 -- Added support old-style d.c.messages format.
Forward ported code from 1.5 that adds backwards compatibility with legacy message length.
See commit 9e7183073f for details.

Thanks to Ofir Ovadia for the initial patch.
2014-04-22 10:46:18 +02:00
Erik Romijn c07f3e60c2 Added information on resolved security issues to release notes. 2014-04-21 18:11:26 -04:00
Erik Romijn 75c0d4ea3a Fixed queries that may return unexpected results on MySQL due to typecasting.
This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Aymeric Augustin c083e3815a Prevented leaking the CSRF token through caching.
This is a security fix. Disclosure will follow shortly.
2014-04-21 18:11:26 -04:00
Tim Graham 8b93b31487 Fixed a remote code execution vulnerabilty in URL reversing.
Thanks Benjamin Bach for the report and initial patch.

This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Claude Paroz ab90c4707b Fixed table cleanup in GIS migration tests 2014-04-21 23:08:00 +02:00
Claude Paroz 1667e736a7 Fixed PostGIS remove_field implementation
Fixed bad code introduced in 2f9d1576e8.
2014-04-21 22:42:11 +02:00
Claude Paroz 2f9d1576e8 Fixed removal of GIS column in PostGIS 1.x migration
Refs #22481.
2014-04-21 21:17:14 +02:00
Claude Paroz fb09a489ca Fixed adding new GIS column in PostGIS 1.x migration
Refs #22451.
2014-04-21 20:58:09 +02:00
Matt Lauber b2514c02e1 Corrected the section identifier for MySQL unicode reference. 2014-04-21 13:19:46 -04:00
Aymeric Augustin c54e7ec9ca Merge pull request #2592 from prestontimmons/remove-test-runner-cases
Removed old test runner test cases.
2014-04-21 18:06:19 +02:00
Florian Apolloner 405b13fe83 Fixed migrate when called inside a transaction.
This is useful for tests manually calling migrate inside a testcase,
for normal usage this should make no difference, since there is no
surrounding transaction after all. If there is one we still try to
leave the transaction in a useable state (for postgres at least).

If this commit turns out to be causing issues, settings savepoint=False
is probably the right fix :)
2014-04-21 15:37:12 +02:00
Florian Apolloner a4553e0510 Fixed monkeypatching in a staticfiles test. 2014-04-21 14:51:52 +02:00
Aymeric Augustin 428c0bbe1b Appeased flake8 2.1.0. 2014-04-21 12:27:34 +02:00
Aymeric Augustin df3b1a01c7 Consolidated expressions tests. 2014-04-21 12:15:04 +02:00
Aymeric Augustin 25b2ce896b Consolidated get_or_create tests. 2014-04-21 12:12:09 +02:00
Aymeric Augustin 3f01e82c59 Further consolidated the model_inheritance tests. 2014-04-21 11:50:53 +02:00
Aymeric Augustin 3f76339355 Fixed #22402 -- Consolidated model_inheritance tests.
The model_inheritance_same_model_name tests couldn't be run without the
model_inheritance tests. Make the problem go away by merging them.

Thanks timo for the report.
2014-04-21 11:43:08 +02:00
Preston Timmons 251e833c75 Removed old test runner test cases.
These files were added as part of #12658, which pertained to the old django.test.simple test runner. No tests call them anymore.
2014-04-20 22:00:39 -05:00
Tim Graham 471fb04a30 Fixed flake8 errors. 2014-04-20 13:08:04 -04:00
Aymeric Augustin bbe818b23c Changed paths in docs that referred to Python 2. 2014-04-20 08:34:01 +02:00
Tim Graham 1b3a3fc1e4 Fixed #22417 -- Added additional documentation for refs #16969.
Thanks Jon Foster for the report.
2014-04-19 21:39:08 -04:00
Andrew Gorcester 956bd64424 Fixed #22397 -- Issues removing M2M field with explicit through model
Changed the migration autodetector to remove models last so that FK
and M2M fields will not be left as dangling references. Added a check
in the migration state renderer to error out in the presence of
dangling references instead of leaving them as strings. Fixed a bug
in the sqlite backend to handle the deletion of M2M fields with
"through" models properly (i.e., do nothing successfully).

