mirrors/django
mirrors/django
0
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Code Issues Releases Wiki Activity
29,100 Commits 28 Branches 423 Tags 717 MiB
ec6d2531c5
Commit Graph

448 Commits

Author SHA1 Message Date
Mariusz Felisiak
cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Carlton Gibson
4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Jon Dufresne
5dac63bb84 Refs #27804 -- Used subTest() in utils_tests/test_encoding.py. 2019-08-26 11:58:06 +02:00
Claude Paroz
9386586f31 Replaced subprocess commands by run() wherever possible. 2019-08-23 10:53:36 +02:00
Claude Paroz
88c0b907e7 Refs #30461 -- Added django.utils._os.to_path(). 2019-08-13 17:17:39 +02:00
swatantra
73ac9e3f04 Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data. 2019-08-11 20:15:23 +02:00
Florian Apolloner
76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Florian Apolloner
4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Florian Apolloner
7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 
Thanks to Guido Vranken for initial report.
 2019-08-01 09:24:54 +02:00
Nick Pope
f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope
c95d063e77 Refs #30160 -- Simplified and improved tests for django.utils.archive. 
The file executable should have 0o775 permission not only u=x.
The file no_permissions should have 0o644 u=r.
 2019-07-31 09:46:24 +02:00
Nick Pope
421c4cd2ee Removed redundant ArchiveTest.test_extract_method() test. 
The extract() function has the same code as used in the test method
for Archive.extract().
 2019-07-30 11:33:53 +02:00
Nick Pope
0509148c24 Refs #30160 -- Made destination path a required argument of extract(). 2019-07-30 11:27:56 +02:00
Tom Forbes
fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
Mariusz Felisiak
fed5e19369
Removed unused BaseReloader.watch_file(). 
Unused since its introduction in c8720e7696.
 2019-07-24 13:32:02 +02:00
Tom Forbes
2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Min ho Kim
9f11939dd1 Fixed typos in comments and a test name. 2019-07-19 18:24:06 +02:00
Jon Dufresne
42b9a23267 Fixed #30400 -- Improved typography of user facing strings. 
Thanks Claude Paroz for assistance with translations.
 2019-06-28 16:46:18 +02:00
Tom Forbes
8454f6dea4 Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute. 2019-06-26 06:44:10 +02:00
Jon Dufresne
b903bb438f Refs #30485 -- Removed non-representative test that emitted a warning. 
Previously, when running the Django test suite with warnings enabled,
the following was emitted:

    /usr/lib64/python3.7/urllib/parse.py:915: BytesWarning: str() on a bytearray instance
      v = quote_via(str(v), safe, encoding, errors)

This occurred due to the bytearray() being passed to
urllib.parse.urlencode() which eventually calls str() on it. The test
does not represent desired real world behavior. Rather than test for and
assert strange unspecified behavior that emits a warning, remove it.

This was also discussed in PR #11374.
 2019-06-19 13:03:52 +02:00
Tom Forbes
480492fe70 Fixed #30523 -- Fixed updating file modification times on seen files in auto-reloader when using StatReloader. 
Previously we updated the file mtimes if the file has not been seen
before - i.e on the first iteration of the loop.

If the mtime has been changed we triggered the notify_file_changed()
method which in all cases except the translations will result in the
process being terminated. To be strictly correct we need to update the
mtime for either branch of the conditional.

Regression in 6754bffa2b.
 2019-05-29 09:41:24 +02:00
Tom Forbes
0344565179 Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with custom signature. 
Regression in c8720e7696.
 2019-05-29 08:08:50 +02:00
Tom Forbes
b2790f74d4 Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when using StatReloader. 
Regression in c8720e7696.
 2019-05-28 08:31:33 +02:00
Johan Lübcke
0670b1b403 Fixed #30485 -- Adjusted django.utils.http.urlencode for doseq=False case. 2019-05-24 17:15:34 +02:00
Ran Benita
a2c31e12da Fixed #30498 -- Fixed proxy class caching in lazy(). 
lazy() should prepare the proxy class only once (the first time it's
used) not on every call.

Regression in b4e76f30d1.
 2019-05-22 20:41:52 +02:00
Jon Dufresne
b915b9f10f Refs #27753 -- Deprecated django.utils.text.unescape_entities(). 
The function was undocumented and only required for compatibility with
Python 2.

