mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-05-21 14:26:29 +00:00
Code Issues 32 Releases Wiki Activity
32,966 Commits 29 Branches 444 Tags
Commit Graph

14010 Commits

Author SHA1 Message Date
Natalia
73f70b5cc8 [5.1.x] Cleaned up CVE-2025-32873 security archive description. 
Backport of 37f2a77c729ccb71059c8e66c49b07499d2edf60 from main.
 2025-05-07 11:37:34 -03:00
Natalia
05fab4e394 [5.1.x] Added CVE-2025-32873 to security archive. 
Backport of fdabda4e05587347aeb3382a442d7e77c1a0c3e5 from main.
 2025-05-07 11:09:35 -03:00
Sarah Boyce
0b42f6a528 [5.1.x] Fixed CVE-2025-32873 -- Mitigated potential DoS in strip_tags(). 
Thanks to Elias Myllymäki for the report, and Shai Berger and Jake
Howard for the reviews.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>

Backport of 9f3419b519799d69f2aba70b9d25abe2e70d03e0 from main.
 2025-05-06 22:31:16 -03:00
Natalia
1520d18e9c [5.1.x] Added upcoming security release to release notes. 
Backport of 0f5dd0dff3049189a3fe71a62670b746543335d5 from main.
 2025-04-30 14:56:53 -03:00
nessita
660067f8e7 [5.1.x] Refs #36341 -- Added release notes for 5.1.9 and 4.2.21 for fix in wordwrap template filter. 
Revision 1e9db35836d42a3c72f3d1015c2f302eb6fee046 fixed a regression in
55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b, which also needs to be
backported to the stable branches in extended support (5.1.x and 4.2.x).

Backport of c86242d61ff81bddbead115c458c1eb532d43b43 from main.
 2025-04-23 17:30:05 -03:00
Baptiste Mispelon
af6d305fc7 [5.1.x] Fixed #36320 -- Ignored "duplicated_toc_entry" for ePub docs build. 
Backport of ac16d2876da296d8e50450bf7d776f92d1e16b0d from main
 2025-04-12 19:40:16 +02:00
Sarah Boyce
39b144badd [5.1.x] Fixed #36298 -- Truncated the overwritten file content in file_move_safe(). 
Regression in 58cd4902a71a3695dd6c21dc957f59c333db364c.

Thanks Baptiste Mispelon for the report.

Backport of 8ad3e80e88201f4c557f6fa79fcfc0f8a0961830 from main.
 2025-04-07 16:15:25 +02:00
Sarah Boyce
be13608613 [5.1.x] Added CVE-2025-27556 to security archive. 
Backport of b83dab7d8da8d1dd888164de5ed79e88cedcb19b from main.
 2025-04-02 13:33:19 +02:00
Sarah Boyce
edc2716d01 [5.1.x] Fixed CVE-2025-27556 -- Mitigated potential DoS in url_has_allowed_host_and_scheme() on Windows. 
Thank you sw0rd1ight for the report.

Backport of 39e2297210d9d2938c75fc911d45f0e863dc4821 from main.
 2025-04-02 10:28:26 +02:00
Babak Mahmoudy
b3b09dc6ce [5.1.x] Fixed #36213 -- Doc'd MySQL's handling of self-select updates in QuerySet.update(). 
Co-authored-by: Andro Ranogajec <ranogaet@gmail.com>

Backport of be1b776ad8d6f9bccfbdf63f84b16fb81a13119e from main.
 2025-04-02 08:48:02 +02:00
Clifford Gama
3fdc8c31da [5.1.x] Clarified pre_delete and post_delete's origin attributes. 
Backport of 9d5d0e8135a9654aa289cf922fcd00ad5e2a7fe5 from main.
 2025-03-31 16:13:06 +02:00
Carlton Gibson
5805d1c346 [5.1.x] Simplified Intersphinx configuration example. 
docs.djangoproject.com had been updated to serve the object.inv file
from the default location, so the second tuple element can be None
(the "default" value).

Backport of 5df512e53ab12fd8a0c92421a45aa1b664adb166 from main.
 2025-03-28 09:38:46 +01:00
Carlton Gibson
31262b37d4 [5.1.x] Doc'd how to use Intersphinx in the reusable apps tutorial. 
Backport of 6e54e20cc3908d4eb103678db14e1e02e05069dd from main.
 2025-03-27 17:37:46 +01:00
Sarah Boyce
451ba1f3cf [5.1.x] Added stub release notes and release date for 5.1.8 and 5.0.14. 
Backport of c75fbe843079ca249d7015926490dd21107e63a4 from main.
 2025-03-26 09:04:34 +01:00
dr-rompecabezas
3266f2516c [5.1.x] Updated ogrinfo output in GIS tutorial. 
Backport of fb65c520401d8eefb97725d16608444901cfed14 from main
 2025-03-23 21:36:57 +01:00
mguegnol
659f88e4c9 [5.1.x] Fixed typo in docs/topics/signals.txt. 
Backport of e2b9a179133ebca9773c5c259f6a7d27489cf141 from main
 2025-03-23 20:06:39 +01:00
Sarah Boyce
f581b0b5c2 [5.1.x] Documented the updating of translation catalogs in post-release tasks. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>

