mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-09 14:59:24 +00:00
Code Issues 32 Releases Wiki Activity
33,925 Commits 30 Branches 459 Tags
Commit Graph

33925 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dani Fornons
2514857e3f Fixed #36636, Refs #15902 -- Removed session-based storage reference from set_language() docs. 2025-10-03 15:16:37 -04:00
Jacob Walls
0a09c60e97 Refs #36143, #28596 -- Avoided mentioning exact query parameter limit in bulk_create() docs. 2025-10-03 11:25:17 -04:00
Mariusz Felisiak
6cb641ba75
Refs #36491 -- Skipped ParallelTestSuiteTest.test_buffer_mode_reports_setupclass_failure() without tblib. 2025-10-02 13:20:01 +02:00
Mariusz Felisiak
1499c95d99 Rewrapped security archive at 79 chars. 2025-10-01 16:24:00 -04:00
Jacob Walls
43d84aef04 Added CVE-2025-59681 and CVE-2025-59682 to security archive. 2025-10-01 10:39:02 -04:00
Jacob Walls
1324d9037e Added stub release notes for 5.2.8. 2025-10-01 10:30:45 -04:00
Sarah Boyce
924a0c092e Fixed CVE-2025-59682 -- Fixed potential partial directory-traversal via archive.extract(). 
Thanks stackered for the report.

Follow up to 05413afa8c18cdb978fcdf470e09f7a12b234a23.
 2025-10-01 08:12:07 -04:00
Mariusz Felisiak
41b43c74bd Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB. 
Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f9a4ef1514cf1a41f714fef08005200.
 2025-10-01 08:11:45 -04:00
Jacob Walls
6c82b0bc91 Made cosmetic edits to 5.2.7 release notes. 2025-09-30 16:31:01 -04:00
Adam Johnson
8b241f84e2 Fixed #36614 -- Deprecated QuerySet.values_list(flat=True) without a field. 
Thanks to Jacob Walls and Simon Charette for their input.

co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2025-09-30 08:46:28 +02:00
Jacob Walls
d29852ae72 Fixed #36619 -- Vendored eslint configuration dependencies. 
This allows the eslint pre-commit hook to run without depending
on a prior installation of node modules.

Follow-up to 6345a6ff63a8b8af86ee9a025e29984a410c9764.
 2025-09-30 08:45:39 +02:00
Mariusz Felisiak
906a51e125
Skipped NOT NULL constraints on PostgreSQL 18+. 
Thanks Simon Charette for the implementation idea.
 2025-09-29 23:09:53 +02:00
Mariusz Felisiak
8b84364d46
Fixed assertIndexExists() crash when non-index constraint exists on the same columns. 2025-09-29 23:01:12 +02:00
Mariusz Felisiak
22448a4b65
Added PostgreSQL 18 to scheduled tests workflow. 2025-09-29 12:37:03 -03:00
okaybro
afe6634146 Fixed #36587 -- Clarified usage of list.insert() for upload handlers. 
Thanks Baptiste Mispelon for the report

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-09-29 14:48:06 +02:00
arsalan64
e8190b370e Fixed #36277 -- Fixed DatabaseFeatures.supports_virtual_generated_columns on PostgreSQL 18+. 2025-09-29 10:54:27 +02:00
Samriddha9619
daba609a9b Fixed #35877, Refs #36128 -- Documented unique constraint when migrating a m2m field to use a through model. 2025-09-29 08:57:11 +02:00
Shubham Singh
be581ff473 Fixed #36491 -- Fixed crash in ParallelTestRunner with --buffer. 
Thanks Javier Buzzi and Adam Johnson for reviews.

Co-authored-by: Simon Charette <charette.s@gmail.com>
 2025-09-26 10:55:30 -04:00
Romain DA COSTA VIEIRA
1cb76b90e8 Fixed #36142 -- Made Http404 messages in *_or_404() shortcuts translatable. 2025-09-26 16:47:46 +02:00
Jacob Walls
7894776bc9 Refs #28526 -- Provided URLResolver namespace in technical 404 template. 
This avoids looking up the nonexistent "name" attribute on URLResolver,
which logs verbosely.
 2025-09-26 14:06:39 +02:00
Adam Johnson
46bd92274c Refs #36605 -- Optimized QuerySet.in_bulk() for the empty id_list case. 
Now that the setup is a bit more expensive, it makes sense to return earlier
for the empty case.
 2025-09-25 08:51:43 -04:00
John Parton
1820d35b17 Fixed #36605 -- Added support for QuerySet.in_bulk() after .values() or .values_list(). 
co-authored-by: Adam Johnson <me@adamj.eu>
co-authored-by: Simon Charette <charette.s@gmail.com>
 2025-09-25 08:51:43 -04:00
SaJH
68aae8878f Fixed #36434 -- Preserved unbuffered stdio (-u) in autoreloader child. 
Signed-off-by: SaJH <wogur981208@gmail.com>
 2025-09-25 11:38:28 +02:00
Adam Johnson
5cbd96003c Removed Git attribute merge=union for release notes. 
I added this back in 3222fc79431c0866aa65b2a83fbbffd2c3034d08 to try
and avoid merge conflicts from concurrent edits to release notes in
different branches. However, in my recent experience, it has caused
more problems than it solves. I have found that when rebasing a branch
that modifies a release note, it can merge sections without an
intermediate blank line, leading to broken reST syntax. Example spotted
in code review:
https://github.com/django/django/pull/17554#discussion_r2311296513 .

