1
0
mirror of https://github.com/django/django.git synced 2025-06-03 10:39:12 +00:00

14262 Commits

Author SHA1 Message Date
Blayze
90429625a8 Fixed #36423 -- Prevented filter_horizontal buttons from intercepting form submission.
In the admin's filter_horizontal widget, optional action buttons like
"Choose all", "Remove all", etc. were changed from `<a>` to `<button>`
elements in #34619, but without specifying `type="button"`. As a result,
when pressing Enter while focused on a form input, these buttons could
be triggered and intercept form submission.

Explicitly set `type="button"` on these control buttons to prevent them
from acting as submit buttons.

Thanks Antoliny Lee for the quick triage and review.

Regression in 857b1048d53ebf5fc5581c110e85c212b81ca83a.
2025-06-02 22:25:14 -03:00
Natalia
1a74434399 Added stub release notes and release date for 5.2.2, 5.1.10, and 4.2.22. 2025-05-28 10:03:06 -03:00
Jason Judkins
1307b8a1cb
Fixed #36402, Refs #35980 -- Updated built package name in reusable apps tutorial for PEP 625. 2025-05-26 12:33:29 -03:00
Adam Johnson
c2615a0500 Fixed #36405 -- Fixed Aggregate.order_by using OuterRef.
co-authored-by: Simon Charette <charette.s@gmail.com>
2025-05-23 16:15:59 +02:00
Adam Johnson
b8e5a8a9a2 Fixed #36404 -- Fixed Aggregate.filter using OuterRef.
Regression in a76035e925ff4e6d8676c65cb135c74b993b1039.
Thank you to Simon Charette for the review.

co-authored-by: Simon Charette <charette.s@gmail.com>
2025-05-23 15:17:20 +02:00
Adam Zapletal
d2732c30af Fixed typo in docs/ref/forms/renderers.txt. 2025-05-23 11:19:59 +02:00
Sarah Boyce
1704c49a9b Fixed #36390 -- Deprecated RemoteUserMiddleware subclasses missing aprocess_request().
Regression in 50f89ae850f6b4e35819fe725a08c7e579bfd099.
Thank you to shamoon for the report and Natalia Bidart for the review.
2025-05-23 10:22:36 +02:00
ontowhee
ddb8529415 Fixed #34262 -- Added support for AnyValue for SQLite, MySQL, Oracle, and Postgresql 16+.
Thanks Simon Charette for the guidance and review. Thanks Tim Schilling for the
documentation review. Thanks David Wobrock for investigation and solution proposals.
2025-05-20 10:01:42 +02:00
Jacob Walls
f603ece016
Fixed typo in docs/releases/6.0.txt. 2025-05-19 15:09:09 -03:00
Colleen Dunlap
802baf5da5 Fixed #36388 -- Made QuerySet.union() return self when called with no arguments.
Regression in 9cb8baa0c4fa2c10789c5c8b65f4465932d4d172.
Thank you to Antoine Humeau for the report and Simon Charette for the review.
2025-05-19 10:34:14 +02:00
Jacob Walls
994dc6d8a1 Fixed #36392 -- Raised ValueError when subquery referencing composite pk selects too many columns. 2025-05-16 08:19:38 +02:00
Simon Charette
e03e5c751c Fixed #33312 -- Raised explicit exception when copying deferred model instances.
Previously save() would crash with an attempted forced update message, and both
save(force_insert=True) and bulk_create() would crash with DoesNotExist errors
trying to retrieve rows with an empty primary key (id IS NULL).

Implementing deferred field model instance copying might be doable in certain
cases (e.g. when all the deferred fields are db generated) but that's not
trivial to implement in a backward compatible way.

Thanks Adam Sołtysik for the report and test and Clifford for the review.
2025-05-16 08:13:57 +02:00
antoliny0919
a79c411147 Added missing import in docs/ref/contrib/admin/index.txt. 2025-05-15 15:48:00 +02:00
Jacob Walls
e52100a250
Fixed incorrect spacing in docs/ref/contrib/postgres/fields.txt. 2025-05-15 09:22:10 -03:00
Pablo Bengoechea
87ab54b488 Fixed #35829 -- Updated admin icons using Font Awesome Free version 6.7.2.
Co-authored-by: Stefan <96178532+stefan6419846@users.noreply.github.com>
2025-05-15 09:09:27 -03:00
savanto
8620a3b0c7 Fixed #36085 -- Added JSONField support for negative array indexing on SQLite. 2025-05-14 13:21:18 +02:00
Adam Johnson
4647e2b866 Refs #36383 -- Extended DeconstructibleSerializer to support non-identifier keyword arguments.
In Python, keyword arguments must normally be valid identifiers (i.e.,
variable names that follow Python's naming rules). However, Python dicts
can have keys that aren't valid identifiers, like "foo-bar" or "123foo".

