0
0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Commit Graph

29844 Commits

Author SHA1 Message Date
Mariusz Felisiak
8feb2a49fa Added CVE-2021-35042 to security archive. 2021-07-01 09:57:08 +02:00
Mariusz Felisiak
bcea1a3193 Added stub release notes for Django 3.2.6. 2021-07-01 09:43:15 +02:00
Mariusz Felisiak
dae83a2451 Forwardported release notes for CVE-2021-35042. 2021-07-01 09:42:54 +02:00
Daniele Procida
62988afbea Refs #32880 -- Renamed/reordered logging topic sections.
Moved sections so that how-to type material is all together, and
renamed headings so it's clearer what those sections are about, in
anticipation of creating a separate how-to document and expanding
the material.
2021-07-01 07:30:53 +02:00
Daniele Procida
261ca6ce2e Removed trailing whitespace in logging topic. 2021-07-01 07:12:56 +02:00
Mariusz Felisiak
8e97698d7b Added stub release notes for 3.1.13 and release date for 3.2.5. 2021-07-01 06:52:41 +02:00
Thomas Guettler
775f7506d7 Fixed #32850 -- Doc'd Sitemap.paginator. 2021-06-30 20:11:49 +02:00
Hannes Ljungberg
d8c90d4c22 Fixed #32786 -- Moved subquery ordering clearing optimization to the _in lookup.
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2021-06-30 10:08:55 +02:00
Hannes Ljungberg
053141d31f Refs #32786 -- Made Query.clear_ordering() not to cause side effects by default. 2021-06-30 08:52:27 +02:00
Chris Jerdonek
43d1ea6e2f Refs #32885 -- Used _read_csrf_cookie()/_set_csrf_cookie() in more CSRF tests. 2021-06-30 07:48:15 +02:00
Chris Jerdonek
abc8795632 Fixed #32885 -- Removed cookie-based token specific logic from CsrfViewMiddlewareTestMixin. 2021-06-30 07:48:15 +02:00
Daniele Procida
e3d55eeb14 Refs #32880 -- Moved logging reference to new document.
Completed a first step in moving reference and how-to material out of
the topic document.
2021-06-30 07:21:52 +02:00
Chris Jerdonek
8bca838f4a Refs #32655 -- Improved error if iter_test_cases() is passed a string. 2021-06-29 20:41:40 +02:00
Mariusz Felisiak
5371ad1d14
Refs #26430 -- Added tests for PostgreSQL-specific aggregates on EmptyQuerySets and used subTest(). 2021-06-29 20:23:59 +02:00
manav014
503ee41497 Refs #29898 -- Moved state_forwards()'s logic from migration operations to ProjectState.
Thanks Simon Charette and Markus Holtermann for reviews.
2021-06-29 12:03:30 +02:00
Chris Jerdonek
594d6e9407 Refs #32843 -- Added CsrfViewMiddlewareTestMixin._get_csrf_cookie_request() hook. 2021-06-29 08:56:13 +02:00
Chris Jerdonek
c8439d1dba Refs #32843 -- Added method/cookie arguments to CsrfViewMiddlewareTestMixin._get_request().
This also removes unnecessary test hooks.
2021-06-29 08:56:13 +02:00
Chris Jerdonek
6bccb64347 Refs #32843 -- Moved _get_GET_csrf_cookie_request() to CsrfViewMiddlewareTestMixin. 2021-06-29 08:56:05 +02:00
Chris Jerdonek
4397d2bd6b Fixed #32843 -- Ensured the CSRF tests' _get_GET_csrf_cookie_request() sets the request method. 2021-06-29 08:14:25 +02:00
Lou Huang
7ba9da815d
Fixed #32884 -- Fixed centering of the header on admin login page. 2021-06-29 07:41:52 +02:00
abhiabhi94
cd124295d8 Fixed #32381 -- Made QuerySet.bulk_update() return the number of objects updated.
Co-authored-by: Diego Lima <diego.lima@lais.huol.ufrn.br>
2021-06-29 06:58:46 +02:00
Daniele Procida
d79be3ed39 Refs #32880 -- Rearranged logging security notes.
Expanded security notes and moved them under a new explanation heading
of their own for future reference and expansion.

