django.git/tests/logging_tests, branch main

Fixed #36958 -- Reloaded logging config when logging settings are changed in tests.

2026-03-19T16:36:34Z

Thanks JaeHyuck Sa and Jake Howard for the reviews.

Refs CVE-2025-48432 -- Made SuspiciousOperation logging use log_response() for consistency.

2025-06-06T12:05:32Z

Refactored logging_tests to reuse assertions for log records.

2025-06-06T12:05:32Z

Fixed CVE-2025-48432 -- Escaped formatting arguments in `log_response()`.

2025-06-04T11:33:30Z

Suitably crafted requests containing a CRLF sequence in the request path may have allowed log injection, potentially corrupting log files, obscuring other attacks, misleading log post-processing tools, or forging log entries. To mitigate this, all positional formatting arguments passed to the logger are now escaped using "unicode_escape" encoding. Thanks to Seokchan Yoon (https://ch4n3.kr/) for the report. Co-authored-by: Carlton Gibson Co-authored-by: Jake Howard

Added helpers in csrf_tests and logging_tests to assert logs from `log_response()`.

2025-05-22T18:39:31Z

Refs #26688 -- Added tests for `log_response()` internal helper.

2025-05-22T18:39:31Z

Fixed #36138 -- Changed ADMINS and MANAGERS settings to lists of strings.

2025-03-21T09:17:57Z

Previously, the ADMINS and MANAGERS settings were lists of (name, address) tuples (where the name had been unused). Deprecated use of tuples. Updated settings value sanity checks, and changed from ValueError to ImproperlyConfigured.

Fixed #35537 -- Changed EmailMessage.attachments and EmailMultiAlternatives.alternatives to use namedtuples.

2024-06-20T07:43:40Z

This makes it more descriptive to pull out the named fields.

Fixed #35364 -- Stopped AdminEmailHandler rendering email unnecessarily.

2024-04-12T08:37:28Z

Refs #35364 -- Tested AdminEmailHandler with empty ADMINS.

2024-04-12T08:37:28Z