Backport of 922c1c732a47c02aa5ef28b0b1a2bd9bc9b92d87 from main.
 2025-03-21 14:56:44 +01:00
Clifford Gama
f927c9f2aa [5.1.x] Fixed #36095 -- Introduced lazy references in "Models across files" section. 
Backport of 6a2c296e706a0b8f9f9b89e66b37001ce2a03ea7 from main.
 2025-03-21 14:12:23 +01:00
Clifford Gama
bd8bbc8c1a [5.1.x] Refs #36095 -- Doc'd that ManyToManyField.through supports lazy relationships. 
Backport of eb4ea9c3efca479b169bed88a5521c4cf47ed2a2 from main.
 2025-03-21 14:11:55 +01:00
Carlton Gibson
ab4bb5b2f9 [5.1.x] Fixed #33497 -- Doc'd that persistent DB connections should be disabled in ASGI and async modes. 
Backport of 8713e4ae96817a0c7be3f7a8fee25a7c7f819721 from main.
 2025-03-18 21:28:43 -03:00
Clifford Gama
e9acb05b63 [5.1.x] Fixed #36202 -- Added examples of JSONField __contains and __contained_by lookups with nested arrays to docs. 
Backport of 304e9f3d6ae8387bbfc261d68b51247a1f5230bb from main
 2025-03-18 21:56:20 +01:00
Clifford Gama
d05cf7c35f [5.1.x] Fixed #36078 -- Doc'd that Postgres normalizes a range field with no points to empty. 
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>

Backport of 611e7bc3a0633a35ae3430e359c646e02fa3801d from main.
 2025-03-18 16:53:01 +01:00
YQ
71558701df [5.1.x] Fixed #36254 -- Fixed template dictionary unpacking in docs/topics/i18n/timezones.txt. 
Backport of 30e0a43937e685083fa1210c3594678a3b813806 from main.
 2025-03-17 09:49:54 +01:00
Clifford Gama
8cb8820fbf [5.1.x] Fixed pronoun disagreement in docs/ref/models/querysets.txt. 
Backport of ef6a83789b310a441237a190a493c9586a4cb260 from main.
 2025-03-14 10:51:30 +01:00
Clifford Gama
67fc5805db [5.1.x] Corrected aggregation example in docs/ref/models/querysets.txt. 
Backport of 3235e76eb50be20756f82cb3bbe8e32cc586f7bb from main.
 2025-03-14 10:50:54 +01:00
hesham hatem
d752ec8259 [5.1.x] Fixed #36249 -- Fixed typo in docs/topics/db/queries.txt. 
Backport of e03440291b0599934da73b7dfbd2ccf7ec7270d8 from main.
 2025-03-12 18:10:11 -03:00
Adam Johnson
cfc33d146e [5.1.x] Fixed #36234 -- Restored single_object argument to LogEntry.objects.log_actions(). 
Thank you Adam Johnson for the report and fix. Thank you Sarah Boyce for
your spot on analysis.

Regression in c09bceef68e5abb79accedd12dade16aa6577a09, which is
partially reverted in this branch.

Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>

Backport of 27b68bcadf1ab2e9f7fd223aed42db352ccdc62d from main.
 2025-03-12 16:39:14 -03:00
samruddhiDharankar
ccd5867ae6 [5.1.x] Fixed #36066 -- Documented that Q objects can be used directly in annotations. 
Backport of 9120a19c4ecb643111b073dd1069e6b410a03c23 from main.
 2025-03-10 12:57:37 +01:00
Sarah Boyce
74d41970af [5.1.x] Added CVE-2025-26699 to security archive. 
Backport of bad1a18ff28a671f2fdfd447bdf8f43602f882c2 from main.
 2025-03-06 14:07:09 +01:00
Sarah Boyce
4b2ddd015a [5.1.x] Added stub release notes for 5.1.8. 
Backport of 193e3446e38c5415465608f68620508eace60388 from main.
 2025-03-06 13:33:23 +01:00
Sarah Boyce
8dbb44d342 [5.1.x] Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template filter. 
Thanks sw0rd1ight for the report.

Backport of 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b from main.
 2025-03-06 09:42:06 +01:00
hesham942
d7dc1f6db0 [5.1.x] Fixed typo in docs/ref/checks.txt. 
Backport of 8f942f1c1dbf4222c8ca48253f7959366ed1bb60 from main.
 2025-03-05 16:23:43 +01:00
hesham942
dbd94e7ac9 [5.1.x] Fixed #36227 -- Fixed outdated PostgreSQL documentation links. 
Backport of 3ecaa85a247373d7ccbcdd593b3fd4bb701f7674 from main.
 2025-03-05 15:18:24 +01:00
Clifford Gama
cc405e1546 [5.1.x] Fixed #36128 -- Clarified auto-generated unique constraint on m2m through models. 
Backport of ae2736ca3bf4c6a27e23ee95530ad965b550d4cc from main.
 2025-03-04 13:08:01 +01:00
antoliny0919
03ace756ea [5.1.x] Fixed #36217 -- Restored pre_save/post_save signal emission via LogEntry.save() for single-object deletion in the admin. 
Regression in 40b3975e7d3e1464a733c69171ad7d38f8814280.

