summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2025-05-13Fixed #36383 -- Improved migration serialization for functools.partial objects.Adam Johnson
2025-05-13Refs #36383 -- Added extra tests for serializing functools.partial in ↵Adam Johnson
tests/migrations/test_writer.py. This includes a test helper to better assert over the expected output. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-05-13Refs #36383 -- Extended DeconstructibleSerializer to support non-identifier ↵Adam Johnson
keyword arguments. In Python, keyword arguments must normally be valid identifiers (i.e., variable names that follow Python's naming rules). However, Python dicts can have keys that aren't valid identifiers, like "foo-bar" or "123foo". This commit ensures that keyword arguments that are nt valid identifiers, are properly handled when deconstructing an object.
2025-05-13Refs #36383, #26151 -- Corrected spelling of DeconstructibleSerializer.Adam Johnson
"Deconstructible" is the spelling that Django has settled on, such as for `django.utils.deconstruct`. This commit normalizes a previously-inconsistent class to match the rest of the codebase.
2025-05-13Updated guidance to propose new feature ideas in contributing docs.Lily Foote
These changes include: * Clarification of the new feature proposal and evaluation process. * Reodering "points to consider" into reporting bugs section, since these are mostly trac-specific. * Narrowing the guide on user interface bugs and features to just bugs. * Updating documentation for Someday/Maybe triage stage. Co-authored-by: Tim Schilling <schilling711@gmail.com> Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-05-13Fixed #36332 -- Corrected HttpRequest.get_full_path() and ↵Aleksandr Safonov
HttpRequest.get_full_path_info() examples.
2025-05-13Fixed #35518 -- Optimized RoutePattern by using string operations for ↵Jake Howard
converter-less routes.
2025-05-13Refs #35591 -- Ensured isolated test environ for runserver warning.Carlton Gibson
2025-05-12Fixed #33174 -- Fixed migrations crash for model inheriting from Generic[T].Thibaut Decombe
2025-05-12Fixed #36373 -- Fixed select_related() crash on foreign object for a ↵Simon Charette
composite pk. Thanks Jacob Walls for the report and Sarah for the in-depth review.
2025-05-09Refs #35980 -- Added release note about changes in release artifacts filenames.Natalia
2025-05-09Removed "Expected" from release date for 5.2.1, 5.1.9, and 4.2.21.Natalia
2025-05-09Fixed #36207 -- Cleared cached ForeignObject relations via refresh_from_db().Jacob Walls
2025-05-09Removed hardcoded pks in admin selenium tests.Tim Graham
2025-05-08Fixed #36295, Refs #24305 -- Allowed overriding GenericForeignKey fields on ↵Ahmed Nassar
abstract models.
2025-05-08Fixed #36363 -- Added field names to admin duplicated fields error hint.Eric Blum
2025-05-08Fixed #36143 -- Made max_query_params respect SQLITE_LIMIT_VARIABLE_NUMBER.Sage Abdullah
Co-authored-by: Xavier Frankline <xf.xavierfrank@gmail.com>
2025-05-08Refs #36143 -- Tested bulk_batch_size limit for bulk_update and bulk_create.Sage Abdullah
2025-05-07Cleaned up CVE-2025-32873 security archive description.Natalia
2025-05-07Added CVE-2025-32873 to security archive.Natalia
2025-05-07Added stub release notes for 5.2.2.Natalia
2025-05-06Fixed CVE-2025-32873 -- Mitigated potential DoS in strip_tags().Sarah Boyce
Thanks to Elias Myllymäki for the report, and Shai Berger and Jake Howard for the reviews. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-05-06Simplified artifact building steps in docs/internals/howto-release-django.txt.Natalia
With the recent merge of artifact build updates from https://github.com/django/django/pull/19436, there is no need to have different build instructions for 4.2.
2025-05-06Refs #36052, #32234 -- Fixed inspectdb tests for CompositePrimaryKey on Oracle.Mariusz Felisiak
Tests regression in 4c75858135589f3a00e32eb4d476074536371a32.
2025-05-04Fixed #36281 -- Used async-safe write in ASGIHandler.read_body().신우진
Thanks Carlton Gibson for reviews.
2025-05-02Fixed #17461 -- Doc'd the presumed order of foreign keys on the intermediary ↵Clifford Gama
model of a self-referential m2m. Thanks Giannis Terzopoulos and Sarah Boyce for the reviews.
2025-04-30Made cosmetic edits and added upcoming security release to release notes.Natalia
2025-04-30Fixed #36357 -- Skipped unique_together in inspectdb output for composite ↵Baptiste Mispelon
primary keys. Thanks to Baptiste Mispelon for the report and quick fix, and to Simon Charette and Jacob Walls for the reviews. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-04-30Fixed #36358 -- Corrected introspection of composite primary keys on SQLite.Simon Charette
Previously, any first field of a composite primary key with type `INTEGER` was incorrectly introspected as an `AutoField` due to SQLite treating `INTEGER PRIMARY KEY` as an alias for the `ROWID`. This change ensures that integer fields in composite PKs are not mistaken for auto-incrementing fields. Thanks Jacob Walls and Sarah Boyce for the reviews.