Code should use Python's html.unescape() that was added in Python 3.4.
 2019-05-08 08:00:59 +02:00
Tom Forbes
6754bffa2b Fixed #30323 -- Fixed detecting changes by autoreloader when using StatReloader. 2019-04-29 11:41:00 +02:00
Jacob Green
ed3c59097a
Fixed #30361 -- Increased the default timeout of watchman client to 5 seconds and made it customizable. 
Made the default timeout of watchman client customizable via
DJANGO_WATCHMAN_TIMEOUT environment variable.
 2019-04-26 12:55:49 +02:00
Jon Dufresne
8d76443aba Fixed #30399 -- Changed django.utils.html.escape()/urlize() to use html.escape()/unescape(). 2019-04-25 15:09:07 +02:00
Martijn Jacobs
9141da1a80 Fixed #30366 -- Skipped StatReloaderTests on HFS+ filesystems. 
When on MacOS High Sierra or below (<=10.13) it could be that a HFS+
filesystem is used. HFS+ has a time resolution of only one second
which can be too low for some of the tests.
 2019-04-24 15:28:20 +02:00
Sjoerd Job Postmus
e6d57c4d65 Fixed #30363 -- Do not use exponential notation for small decimal numbers. 
In 9cc6a60040b0f64f8ea066dd215176d4bd16621d a security patch was
introduced to prevent allocating large segments of memory when a
very large or very small decimal number was to be formatted.