Thanks to melinath for report, loic for tests and andrewgodwin and
charettes for assistance with architecture.
2014-04-18 16:44:47 -04:00
Tim Graham 26d118c3fe Moved RemoteUserBackend documentation to reference guide. 2014-04-18 16:06:26 -04:00
Moayad Mardini 11ac50b18e Fixed #22458 -- Added a note about MySQL utf8_unicode_ci collation
Thanks tobami at gmail.com for the report.
2014-04-18 15:10:21 -04:00
Tim Graham b43bbd6d39 Fixed #22473 -- Emphasized that Model.clean() is not called from Model.save(). 2014-04-18 15:00:26 -04:00
Claude Paroz 275811a93c Adapted fixture read mode to file type
Binary mode added in ed532a6a1e is not supported by ZipFile.
Refs #22399.
2014-04-18 18:54:46 +02:00
Tim Graham 6b2ce38c49 Fixed #22472 -- Clarified meaning of dots in tutorial 4 code block. 2014-04-18 12:10:46 -04:00
Claude Paroz ed532a6a1e Fixed #22399 -- Forced fixture reading in binary mode
This might help on systems where default encoding is not UTF-8 (and
on Python 3).
Thanks bacilla for the report.
2014-04-18 17:55:35 +02:00
Tim Graham c2b269df6e Added some missing items to the 1.6.3 release notes. 2014-04-18 10:32:14 -04:00
Erik Romijn 54d5c37de6 Fixed #22471 -- Corrected misprint in i18n docs
Thanks to aruseni for the report.
2014-04-18 15:05:18 +02:00
Tim Graham dc7bc42cce Added missing versionadded annotation and tweaked release note; refs #22465. 2014-04-18 07:18:15 -04:00
amatellanes 8394e570ba Fixed #22465 -- New assertion assertJSONNotEqual 2014-04-18 15:11:08 +07:00
Simon Charette 9bc377d7d0 Fixed a test failure introduced by 214d1e1b0f. 2014-04-18 02:30:40 -04:00
Alex Gaynor f293063c20 Merge pull request #2586 from mmardini/patch-2
Fixed #22464 - included contrib/gis/static in tarball
2014-04-17 23:04:52 -07:00
Moayad Mardini bad4721b45 Fixed #22464 - included contrib/gis/static in tarball
After switching to setuptools in commit 66f546b,
contrib/gis/static isn't included in tarball anymore, this commit adds
that path to be `recursive-include` in `MANIFEST.in`
2014-04-18 08:00:41 +02:00
Simon Charette 0d397e5a5b Revert "Fixed #22397 -- Issues removing M2M field with explicit through model."
This reverts commit 00e3b9a2a9.

It's causing a regression when tested with the proxy_model_inheritance tests.
2014-04-18 01:27:30 -04:00
Moayad Mardini 214d1e1b0f Fixed #22454 - Changed compatibility warning hint
The warning hint of `_check_test_runner` of 1.6 compatibility had a link
to a general release note. The link should be edited to refer the
relevant "Backwards incompatible changes in 1.6" section that documents
the cause and the possible solutions and workarounds of the warning.
2014-04-17 20:41:25 -04:00
Tim Graham a4acb80463 Fixed #22444 -- Marked initial SQL/fixture loading as deprecated.
Thanks Karen Tracey for the report.
2014-04-17 20:36:52 -04:00
Tim Graham 11e30b684d Fixed a KeyError on login with legacy sessions; refs #21649.
Thanks Loic for the report.
2014-04-17 19:57:20 -04:00
Donald Stufft ecff136f69 Merge pull request #2582 from alex/stdlib-pbkdf2hmac
Use the stdlib's PBKDF2 implementation when available.
2014-04-17 16:01:17 -04:00
Donald Stufft 438e6fe63d Merge pull request #2583 from alex/extras-bcrypt
Include an 'extra_requires' for bcrypt
2014-04-17 15:59:37 -04:00
Claude Paroz 3cea917e3e Confirmed support for PostGIS 2.1 and GDAL 1.10
Refs #22456.
2014-04-17 21:23:14 +02:00
Claude Paroz c082f3c74c Fixed #22456 -- Replaced 900913 EPSG code by 3857 in some tests
3857 is now the official EPSG code for the Google spherical mercator
projection and some recent versions of GDAL do not recognize 900913
any longer.
Thanks Tim Graham for the report and initial patch.
2014-04-17 21:18:07 +02:00
Alex Gaynor 0e27882b3a Stray paren 2014-04-17 11:29:07 -07:00
Alex Gaynor 464b98b1fe Include an 'extra_requires' for bcrypt 2014-04-17 11:28:09 -07:00
Alex Gaynor 7283c21173 For another day 2014-04-17 11:07:19 -07:00
Alex Gaynor 21a1fddcc4 Typo fix 2014-04-17 11:04:57 -07:00