summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-08-12Marked missing part of warning footer for translation in SelectFilter2.js.Marc Picaud
2024-08-12Fixed #35586 -- Added support for set-returning database functions.Devin Cox
Aggregation optimization didn't account for not referenced set-returning annotations on Postgres. Co-authored-by: Simon Charette <charette.s@gmail.com>
2024-08-12Fixed #35575 -- Added support for constraint validation on GeneratedFields.Mark Gensler
2024-08-12Refs #35591 -- Removed hardcoded "stable" version in runserver warning.Mariusz Felisiak
2024-08-09Fixed #35658 -- Initialized InMemoryFileNode instances with a name.lucasesposito
2024-08-09Fixed #35591 -- Added unsuitable for production console warning to runserver.Andrew Miller
2024-08-08Fixed #35622 -- Made unittest ignore Django assertions in traceback frames.Adam Johnson
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-08-08Added test for acheck_password() to ensure make_password is called for ↵Natalia
unusable passwords. This is a follow up for the fix of CVE-2024-39329 (5d8645857936c142a3973694799c52165e2bdcdb) where the timing of verify_password() was standardized when checking unusable passwords.
2024-08-08Doc'd that SessionMiddleware is required for the admin site.Jure Cuhalev
The system check "admin.E410" was already checking for this, but the requirement was not listed in docs/ref/contrib/admin/index.txt.
2024-08-08Refs #35591 -- Emphasized that runserver is not suitable for production.Andrew Miller
2024-08-08Refs #31405 -- Improved LoginRequiredMiddleware documentation.Adam Johnson
co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2024-08-08Fixed #35661 -- Fixed test_too_many_digits_to_rander() test crash on PyPy.Mariusz Felisiak
Thanks Michał Górny for the report.
2024-08-07Fixed #35639 -- Improved admin's delete confirmation page title.Matthias Kestenholz
2024-08-07Added stub release notes for 5.1.1.Natalia
2024-08-07Fixed i18n.tests.TranslationTests.test_plural to use correct French translation.Natalia
Forwardport of d5ad743e798fadc83663f016023cd124eadc366c from stable/5.1.x.
2024-08-07Updated translations from Transifex.Natalia
Forwardport of 380c6e6ddd7890fbe65826873579ef6e3af0c07d from stable/5.1.x.
2024-08-07Finalized release notes for Django 5.1.Natalia
2024-08-07Fixed #35553 -- Handled import*as in HashedFilesMixin.Farhan
2024-08-06Added CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, and CVE-2024-42005 to ↵Sarah Boyce
security archive.
2024-08-06Fixed CVE-2024-42005 -- Mitigated QuerySet.values() SQL injection attacks ↵Simon Charette
against JSON fields. Thanks Eyal (eyalgabay) for the report.
2024-08-06Fixed CVE-2024-41991 -- Prevented potential ReDoS in ↵Mariusz Felisiak
django.utils.html.urlize() and AdminURLFieldWidget. Thanks Seokchan Yoon for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2024-08-06Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc ↵Sarah Boyce
template filters. Thanks to MProgrammer for the report.
2024-08-06Fixed CVE-2024-41989 -- Prevented excessive memory consumption in floatformat.Sarah Boyce
Thanks Elias Myllymäki for the report. Co-authored-by: Shai Berger <shai@platonix.com>
2024-08-05Fixed #35657 -- Made FileField handle db_default values.Sarah Boyce
2024-08-05Extended script to manage translations to support fetching new translations ↵nessita
since a given date.
2024-08-05Fixed #35638 -- Updated validate_constraints to consider db_default.David Sanders
2024-08-05Refs #35638 -- Avoided wrapping expressions with Value in ↵David Sanders
_get_field_value_map() and renamed to _get_field_expression_map().
2024-08-05Used :pypi: role in docs where appropriate.Mariusz Felisiak
2024-08-05Fixed #35628 -- Allowed compatible GeneratedFields for ↵John Parton
ModelAdmin.date_hierarchy.
2024-08-05Refs #35380 -- Updated screenshots in admin docs.Natalia
2024-08-05Refs #35380 -- Updated screenshots in intro docs.Natalia
2024-08-05Fixed #35645, Refs #35558 -- Added "medium" color in the admin CSS to ↵Natalia
improve accessibility of headings.
2024-08-05Refs #35537 -- Improved documentation and test coverage for email ↵Jake Howard
attachments and alternatives.
2024-08-03Fixed #35655 -- Reverted "Fixed #35295 -- Used INSERT with multiple rows on ↵Sarah Boyce
Oracle 23c." This reverts commit 175b04942afaff978013db61495f3b39ea12989b due to a crash when Oracle > 23.3.
2024-08-02Refs #35601, Refs #35599 -- Made cosmetic edits to TelInput/ColorInput docs.Mariusz Felisiak
2024-08-02Fixed #35643 -- Fixed a crash when ordering a QuerySet by a reference ↵Simon Charette
containing "__". Regression in b0ad41198b3e333f57351e3fce5a1fb47f23f376. Refs #34013. The initial logic did not consider that annotation aliases can include lookup or transform separators. Thanks Gert Van Gool for the report and Mariusz Felisiak for the review.
2024-08-02Fixed #35601 -- Added TelInput widget.lucasesposito
2024-08-02Fixed #35599 -- Added ColorInput widget.arjunomray
2024-08-02Fixed #35489 -- Fixed vertical alignment of raw_id_fields widget.Vaarun Sinha
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2024-08-01Fixed #35646 -- Extended SafeExceptionReporterFilter.hidden_settings to ↵Markus Holtermann
treat `AUTH` as a sensitive match. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-08-01Improved view_tests.tests.test_debug.ExceptionReporterFilterTests.Natalia
2024-08-01Refs #373 -- Added tuple lookups.Bendeguz Csirmaz
2024-08-01Reverted "Fixed #28646 -- Prevented duplicate index when unique is set to ↵Sarah Boyce
True on PostgreSQL." This reverts commit 9cf9c796be8dd53bc3b11355ff39d65c81d7be6d due to a crash on Oracle as it didn't allow multiple indexes on the same field.
2024-07-31Removed GitHub Actions for creating and checking reminders.nessita
2024-07-31Fixed #35598 -- Added SearchInput widget.Jeremy Thompson
2024-07-31Added stub release notes and release date for 5.0.8 and 4.2.15.Sarah Boyce
2024-07-30Fixed #28646 -- Prevented duplicate index when unique is set to True on ↵Ben Cail
PostgreSQL.
2024-07-29Fixed #35546 -- Emphasised accepted ticket requirement in contributing docs.Maryam Yusuf
2024-07-29Referenced joining the triage and review team as motivation to do PR reviews.Maryam Yusuf
2024-07-29Refs #35074 -- Simplified and unified adding spatial indexes on MySQL and ↵Mariusz Felisiak
Oracle. This uses `deferred_sql` and `_field_indexes_sql()` instead of custom hooks on MySQL.