2015-05-01 22:51:26 +02:00
|
|
|
|
==========================
|
|
|
|
|
Django 1.8.2 release notes
|
|
|
|
|
==========================
|
|
|
|
|
|
2015-05-20 18:38:21 +02:00
|
|
|
|
*May 20, 2015*
|
2015-05-01 22:51:26 +02:00
|
|
|
|
|
2015-05-11 15:58:43 +02:00
|
|
|
|
Django 1.8.2 fixes a security issue and several bugs in 1.8.1.
|
|
|
|
|
|
|
|
|
|
Fixed session flushing in the ``cached_db`` backend
|
|
|
|
|
===================================================
|
|
|
|
|
|
|
|
|
|
A change to ``session.flush()`` in the ``cached_db`` session backend in Django
|
|
|
|
|
1.8 mistakenly sets the session key to an empty string rather than ``None``. An
|
|
|
|
|
empty string is treated as a valid session key and the session cookie is set
|
|
|
|
|
accordingly. Any users with an empty string in their session cookie will use
|
|
|
|
|
the same session store. ``session.flush()`` is called by
|
|
|
|
|
``django.contrib.auth.logout()`` and, more seriously, by
|
|
|
|
|
``django.contrib.auth.login()`` when a user switches accounts. If a user is
|
|
|
|
|
logged in and logs in again to a different account (without logging out) the
|
|
|
|
|
session is flushed to avoid reuse. After the session is flushed (and its
|
|
|
|
|
session key becomes ``''``) the account details are set on the session and the
|
|
|
|
|
session is saved. Any users with an empty string in their session cookie will
|
|
|
|
|
now be logged into that account.
|
2015-05-01 22:51:26 +02:00
|
|
|
|
|
|
|
|
|
Bugfixes
|
|
|
|
|
========
|
|
|
|
|
|
2015-05-04 16:55:03 +02:00
|
|
|
|
* Fixed check for template engine alias uniqueness (:ticket:`24685`).
|
2015-05-05 13:11:58 +02:00
|
|
|
|
|
|
|
|
|
* Fixed crash when reusing the same ``Case`` instance in a query
|
|
|
|
|
(:ticket:`24752`).
|
2015-05-11 09:02:41 +02:00
|
|
|
|
|
|
|
|
|
* Corrected join promotion for ``Case`` expressions. For example, annotating a
|
|
|
|
|
query with a ``Case`` expression could unexpectedly filter out results
|
|
|
|
|
(:ticket:`24766`).
|
2015-05-05 13:44:33 +02:00
|
|
|
|
|
2015-05-19 13:49:00 +02:00
|
|
|
|
* Fixed negated ``Q`` objects in expressions. Cases like
|
|
|
|
|
``Case(When(~Q(friends__age__lte=30)))`` tried to generate a subquery which
|
|
|
|
|
resulted in a crash (:ticket:`24705`).
|
|
|
|
|
|
2015-05-05 13:44:33 +02:00
|
|
|
|
* Fixed incorrect GROUP BY clause generation on MySQL when the query's model
|
|
|
|
|
has a self-referential foreign key (:ticket:`24748`).
|
2015-05-12 23:04:56 +02:00
|
|
|
|
|
|
|
|
|
* Implemented ``ForeignKey.get_db_prep_value()`` so that ``ForeignKey``\s
|
|
|
|
|
pointing to :class:`~django.db.models.UUIDField` and inheritance on models
|
|
|
|
|
with ``UUIDField`` primary keys work correctly (:ticket:`24698`,
|
|
|
|
|
:ticket:`24712`).
|
2015-05-13 15:52:19 +02:00
|
|
|
|
|
|
|
|
|
* Fixed ``isnull`` lookup for ``HStoreField`` (:ticket:`24751`).
|
2015-05-13 17:40:57 +02:00
|
|
|
|
|
|
|
|
|
* Fixed a MySQL crash when a migration removes a combined index (unique_together
|
|
|
|
|
or index_together) containing a foreign key (:ticket:`24757`).
|
2015-05-14 08:22:42 +02:00
|
|
|
|
|
|
|
|
|
* Fixed session cookie deletion when using :setting:`SESSION_COOKIE_DOMAIN`
|
|
|
|
|
(:ticket:`24799`).
|
2015-05-14 19:27:31 +02:00
|
|
|
|
|
|
|
|
|
* On PostgreSQL, when no access is granted for the ``postgres`` database,
|
|
|
|
|
Django now falls back to the default database when it normally requires a
|
|
|
|
|
"no database" connection (:ticket:`24791`).
|
2015-05-18 13:53:41 +02:00
|
|
|
|
|
|
|
|
|
* Fixed display of ``contrib.admin``’s ``ForeignKey`` widget when it's used
|
|
|
|
|
in a row with other fields (:ticket:`24784`).
|