fb3540d6a4
Removed obsolete, unused option 'hide_empty' from loaddata command.
...
Unused since 67235fd4ef
2016-03-01 19:48:32 -05:00
8c42cf0cbd
Fixed #26303 -- Updated links to mod_wsgi docs.
2016-03-01 19:22:32 -05:00
33db899a21
Fixed #25814 -- Added changing #django topic to release checklist.
2016-03-01 13:02:03 -05:00
2e895d2870
Added stub release notes for 1.9.4.
2016-03-01 12:39:01 -05:00
24fc935218
Added CVE-2016-2512/2513 to security release archive.
2016-03-01 12:32:42 -05:00
67b46ba701
Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
c5544d2892
Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
f43291639b
Added stub release notes for security issues.
2016-03-01 11:25:28 -05:00
fe8ea3ba3b
Fixed #26217 -- Added a warning about format strings to WeekArchiveView docs.
2016-03-01 10:29:52 -05:00
a1b1688c7d
Fixed #26165 -- Added some FAQs about CSRF protection.
...
Thanks Florian Apolloner and Shai Berger for review.
2016-03-01 08:45:05 -05:00
11a8207d42
Fixed typos in docs/ref/models/meta.txt.
2016-03-01 08:33:27 -05:00
65bd053f11
Fixed #26229 -- Improved check for model admin check admin.E124
...
Refs #22792
2016-03-01 08:20:14 -05:00
0223e213dd
Fixed #26186 -- Documented how app relative relationships of abstract models behave.
...
This partially reverts commit bc7d201bdb#25858 .
2016-02-29 22:07:05 -05:00
eac1423f9e
Removed obsolete test CreatesuperuserManagementCommandTestCase.test_nolocale.
...
Test was added in 4c934f3921
2016-02-29 08:46:37 -05:00
6a383f773a
Removed unused 'Between' lookup.
...
It was added in 20bab2cf9d00aa562884
2016-02-29 08:00:04 -05:00
72e5778b23
Minor fixes for release-process doc fix
...
As suggested by Tim Graham
2016-02-28 19:30:18 +02:00
3dd4e9203a
Fixed docs: release-process, Supported Versions section, concrete example
...
Security & data loss fixes are applied to the two last feature releases,
not just one.
Thanks Loic Bistuer for review
2016-02-28 18:44:47 +02:00
b84f5ab4ec
Fixed #26230 -- Made default_related_name affect related_query_name.
2016-02-27 08:48:32 -05:00
5fb9756eba
Fixed #26275 -- Noted difference between o and Y date format chars.
2016-02-27 08:05:12 -05:00
5e2c4d7afb
Fixed #26264 -- Fixed prefetch_related() crashes with values_list(flat=True)
2016-02-26 19:26:15 -05:00
3389c5ea22
Fixed #21608 -- Prevented logged out sessions being resurrected by concurrent requests.
...
Thanks Simon Charette for the review.
2016-02-26 18:56:56 -05:00
3938b3ccaa
Fixed #26286 -- Prevented content type managers from sharing their cache.
...
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.
Thanks Tim for the review.
Refs #23822 .
2016-02-26 16:18:16 -05:00
b9519b2730
Added 'prefetches to docs/spelling_wordlist.
2016-02-26 16:06:34 -05:00
ef33bc2d4d
Fixed #25279 -- Made prefetch_related_objects() public.
2016-02-26 14:55:01 -05:00
d5f89ff6e8
Fixed #24974 -- Fixed inheritance of formfield_callback for modelform_factory forms.
2016-02-26 12:27:27 -05:00
766afc22a1
Fixed #24793 -- Unified temporal difference support.
2016-02-26 12:25:12 -05:00
31098e3288
Used setUpTestData for the timedelta expression tests.
2016-02-26 12:25:12 -05:00
65aa94200b
Fixed #24653 -- Fixed MySQL database introspection when using read_default_file.
2016-02-26 12:02:13 -05:00
62ea86448e
Cleaned up session backends tests.
...
Made SessionTestsMixin backend agnostic and removed code obsoleted by the test
discovery refactor.
2016-02-26 11:22:33 -05:00
8890c533e0
Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template.
