mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity
32,143 Commits 30 Branches 460 Tags
36ed45d27cb97fe3a41eca219ba75ff69f16b93c
Commit Graph

32143 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mariusz Felisiak
36e3eef7d5 Added CVE-2023-23969 to security archive. 2023-02-01 12:09:03 +01:00
Mariusz Felisiak
4dcb919c97 Ignored 097e3a70c1 formatting changes in git blame. 2023-02-01 11:34:49 +01:00
David Smith
097e3a70c1 Refs #33476 -- Applied Black's 2023 stable style. 
Black 23.1.0 is released which, as the first release of the year,
introduces the 2023 stable style. This incorporates most of last year's
preview style.

https://github.com/psf/black/releases/tag/23.1.0
 2023-02-01 11:04:38 +01:00
Nick Pope
8c660fb592 Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:44:04 +01:00
sag᠎e
110b3b8356 Fixed #34304 -- Made MySQL's SchemaEditor.remove_constraint() don't create foreign key index when unique constraint is ignored. 
Regression in b731e88415.
 2023-01-31 11:52:07 +01:00
Durval Carvalho
40217d1a82 Fixed #34180 -- Added note about resetting language in test tear-downs. 
Co-authored-by: Faris Naimi <farisfaris66@gmail.com>
 2023-01-31 06:35:30 +01:00
Stanislav Volyk
20a0850099 Fixed #34283 -- Escaped title in admin's changelist filters. 
Regression in 27aa7035f5.
 2023-01-30 09:37:53 +01:00
fschwebel
0265b1b49b Fixed typo in docs/topics/auth/passwords.txt. 
Wrapped hashing is only possible if the inner wrapped function is the
same as the previous hasher.
 2023-01-30 08:31:39 +01:00
Sarah Boyce
8acc433e41 Fixed #28054 -- Made runserver not return response body for HEAD requests. 
Co-authored-by: jannschu <jannik.schuerg@posteo.de>
 2023-01-27 21:49:54 +01:00
Mariusz Felisiak
82dad11bfe Refs #34255 -- Skipped test_group_by_nested_expression_with_params test on PostgreSQL when server-side binding cursors are used. 
Thanks Tim Graham for the review.
 2023-01-27 21:28:10 +01:00
Raj Desai
246eb4836a Fixed #34254 -- Fixed return value of Exists() with empty queryset. 
Thanks Simon Charette for reviews.
 2023-01-26 19:54:48 +01:00
Simon Sawicki
7eb5391b71 Fixed #34294 -- Protected django.core.files.locks against argtypes redefinition on Windows. 2023-01-26 19:39:33 +01:00
Mariusz Felisiak
2b1242abb3 Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e.
 2023-01-26 09:31:40 +01:00
Mariusz Felisiak
882f99031e Moved release note about the default PBKDF2 iterations into django.contrib.auth section. 
Thanks Tim Graham for the report.
 2023-01-25 22:25:29 +01:00
Carlton Gibson
d8e1442ce2 Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 12:26:00 +01:00
Carlton Gibson
1df963ad24 Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 11:57:04 +01:00
Stephen
34b3288149 Corrected passenv value for tox 4.0.6+. 2023-01-25 06:09:57 +01:00
朱穆穆
d3c93cdc59 Fixed #34227 -- Fixed QuerySet.select_related() with multi-level FilteredRelation. 2023-01-24 10:20:27 +01:00
Matt Westcott
ef85b6bf0b Fixed #34192 -- Preserved callable storage when it returns default_storage. 2023-01-23 10:29:17 +01:00
Claude Paroz
e3a4cee081 Fixed #34278 -- Made translatable string plural-aware in SelectFilter2.js. 
Bug in be63c78760.
 2023-01-23 06:08:41 +01:00
touhf
e1a093f8cb Added short description to remove_stale_contenttypes command. 2023-01-20 12:58:51 +01:00
noFFENSE
5cd1385356 Fixed #34242 -- Doc'd that primary key is set to None when deleting objects. 2023-01-20 09:36:36 +01:00
Francesco Panico
cc8aa6bf9c Fixed #34267 -- Fixed sliced QuerySet.union() crash. 
Regression in 3d734c09ff.

