django http://cgit.adnoto.dev/django.git/atom?h=3.2.15 2022-04-11T07:12:58Z 2022-04-11T07:12:58Z Mariusz Felisiak felisiak.mariusz@gmail.com 2022-04-01T11:48:47Z urn:sha1:9e19accb6e0a00ba77d5a95a91675bf18877c72d Backport of 6723a26e59b0b5429a0c5873941e01a2e1bdbb81 from main. 2022-04-11T07:12:06Z Mariusz Felisiak felisiak.mariusz@gmail.com 2022-04-01T06:10:22Z urn:sha1:2044dac5c6968441be6f534c4139bcf48c5c7e48 Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main. 2021-07-01T06:29:23Z Simon Charette charette.s@gmail.com 2021-06-18T05:16:10Z urn:sha1:a34a5f724c5d5adb2109374ba3989ebb7b11f81f Regression introduced in 513948735b799239f3ef8c89397592445e1a0cd5 by marking the raw SQL column reference feature for deprecation in Django 4.0 while lifting the column format validation. In retrospective the validation should have been kept around and the user should have been pointed at using RawSQL expressions during the deprecation period. The main branch is not affected because the raw SQL column reference support has been removed in 06eec3197009b88e3a633128bbcbd76eea0b46ff per the 4.0 deprecation life cycle. Thanks Joel Saunders for the report. 2021-04-28T18:27:42Z Simon Charette charette.s@gmail.com 2021-04-24T05:07:18Z urn:sha1:d5add5d3a26f98e961dfbcad67bb04d936f2f332 Subquery deconstruction support required implementing complex and expensive equality rules for sql.Query objects for little benefit as the latter cannot themselves be made deconstructible to their reference to model classes. Making Expression @deconstructible and not BaseExpression allows interested parties to conform to the "expression" API even if they are not deconstructible as it's only a requirement for expressions allowed in Model fields and meta options (e.g. constraints, indexes). Thanks Phillip Cutter for the report. This also fixes a performance regression in bbf141bcdc31f1324048af9233583a523ac54c94. Backport of c8b659430556dca0b2fe27cf2ea0f8290dbafecd from main 2021-04-21T08:32:39Z Simon Charette charette.s@gmail.com 2021-04-21T02:25:52Z urn:sha1:48e19bae49f271cccbb8a8f4549c9366b7cecac6 This issue started manifesting itself when nesting a combined subquery relying on exclude() since 8593e162c9cb63a6c0b06daf045bc1c21eb4d7c1 but sql.Query.combine never properly handled subqueries outer refs in the first place, see QuerySetBitwiseOperationTests.test_subquery_aliases() (refs #27149). Thanks Raffaele Salmaso for the report. Backport of 6d0cbe42c3d382e5393d4af48185c546bb0ada1f from main 2021-02-24T09:11:37Z Simon Charette charette.s@gmail.com 2021-02-24T01:56:29Z urn:sha1:7a6ca01f4eb990772080e2978f19d83484184b04 Regression in fb3f034f1c63160c0ff13c609acd01c18be12f80. Refs #31094, #31150. Thanks Igor Pejic for the report. Backport of 277eea8fcced7f04f3800617f189beb349a3212e from master 2021-01-05T09:37:11Z Alexander Lyabah a.lyabah@checkio.org 2020-11-28T16:08:27Z urn:sha1:415f50298f97fb17f841a9df38d995ccf347dfcc 2020-11-27T19:42:04Z Ian Foote python@ian.feete.org 2020-11-15T22:43:47Z urn:sha1:8b040e3cbbb2e81420e777afc3ca48a1c8f4dd5a Thanks Mariusz Felisiak and Simon Charette for reviews. 2020-11-16T19:29:13Z David-Wobrock david.wobrock@gmail.com 2020-11-11T22:16:32Z urn:sha1:ba42569d5c01b58b2999e393f097b530e538ec41 2020-11-14T09:22:09Z David-Wobrock david.wobrock@gmail.com 2020-10-10T15:41:13Z urn:sha1:464a4c0c59277056b5d3c1132ac1b4c6085aee08