Jezeniel Zapanta
e8ad265ac8
Fixed #30732 -- Doc'd that SameSite cookies flags can affect xframe_options_exempt.
2019-09-23 15:09:37 +02:00
Mariusz Felisiak
343afa7880
Refs #29915 -- Doc'd limitation of using pattern lookups with UUIDField on PostgreSQL.
2019-09-23 08:24:00 +02:00
Mariusz Felisiak
28e769dfe6
Fixed typo in docs/ref/settings.txt.
2019-09-23 08:17:58 +02:00
Luke Plant
45304e444e
Refs #28622 -- Clarified security implications of PASSWORD_RESET_TIMEOUT.
2019-09-20 13:53:01 +02:00
Hasan Ramezani
226ebb1729
Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS.
2019-09-20 13:52:04 +02:00
Carlton Gibson
bae05bcf68
Fixed #27462 -- Clarifed pk_set difference in m2m_changed signal receivers for add() and remove().
...
Thank you to Mariusz Felisiak for review.
2019-09-19 11:34:59 +02:00
Daniel Fairhead
5cb3ed187b
Fixed #30772 -- Optimized make_template_fragment_key().
...
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc
.
Used hasher's .update() on key fragments.
2019-09-18 14:53:05 +02:00
Katie McLaughlin
44077985f5
Fixed #30775 -- Added admonition about missing imports to "Running tests" section in tutorial 5.
2019-09-16 09:40:44 +02:00
Simon Charette
6c3dfba892
Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation.
...
This was a regression introduced by 7deeabc7c7
to address CVE-2019-14234.
Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
2019-09-16 08:24:40 +02:00
Mariusz Felisiak
bd7e0f81f8
Added stub release notes for 1.11.25 and 2.1.13.
2019-09-16 07:37:47 +02:00
Claude Paroz
b8dff52f44
Fixed #29823 -- Doc'd limitation of DecimalField on SQLite.
2019-09-14 17:10:08 +02:00
Ben Falk
4056558a1c
Fixed typos in docs/ref/settings.txt.
2019-09-13 20:36:35 +02:00
Nick Pope
1c66767d4e
Refs #27910 -- Improved documentation for model field choice enumeration types.
2019-09-13 15:37:40 +02:00
Carlton Gibson
ea25bdc2b9
Added PBKDF2 hasher iteration increase to 3.0 release notes.
...
Refs 06670015f7
2019-09-12 17:24:01 +02:00
Carlton Gibson
b5db65c4fb
Increased the default PBKDF2 iterations for Django 3.1.
2019-09-12 17:24:01 +02:00
Carlton Gibson
4b63d45d54
Expanded notes on alphas in release How-to.
2019-09-12 10:35:19 +02:00
Mariusz Felisiak
9a2a12d415
Advanced deprecation warnings for Django 3.1.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
0ddb4ebf7b
Refs #14357 -- Made Meta.ordering not affect GROUP BY queries.
...
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
d17be88afd
Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
...
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
b61ea56789
Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
f1894bae30
Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
81993b47ea
Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
cb2be9d5d5
Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
3d716467a9
Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
b47bb4c4a7
Refs #29598 -- Removed FloatRangeField per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
416c584cab
Removed versionadded/changed annotations for 2.2.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak
32796826bb
Added stub release notes for 3.1.
2019-09-10 12:00:56 +02:00
Mariusz Felisiak
0f2f517298
Bumped version; master is now 3.1 pre-alpha.
2019-09-10 11:54:25 +02:00
Carlton Gibson
513f137cfd
Updated man page for 3.0 alpha release.
2019-09-10 10:10:50 +02:00
Simon Charette
34decdebf1
Fixed #30754 -- Prevented inclusion of aliases in partial index conditions.
...
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.
Thanks Pēteris Caune for the report.
2019-09-10 10:03:16 +02:00
Carlton Gibson
a624803514
Finalised release notes for 3.0 alpha release.
...
* Removed empty sections
* Corrected some typos and wrapping errors.
2019-09-10 09:58:42 +02:00
Vojtech Bocek
b1d37fea8f
Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models.
2019-09-09 14:04:46 +02:00
Vojtech Bocek
10d5e439e9
Refs #28107 -- Doc'd how to subclass an existing database engine.
2019-09-09 14:04:41 +02:00
Nick Pope
406dba04e1
Fixed #29406 -- Added support for Referrer-Policy header.
...
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Nick Pope
1edbb6c194
Refs #30426 -- Moved release notes into separate security section.
2019-09-09 13:35:31 +02:00
Nick Pope
fc62e16291
Standardized links for headers in security middleware documentation.
2019-09-09 13:35:17 +02:00
Johannes Hoppe
7254f1138d
Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL.
...
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
2019-09-09 10:51:14 +02:00
Nick Pope
b6251956b6
Fixed #30757 -- Added a system check to ensure max_length fits the longest choice.
2019-09-09 10:28:18 +02:00
Katie McLaughlin
fee75d2aed
Fixed #30767 -- Improved references to deployment documentation.
...
