| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-07-23 | Refs #36500 -- Rewrapped long docstrings and block comments via a script. | django-bot | |
| Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505. | |||
| 2025-04-17 | Fixed #36314 -- Fixed MinimumLengthValidator error message translation. | Ahmed Nassar | |
| Regression in ec7d69035a408b357f1803ca05a7c991cc358cfa. Thank you Gabriel Trouvé for the report and Claude Paroz for the review. | |||
| 2025-03-31 | Refs #28909 -- Simplified code using unpacking generalizations. | Aarni Koskela | |
| 2025-02-18 | Fixed #36179 -- Unhexed entries and removed duplicates in ↵ | mimi89999 | |
| auth/common-passwords.txt.gz. | |||
| 2024-10-15 | Fixed #35782 -- Allowed overriding password validation error messages. | Ben Cail | |
| 2023-01-18 | Refs #34233 -- Used @functools.cache. | Nick Pope | |
| Python 3.9+ supports @functools.cache as an alias for @functools.lru_cache(maxsize=None). | |||
| 2022-09-28 | Fixed #34056 -- Updated the list of common passwords for ↵ | Paolo Melchiorre | |
| CommonPasswordValidator. | |||
| 2022-02-07 | Refs #33476 -- Refactored code to strictly match 88 characters line length. | Mariusz Felisiak | |
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2022-01-04 | Fixed CVE-2021-45115 -- Prevented DoS vector in ↵ | Florian Apolloner | |
| UserAttributeSimilarityValidator. Thanks Chris Bailey for the report. Co-authored-by: Adam Johnson <me@adamj.eu> | |||
| 2021-12-13 | Improved wording in password validators docs and docstrings. | Adam Johnson | |
| 2021-04-01 | Fixed #32316 -- Deferred accessing __file__. | William Schwartz | |
| Deferred accessing the module-global variable __file__ because the Python import API does not guarantee it always exists—in particular, it does not exist in certain "frozen" environments. The following changes advanced this goal. Thanks to Carlton Gibson, Tom Forbes, Mariusz Felisiak, and Shreyas Ravi for review and feedback. | |||
| 2020-08-28 | Fixed #31912 -- Removed strict=True in Path.resolve() in project template ↵ | Mariusz Felisiak | |
| and CommonPasswordValidator. This caused permission errors when user didn't have permissions to all intermediate directories in a Django installation path. Thanks tytusd and leonyxz for reports. Regression in edeec1247e52de6fc32cee93e96d4ce36003ea4b and 26554cf5d1e96db10d0d5f4b69683a22fb82fdf8. | |||
| 2019-11-05 | Passed strict=True to Path.resolve() to enforce that the path must exist. | Jon Dufresne | |
| 2019-06-28 | Fixed #30400 -- Improved typography of user facing strings. | Jon Dufresne | |
| Thanks Claude Paroz for assistance with translations. | |||
| 2019-05-23 | Forced utf-8 encoding when loading common passwords in CommonPasswordValidator. | Mariusz Felisiak | |
| Previously we used `decode()` which defaults to utf-8. This change restores previous behavior. Follow up to 28eac41510eb9de728bdfbc22a36f33ac75394f2. | |||
| 2019-05-22 | Refs #30116 -- Removed unnecessary str() calls in CommonPasswordValidator. | Jon Dufresne | |
| open() and gzip.open() supports path-like objects since Python 3.6. | |||
| 2019-05-22 | Improved performance of loading common passwords in CommonPasswordValidator. | Brad Solomon | |
| CommonPasswordValidator.__init__ previously called either splitlines or readlines, creating an unneeded intermediate list in memory. For large custom password files, this could be burdensome. | |||
| 2019-01-28 | Fixed #30137 -- Replaced OSError aliases with the canonical OSError. | Jon Dufresne | |
| Used more specific errors (e.g. FileExistsError) as appropriate. | |||
| 2018-11-15 | Fixed #29952 -- Lowercased all passwords in contrib.auth's ↵ | Mathew Payne | |
| auth/common-passwords.txt.gz. | |||
| 2018-04-19 | Ref #23919 -- Replaced some os.path usage with pathlib.Path. | Tom | |
| 2018-04-16 | Fixed #29274 -- Increased the number of common passwords from 1k to 20k. | GS-14 | |
| 2018-01-02 | Fixed #28902 -- Fixed password_validators_help_text_html() double escaping. | Alvin Lindstam | |
| 2017-04-27 | Refs #27795 -- Replaced many force_text() with str() | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-02-09 | Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode(). | Tim Graham | |
| 2017-02-07 | Converted usage of ugettext* functions to their gettext* aliases | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-01-20 | Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage. | Tim Graham | |
| These functions do nothing on Python 3. | |||
| 2017-01-19 | Refs #23919 -- Stopped inheriting from object to define new style classes. | Simon Charette | |
| 2017-01-18 | Refs #23919 -- Stopped using django.utils.lru_cache(). | Aymeric Augustin | |
| 2017-01-18 | Refs #23919 -- Removed six.<various>_types usage | Claude Paroz | |
| Thanks Tim Graham and Simon Charette for the reviews. | |||
| 2017-01-18 | Refs #23919 -- Removed encoding preambles and future imports | Claude Paroz | |
| 2016-11-16 | Fixed #27467 -- Made UserAttributeSimilarityValidator max_similarity=0/1 ↵ | Tim Graham | |
| work as documented. Thanks goblinJoel for the report and feedback. | |||
| 2016-11-14 | Fixed E305 flake8 warnings. | Ramin Farajpour Cami | |
| 2016-09-17 | Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6. | Tim Graham | |
| http://bugs.python.org/issue27364 | |||
| 2016-08-10 | Fixed #26909 -- Allowed UserAttributeSimilarityValidator to validate against ↵ | Andrew Nester | |
| model properties. | |||
| 2016-08-04 | Fixed #27020 -- Used a context manager to close files. | Ville Skyttä | |
| 2016-05-07 | Fixed #26544 -- Delayed translations of SetPasswordForm help_texts | Claude Paroz | |
| Thanks Michael Bitzi for the reporti and Tim Graham for the review. | |||
| 2015-10-10 | Pluralized translatable strings in password_validation.py | Claude Paroz | |
| Forward port of 86dc4889f from master. | |||
| 2015-09-28 | Refs #16860 -- Fixed password help text when there aren't any validators. | Antoine Catton | |
| This avoids creating an empty list which is invalid HTML 4. | |||
| 2015-06-16 | Refs #16860 -- Fixed a resource and deprecation warning in password validation. | Tim Graham | |
| 2015-06-10 | Refs #16860 -- Minor edits and fixes to password validation. | Tim Graham | |
| 2015-06-07 | Fixed #16860 -- Added password validation to django.contrib.auth. | Erik Romijn | |