I think it’s better we remove this configuration and deal with merge
conflicts deliberately.
 2025-09-25 08:44:17 +02:00
Mariusz Felisiak
00174507f8 Added stub release notes and release date for 5.2.7, 5.1.13, and 4.2.25. 2025-09-24 11:39:07 -04:00
Adam Johnson
f2e0219867 Refs #36163 -- Removed currentmodule directive from 6.0 release notes. 2025-09-24 13:06:00 +02:00
Adam Johnson
2e870c6071 Refs #36163 -- Removed duplicated release note paragraph. 2025-09-24 13:06:00 +02:00
Mariusz Felisiak
44addbf4e7
Refs #35859 -- Mentioned tasks in the docs index. 2025-09-24 09:47:47 +02:00
Tim Graham
1acb00b26d
Fixed #36616 -- Added DatabaseOperations.adapt_durationfield_value(). 2025-09-23 18:36:49 +02:00
Mridul Dhall
b67a36ec6f Fixed #36543 -- Fixed time formats for fr_CA. 
Thanks Chris Anderson for the report.
 2025-09-23 16:52:47 +02:00
saJaeHyukc
748551fea0 Fixed #36264 -- Excluded proxy neighbors of parents from deletion collection when keep_parents=True. 
Signed-off-by: saJaeHyukc <wogur981208@gmail.com>
 2025-09-23 16:40:57 +02:00
Jacob Walls
efb96138b4 Refs #25508 -- Used QuerySet.__repr__ in docs/ref/contrib/postgres/search.txt. 2025-09-23 10:07:31 -04:00
Jean Patrick Prenis
9af8225117 Fixed #36609 -- Added Haitian Creole (ht) language. 
Thanks Rebecca Conley for the review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2025-09-23 08:04:13 +02:00
Mariusz Felisiak
30e9b6f6ad
Fixed warning in "New contributor" GitHub action. 2025-09-23 08:01:23 +02:00
David Smith
e20e189045 Refs #33783 -- Added IsEmpty GIS database function and __isempty lookup on SpatiaLite. 2025-09-22 22:04:42 -04:00
Mariusz Felisiak
6fe96639ba
Bumped versions in pre-commit and npm configurations. 2025-09-22 17:25:19 +02:00
Ryan P Kilby
f9a44cc0fa Fixed #35453 -- Made ManyToManyField.concrete False. 
ManyToManyField was already excluded from fields, concrete_fields,
and local_concrete_fields in Options.
 2025-09-22 09:52:22 -04:00
Shubham Singh
dce1b9c2de Fixed #36480 -- Made values() resolving error mention unselected aliases. 
Follow-up to cb13792938f2c887134eb6b5164d89f8d8f9f1bd. Refs #34437.
 2025-09-22 08:35:53 -04:00
Simon Charette
af84cfba59 Fixed #36612 -- Fixed a KeyTextTransform crash on MySQL against annotations. 
MySQL only supports the ->> when used directly against columns, this can be
inferred by the presence of lhs.output_field.model as model bounds fields are
directly tied to columns.

Purposely don't systematically switch to using JSON_QUOTE(JSON_EXTRACT(...))
as there might be functional indices out there that rely on the SQL remaining
stable between versions.

Thanks Jacob Tavener for the report.
 2025-09-22 09:00:24 +02:00
Samriddha9619
a36df6890d Fixed #36488 -- Fixed merging of query strings in RedirectView. 
Co-authored-by: Ethan Jucovy <ethan.jucovy@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-09-22 08:54:08 +02:00
Clifford Gama
336e713e2a Refs #36438 -- Simplified retrieval of GeneratedField base fields in migrations autodetector. 
This was creating an unusable Q object solely to call
referenced_base_fields on it.
 2025-09-19 15:54:19 -04:00
Senthil Kumar
5ee651f255 Fixed #36369 -- Cleared additional cached properties in apps.clear_cache(). 
Thanks Clifford Gama for the report.

Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
 2025-09-19 14:57:05 -04:00
Jacob Walls
fd705912ff Refs #36152, #35667 -- Used skip_file_prefixes in alias deprecation warning. 
Follow-up to 8ede411a81b40ca53362e6788601193c7e56a0cf.
 2025-09-19 14:38:07 -04:00
사재혁
23b6594026
Fixed #36584, Refs #36149 -- Allowed subquery values against tuple in lookup via ForeignObject. 2025-09-19 13:15:41 -04:00
Sarah Boyce
7528979153 Added cleanup of cache clearing to DjangoFilePrefixesTests.setUp(). 2025-09-19 09:49:03 +02:00
Natalia
5ddb01c760 Clarified feature freeze and alpha release steps in docs/internals/howto-release-django.txt. 2025-09-18 22:07:06 -03:00
Adam Johnson
74a9c2711c Refs #28586 -- Split descriptor from GenericForeignKey. 
This makes GenericForeignKey more similar to other fields which act as
descriptors, preparing it to add “fetcher protocol” support in a clear and
consistent way.
 2025-09-18 19:44:16 -04:00
CodingWithSaksham
762d3be8c5 Fixed #36581 -- Updated serialization examples from XML to JSON. 2025-09-18 15:44:05 +02:00
Natalia
499fe53e33 Updated source translation catalogs. 
Forwardport of 22eed0384478e6d3167483cad8df03c687addeff from stable/6.0.x.
 2025-09-18 10:13:03 -03:00
Natalia
4840ab0965 Updated translations from Transifex. 
Forwardport of 2a2936c3e6444a0f37156773ca405cedaf28dea7 from stable/5.2.x.
 2025-09-18 09:53:05 -03:00