mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-09 06:49:12 +00:00
Code Issues 32 Releases Wiki Activity
33,530 Commits 30 Branches 459 Tags
Commit Graph

33530 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jacob Walls
3cff3209e3 [5.2.x] Bumped version for 5.2.7 release. 5.2.7 2025-10-01 08:26:54 -04:00
Sarah Boyce
ed8fc39d77 [5.2.x] Fixed CVE-2025-59682 -- Fixed potential partial directory-traversal via archive.extract(). 
Thanks stackered for the report.

Follow up to 05413afa8c18cdb978fcdf470e09f7a12b234a23.

Backport of 924a0c092e65fa2d0953fd1855d2dc8786d94de2 from main.
 2025-10-01 08:25:20 -04:00
Mariusz Felisiak
52fbae0a4d [5.2.x] Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB. 
Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f9a4ef1514cf1a41f714fef08005200.

Backport of 41b43c74bda19753c757036673ea9db74acf494a from main.
 2025-10-01 08:24:18 -04:00
Jacob Walls
1794cbf961 [5.2.x] Made cosmetic edits to 5.2.7 release notes. 
Backport of 6c82b0bc91fc650891b0b411ac4a5a86cf0cf3e8 from main.
 2025-09-30 16:34:43 -04:00
okaybro
81625a141e [5.2.x] Fixed #36587 -- Clarified usage of list.insert() for upload handlers. 
Thanks Baptiste Mispelon for the report

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>

Backport of afe6634146d0fe70498976c49d2eb4d745aa9064 from main.
 2025-09-29 14:51:44 +02:00
Samriddha9619
6f3813e4b6 [5.2.x] Fixed #35877, Refs #36128 -- Documented unique constraint when migrating a m2m field to use a through model. 
Backport of daba609a9bdc7a97bcf327c7ba0a5f7b3540b46e from main.
 2025-09-29 09:00:19 +02:00
Mariusz Felisiak
10a2d3b837 [5.2.x] Added stub release notes and release date for 5.2.7, 5.1.13, and 4.2.25. 
Backport of 00174507f8a91e9577ae233c58af561b379f2695 from main.
 2025-09-24 11:41:04 -04:00
Jacob Walls
b2773a39a3 [5.2.x] Refs #25508 -- Used QuerySet.__repr__ in docs/ref/contrib/postgres/search.txt. 
Backport of efb96138b4af774c22ae6e949410b45d69960357 from main.
 2025-09-23 10:09:18 -04:00
CodingWithSaksham
7554c54e5f [5.2.x] Fixed #36581 -- Updated serialization examples from XML to JSON. 
Backport of 762d3be8c559b0abf415be8d6117f04fb6347983 from main.
 2025-09-18 15:47:20 +02:00
Natalia
2a2936c3e6 [5.2.x] Updated translations from Transifex. 2025-09-18 09:50:46 -03:00
David Smith
5484d1f2b0 [5.2.x] Fixed OGRInspectTest.test_time_field with memory Spatialite database. 
Backport of 82b3b84a78055844ee07d5d97843a4fc72872e28 from main.
 2025-09-18 09:35:32 -03:00
antoliny0919
d8e9dec1ad [5.2.x] Fixed #36601 -- Fixed color contrast of FilteredSelectMultiple widget chosen labels in TabularInlines. 
Regression in a0f50c2a483678d31bd1ad6f08fd3a0b8399e27b.

Backport of 1e7728888dbbff437ad9847c82b84feb81f785df from main.
 2025-09-17 10:01:37 +02:00
Jacob Walls
1dbf415a18 [5.2.x] Fixed typo in docs/ref/contrib/contenttypes.txt. 
Backport of c48904a225e2e8f02274257247d5b7d29c5fe183 from main.
 2025-09-13 11:29:40 -04:00
Mridul Dhall
b8df1eb7c2 [5.2.x] Fixed #36597 -- Corrected directives for functions from email module in docs. 
Thanks Mike Edmunds for the report.

Backport of e183d6c26c8da4486c151f9ce973828e2404a796 from main.
 2025-09-12 18:59:58 +02:00
Salman
adc80dd81e [5.2.x] Fixed #36486 -- Added MongoDB to list of third-party DB backends. 
Backport of 46fdeb1373aa7e9089d14440987444493cc9c2e0 from main
 2025-09-09 08:24:11 +02:00
Jake Howard
fbced43cf8 [5.2.x] Refs #36588 -- Warned about using external templates in startapp/startproject commands. 
Clarified that custom templates provided via `--template` for `starapp`
and `startproject` are used as-is, adding a warning that malicious or
poorly constructed templates may introduce security issues.

