| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-04-20 | Simplified LogoutView.get_success_url(). | Aymeric Augustin | |
| This preserves the behavior of redirecting to the logout URL without query string parameters when an insecure ?next=... parameter is given. It changes the behavior of a POST to the logout URL, as shown by the test that is changed. Currently, this results in a GET to the logout URL. However, such GET requests are deprecated. This change would be necessary in Django 5.0 anyway. This commit merely anticipates it. | |||
| 2022-04-20 | Unified LoginView/LogoutView.get_default_redirect_url() methods. | Aymeric Augustin | |
| This might change the behavior when self.next_page == "". However, resolve_url(self.next_page) would almost certainly fail in that case. It is technically possible to define a logout URLpattern whose name is "": path('logout/', LogoutView.as_view(), name=''), and then to refer to this pattern with next_page = "". However this feels like a pathological case, so we decided not to handle it. Most checks on next_page, LOGIN_REDIRECT_URL, and LOGOUT_REDIRECT_URL are performed with boolean evaluation rather than comparison with None. That's why we standardizing that way. | |||
| 2022-04-20 | Renamed LogoutView.get_next_page() to get_success_url(). | Aymeric Augustin | |
| This aligns it with LoginView. Also, it removes confusion with the get_next_page() method of paginators. get_next_page() was a private API, therefore this refactoring is allowed. | |||
| 2022-04-20 | Refactored out RedirectURLMixin.get_redirect_url(). | Aymeric Augustin | |
| This also renames SuccessURLAllowedHostsMixin to RedirectURLMixin. This doesn't change the behavior of LogoutView.get_next_page() because next_page == "" implies url_is_safe == False before the refactoring. | |||
| 2022-04-20 | Fixed #33654 -- Added localdate to utils.timezone.__all__. | Andrey Otto | |
| 2022-04-20 | Added TiDB to list of third-party DB backends. | Xiang Zhang | |
| 2022-04-19 | Updated note about ListView pagination example in CBV docs. | Theofilos Alexiou | |
| Follow up to 0f0abc20be55d796ecfc3e7698e7ecfd9e9cdf88. | |||
| 2022-04-19 | Fixed #33644 -- Corrected FAQ about displaying ManyToManyField in list_filter. | Dominik | |
| 2022-04-19 | Fixed #33639 -- Enabled cached template loader in development. | Carlton Gibson | |
| 2022-04-19 | Refs #32226 -- Fixed JSON format of QuerySet.explain() on PostgreSQL when ↵ | Mariusz Felisiak | |
| format is uppercased. Follow up to aba9c2de669dcc0278c7ffde7981be91801be00b. | |||
| 2022-04-19 | Removed unnecessary default argument from GET.get() call in ↵ | Aymeric Augustin | |
| LoginView.get_redirect_url(). The default argument is unnecessary because url_has_allowed_host_and_scheme() returns False when its first argument is "" or None, so get_redirect_url() still returns "". This also aligns LoginView.get_redirect_url() and LogoutView.get_next_page(). | |||
| 2022-04-18 | Fixed #33648 -- Prevented extra redirect in LogoutView on invalid next page ↵ | Aymeric Augustin | |
| when LOGOUT_REDIRECT_URL is set. | |||
| 2022-04-18 | Refs #33328 -- Corrected JS check for event.detail presence in docs. | Claude Paroz | |
| 2022-04-18 | Fixed various tests on MySQL with MyISAM storage engine. | Mariusz Felisiak | |
| 2022-04-18 | Fixed DatabaseFeatures.uses_savepoints/can_release_savepoints and related ↵ | Mariusz Felisiak | |
| tests with MyISAM storage engine. | |||
| 2022-04-16 | Fixed #33643 -- Fixed inspectdb crash on functional unique constraints on ↵ | Scott | |
| Oracle. | |||
| 2022-04-15 | Fixed #33607 -- Made PostgresIndex.create_sql() respect the "using" argument. | Alexandru Mărășteanu | |
| 2022-04-15 | Fixed #11803 -- Allowed admin select widgets to display new related objects. | mgaligniana | |
| Adjusted admin javascript to add newly created related objects to already loaded select widgets. In this version, applies only where limit_choices_to is not set. | |||
| 2022-04-14 | Refs #31169 -- Added release note for parallel test running changes. | Carlton Gibson | |
| 2022-04-14 | Relaxed some query ordering assertions in various tests. | Mariusz Felisiak | |
