mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-02-28 19:44:35 +00:00
Code Issues 32 Releases Wiki Activity
31,732 Commits 29 Branches 434 Tags
Commit Graph

5118 Commits

Author SHA1 Message Date
Sarah Boyce
d147a8ebbd [4.2.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
 2024-09-03 09:42:15 -03:00
Lorenzo Peña
96a3497400 [4.2.x] Fixed #35627 -- Raised a LookupError rather than an unhandled ValueError in get_supported_language_variant(). 
LocaleMiddleware didn't handle the ValueError raised by
get_supported_language_variant() when language codes were
over 500 characters.

Regression in 9e9792228a6bb5d6402a5d645bc3be4cf364aefb.

Backport of 0e94f292cda632153f2b3d9a9037eb0141ae9c2e from main.
 2024-07-25 09:44:51 +02:00
Sarah Boyce
17358fb35f [4.2.x] Fixed CVE-2024-39614 -- Mitigated potential DoS in get_supported_language_variant(). 
Language codes are now parsed with a maximum length limit of 500 chars.

Thanks to MProgrammer for the report.
 2024-07-09 10:40:50 -03:00
Adam Johnson
5b698cbcf1 [4.2.x] Removed link to lawrence.com in contrib.sites docs. 
lawrence.com has since become a redirect to LJWorld.com,
making the link pointless.
Backport of 9e7ac5890147a8271eb5eb19bb88ab93dadc6c6d from main
 2023-11-28 20:12:09 +01:00
Tim Schilling
6d7313bc87 [4.2.x] Fixed #34990 -- Changed link to OWASP in CSRF docs. 
The OWASP site is the standard resource for web application
security information.
Backport of aceee39d44994df20d13104e55ae61845d7a1e95 from main
 2023-11-23 05:28:43 +01:00
William Hayes
e9acdff462 [4.2.x] Refs #33690 -- Added missing data-theme selector to example in theming support docs. 
Backport of 640283711e6c8d25ad0e3c97453cd178a3e4d6a6 from main
 2023-11-15 05:28:17 +01:00
Adam Johnson
90c3d71dfe [4.2.x] Fixed #34457 -- Restored output for makemigrations --check. 
Co-authored-by: David Sanders <shang.xiao.sanders@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>