Backport of 4e7a991c12a113229e0927974d3bf94ea04eecf6 from main.
 2025-09-04 13:38:31 -03:00
Mariusz Felisiak
e2d83a2076 [5.2.x] Added missing backticks in docs/releases/security.txt. 
Backport of 686a8a62ae7faba9c3b17080c3532b821e8cb1f3 from main
 2025-09-04 11:10:33 +02:00
Sarah Boyce
18c6bc5db2 [5.2.x] Added CVE-2025-57833 to security archive. 
Backport of f0c05a40d27d69ef3a7b4e5e0199b5dba5b11feb from main.
 2025-09-03 15:28:27 +02:00
Sarah Boyce
db13f7fbcb [5.2.x] Added stub release notes for 5.2.7. 
Backport of ab7c7dd99b3ddc489d9f007b273d891973212aa3 from main.
 2025-09-03 15:22:02 +02:00
Sarah Boyce
90a9ba1aec [5.2.x] Post-release version bump. 2025-09-03 13:29:20 +02:00
Sarah Boyce
75c4403f07 [5.2.x] Bumped version for 5.2.6 release. 5.2.6 2025-09-03 13:17:48 +02:00
Jake Howard
4c044fcc86 [5.2.x] Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL injection in column aliases. 
Thanks Eyal Gabay (EyalSec) for the report.

Backport of 51711717098d3f469f795dfa6bc3758b24f69ef7 from main.
 2025-09-03 13:15:55 +02:00
Sarah Boyce
e87ca3d6fa [5.2.x] Made cosmetic edits to 5.2.6 release notes. 
Backport of d044e25dc2106b94ebdedf0bfde9238be1a3765c from main.
 2025-09-03 12:19:46 +02:00
Clifford Gama
ebec2c9323 [5.2.x] Removed unused import in docs/ref/models/expressions.txt example. 
Backport of 21603c5b50cda80610496248810bb6391f08b648 from main
 2025-08-31 08:16:09 +02:00
SaJH
ace59cb83b [5.2.x] Fixed #36431 -- Returned tuples for multi-column ForeignObject in values()/values_list(). 
Thanks Jacob Walls and Simon Charette for tests.

Signed-off-by: SaJH <wogur981208@gmail.com>

Backport of bb7a7701b1a0e8fffe14dcebf5d5bac7f176c02a from main
 2025-08-29 15:36:09 -04:00
Mustafa Pirbhai
16a12a9799 [5.2.x] Fixed #35831 -- Documented the model form meta API in model form reference docs. 
Co-authored-by: Jonathan <3218047+jernwerber@users.noreply.github.com>
Co-authored-by: Mustafa <117516335+mspirbhai@users.noreply.github.com>

Backport of 183fcebf88aa0762a2e28477f9b24c34341a75f4 from main.
 2025-08-29 09:00:37 +02:00
Sarah Boyce
51753bc809 [5.2.x] Added stub release notes and release date for 5.2.6, 5.1.12, and 4.2.24. 
Backport of 4c71e334401a3e83c013419d0e2211543e7e873b from main.
 2025-08-27 16:07:46 +02:00
Jacob Walls
a486455125 [5.2.x] Corrected definition of "needsinfo" triage stage in contributing guide. 
Backport of 66082a7dac7ad357446168d09e6ca3b305f1faf0 from main
 2025-08-27 09:22:26 -04:00
Jacob Walls
f8e572e843 [5.2.x] Removed reference to flake8 file exclusions. 
Obsolete since 41384812efe209c8295a50d78b45e0ffb2992436.
(six was removed in 9285926295fbfc86b70e7be8d595d4cfbe7895b8.)
Backport of 165ad74c578f94f962624a40dff14e1b2e23a1f8 from main
 2025-08-23 20:06:54 +02:00
Mariusz Felisiak
9c9ed6fd7a [5.2.x] Refs #35530 -- Corrected deprecation message in auth.alogin(). 
Follow up to ceecd518b19044181a3598c55ebed7c2545963cc.

Backport of b3166e1e15824aedb7a609dfda18ef36ea023d06 from main.
 2025-08-22 16:15:42 +02:00
Mariusz Felisiak
98972b53aa [5.2.x] Corrected release notes of calling format_html() without arguments. 
Backport of bcddf641ae705209c01a4b18a9384aa91fdc94e1 from main
 2025-08-20 07:35:30 +02:00
mengxun
38844c348b [5.2.x] Fixed spelling of "logged-in" when used as an adjective in docs. 
Backport of f5c944b3141c58bb4a5c7bbca61180b2ad7c13aa from main.
 2025-08-19 12:43:52 -03:00
Natalia
9a720d5c50 [5.2.x] Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. 
Python fixed a quadratic complexity processing for HTMLParser in:
https://github.com/python/cpython/commit/6eb6c5db.

Backport of 2980627502c84a9fd09272e1349dc574a2ff1fb1 from main.
 2025-08-13 17:48:37 -03:00
Natalia
74fafe2715 [5.2.x] Fixed test_utils.tests.HTMLEqualTests.test_parsing_errors following Python's HTMLParser fixed parsing. 
Further details about Python changes can be found in:
0243f97cba.

Refs #36499. Thank you Clifford Gama for the thorough review!