As a side-effect, there was a change in formatting of small decimal
numbers even when the `decimal_pos` argument was provided, which meant
that reasonable small decimal numbers (above 1e-199) would be formatted
as `0.00`, while smaller decimal numbers (under 1e-200) would be
formatted as `1e-200`.
 2019-04-13 14:30:33 +02:00
Mariusz Felisiak
c9888bc8ec
Fixed #30264 -- Fixed crash of test_parsing_year_less_than_70() on 32-bit systems. 
Thanks Andreas Beckmann and Chris Lamb for the report.
 2019-03-20 13:44:30 +01:00
Jon Dufresne
95b7699ffc Cleaned up exception message checking in some tests. 2019-03-15 19:27:57 -04:00
shiningfm
99cfb28e99 Fixed #30215 -- Fixed autoreloader crash for modules without __spec__. 
Regression in c8720e7696.
 2019-02-27 10:35:30 -05:00
Matthias Kestenholz
e04209e181 Refs #30179 -- Moved topological sort functions to django.utils. 2019-02-25 15:44:49 -05:00
Seunghun Lee
99fc5dc13c Fixed #30141 -- Fixed parse_duration() for some negative durations. 2019-02-23 18:54:09 -05:00
Semen Zhydenko
255d6a26a8 Fixed spelling mistakes in comments and tests. 2019-02-11 08:55:57 -05:00
Carlton Gibson
402c0caa85 Fixed CVE-2019-6975 -- Fixed memory exhaustion in utils.numberformat.format(). 
Thanks Sjoerd Job Postmus for the report and initial patch.
Thanks Michael Manfre, Tim Graham, and Florian Apolloner for review.
 2019-02-11 11:08:45 +01:00
Sergey Fedoseev
1835563ab8 Removed unneeded list() calls in sorted() argument. 2019-02-09 19:08:22 -05:00
Tim Graham
77d25dbd0f Refs #27753 -- Favored SafeString over SafeText. 2019-02-06 14:12:06 -05:00
Tim Graham
d55e882927 Refs #27753 -- Deprecated django.utils.encoding.force_text() and smart_text(). 2019-02-06 14:12:06 -05:00
Aymeric Augustin
3bb6a4390c Refs #27753 -- Favored force/smart_str() over force/smart_text(). 2019-02-06 14:12:06 -05:00
Tim Graham
83c2bc52c2
Refs #27753 -- Deprecated django.utils.http urllib aliases. 2019-02-04 18:53:11 -05:00
Tim Graham
7e6b214ed3 Fixed #30116 -- Dropped support for Python 3.5. 2019-01-30 10:19:48 -05:00
Tom Forbes
1e92407f83 Fixed #25624 -- Fixed autoreload crash with jinja2.ModuleLoader. 2019-01-28 14:17:50 -05:00
Jon Dufresne
7e3bf2662b Removed default mode='r' argument from calls to open(). 2019-01-27 17:41:43 -05:00
Hasan Ramezani
7e978fdc42 Completed test coverage for utils.text._replace_entity(). 2019-01-23 19:33:21 -05:00
Hasan Ramezani
838e432e3e Completed test coverage for utils.text.Truncator.chars(). 2019-01-19 18:45:41 -05:00
Tim Graham
958a7b4ca6 Refs #28965 -- Removed utils.http.cookie_date() per deprecation timeline. 2019-01-17 10:52:19 -05:00
Santiago Basulto
4fc35a9c3e Fixed #20147 -- Added HttpRequest.headers. 2019-01-16 13:38:47 -05:00
Tom Forbes
c8720e7696 Fixed #27685 -- Added watchman support to the autoreloader. 
Removed support for pyinotify (refs #9722).
 2019-01-13 20:33:47 -05:00
Tim Graham
0004daa536
Used 4 space hanging indent for dictionaries. 
Thanks Mariusz Felisiak for auditing.
 2019-01-02 18:18:19 -05:00
Jon Dufresne
6fe9c45b72 Fixed #30024 -- Made urlencode() and Client raise TypeError when None is passed as data. 2018-12-27 11:19:55 -05:00
Tim Graham
193c109327 Switched TestCase to SimpleTestCase where possible in Django's tests. 2018-11-27 08:58:44 -05:00
Thomas Grainger
0607699902 Fixed #29478 -- Added support for mangled names to cached_property. 
Co-Authored-By: Sergey Fedoseev <fedoseev.sergey@gmail.com>
 2018-11-19 13:40:49 -05:00
Srinivas Thatiparthy (శ్రీనివాస్ తాటిపర్తి)
a7ef4a56e0 Fixed #29920 -- Added a test for smart_urlquote()'s UnicodeError branch. 2018-11-09 12:39:08 -05:00
Hasan Ramezani
6b7f1c2530 Increased test coverage of django.utils.http. 2018-11-03 11:13:28 -04:00
aspalding
dc5e75d419 Fixed #29838 -- Fixed crash when combining Q objects with __in lookups and lists. 
Regression in fc6528b25a.
 2018-10-17 11:34:49 -04:00
aspalding
217f82d713 Refs #29838 -- Fixed make_hashable() for values that have lists or dicts nested in tuples. 
And for non-hashable values that are iterable, e.g. sets.
 2018-10-17 11:17:50 -04:00
aspalding
834c4ec8e4 Moved make_hashable() to django.utils and added tests. 2018-10-17 11:17:23 -04:00
Hasan Ramezani
b5d7604cb0 Completed FixedOffset test coverage. 2018-10-09 20:32:08 -04:00
Sergey Fedoseev
8ef8bc0f64 Refs #28909 -- Simplifed code using unpacking generalizations. 2018-09-28 09:57:12 -04:00
Jon Dufresne
82f286cf6f Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
Javier Buzzi
a0d63b02c3 Fixed #29772 -- Made LazyObject proxy __lt__() and __gt__(). 2018-09-19 13:51:01 -04:00
Claude Paroz
201017df30 Fixed #29654 -- Made text truncation an ellipsis character instead of three dots. 
Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review.
 2018-08-21 17:46:45 +02:00
Mariusz Felisiak
9fee229874
Fixed #29643 -- Fixed crash when combining Q objects with __in lookups and lists. 
Regression in fc6528b25a.
 2018-08-08 08:51:20 +02:00
Josh Schneier
f1bf069ec1 Refs #29244 -- Fixed django.utils.inspect.method_has_no_args() for bound methods. 2018-08-07 17:37:35 -04:00
Josh Schneier
756b859576 Renamed django.utils.inspect.func_has_no_args() to method_has_no_args(). 2018-08-07 17:37:35 -04:00
Tim Graham
2092206bee
Refs #29600 -- Updated django.utils.datetime_safe now that Python 2 is unsupported. 2018-08-02 10:20:24 -04:00
Andreas Hug
a656a68127 Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. 2018-08-01 09:28:42 -04:00
Claude Paroz
b004bd62e8 Fixed #29412 -- Stopped marking slugify() result as HTML safe. 2018-07-20 10:44:30 -04:00
Claude Paroz
0adfba968e Fixed #29578 -- Made numberformat.format() honor forced l10n usage. 
Thanks Sassan Haradji for the report.
 2018-07-19 16:44:40 -04:00
Sergey Fedoseev
338f741c5e Fixed #29546 -- Deprecated django.utils.timezone.FixedOffset. 2018-07-09 16:33:36 -04:00
Sergey Fedoseev
c9088cfc7b Fixed some assertTrue() that were intended to be assertEqual(). 2018-07-09 11:13:40 -04:00
Sergey Fedoseev
bdcde79c5f Made test for memoryview handling in force_bytes() more strict. 2018-07-09 11:01:42 -04:00
Przemysław Suliga
d22b90b4ea Fixed #29525 -- Allowed is_safe_url()'s allowed_hosts arg to be a string. 2018-06-29 10:17:52 -04:00
Carlton Gibson
f4ef71c689 Refs #29514 -- Added test for get_default_timezone()/timezone.utc equality. 2018-06-28 11:14:26 -04:00
Tim Graham
911af0d24b Added more tests for django.utils.html.urlize(). 2018-03-06 08:30:41 -05:00
Tim Graham
97b7dd59bb Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. 
Thanks James Davis for suggesting the fix.
 2018-03-06 08:30:40 -05:00
Tim Graham
8618271caa Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. 
Thanks Florian Apolloner for assisting with the patch.
 2018-03-06 08:30:40 -05:00
Tim Graham
b832de869e
Added tests for utils.html.urlize() (lazy string inputs were untested). 2018-02-10 15:45:57 -05:00
Jonas Haag
8c709d79cb Fixed #17419 -- Added json_tag template filter. 2018-02-07 18:38:12 -05:00
Tim Graham
d0a42a14c0 Fixed imports per isort 4.3.1. 
Partially reverted 9bcf73d788.
 2018-02-02 14:44:07 -05:00
Mariusz Felisiak
9bcf73d788 Fixed imports per isort 4.3.0. 2018-02-01 09:29:46 +01:00
Jon Dufresne
ff05de760c Fixed #29038 -- Removed closing slash from HTML void tags. 2018-01-21 02:09:10 -05:00
Jon Dufresne
1e81a4b897 Fixed #28638 -- Made allowed_hosts a required argument of is_safe_url(). 2018-01-11 07:03:50 -05:00
Tim Graham
ab7f4c3306 Refs #28965 -- Deprecated unused django.utils.http.cookie_date(). 2018-01-02 11:23:04 -05:00
Sergey Fedoseev
ae6fa914aa Fixed #28926 -- Fixed loss of precision of big DurationField values on SQLite and MySQL. 2017-12-28 17:35:41 -05:00
Sergey Fedoseev
93cdd07e8f Used bytes.hex() and bytes.fromhex() to simplify. 2017-11-23 08:52:23 -05:00
Yusuke Miyazaki
278d66b94b Fixed #28501 -- Fixed "python -m django runserver" crash. 2017-11-06 09:58:15 -05:00
Yusuke Miyazaki
ac21f2e391 Added RestartWithReloaderTests. 2017-11-06 09:54:31 -05:00
medmunds
d1317edad0 Fixed #28739 -- Fixed get_fixed_timezone() for negative timedeltas. 2017-10-24 21:27:53 -04:00
François Freitag
41be85862d Fixed #28679 -- Fixed urlencode()'s handling of bytes. 
Regression in fee42fd99e.