This commit ensures that keyword arguments that are nt valid
identifiers, are properly handled when deconstructing an object.
2025-05-13 21:42:19 -03:00
Lily Foote
188799e67c Updated guidance to propose new feature ideas in contributing docs.
These changes include:
* Clarification of the new feature proposal and evaluation process.
* Reodering "points to consider" into reporting bugs section, since
  these are mostly trac-specific.
* Narrowing the guide on user interface bugs and features to just bugs.
* Updating documentation for Someday/Maybe triage stage.

Co-authored-by: Tim Schilling <schilling711@gmail.com>
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-05-13 21:38:04 -03:00
Aleksandr Safonov
96c79be4e4 Fixed #36332 -- Corrected HttpRequest.get_full_path() and HttpRequest.get_full_path_info() examples. 2025-05-13 17:41:17 +02:00
Simon Charette
8be0c0d690 Fixed #36373 -- Fixed select_related() crash on foreign object for a composite pk.
Thanks Jacob Walls for the report and Sarah for the in-depth review.
2025-05-12 12:33:07 +01:00
Natalia
42ab99309d Refs #35980 -- Added release note about changes in release artifacts filenames. 2025-05-09 13:29:19 -03:00
Natalia
c86156378d Removed "Expected" from release date for 5.2.1, 5.1.9, and 4.2.21. 2025-05-09 13:29:19 -03:00
Natalia
37f2a77c72 Cleaned up CVE-2025-32873 security archive description. 2025-05-07 11:36:05 -03:00
Natalia
fdabda4e05 Added CVE-2025-32873 to security archive. 2025-05-07 10:59:55 -03:00
Natalia
d8397bf6cd Added stub release notes for 5.2.2. 2025-05-07 10:56:00 -03:00
Sarah Boyce
9f3419b519 Fixed CVE-2025-32873 -- Mitigated potential DoS in strip_tags().
Thanks to Elias Myllymäki for the report, and Shai Berger and Jake
Howard for the reviews.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-05-06 22:21:42 -03:00
Natalia
f7d97dd118 Simplified artifact building steps in docs/internals/howto-release-django.txt.
With the recent merge of artifact build updates from
https://github.com/django/django/pull/19436, there is no need to have
different build instructions for 4.2.
2025-05-06 11:11:40 -03:00
Clifford Gama
9d93e35c20 Fixed #17461 -- Doc'd the presumed order of foreign keys on the intermediary model of a self-referential m2m.
Thanks Giannis Terzopoulos and Sarah Boyce for the reviews.
2025-05-02 07:56:56 +01:00
Natalia
0f5dd0dff3 Made cosmetic edits and added upcoming security release to release notes. 2025-04-30 14:55:12 -03:00
Baptiste Mispelon
66f9eb0ff1 Fixed #36357 -- Skipped unique_together in inspectdb output for composite primary keys.
Thanks to Baptiste Mispelon for the report and quick fix, and to Simon
Charette and Jacob Walls for the reviews.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-04-30 11:55:25 -03:00
Simon Charette
07100db6f4 Fixed #36358 -- Corrected introspection of composite primary keys on SQLite.
Previously, any first field of a composite primary key with type
`INTEGER` was incorrectly introspected as an `AutoField` due to SQLite
treating `INTEGER PRIMARY KEY` as an alias for the `ROWID`.

This change ensures that integer fields in composite PKs are not
mistaken for auto-incrementing fields.

Thanks Jacob Walls and Sarah Boyce for the reviews.
2025-04-30 10:51:48 -03:00
Simon Charette
8ef4e0bd42 Fixed #36360 -- Fixed QuerySet.update() crash when referring annotations through values().
The issue was only manifesting itself when also filtering againt a related
model as that forces the usage of a subquery because SQLUpdateCompiler doesn't
support the UPDATE FROM syntax yet.

Regression in 65ad4ade74dc9208b9d686a451cd6045df0c9c3a.

Refs #28900.

