mirrors/django
mirrors/django
0
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Code Issues Releases Wiki Activity
28,719 Commits 28 Branches 423 Tags 717 MiB
976e2b7420
Commit Graph

28719 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Carlton Gibson
976e2b7420 Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
Mariusz Felisiak
1853724aca Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 2020-09-01 09:17:23 +02:00
Mariusz Felisiak
8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+. 
Thanks WhiteSage for the report.
 2020-09-01 09:17:23 +02:00
007gzs
2bc38bc7ca Fixed #31901 -- Prevented content overflowing in the admin changelist with navigation sidebar. 2020-09-01 07:51:22 +02:00
Abdullah Dursun
fcad0b1324
Corrected note about long names in search docs. 2020-08-31 22:36:25 +02:00
Hasan Ramezani
70731fc6fe Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers. 2020-08-31 10:57:41 +02:00
Federico Jaramillo Martínez
179d9dc0c2 Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships. 
Thanks dacotagh for the report.
 2020-08-31 09:28:05 +02:00
Simon Charette
f6405c0b8e Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB. 
The optimization introduced in 7acef095d7 did not properly handle
deletion involving filters against aggregate annotations.

It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031.

Thanks Anton Plotkin for the report.

Refs #23576.
 2020-08-31 08:11:28 +02:00
Simon Charette
38fce49c82 Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations. 2020-08-31 06:42:40 +02:00
Simon Charette
40894f2967 Refs #30446 -- Added tests for resolving output_field of CombinedExpression. 2020-08-31 06:40:39 +02:00
Mariusz Felisiak
0be51d2226 Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL. 
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
 2020-08-28 19:09:46 +02:00
Mariusz Felisiak
2210539142 Refs #31956 -- Added test for ordering by JSONField with a custom decoder. 2020-08-28 19:09:41 +02:00
Koen De Wit
4c0b4720b0 Fixed #31954 -- Fixed migration optimization for MTI model creation with parent model with mixed case app label. 2020-08-28 13:35:13 +02:00
Kevin Michel
225261b701 Refs #31928 -- Added various middlewares tests for detecting when get_response is coroutine. 2020-08-28 12:33:29 +02:00
Kevin Michel
825ce75fae Fixed #31928 -- Fixed detecting an async get_response in various middlewares. 
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.

This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.

Thanks Kordian Kowalski for the report.
 2020-08-28 12:33:15 +02:00
Kevin Michel
ea57a2834f Refs #31928 -- Made SessionMiddleware call super().__init__(). 2020-08-28 12:33:15 +02:00
Kevin Michel
68d7cf4054 Refs #26601 -- Added various middlewares tests for deprecation of passing None as get_response. 2020-08-28 12:33:15 +02:00
Kevin Michel
abbdd3a622 Added tests for cache middlewares constructors. 2020-08-28 10:00:39 +02:00
Mariusz Felisiak
e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator. 
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
 2020-08-28 05:57:36 +02:00
Phil Gyford
e02738bf55 Refs #31913 -- Corrected comment in PasswordResetTokenGenerator. 
Follow up to da4923ea87.
 2020-08-27 12:57:16 +02:00
Alexander
20d38fd759 Fixed #31947 -- Made QuerySet.update_or_create() reuse get_or_create(). 2020-08-27 11:46:47 +02:00
Mariusz Felisiak
1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField. 
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.