Thanks Claude Paroz, Jon Dufresne, and Tim Graham for the guidance.
 2017-10-12 09:08:33 -04:00
François Freitag
0e212a705e Split django.utils.http tests into separate test classes. 2017-10-10 08:53:01 -04:00
Mariusz Felisiak
fc6528b25a Fixed #28629 -- Made tree.Node instances hashable. 
Regression in 508b5debfb which
added Node.__eq__().
 2017-09-28 12:07:19 -04:00
Mads Jensen
8ddbe01760 Added a test for pbkdf2()'s default digest algorithm. 2017-09-27 10:36:26 -04:00
Tim Graham
ba42456c2e Refs #27648 -- Removed support for (iLmsu) regex groups in url() patterns. 
Per deprecation timeline.
 2017-09-22 12:51:18 -04:00
Tim Graham
96107e2844 Refs #26956 -- Removed the host parameter of django.utils.http.is_safe_url(). 
Per deprecation timeline.
 2017-09-22 12:51:18 -04:00
Mads Jensen
41a7876991 Added test for too large input to django.utils.http.base36_to_int(). 2017-09-21 10:21:02 -04:00
LBerrocal
54f7aa04a7 Fixed #28306 -- Completed test coverage for django.utils.lorem_ipsum. 
Thanks Idan Melamed for the original patch.
 2017-09-02 15:50:43 -04:00