2025-04-30Refs #36052, #32234 -- Removed create_test_table_with_composite_primary_key ↵Simon Charette
flag in favor of using CompositePrimaryKey. Now that Django properly supports creating models with composite primary keys, the tests should use a `CompositePrimaryKey` field instead of a feature flag to inline backend specific SQL for creating a composite PK. Specifcially, the inspectdb's test_composite_primary_key was adjusted to use schema editor instead of per-backend raw SQL.
2025-04-30Fixed #36360 -- Fixed QuerySet.update() crash when referring annotations ↵Simon Charette
through values(). The issue was only manifesting itself when also filtering againt a related model as that forces the usage of a subquery because SQLUpdateCompiler doesn't support the UPDATE FROM syntax yet. Regression in 65ad4ade74dc9208b9d686a451cd6045df0c9c3a. Refs #28900. Thanks Gav O'Connor for the detailed report.
2025-04-30Used bulk_create where possible in update tests.Simon Charette
This shaves off 21 INSERT queries. Thanks Clifford for the review.
2025-04-29Used addCleanup() instead of try-finally blocks in inspectdb tests.Baptiste Mispelon
2025-04-28Fixed #36354 -- Removed JavaScript workaround for browsers lacking `:has()` ↵Fabian Braun
CSS support. This branch removes the JavaScript fallback added in the admin for the add user and change password templates/flows (Refs #34429). Django documents suport for "modern, web standards compliant browsers". See https://caniuse.com/css-has for info on browser support per version.
2025-04-27Fixed #35931 -- Documented fields and methods of the FlatPage model.koresi
Co-authored-by: Clifford Gama <53076065+cliff688@users.noreply.github.com>
2025-04-27Fixed #18296 -- Created missing custom target directory for startproject and ↵Bruno Alla
startapp.
2025-04-27Fixed #36346 -- Removed outdated section about the threaded option in Oracle ↵9r0k
driver.
2025-04-27Fixed #36312 -- Removed invalid size units for svg in Safari.Ahmed Nassar
2025-04-27Fixed aggregation tests crash on databases that don't support JSONFields.sag​e
2025-04-27Fixed #36335 -- Fixed typo in docs/topics/db/managers.txt.dbogar89
2025-04-26Refs #36326 -- Fixed QuerySet.raw() crash on models with CompositePrimaryKey ↵Mariusz Felisiak
on Oracle. Virtual CompositePrimaryKey fields should be ignored. Regression in 1831f7733d3ef03d1ca7fac3e8d9f4c5e3e3375e.
2025-04-24Fixed #36309 -- Made email alternatives and attachments pickleable.nessita
Regression in aba0e541caaa086f183197eaaca0ac20a730bbe4 and in d5bebc1c26d4c0ec9eaa057aefc5b38649c0ba3b. Thanks Florent Messa for the report, and Jake Howard and Claude Paroz for the review.
2025-04-23Refs #36341 -- Added release notes for 5.1.9 and 4.2.21 for fix in wordwrap ↵nessita
template filter. Revision 1e9db35836d42a3c72f3d1015c2f302eb6fee046 fixed a regression in 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b, which also needs to be backported to the stable branches in extended support (5.1.x and 4.2.x).
2025-04-23Fixed #36341 -- Preserved whitespaces in wordwrap template filter.Matti Pohjanvirta
Regression in 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b. This work improves the django.utils.text.wrap() function to ensure that empty lines and lines with whitespace only are kept instead of being dropped. Thanks Matti Pohjanvirta for the report and fix. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-04-23Skipped "Labels" Github action when not targeting the main django/django repo.Sarah Boyce
2025-04-23Fixed #35801 -- Prevented collision of senders with non-overlapping lifetimes.Simon Charette
As documented, the id() function can return the same value for distinct objects with non-overlapping lifetimes which can result in signals being sent to the wrong receivers if two distinct senders happen to have a colliding id() value. Since reproduction of the issue requires memory constrained circumstances where the same exact id() is reused for two senders of the same signal the test opt to simulate the collision by systematically making the same id for Sender instances. Note that we explicitly avoid keeping a strong reference to senders that cannot be weakly referenced as that would unexpectedly prevent them from being garbage collected. This means that id(sender) collisions could still occur for such objects but Django itself doesn't make use of them. Thanks Sjoerd Job Postmus for the reduced test case and Mariusz for the review. Co-authored-by: And Clover <and@doxdesk.com>
2025-04-23Simplified UserManager.with_perm() by using get_backends().Bona Fide IT GmbH
2025-04-22Fixed #36331 -- Reverted "Fixed #36055 -- Prevented overlap of object-tools ↵antoliny0919
buttons and page header in the admin." This reverts commits b1324a680add78de24c763911d0eefa19b9263bc and 02a5cbfe76382da2a0414df17017185be5bd47f9. The former caused a regression in admin sites that relied on the `object-tools` block being inside the `content` block. Thank you to Fabian Braun for the report.
2025-04-17Fixed #36326 -- Added CompositePrimaryKey support in QuerySet.raw().SaJH
Signed-off-by: SaJH <wogur981208@gmail.com>
2025-04-17Fixed #35959 -- Displayed password reset button in admin only when user has ↵Sarah Boyce
sufficient permissions. This change ensures that the "Reset password" button in the admin is shown only when the user has the necessary permission to perform a password change operation. It reuses the password hashing rendering logic in `display_for_field` to show the appropriate read-only widget for users with view-only access.