* Increased tocdepth to expose more complexity of topics.
* Ensured deployment checklist is linked on main doc page.
2019-09-09 10:02:33 +02:00
Claude Paroz
05d0eca635
Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.
2019-09-09 08:15:26 +02:00
Tobias Kunze
4a954cfd11
Fixed #30573 -- Rephrased documentation to avoid words that minimise the involved difficulty.
...
This patch does not remove all occurrences of the words in question.
Rather, I went through all of the occurrences of the words listed
below, and judged if they a) suggested the reader had some kind of
knowledge/experience, and b) if they added anything of value (including
tone of voice, etc). I left most of the words alone. I looked at the
following words:
- simply/simple
- easy/easier/easiest
- obvious
- just
- merely
- straightforward
- ridiculous
Thanks to Carlton Gibson for guidance on how to approach this issue, and
to Tim Bell for providing the idea. But the enormous lion's share of
thanks go to Adam Johnson for his patient and helpful review.
2019-09-06 13:27:46 +02:00
Mariusz Felisiak
350123f38c
Moved release note for refs #30158 from deprecated to backwards incompatible changes.
2019-09-05 15:56:52 +02:00
Mariusz Felisiak
053ff7e9e6
Fixed typo in docs/internals/contributing/writing-documentation.txt.
2019-09-05 14:06:46 +02:00
Carlton Gibson
ed2d411aa8
Refs #30573 -- Noted to avoid "simple" & co. in Writing Style guide.
...
Co-authored-by: Tobias Kunze <r@rixx.de>
2019-09-05 10:13:31 +02:00
Mariusz Felisiak
e2c6a0858d
Fixed #30750 -- Added support for check constraints on MySQL 8.0.16+.
2019-09-05 09:18:34 +02:00
Shai Berger
72ebe85a26
Fixed #27910 -- Added enumeration helpers for use in Field.choices.
...
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.
Additional properties make it easy to access the list of names, values
and display labels.
Thanks to the following for ideas and reviews:
Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.
Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-09-04 14:42:49 +02:00
Nasir Hussain
25706d7285
Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler.
2019-09-04 08:40:46 +02:00
Min ho Kim
3c6a4fdb6d
Changed example git clone URLs to use HTTPS.
2019-09-04 08:11:22 +02:00
Mariusz Felisiak
0d4529d314
Added stub release notes for 2.2.6.
2019-09-04 08:02:32 +02:00
Carlton Gibson
4f61810751
Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().
2019-09-02 15:32:23 +02:00
Mariusz Felisiak
47f49adc11
Added release dates for 2.2.5, 2.1.12, and 1.11.24.
2019-09-02 07:43:51 +02:00
Daria Kolodzey
3f8ee58ccc
Fixed #30738 -- Fixed typo in docs/ref/forms/widgets.txt.
...
Thanks Emmanuel Cazenave for the report.
2019-08-31 10:58:40 +02:00
Mariusz Felisiak
6201141b2c
Refs #30736 -- Added missing versionadded annotations for Storage.get_alternative_name().
...
Thanks Simon Charette for the report.
2019-08-31 07:19:19 +02:00
yukihira1992
0545781764
Fixed #30736 -- Added Storage.get_alternative_name() to allow customization.
2019-08-30 11:32:19 +02:00
Berker Peksag
400ec5125e
Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
Carlton Gibson
fa7ffc6cb3
Removed unneeded * markers from parameter names.
2019-08-29 12:49:16 +02:00
daniel a rios
b5a5c92c72
Fixed #30066 -- Enabled super user creation without email and password
2019-08-29 12:49:16 +02:00
Matthew Schinckel
4137fc2efc
Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude().
...
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.
Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.
Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
2019-08-29 09:45:29 +02:00
Andrew
29adcd215f
Fixed #30733 -- Doc'd that datetime lookups require time zone definitions in the database.
...
Note was missing for date, year, iso_year, week, time, hour, minute,
and second lookups.
2019-08-28 08:42:55 +02:00
Matthew Schinckel
dba749917f
Doc'd for_save argument of Expression.resolve_expression().
2019-08-27 16:54:01 +02:00
Hasan Ramezani
03dbdfd9bb
Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS.
2019-08-26 14:48:40 +02:00
Dulmandakh
06372a8d27
Fixed #30507 -- Updated admin's jQuery to 3.4.1.
2019-08-23 11:00:16 +02:00
Ali Mirlou
33b9b23bbb
Fixed typo in docs/ref/applications.txt.
2019-08-23 08:48:26 +02:00
Mads Jensen
85ac838d9e
Fixed #21039 -- Added AddIndexConcurrently/RemoveIndexConcurrently operations for PostgreSQL.
...
Thanks to Simon Charettes for review.
Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
2019-08-21 13:10:06 +02:00
François Freitag
9a88e43aeb
Fixed broken links and redirects in documentation.
...
Removed reference to custom builds, feature removed in
8e6b3bba99
.
2019-08-21 10:57:24 +02:00
Harrison88
1e429df748
Fixed #30695 -- Used relative path in default_storage docs example.