2016-02-26 08:02:10 -05:00
eb44172760
Fixed #25811 -- Added a helpful error when making _in queries across different databases.
2016-02-26 07:31:56 -05:00
7fec264e46
Removed try/fail antipattern from model_options tests.
2016-02-25 20:04:51 -05:00
bbe136e1a2
Fixed #26231 -- Used .get_username in admin login template.
2016-02-25 19:29:53 -05:00
ee69789f45
Fixed #26269 -- Prohibited spaces in is_valid_ipv6_address().
2016-02-25 18:52:50 -05:00
22d2a5b00a
Corrected a run on sentence in doc/topics/db/models.txt.
2016-02-25 14:22:41 -05:00
4b1529e2cb
Fixed #26151 -- Refactored MigrationWriter.serialize()
...
Thanks Markus Holtermann for review.
2016-02-25 14:01:06 -05:00
fc584f0685
Fixed #26117 -- Consulted database routers in initial migration detection.
...
Thanks Simon Charette for help.
2016-02-25 09:56:00 -05:00
1f8cfcf3b4
Fixed #26278 -- Clarified apps.ready docs.
2016-02-25 08:55:10 -05:00
7a7e403325
Refs #26270 -- Reorganized TestCase docs.
2016-02-25 07:58:22 -05:00
10781b4c6f
Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
...
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.
Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
4c18a8a378
Fixed #14098 -- Prevented crash for introspection errors in inspectdb
...
Thanks Tim Graham for the review.
2016-02-25 08:43:56 +01:00
441c537b66
Fixed a function signature in docs/topics/auth/default.txt.
2016-02-24 16:24:33 -05:00
8ad7b8118c
Used addCleanup() to call recorder.flush() in migration loader tests.
2016-02-24 11:22:09 -05:00
c5517b9e74
Fixed #26266 -- Output the primary key in the GeoJSON serializer properties
...
Thanks Tim Graham for the review.
2016-02-24 16:10:46 +01:00
6637cd0ef2
Removed docs of deprecated SimpleTestCase warnings behavior.
...
Removed in Django 1.7 (4f6be9a0c4
2016-02-24 09:57:39 -05:00
b412681359
Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets.
2016-02-24 07:02:51 -05:00
1ff6e37de4
Fixed #23832 -- Added timezone aware Storage API.
...
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
2016-02-23 18:51:43 -05:00
eda306f1ce
Fixed #26232 -- Fixed Popen mocking environment in i18n tests
...
Refs #25925 . Thanks Jeroen Pulles for the report.
2016-02-23 20:06:18 +01:00
c30086159d
Used setupTestData in prefetch_related tests.
2016-02-23 13:53:58 -05:00
7f6fbc906a
Prevented static file corruption when URL fragment contains '..'.
...
When running collectstatic with a hashing static file storage backend,
URLs referencing other files were normalized with posixpath.normpath.
This could corrupt URLs: for example 'a.css#b/../c' became just 'c'.
Normalization seems to be an artifact of the historical implementation.
It contained a home-grown implementation of posixpath.join which relied
on counting occurrences of .. and /, so multiple / had to be collapsed.
The new implementation introduced in the previous commit doesn't suffer
from this issue. So it seems safe to remove the normalization.
There was a test for this normalization behavior but I don't think it's
a good test. Django shouldn't modify CSS that way. If a developer has
rendundant /s, it's mostly an aesthetic issue and it isn't Django's job
to fix it. Conversely, if the user wants a series of /s, perhaps in the
URL fragment, Django shouldn't destroy it.
Refs #26249 .
2016-02-23 19:35:16 +01:00
Jon Dufresne
Alasdair Nicol
Tim Graham
Florian Apolloner
Mark Striemer
Michal Petrucha
acemaster
Taranjeet
Simon Charette
Adam Chainz
Shai Berger
chenesan
inondle
Attila Tovt
Tore Lundqvist
Yoong Kang Lim
zshimanchik
Ivan Tsouvarev
Edwar Baron
Sjoerd Job Postmus
Nick Malakhov
Scott Sexton
Olivier Le Thanh Duong
Claude Paroz
James Aylett
Aymeric Augustin