| It accounts for differences seen on MySQL with MyISAM storage engine. | |||
| 2022-04-14 | Fixed #33637 -- Improved initial zoom level in MapWidget. | Claude Paroz | |
| 2022-04-14 | Removed stale Windows asyncio test skips. | Carlton Gibson | |
| Underlying issue was fixed in Python 3.8.1, now many versions ago. https://bugs.python.org/issue38563 | |||
| 2022-04-14 | Made select_for_update() don't raise TransactionManagementError on databases ↵ | Mariusz Felisiak | |
| that don't support transactions. | |||
| 2022-04-14 | Expanded QuerySet.explain() error message if a backend supports no formats. | Tim Graham | |
| 2022-04-14 | Removed unneeded code in explain_query_prefix() | Tim Graham | |
| 2022-04-13 | Fixed #30511 -- Used identity columns instead of serials on PostgreSQL. | Florian Apolloner | |
| 2022-04-13 | Updated bpo link to use redirect URI. | Nick Pope | |
| Mirrors the change made in python/cpython#32342. | |||
| 2022-04-13 | Fixed DatabaseFeatures.supports_index_column_ordering and related tests with ↵ | Mariusz Felisiak | |
| MyISAM storage engine. | |||
| 2022-04-13 | Fixed typo in SchemaIndexesMySQLTests.test_no_index_for_foreignkey(). | Mariusz Felisiak | |
| 2022-04-13 | Fixed tests on databases that don't support introspecting foreign keys. | Mariusz Felisiak | |
| 2022-04-13 | Improved ExplainTests.test_basic(). | Mariusz Felisiak | |
| QuerySet.select_for_update() is not supported by all databases. Moreover it cannot be used outside of a transaction. | |||
| 2022-04-13 | Fixed #33627 -- Improved nonexistent pk in ↵ | SanderBeekhuis | |
| ModelMultipleChoiceFieldTests.test_model_multiple_choice_field(). | |||
| 2022-04-13 | Removed unnecessary tuple call in SQLInsertCompiler. | David Smith | |
| 2022-04-12 | Fixed #33633 -- Skipped some test_utils tests on databases that don't ↵ | zhangyangyu | |
| support transactions. | |||
| 2022-04-12 | Fixed DatabaseFeatures.supports_expression_indexes on MySQL with MyISAM. | Mariusz Felisiak | |
| 2022-04-12 | Fixed #24296 -- Made QuerySet.exists() clear selected columns for not sliced ↵ | mgaligniana | |
| distinct querysets. | |||
| 2022-04-12 | Refs #18414 -- Added tests for selected columns of sliced distinct querysets. | mgaligniana | |
| 2022-04-12 | Fixed #33626 -- Cleared cache when unregistering a lookup. | Himanshu-Balasamanta | |
| 2022-04-11 | Fixed #32604 -- Made file upload respect group id when uploading to a ↵ | Mateo Radman | |
| temporary file. | |||
| 2022-04-11 | Removed DatabaseFeatures.validates_explain_options. | Mariusz Felisiak | |
| Always True since 6723a26e59b0b5429a0c5873941e01a2e1bdbb81. | |||
| 2022-04-11 | Added stub release notes for 4.0.5. | Mariusz Felisiak | |
| 2022-04-11 | Added CVE-2022-28346 and CVE-2022-28347 to security archive. | Mariusz Felisiak | |
| 2022-04-11 | Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL ↵ | Mariusz Felisiak | |
| injection on PostgreSQL. | |||
| 2022-04-11 | Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and ↵ | Mariusz Felisiak | |
| extra() against SQL injection in column aliases. Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. | |||
| 2022-04-11 | Fixed #33628 -- Ignored directories with empty names in autoreloader check ↵ | Manel Clos | |
| for template changes. Regression in 68357b2ca9e88c40fc00d848799813241be39129. | |||
| 2022-04-07 | Fixed #33618 -- Fixed MTI updates outside of primary key chain. | Simon Charette | |
| 2022-04-07 | Fixed #33611 -- Allowed View subclasses to define async method handlers. | Carlton Gibson | |
| 2022-04-07 | Refs #33173 -- Fixed test_runner/test_utils tests on Python 3.11+. | Mariusz Felisiak | |
| Python 3.11 uses fully qualified test name in unittest output. See https://github.com/python/cpython/commit/755be9b1505af591b9f2ee424a6525b6c2b65ce9 | |||
| 2022-04-06 | Skipped SchemaTests.test_alter_field_type_and_db_collation on databases that ↵ | Mariusz Felisiak | |
| don't support collation on TextField. | |||
| 2022-04-06 | Fixed #33471 -- Made AlterField operation a noop when changing "choices". | sarahboyce | |
| This also allows customizing attributes of fields that don't affect a column definition. | |||
