django http://cgit.adnoto.dev/django.git/atom?h=stable%2F5.2.x 2026-03-30T19:55:07Z 2026-03-30T19:55:07Z Mariusz Felisiak felisiak.mariusz@gmail.com 2026-01-18T20:26:56Z urn:sha1:0ee44c674cf61efbca2056c40f3e4f2335aaeee6 https://github.com/psf/black/releases/tag/26.1.0 Backport of 6cff02078799b7c683a0d39630d49ab4fe532e7c from main. 2025-02-02T01:50:26Z nessita 124304+nessita@users.noreply.github.com 2025-02-02T01:49:07Z urn:sha1:affad13d0c56184e2089cd7e8ecd80dd4217f6c4 Regression in e626716c28b6286f8cf0f8174077f3d2244f3eb3. Thanks buffgecko12 for the report and Sarah Boyce for the review. Backport of d15454a6e84a595ffc8dc1b926282f484f782a8f from main. 2024-09-03T12:22:32Z Natalia 124304+nessita@users.noreply.github.com 2024-08-19T17:47:38Z urn:sha1:8c35a0a903fd979e3262fe300ca084ffbfb300d6 On successful submission of a password reset request, an email is sent to the accounts known to the system. If sending this email fails (due to email backend misconfiguration, service provider outage, network issues, etc.), an attacker might exploit this by detecting which password reset requests succeed and which ones generate a 500 error response. Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam Johnson, and Sarah Boyce for the reviews. 2024-08-23T14:13:31Z nessita 124304+nessita@users.noreply.github.com 2024-08-23T14:13:31Z urn:sha1:046a354217b80d4e8d9b575843d72413886f6bac 2024-08-19T15:39:57Z Natalia 124304+nessita@users.noreply.github.com 2024-08-15T13:27:24Z urn:sha1:0ebed5fa95f53b87383901bbd9341ef3c974344f Refs #34429: Following the implementation allowing the setting of unusable passwords via the admin site, the `BaseUserCreationForm` and `UserCreationForm` were extended to include a new field for choosing whether password-based authentication for the new user should be enabled or disabled at creation time. Given that these forms are designed to be extended when implementing custom user models, this branch ensures that this new field is moved to a new, admin-dedicated, user creation form `AdminUserCreationForm`. Regression in e626716c28b6286f8cf0f8174077f3d2244f3eb3. Thanks Simon Willison for the report, Fabian Braun and Sarah Boyce for the review. 2024-08-19T15:39:57Z Natalia 124304+nessita@users.noreply.github.com 2024-08-15T13:21:32Z urn:sha1:b60fd8722f305ec29c87f34d3fea262e56394ebd This work also allows to subclass BaseUserCreationFormTest to reuse the tests and assertions for testing forms that extend BaseUserCreationForm, which is now used for UserCreationFormTest, increasing its coverage. 2024-05-30T19:31:01Z Fabian Braun fsbraun@gmx.de 2024-05-28T06:15:12Z urn:sha1:339977d4441fd353e20950b98bad3d42afb1f126 The auth forms using SetPasswordMixin were incorrectly including the 'This field is required.' error when additional validations (e.g., overriding `clean_password1`) were performed and failed. This fix ensures accurate error reporting for password fields. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> 2024-03-27T19:40:41Z Fabian Braun fsbraun@gmx.de 2024-03-11T15:24:02Z urn:sha1:944745afe2ec45aed30cef799c250107f1364ca7 Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> 2024-02-20T15:13:32Z Fabian Braun fsbraun@gmx.de 2024-01-23T15:45:18Z urn:sha1:e626716c28b6286f8cf0f8174077f3d2244f3eb3 Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> 2024-02-20T15:12:37Z Natalia 124304+nessita@users.noreply.github.com 2024-02-20T15:12:37Z urn:sha1:8a757244f9e50c4d076e559e4b74b9d83ab089b6