Thanks Sébastien Pattyn for the report.
 2020-08-26 22:13:37 +02:00
Jeremy Lainé
9c92924cd5 Fixed #31942 -- Made settings cleansing work with dictionary settings with non-string keys. 2020-08-26 11:59:37 +02:00
Kaustubh
b9be11d442 Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field. 2020-08-26 09:43:39 +02:00
Michael Galler
547a07fa7e Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive. 
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
 2020-08-26 07:13:49 +02:00
Mariusz Felisiak
0b0658111c Removed trailing whitespace in 3.2 release notes. 2020-08-25 10:02:56 +02:00
Cleiton de Lima
9f8c7d2b4b
Moved CreateExtension release notes into django.contrib.postgres section. 2020-08-25 06:13:19 +02:00
Tim Graham
ea880ec233 Fixed #24533 -- Dropped PostgreSQL sequence and Oracle identity when migrating away from AutoField. 2020-08-24 14:32:07 +02:00
Nick Pope
b312421511
Refs #30897 -- Added test for WAL option to Queryset.explain() on PostgreSQL 13+. 2020-08-24 11:47:38 +02:00
Mariusz Felisiak
bb8f66934d Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context." 
This reverts commit 4ed534758c.
 2020-08-24 11:37:59 +02:00
Mariusz Felisiak
04e87e79a0 Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning." 
This reverts commit 20799cc0a6.
 2020-08-24 11:37:59 +02:00
Nick Pope
b5acb9db75 Fixed #31907 -- Fixed missing validate_key() calls in cache backends. 2020-08-24 09:41:21 +02:00
Nick Pope
9e04b242ee Refs #31907 -- Added cache key validation tests for cache operations. 2020-08-24 09:33:55 +02:00
Tim Graham
7ca42974ee
Added assertions for the results of migrating an integer pk to AutoField. 2020-08-24 06:45:48 +02:00
Kaustubh
3e753d3de3
Fixed #31925 -- Fixed typo in docs/releases/3.0.txt. 2020-08-21 09:47:37 +02:00
Ninad Kulkarni
927bd888dd Fixed #31906 -- Fixed typo in docs/ref/forms/fields.txt. 2020-08-21 08:14:07 +02:00
Juan Pedro Fisanotti
41725602af
Improved wording in async views docs. 2020-08-20 09:06:50 +02:00
Nick Pope
e2013b260a Refs #29887, #27480 -- Moved touch() to BaseMemcachedCache. 2020-08-20 09:00:21 +02:00
Nick Pope
0cb0d59b23 Fixed comments related to nonexistent keys for incr()/decr() in memcached backends. 2020-08-20 08:58:50 +02:00
Enderson Menezes
67e4a9a4b9 Fixed #31909 -- Fixed typo in docs/ref/contrib/admin/index.txt. 2020-08-20 07:34:03 +02:00
Mariusz Felisiak
4376c2c7f8
Fixed #31895 -- Fixed crash when decoding invalid session data. 
Thanks Matt Hegarty for the report.
Regression in d4fff711d4.
 2020-08-19 12:06:00 +02:00
Maxim Petrov
bf6d07730c Fixed #31902 -- Fixed crash of ExclusionConstraint on expressions with params. 2020-08-19 06:43:54 +02:00
David Smith
e2e34f4de3
Fixed #27679 -- Doc'd that empty formsets display extra + min_num forms. 2020-08-18 22:56:39 +02:00
Mariusz Felisiak
35b03788b0 Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms. 
Follow up to 162765d6c3.
 2020-08-18 09:37:15 +02:00
Mariusz Felisiak
3254991762 Refs #20347 -- Allowed customizing the maximum number of instantiated forms in generic_inlineformset_factory(). 
Follow up to 433dd737f9.
 2020-08-18 09:37:15 +02:00
Mariusz Felisiak
13704b057d
Refs #17642 -- Doc'd min_num and validate_min arguments in modelformset_factory() docs. 
Changed arguments ordering to match the modelformset_factory()
signature.
 2020-08-18 09:30:31 +02:00
Mariusz Felisiak
d534b5734f
Fixed typo in docs/ref/django-admin.txt. 2020-08-18 06:28:30 +02:00
Jon Dufresne
dd5173ca1b Fixed #31892 -- Added backward incompatibility note about Media <script> tags changes. 
Refs 31080.
 2020-08-17 10:13:18 +02:00
Ahmad A. Hussein
493b26bbfc Fixed #31888 -- Avoided module-level MySQL queries in tests. 2020-08-17 09:31:16 +02:00
Iuri de Silvio
632ccffc49 Fixed #31826 -- Made AlterField operation a noop when adding db_column. 
AlterField operation with adding a db_column is a noop if the column
name is not changed.
 2020-08-14 13:13:36 +02:00