Thanks smiling-watermelon for the report.

Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>

Backport of c09bceef68e5abb79accedd12dade16aa6577a09 from main.
 2025-03-04 10:38:15 +01:00
Tim Graham
76a9f12b60 [5.1.x] Added some heading labels to to docs/topics/cache.txt. 
Backport of 6d1cf5375f6fbc1496095d2356357c3b08a46324 from main
 2025-03-02 19:56:11 +01:00
Sarah Boyce
558c616c95 [5.1.x] Added stub release notes and release date for 5.1.7, 5.0.13, and 4.2.20. 
Backport of ea1e3703bee28bfbe4f32ceb39ad31763353b143 from main.
 2025-02-27 16:08:13 +01:00
Sarah Boyce
11243cc8f3 [5.1.x] Added security guideline on reasonable size limitations when rendering content via the DTL. 
This also removes the need to add warnings for every Django template filter.

Backport of 582ba18d56167587e290545f113d3956e73a5801 from main.
 2025-02-24 08:59:00 +01:00
Sarah Boyce
b80288a16d [5.1.x] Added security reporting guidelines. 
Backport of 59353360590202fab04067e23214a825157c524b from main.
 2025-02-24 08:58:11 +01:00
Sarah Boyce
ce8dd44285 [5.1.x] Updated expectations for when security reports will receive a reply. 
Backport of cecb76a942e4c9df518df098b1e62778cfe20f06 from main.
 2025-02-24 08:57:25 +01:00
Joonas Häkkinen
914cde19c2 [5.1.x] Fixed #36200 -- Clarified MIDDLEWARE setting updates when using a custom RemoteUserMiddleware. 
Backport of 87c5de3b7f2316aa17353d74f54e6ff19013d049 from main.
 2025-02-20 16:16:29 +01:00
Adam Zapletal
f8b72f8547 [5.1.x] Clarified admonition in GeneratedField docs. 
Backport of 43766c70bd2939771b7f37104866316faa34606b from main.
 2025-02-20 14:43:22 +01:00
Sarah Boyce
481b82802d [5.1.x] Fixed #35908 -- Retired the django-developers and django-users mailing lists. 
Co-authored-by: Chaitanya Rahalkar <chaitanyarahalkar@squareup.com>

Backport of 86493307f97b9795a74227b6af2d59a267160847 from main.
 2025-02-19 12:18:12 +01:00
Mariusz Felisiak
e479ccb064 [5.1.x] Fixed docs build on Sphinx 8.2+. 
Backport of 2684a383bc67149ceea93cb1b99c8492b4614dcd from main.
 2025-02-19 09:47:40 +01:00
Sarah Boyce
8c8e2a81b7 [5.1.x] Removed advice to propose a new contrib app. 
Backport of 9d22a7d8f0e814a596ecbeb6efd051262f6a03e3 from main.
 2025-02-18 16:12:57 +01:00
Simon Charette
8488074fe3 [5.1.x] Fixed #36197 -- Fixed improper many-to-many count() and exists() for non-pk to_field. 
Regression in 66e47ac69a7e71cf32eee312d05668d8f1ba24bb.

Thanks mfontana-elem for the report and Sarah for the tests.

Backport of c3a23aa02faa1cf1d32e43d66858e793cd9ecac4 from main.
 2025-02-18 11:45:45 +01:00
Gaël Utard
a9d03c4094 [5.1.x] Fixed #36191 -- Truncated the overwritten file content in FileSystemStorage. 
Backport of 0d1dd6bba0c18b7feb6caa5cbd8df80fbac54afd from main.
 2025-02-17 14:06:03 +01:00
Simon Charette
20e965e869 [5.1.x] Refs #35967 -- Doc'd DatabaseCreation.serialize_db_to_string() method. 
Backport of 99ac8e2589ea978c1c80ff66b4536814121f77dd from main
 2025-02-16 13:46:34 +01:00
Luke Cousins
391fde9e54 [5.1.x] Corrected wording in docs/ref/models/constraints.txt. 
Backport of 579a1c99962c8697053974a70de635a997be63dc from main.
 2025-02-14 15:21:40 +01:00
Jaime Terreu
58eec456a2 [5.1.x] Fixed typo in docs/ref/databases.txt. 
Backport of d87bb0eb3ee4ca141c6fa251e6c2c97050e6c92c from main.
 2025-02-14 15:18:02 +01:00