Backport of f7389c4b07ceeb036436e065898e411b247bca78 from main
 2023-11-09 11:05:54 -03:00
Patrick Rauscher
3d2370607d [4.2.x] Fixed #34813 -- Doc'd usage of integrity HTML attribute with ManifestStaticFilesStorage. 
Backport of 116e225266c511dfc0bfc96c8497e9c8aaa4d004 from main
 2023-11-02 08:27:06 -03:00
Sarah Boyce
61612990d8 [4.2.x] Fixed typos in docs/ref/models/expressions.txt. 
Backport of 8992a0489c01ac8ab7283264a315c005511323e2 from main
 2023-10-28 14:22:30 +02:00
Izzy Hyman
ffba63180c [4.2.x] Fixed typo in docs/ref/contrib/gis/geos.txt. 
Backport of c42250a7039a5ace1b482b30c6a1359b748cae65 from main
 2023-10-27 05:32:47 +02:00
lufafajoshua
e8fe48d3a0 [4.2.x] Fixed #34808 -- Doc'd aggregate function's default argument. 
Backport of 8adc7c86ab85ed91e512bc49056e301cbe1715d0 from main
 2023-10-11 16:11:09 -03:00
ume
99dcba90b4 [4.2.x] Refs #32275 -- Added scrypt password hasher to PASSWORD_HASHERS setting docs. 
Backport of 90c75dc4f37bee19b7c3790519d187e38e293800 from main
 2023-10-06 09:56:11 +02:00
David Sanders
6697880219 [4.2.x] Refs #31435 -- Doc'd potential infinite recursion when accessing model fields in __init__. 
Backport of e47298aec4fa04416e7082331fbd44bd9f2662aa from main
 2023-10-05 14:34:07 -03:00
Mariusz Felisiak
a9a3317a95 [4.2.x] Corrected wrap_socket() reference in docs/ref/settings.txt. 
Backport of f9cdecfb0de40698eb2ce44c04068bb091fa8998 from main
 2023-10-04 19:54:32 +02:00
Natalia
be9c27c4d1 [4.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 
Thanks Wenchao Li of Alibaba Group for the report.
 2023-10-04 09:39:49 -03:00
Mariusz Felisiak
dd0bf63d3e [4.2.x] Added warning about flatpages and untrusted users. 
Backport of 571bab98879578b6ef54ee654ead06736855767d from main
 2023-09-27 19:10:59 +02:00
David Sanders
b08f53ff46 [4.2.x] Refs #34808 -- Doc'd that aggregation functions on empty groups can return None. 
Backport of 78b5c9075348aa12da2e024f6ece29d1d652dfdd from main
 2023-09-21 13:18:15 -03:00
Mariusz Felisiak
ff26e6ad84 [4.2.x] Corrected QuerySet.prefetch_related() note about GenericRelation(). 
GenericRelation is a reverse generic relationship so it's always
homogeneous. Mentioning this as a restriction is confusing.
Backport of 88b5b7b8e56667b0f55ea6f04038b6ac77c57b98 from main
 2023-09-16 06:58:08 +02:00
Michele Mazzucchi
866122690d [4.2.x] Doc'd HttpResponse.cookies. 
Backport of 5bfb3cbf49e2b9701e7c42989e14a72374adb6bd from main
 2023-09-14 12:29:49 +02:00
Keryn Knight
f55b420277 [4.2.x] Fixed #34781 -- Updated logging ref docs for django.server's request extra context value. 
Backport of 428023e2677aeb80d86b19f90b0c6b82c7cb666d from main
 2023-08-22 22:44:46 -03:00
Almaz Kunpeissov
2ef2b2ffc0 [4.2.x] Corrected pycon formatting in some docs. 
Backport of 5a3725594faacc412e2d2b4ed160370228f1a118 from main
 2023-08-01 08:47:40 +02:00
John Parton
a52a2b6678 [4.2.x] Fixed #34749 -- Corrected QuerySet.acreate() signature in docs. 
Backport of af0c5caff72e5ffda4dff708a57e37ae4778197d from main
 2023-07-28 18:06:04 +02:00
Bruno Alla
12ebd9a1ac [4.2.x] Refs #34712 -- Doc'd that defining STORAGES overrides the default configuration. 
Backport of 86561844ce66cda3e6a8c22d4ace4c2d1bc1f2e7 from main
 2023-07-24 21:07:41 +02:00
Mariusz Felisiak
1f9d00ef9f [4.2.x] Added missing backticks in docs. 
Backport of 02376f1f53db24039c200ef4818d96accf16a88b from main
 2023-07-21 12:55:10 +02:00
nessita
c99d935600 [4.2.x] Fixed typo in docs/ref/models/querysets.txt. 
Removed assignment in example for Blog annotation to match shown result.
Backport of addbc90049083f1d5f7ac138ed00111b71a75233 from main
 2023-07-20 19:49:01 +02:00
Vyacheslav Dmitriev
da92a971a0 [4.2.x] Refs #30052 -- Clarified that defer() and only() do not work with aggregated fields. 
Backport of b126f694160c4641e64e57dba6b022f06fbfa745 from main
 2023-07-20 14:07:16 -03:00
David Sanders
c646412a75 Added reference to TypedChoiceField in ChoiceField docs. 2023-07-18 12:06:59 -03:00
Jon Ribbens
e54f711d42 [4.2.x] Fixed #33405, Refs #7177 -- Clarified docs for filter escapejs regarding safe and unsafe usages. 
Backport of adfb3dfa89b62ee0c838a64d3d480c03dd3ec869 from main