Backport of e4515dad7a6d953c0bd2414127ba36e1446ff41a from main.
 2025-08-13 17:48:37 -03:00
Jacob Walls
a4e27c0c6b [5.2.x] Refs #34378, #36143, #36416 -- Fixed isolation of LookupTests.test_in_bulk_preserve_ordering_with_batch_size(). 
`max_query_params` is a property, so it must be patched on the class.

Backport of a68e8565cdd4fc3f8b738fc516095dab142b9d65 from main.
 2025-08-13 15:30:34 -03:00
David Sanders
4926591343 [5.2.x] Aligned format of constraint examples in docs/ref/models/constraints.txt. 
Backport of fda3c1712a1eb7b20dfc91e6c9abae32bd64d081 from main.
 2025-08-13 09:16:06 +02:00
Rohit
1d9f6c3270 [5.2.x] Corrected code examples in topics docs. 
Backport of fa804d0d14ef4547b4fe2a88ab5d89d4eed5bacd from main.
 2025-08-11 10:14:43 +02:00
Sarah Boyce
ad836aa0c5 [5.2.x] Added stub release notes for 5.2.6. 
Backport of 0bff53b4138d8c6009e9040dbb8916a1271a68d7 from main.
 2025-08-06 10:36:46 +02:00
Sarah Boyce
a7546c4773 [5.2.x] Post-release version bump. 2025-08-06 10:35:14 +02:00
Sarah Boyce
a3b1107a49 [5.2.x] Bumped version for 5.2.5 release. 5.2.5 2025-08-06 10:04:41 +02:00
Sarah Boyce
0489f54e8b [5.2.x] Added release date for 5.2.5. 
Backport of 8999b0e2bf62ffa1ea19995508712ed8eda2cc14 from main.
 2025-08-06 09:59:50 +02:00
David Smith
a9c7d4b703 [5.2.x] Refs #36485 -- Grouped docs checks under a unified make check target. 
Added a new 'check' rule to the docs Makefile which runs both the black
and spelling checks.

Backport of 7f9bf357feac06bb34017e1f6c7a7730b1991ede from main.
 2025-08-05 12:20:13 -03:00
David Smith
5ad6d43cd9 [5.2.x] Refs #34140 -- Added dedicated code block formatting section in docs/internals/contributing/writing-documentation.txt. 
Backport of cba73281966c816824c9bfa028a1bf44e188ded2 from main.
 2025-08-05 12:20:04 -03:00
jkhall81
bdc3f9e350 [5.2.x] Fixed #36530 -- Extended fields.E347 to check for ManyToManyField involving CompositePrimaryKey on either side. 
Thanks to Jacob Walls for the report.

Backport of 2013092b693be0ebdf36f41dc61615a2de1bbe31 from main.
 2025-08-05 08:46:56 -03:00
Natalia
f01ceae477 [5.2.x] Fixed #36535 -- Ensured compatibility with docutils 0.19 through 0.22. 
Regression in 65ab92f6a83644bbb555d0eff3a02d8d9301aba4.

Backport of 9cec8d9f55d90fbc162fde23d6ea7a34e322fcae from main.
 2025-08-04 21:53:33 -03:00
Adam Zapletal
5ca58ce3d0 [5.2.x] Corrected assertNumQueries() example in docs/topics/testing/tools.txt. 
Backport of dca8284a376128c64bd0e0792ad12391ae3e7202 from main.
 2025-08-04 15:08:53 +02:00
Simon Charette
b3bb7230e1 [5.2.x] Fixed #34871, #36518 -- Implemented unresolved lookups expression replacement. 
This allows the proper resolving of lookups when performing constraint
validation involving Q and Case objects.

Thanks Andrew Roberts for the report and Sarah for the tests and review.

Backport of 079d31e698fa08dd92e2bc4f3fe9b4817a214419 from main.
 2025-08-04 09:42:32 +02:00
Simon Charette
e5ccb69bc3 [5.2.x] Fixed #36198 -- Implemented unresolved transform expression replacement. 
This allows the proper resolving of F("field__transform") when
performing constraint validation.

Thanks Tom Hall for the report and Sarah for the test.

Prerequisite for #36518.

Backport of fc303551077c3e023fe4f9d01fc1b3026c816fa4 from main.
 2025-08-04 09:41:29 +02:00
Mariusz Felisiak
5aefd005fc [5.2.x] Fixed writer_name deprecation warning in docutils 0.22+. 
Backport of 65ab92f6a83644bbb555d0eff3a02d8d9301aba4 from main.
 2025-07-29 21:50:54 -03:00
Simon Charette
3031c512f0 [5.2.x] Fixed #36522 -- Added support for filtering composite pks using a tuple of expressions. 
Thanks Jacob Walls for the report, and Sarah Boyce and Mariusz Felisiak
for reviews.

Backport of 0a4999b422702c64e21f5a10a4d60300b7074401 from main.
 2025-07-28 16:40:08 -03:00