Thanks Raphaël Stefanini for the report.
 2023-01-20 08:51:38 +01:00
Niccolò Mineo
79c298c9ce Fixed #34266 -- Added ClosestPoint GIS database functions. 2023-01-20 08:13:43 +01:00
David Wobrock
4b066bde69 Fixed #34272 -- Fixed floatformat crash on zero with trailing zeros to zero decimal places. 
Regression in 08c5a78726.

Thanks Andrii Lahuta for the report.
 2023-01-19 10:15:40 +01:00
Nick Pope
39f83765e1 Refs #32528 -- Simplified MigrationAutodetector._sort_migrations(). 2023-01-19 06:34:28 +01:00
Nick Pope
1e62a64202 Refs #32528 -- Simplified Media.merge(). 
This avoids building up a second datastructure for the duplicate files
warning case and simply flatten and strip duplicates if that case ever
arises.
 2023-01-19 06:33:39 +01:00
Nick Pope
1282b5e420 Fixed #32528 -- Replaced django.utils.topological_sort with graphlib.TopologicalSort(). 
graphlib.TopologicalSort() is available since Python 3.9.
 2023-01-19 06:31:40 +01:00
Nick Pope
4470c2405c Refs #34233 -- Used @functools.cache. 
Python 3.9+ supports @functools.cache as an alias for
@functools.lru_cache(maxsize=None).
 2023-01-18 19:23:18 +01:00
Mariusz Felisiak
23e8868862 Refs #34233 -- Used str.removeprefix()/removesuffix(). 2023-01-18 19:11:18 +01:00
Nick Pope
fd21f82aa8 Refs #34233 -- Used types.NoneType. 
Available since Python 3.10 where it was reintroduced.
 2023-01-18 17:27:23 +01:00
Nick Pope
26a395f27d Refs #34233 -- Used aiter() and anext(). 
Available since Python 3.10.
 2023-01-18 13:45:07 +01:00
Mariusz Felisiak
a04565845a Refs #34233 -- Referenced isocalendar() results by names not indexes. 
isocalendar() returns a namedtuple() instead of tuple in Python 3.9+
 2023-01-18 12:57:54 +01:00
Mariusz Felisiak
b209518089 Refs #32339 -- Deprecated transitional form renderers. 2023-01-18 11:08:39 +01:00
Mariusz Felisiak
3bbe22dafc Fixed #34233 -- Dropped support for Python 3.8 and 3.9. 2023-01-18 09:46:01 +01:00
John Whitlock
d547171183 Fixed typo in docs/releases/4.2.txt. 2023-01-17 19:27:51 +01:00
Mariusz Felisiak
2785e121c7 Doc'd that 4.2 is LTS. 2023-01-17 19:24:31 +01:00
Mariusz Felisiak
a209f66259 Removed remaining empty sections from 4.2 release notes. 
Follow up to 772cd2b15b.
 2023-01-17 14:05:32 +01:00
Sébastien Corbin
e2964fed17 Fixed #34264 -- Moved release note about session cookies into error reporting section. 2023-01-17 13:08:42 +01:00
Mariusz Felisiak
4fc711a108 Increased the default PBKDF2 iterations for Django 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
f39f120302 Advanced deprecation warnings for Django 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
003081468e Refs #33263 -- Removed warning in BaseDeleteView when delete() method is overridden. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
94ad46e9d8 Refs #33543 -- Made Expression.asc()/desc() and OrderBy raise ValueError when nulls_first/nulls_last=False is passed. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
98756c685e Refs #32339 -- Changed default form and formset rendering style to div-based. 
Per deprecation timeline.

This also removes "django/forms/default.html" and
"django/forms/formsets/default.html" templates.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
b5ac6e78f8 Refs #33691 -- Removed django.contrib.auth.hashers.CryptPasswordHasher per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ce7b4f39e3 Refs #27674 -- Removed django.contrib.gis.admin.OpenLayersWidget per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
71d1203b07 Refs #33348 -- Removed support for passing response object and form/formset name to SimpleTestCase.assertFormError()/assertFormSetError(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
d6816bff73 Refs #32365 -- Removed django.utils.timezone.utc per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
9a01311d20 Refs #15619 -- Removed support for logging out via GET requests. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ba082e0952 Refs #33561 -- Made created=True required in signature of RemoteUserBackend.configure_user() subclasses. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00