 2023-07-03 13:55:31 +02:00
Mariusz Felisiak
b7c5feb35a [4.2.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator. 
Thanks Seokchan Yoon for reports.
 2023-07-03 08:19:23 +02:00
nessita
7b45fe01ab [4.2.x] Added dedicated section for output_field in query expressions docs. 
Backport of 679928834295ebd874ede667dbaae8a7945d3580 from main
 2023-06-27 15:14:13 -03:00
Mariusz Felisiak
67fe092a85 [4.2.x] Fixed typo in docs/ref/models/querysets.txt. 
Backport of c4a09499aa760c92969083b4639703b5b0a562fb from main
 2023-06-27 12:54:46 +02:00
Mariusz Felisiak
a18e0f44d5 [4.2.x] Corrected admin.E013 check message in docs. 
Backport of ddb6506618ea52c6b20e97eefad03ed847a1e3de from main
 2023-06-20 12:59:48 +02:00
AP Jama
dae052d823 [4.2.x] Fixed #34595 -- Doc'd that format_string arg of format_html() is not escaped. 
Backport of 4037223d0f12c44ecd6f369ccbabcbd279a1bdbc from main
 2023-06-01 13:10:45 +01:00
Akash Kumar Sen
dca5f5d58a [4.2.x] Fixed #34600 -- Removed references to bleach in docs. 
Backport of b0a6cc7f5738d6b959faf10354b772338f611fd9 from main
 2023-05-31 10:23:37 +01:00
Natalia
25bd9faf32 [4.2.x] Fixed #34574 -- Noted unexpected outcomes in autoescape/escape docs. 
Backport of 1a59a324cec5caf12ea0c4947564828aa7bda02a from main.
 2023-05-26 07:50:19 +02:00
Stefan Brand
a44e974412 [4.2.x] Corrected documentation of Log database function. 
Backport of eb9df03a43f34c44131ec3a295643327b8a68bb4 from main
 2023-05-24 05:30:43 +02:00
Mariusz Felisiak
cdd970ae22 [4.2.x] Fixed #34568 -- Made makemigrations --update respect --name option. 
Thanks David Sanders for the report.
Backport of c52f4295f254e1c14af769d22b1a5f516a941f58 from main
 2023-05-17 13:15:30 +02:00
Mariusz Felisiak
2b5c5e54de [4.2.x] Updated broken links in docs. 
Backport of 93830abf7694e0f281931f10eeaa34993855e7dd from main
 2023-05-17 12:13:40 +02:00
Alexerson
ddccecee91 [4.2.x] Fixed #34556 -- Doc'd that StreamingHttpResponse accepts memoryviews and strings iterators. 
Backport of 599f3e2cda50ab084915ffd08edb5ad6cad61415 from main
 2023-05-12 10:36:03 -03:00
Alberto Sottile
dbe263751c [4.2.x] Clarified database connections lifetime outside HTTP requests. 
Backport of e901407e2369ddb16a5c866e1f2fbf8ea8acf549 from main
 2023-05-12 08:10:51 -03:00
Pan Dango
bcf66f1355 [4.2.x] Corrected code-block directive in docs/ref/templates/builtins.txt. 
Backport of 12ec80726f33e8dbd80de3cecf48d76ac4c0aa89 from main
 2023-05-07 14:52:16 +02:00
Jannis Vajen
4eaed191b6 [4.2.x] Corrected code-block directives in docs. 
Backport of 024954aad4c422a091b7afab42fff1a9d7478fce from main
 2023-05-04 19:34:19 +02:00
Andrei Shabanski
88f23b6b81 [4.2.x] Refs #33662 -- Corrected Sitemap.get_languages_for_item() signature in docs. 
Backport of 5c456a879300e5f51010d3f6aa7449302413efed from main
 2023-04-27 19:54:18 +02:00
Tom Forbes
01779cdcef [4.2.x] Doc'd that Count("*") is equivalent to COUNT(*) SQL. 
Backport of 23d24f82a7450ef5d369845e18cc0130be5bac6c from main
 2023-04-27 11:54:26 +02:00
Mariusz Felisiak
a4f7d935a2 [4.2.x] Added meaningful titles to ..admonition:: directives. 
Backport of c487634c106888effbba680e02269e489ab911a6 from main
 2023-04-21 12:04:21 +02:00
David Sanders
9967faab0b [4.2.x] Fixed #34440 -- Doc'd that & queryset operator works similar to chaining. 
Backport of 0494efddc422716431b92896899284b6afebb23a from main
 2023-04-20 09:12:03 +02:00
Sage Abdullah
f80dbcf7dc [4.2.x] Fixed #34435 -- Doc'd that JSONField.default must be a callable. 
Backport of 01ae9d4ca9afdaf30a247e10e8333261a7d8224c from main
 2023-04-19 21:53:04 +02:00
Tim Graham
7679741c46 [4.2.x] Added Snowflake to list of third-party DB backends. 
Backport of 57f2b935b34d148c3c0d906fc8256765004b7b77 from main
 2023-04-17 07:44:37 +02:00
Tim Graham
26f181939e [4.2.x] Used extlinks for PyPI links. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>

Backport of 2c4dc6476083c853b654e462c7ff65dbe0334c9e from main
 2023-04-17 07:44:29 +02:00
Edison Wang
5094013134 [4.2.x] Fixed #34419 -- Doc'd django.contrib.admin.sites.all_sites. 
Backport of 255f5345904854128647705adcb8d21138e87c63 from main
 2023-04-15 08:29:24 +02:00