Removed specific reference to Sentry since there are multiple
third-party services that fulfill that role.
2021-06-28 11:46:37 +02:00
Dan Strokirk
f5ea9aa2f3 Fixed #32807 -- Fixed JSONField crash when redisplaying None values.
Thanks to Alex Hill for the initial patch.
2021-06-28 11:02:08 +02:00
Nick Pope
66af94d56e Removed unnecessary json.loads() call in test_json_agg_empty(). 2021-06-28 09:22:23 +02:00
Nick Pope
e8e8e207e7 Ensured that empty result test for JSONBAgg executes a query.
Use of QuerySet.none() will cause the EmptyQuerySet aggregation
optimisation to be used. Change the test to be implemented like the
other tests for empty results in this file.
2021-06-28 09:21:57 +02:00
Nick Pope
1aca9fc7d2 Corrected test method and variable names for JSONBAgg.
This is probably a hangover from when the aggregate function was
originally called JSONAgg during development.
2021-06-28 09:17:34 +02:00
Chris Jerdonek
5e60c3943b Refs #32800 -- Added CsrfViewMiddleware tests for all combinations of masked/unmasked cookies and tokens. 2021-06-28 08:31:30 +02:00
Chris Jerdonek
defa8d3d87 Refs #32800 -- Made CsrfViewMiddlewareTestMixin._csrf_id_cookie and _csrf_id_token different.
This also renames CsrfViewMiddlewareTestMixin._csrf_id to _csrf_id_token.
2021-06-28 08:09:53 +02:00
Chris Jerdonek
2523c32d50 Refs #32800 -- Eliminated the need for separate _get_POST_bare_secret() methods. 2021-06-28 08:08:43 +02:00
Chris Jerdonek
c8108591b9 Refs #32800 -- Added to csrf_tests/tests.py the unmasked version of the secret.
This also adds tests that the secret is correct, and updates existing
tests to use the value.
2021-06-28 07:59:22 +02:00
Claude Paroz
495083e3e1 Updated translations from Transifex.
Forwardport of 04b744050f from stable/3.2.x.
2021-06-28 07:08:39 +02:00
Daniele Procida
e9fbd73480 Refs #32880 -- Improved some how-to notes in logging topic. 2021-06-26 13:39:07 +02:00
Mateo Radman
8a7ac78b70 Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code. 2021-06-25 06:55:47 +02:00
Daniele Procida
64839512a6
Refs #32880 -- Improved some headings and text in logging topic. 2021-06-24 13:41:56 +02:00
Mariusz Felisiak
27e156fa31
Fixed ResourceWarning in test_client.tests.ClientTest.test_uploading_named_temp_file(). 2021-06-24 11:47:29 +02:00
Ben Wilber
fff4870bfa Fixed #32727 -- Allowed spaces before time zone offset in parse_datetime(). 2021-06-24 10:07:55 +02:00
Chris Jerdonek
fcb75651f9 Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages. 2021-06-23 16:07:15 +02:00
Chris Jerdonek
1a284afb07 Refs #32817 -- Added tests for bad CSRF token provided via X-CSRFToken or custom header. 2021-06-23 16:07:07 +02:00
Chris Jerdonek
6837bd68a4 Refs #32817 -- Added post_token/meta_token/token_header arguments to _get_POST_csrf_cookie_request(). 2021-06-23 16:07:07 +02:00
Chris Jerdonek
999402f142 Refs #32817 -- Combined the bad-or-missing CSRF token tests. 2021-06-23 16:07:07 +02:00
Peter Inglesby
1bbb98d9a4 Fixed #32363 -- Ensured sys.__interactivehook__ is called in shell
By default, this means that readline is properly registered, so that
.python_history is used.

sys.__interactivehook__ may be set by a $PYTHONSTARTUP file.
2021-06-23 14:53:41 +02:00
tomhamiltonstubber
1e5aa8e1c7 Fixed #32790 -- Ensured test Client handles redirects to domain indexes without a specified trailing slash. 2021-06-23 12:32:29 +02:00
Adam Johnson
d54059ebce
Removed options parameter from djangoAdminSelect2.
It seems this parameter has never been used internally, so to avoid
exposing a large surface area in the admin, remove it. As discussed in:
https://groups.google.com/g/django-developers/c/G-fDkNxhxsE/m/--RtGwmtAQAJ
2021-06-23 06:08:10 +02:00
Nicolas Restrepo
bbb3965826 Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses. 2021-06-22 21:28:48 +02:00
Hasan Ramezani
7a9745fed4 Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
Regression in b5e12d490a.

Thanks Iuri de Silvio for the report.
2021-06-22 20:47:15 +02:00
Tim Graham
1697098795
Fixed dash-separated deprecation warning in setup.cfg.
Deprecated in setuptools 54.1.0.
2021-06-22 12:51:04 +02:00
David Smith
b9e872b593 Refs #32338 -- Removed 'for ="..."' from RadioSelect's <label>.
This improves accessibility for screen reader users.

Co-authored-by: Thibaud Colas <thibaudcolas@gmail.com>
2021-06-22 10:59:29 +02:00
Russell Keith-Magee
4f0a034b9e
Added a note about %autoawait off for IPython. 2021-06-22 10:23:03 +02:00
manav014
d718d99017 Refs #29898 -- Moved django.db.migrations.operations.utils to django.db.migrations.utils. 2021-06-22 09:26:18 +02:00
Igor Fernandes
e85d9c02ad Fixed #32870 -- Improved error message when URLconf is empty. 2021-06-22 08:09:53 +02:00