django http://cgit.adnoto.dev/django.git/atom?h=5.2.8 2025-11-05T12:35:08Z 2025-11-05T12:35:08Z Natalia 124304+nessita@users.noreply.github.com 2025-11-05T12:35:08Z urn:sha1:47fe39af56ecd0ad73b9c7562511015e96b91b80 2025-11-05T12:33:29Z Jacob Walls jacobtylerwalls@gmail.com 2025-09-24T19:56:03Z urn:sha1:ac9fcf6eb2c909f4150c5287808f49170ce1f9e2 Backport of 3c3f46357718166069948625354b8315a8505262 from main. 2025-11-05T12:33:15Z Jacob Walls jacobtylerwalls@gmail.com 2025-09-24T19:54:51Z urn:sha1:6703f364d767e949c5b0e4016433ef75063b4f9b Thanks cyberstan for the report, Sarah Boyce, Adam Johnson, Simon Charette, and Jake Howard for the reviews. Backport of c880530ddd4fabd5939bab0e148bebe36699432a from main. 2025-11-05T12:32:59Z Jacob Walls jacobtylerwalls@gmail.com 2025-10-16T20:28:33Z urn:sha1:4f5d904b63751dea9ffc3b0e046404a7fa5881ac Thanks Seokchan Yoon for the report, Markus Holtermann for the triage, and Jake Howard for the review. Follow-up to CVE-2025-27556 and 39e2297210d9d2938c75fc911d45f0e863dc4821. Backport of c880530ddd4fabd5939bab0e148bebe36699432a from main. 2025-11-04T17:00:58Z Hal Blackburn hwtb2@cam.ac.uk 2025-11-04T05:58:46Z urn:sha1:cbdf128cb316bccf9ca3b3b4966e57bd050bfc8a Proxy models subclassing a model with a CompositePrimaryKey were incorrectly reporting check errors because the check that requires only local fields to be used in a composite pk was evaluated against the proxy subclass, which has no fields. To fix this, composite pk field checks are not evaluated against proxy subclasses, as none of the checks are applicable to proxy subclasses. This also has the benefit of not double-reporting real check errors from an invalid superclass pk. Thanks Clifford Gama for the review. Backport of 74564946c3b42a2ef7d087047e49873847a7e1d9 from main. 2025-10-31T12:47:32Z Patrick Rauscher Patrick.Rauscher@deutschebahn.com 2025-10-30T09:13:14Z urn:sha1:6775888470317a6d69121779b489bb2dc7350318 In Python 3.14, annotations are deferred by default, so we should not assume that the names in them have been imported unconditionally. 2025-10-29T18:00:08Z Jacob Walls jacobtylerwalls@gmail.com 2025-09-24T19:29:09Z urn:sha1:d5dfffaae52b9dcb4857d42b1e2902290a5c5e3c Backport of ab108bf94dfc06c311d7dc81866b848fe5b5ee6c from main. 2025-10-27T18:43:40Z Kasyap Pentamaraju vpentamaraju@webmd.net 2025-10-23T04:47:55Z urn:sha1:368f955c371cab5db18e9e239d10560cf15f5ea4 Backport of 0ea01101c3a35568bc43e9707ac058b9874bd425 from main. 2025-10-23T14:14:20Z Annabelle Wiegart 44520920+annalauraw@users.noreply.github.com 2025-10-23T14:11:52Z urn:sha1:71267c97db211f1d7f1b8b794ceb2167a7619a4d Co-authored-by: Ahmed Nassar <a.moh.nassar00@gmail.com> Backport of 74239181252ca73bebb84789856f5d8937d421b4 from main. 2025-10-22T02:14:05Z Mariusz Felisiak felisiak.mariusz@gmail.com 2025-10-21T19:11:44Z urn:sha1:9b37bd5fe73b0d614ad8e503071d6f7bf2bdf6b2 tblib 3.2+ makes exception subclasses with __init__() and the default __reduce__() picklable. This broke the test for RemoteTestResult._confirm_picklable(), which expects a specific exception to fail unpickling. https://github.com/ionelmc/python-tblib/blob/master/CHANGELOG.rst#320-2025-10-21 This fix defines ExceptionThatFailsUnpickling.__reduce__() in a way that pickle.dumps(obj) succeeds, but pickle.loads(pickle.dumps(obj)) raises TypeError. Refs #27301. This preserves the intent of the regression test from 52188a5ca6bafea0a66f17baacb315d61c7b99cd without skipping it. Backport of 548209e620b3ca34396a360453f07c8dbb8aa6c7 from main.