Thanks Gav O'Connor for the detailed report.
2025-04-30 10:38:19 +01:00
koresi
0ee06c04e0 Fixed #35931 -- Documented fields and methods of the FlatPage model.
Co-authored-by: Clifford Gama <53076065+cliff688@users.noreply.github.com>
2025-04-27 15:10:33 +01:00
Bruno Alla
bc21bc4282 Fixed #18296 -- Created missing custom target directory for startproject and startapp. 2025-04-27 14:41:27 +01:00
9r0k
3babda775d
Fixed #36346 -- Removed outdated section about the threaded option in Oracle driver. 2025-04-27 14:16:50 +02:00
dbogar89
7b394b9988
Fixed #36335 -- Fixed typo in docs/topics/db/managers.txt. 2025-04-27 08:40:14 +02:00
nessita
0596263c31
Fixed #36309 -- Made email alternatives and attachments pickleable.
Regression in aba0e541caaa086f183197eaaca0ac20a730bbe4 and in
d5bebc1c26d4c0ec9eaa057aefc5b38649c0ba3b.

Thanks Florent Messa for the report, and Jake Howard and Claude
Paroz for the review.
2025-04-24 10:11:16 -03:00
nessita
c86242d61f
Refs #36341 -- Added release notes for 5.1.9 and 4.2.21 for fix in wordwrap template filter.
Revision 1e9db35836d42a3c72f3d1015c2f302eb6fee046 fixed a regression in
55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b, which also needs to be
backported to the stable branches in extended support (5.1.x and 4.2.x).
2025-04-23 17:26:48 -03:00
Matti Pohjanvirta
1e9db35836 Fixed #36341 -- Preserved whitespaces in wordwrap template filter.
Regression in 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b.

This work improves the django.utils.text.wrap() function to ensure that
empty lines and lines with whitespace only are kept instead of being
dropped.

Thanks Matti Pohjanvirta for the report and fix.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-04-23 16:14:03 -03:00
antoliny0919
1bc805e23b Fixed #36331 -- Reverted "Fixed #36055 -- Prevented overlap of object-tools buttons and page header in the admin."
This reverts commits b1324a680add78de24c763911d0eefa19b9263bc and
02a5cbfe76382da2a0414df17017185be5bd47f9. The former caused a regression
in admin sites that relied on the `object-tools` block being inside the
`content` block.

Thank you to Fabian Braun for the report.
2025-04-22 22:13:38 -03:00
SaJH
1831f7733d Fixed #36326 -- Added CompositePrimaryKey support in QuerySet.raw().
Signed-off-by: SaJH <wogur981208@gmail.com>
2025-04-17 17:23:06 +02:00
Ahmed Nassar
d469db978e Fixed #36314 -- Fixed MinimumLengthValidator error message translation.
Regression in ec7d69035a408b357f1803ca05a7c991cc358cfa.

Thank you Gabriel Trouvé for the report and Claude Paroz for the review.
2025-04-17 12:30:20 +02:00
Adam Johnson
6ef0f5bc27 Americanized some spellings. 2025-04-16 10:21:38 +02:00
Natalia
5020a9d43a Replaced '' with * for consistent emphasis styling in docs/howto/custom-template-tags.txt. 2025-04-15 14:48:55 -03:00
Ahmed Nassar
be402891cd Fixed #36311 -- Unified spelling of "hardcode" and its variants in docs.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-04-15 14:48:55 -03:00
Ahmed Nassar
abbcef5280 Refs #36311 -- Unified spelling of "flatpage" in docs/ref/contrib/flatpages.txt. 2025-04-15 14:48:55 -03:00
Ahmed Nassar
8bca33f68a Fixed #36269 -- Documented how to test callable storage in FileField. 2025-04-15 10:05:59 +02:00
Ahmed Nassar
2c2f090555 Fixed #35993 -- Documented gettext f-string support limitations.
Thank you to Claude Paroz and Athena Wolfskämpf for the review.
2025-04-15 10:02:25 +02:00
Baptiste Mispelon
ac16d2876d
Fixed #36320 -- Ignored "duplicated_toc_entry" for ePub docs build. 2025-04-12 19:39:07 +02:00
Simon Charette
21f8be76d4 Fixed #36288 -- Addressed improper handling of duplicates in values_list().
Now that selected aliases are stored in sql.Query.selected: dict[str, Any]
the values_list() method must ensures that duplicate field name references are
assigned unique aliases.

Refs #28900.

Regression in 65ad4ade74dc9208b9d686a451cd6045df0c9c3a.

Thanks Claude for the report.
2025-04-11 09:04:49 +02:00