2019-08-20 12:01:10 +02:00
Dan Swain
cece802dbb
Corrected typo in search docs. ( #11673 )
2019-08-20 10:37:48 +02:00
Nick Pope
21e559495b
Fixed #29979 , Refs #17337 -- Extracted AutoField field logic into a mixin and refactored AutoFields.
...
This reduces duplication by allowing AutoField, BigAutoField and
SmallAutoField to inherit from IntegerField, BigIntegerField and
SmallIntegerField respectively. Doing so also allows for enabling the
max_length warning check and minimum/maximum value validation for auto
fields, as well as providing a mixin that can be used for other possible
future auto field types such as a theoretical UUIDAutoField.
2019-08-20 09:22:25 +02:00
Garry Polley
10528a81ed
Removed outdated examples of flatpages served sites.
...
Removing the lawrence journal flat page examples because one is no longer a web page (404) and the other is no longer served by Django: https://www.reddit.com/r/django/comments/8v0fpb/the_lawrence_journalworld_where_django_was/
2019-08-19 12:27:10 +02:00
Mariusz Felisiak
49aeabbf27
Fixed broken links and redirects to OGR library in docs.
2019-08-19 11:43:06 +02:00
bcye
ac34fccdb9
Fixed broken links to Dive Into Python 3 book.
2019-08-19 07:03:43 +02:00
Claude Paroz
d1c2e6dd04
Refs #28428 -- Made FileField.upload_to support pathlib.Path.
2019-08-18 20:34:58 +02:00
Claude Paroz
0468159763
Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True.
2019-08-18 13:17:49 +02:00
Claude Paroz
7203efb799
Fixed #30694 -- Documented FileResponse does not seek its file source.
2019-08-17 09:20:36 +02:00
Adnan Umer
6805c0f99f
Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231.
2019-08-16 15:25:42 +02:00
zeyneloz
00035672a4
Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering.
...
Regression in 6d4e5feb79
.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-08-15 10:29:05 +02:00
Mariusz Felisiak
1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params.
...
Regression in 4f5b58f5cd
.
Thanks Florian Apolloner for the report and helping with tests.
2019-08-14 15:25:35 +02:00
Claude Paroz
eed2e740f7
Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path.
...
Thanks Nikita Krokosh for the initial patch.
2019-08-13 19:44:10 +02:00
Akash Agrawal
c1b26c77a9
Fixed #30696 -- Removed obsolete mention of CheckConstraint in the AddConstraint docs.
...
Follow up to 8eae094638
.
2019-08-11 15:39:48 +02:00
Akash Agrawal
af08a54415
Fixed #30670 -- Doc'd SchemaEditor.add/remove_constraint().
2019-08-11 03:26:44 +02:00
Carlton Gibson
514efa3129
Fixed #30688 -- Clarified base_manager_name docs.
2019-08-09 10:08:06 +02:00
Adnan Umer
8d3519071e
Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning.
2019-08-08 21:14:06 +02:00
Andrew Godwin
052388aba4
Fixed #30676 -- Added --pdb option to test runner.
2019-08-07 08:16:31 +02:00
Adnan Umer
c5075360c5
Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting.
2019-08-05 18:44:08 +02:00
Mariusz Felisiak
1af469e67f
Added stub release notes for 2.2.5.
2019-08-02 20:32:21 +02:00
niauah
75f8264083
Corrected StreamingHttpResponse.streaming_content description in docs.
2019-08-02 16:37:49 +02:00
Nick Pope
194d1dfc18
Fixed #30661 -- Added models.SmallAutoField.
2019-08-02 11:39:01 +02:00
Carlton Gibson
a5652eb795
Added CVE-2019-14235 to security release archive.
2019-08-01 12:01:27 +02:00
Carlton Gibson
3a6a2f5eaf
Added CVE-2019-14234 to security release archive.
2019-08-01 11:59:45 +02:00
Carlton Gibson
9600f63885
Added CVE-2019-14233 to security release archive.
2019-08-01 11:57:24 +02:00
Carlton Gibson
87750787d1
Added CVE-2019-14232 to the security release archive.
2019-08-01 11:54:24 +02:00
Florian Apolloner
76ed1c49f8
Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Mariusz Felisiak
7deeabc7c7
Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
...
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
Florian Apolloner
4b78420d25
Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner
7f65974f82
Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Étienne Beaulé
5f24e7158e
Fixed #30665 -- Added support for distinct argument to Avg() and Sum().
2019-07-31 11:22:50 +02:00
Nick Pope
f618e033ac
Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands.
2019-07-31 10:02:13 +02:00
Nick Pope
1692f69e37
Refs #30160 -- Doc'd startapp/startproject support for tarfile templates.
2019-07-31 09:46:24 +02:00
Nick Pope
69a30f620e
Refs #30160 -- Simplified archive extension map and added other aliases.
2019-07-31 09:46:17 +02:00
daniel a rios
68aeb90160
Fixed #30656 -- Added QuerySet.bulk_update() to the database optimization docs.
2019-07-29 09:52:29 +02:00