| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-03-06 | [5.2.x] Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template ↵ | Sarah Boyce | |
| filter. Thanks sw0rd1ight for the report. Backport of 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b from main. | |||
| 2024-02-15 | Refs #30686 -- Removed unused regexes in django.utils.text. | Mariusz Felisiak | |
| Unused since 6ee37ada3241ed263d8d1c2901b030d964cbd161. | |||
| 2024-02-07 | Fixed #30686 -- Used Python HTMLParser in utils.text.Truncator. | David Smith | |
| 2024-02-07 | Refs #30686 -- Fixed text truncation for negative or zero lengths. | David Smith | |
| 2023-10-04 | Fixed CVE-2023-43665 -- Mitigated potential DoS in ↵ | Natalia | |
| django.utils.text.Truncator when truncating HTML text. Thanks Wenchao Li of Alibaba Group for the report. | |||
| 2023-07-14 | Refs #30686 -- Moved add_truncation_text() helper to a module level. | David Smith | |
| 2022-12-17 | Fixed #34170 -- Implemented Heal The Breach (HTB) in GzipMiddleware. | Andreas Pelme | |
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2021-12-30 | Refs #27753 -- Removed unused django.utils.text._replace_entity() and ↵ | Mariusz Felisiak | |
| _entity_re. Unused since 157ab32f3446da7fa1f9d716509c290069a2a156. | |||
| 2021-12-14 | Fixed unescape_string_literal() crash on empty strings. | Florian Apolloner | |
| 2021-06-21 | Fixed #32859 -- Simplified compress_string() by using gzip.compress(). | Illia Volochii | |
| 2021-05-04 | Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. | Florian Apolloner | |
| 2021-03-23 | Optimized django.utils.text.capfirst(). | Nick Pope | |
| Unconditionally coercing to str type twice is expensive. | |||
| 2021-01-14 | Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation ↵ | Mariusz Felisiak | |
| timeline. | |||
| 2020-05-29 | Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores. | David Smith | |
| 2020-05-29 | Corrected slugify()'s docstring. | David Smith | |
| 2020-05-11 | Refs #30116 -- Simplified regex match group access with Match.__getitem__(). | Jon Dufresne | |
| The method has been available since Python 3.6. The shorter syntax is also marginally faster. | |||
| 2019-12-30 | Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ". | Sjbrgsn | |
| Thanks Luis Nell for the implementation idea and very detailed report. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2019-10-29 | Fixed #30899 -- Lazily compiled import time regular expressions. | Hasan Ramezani | |
| 2019-08-01 | Removed unneeded ValueError catching in django.utils.text._replace_entity(). | Jon Dufresne | |
| The html.entities.name2codepoint dict contains only valid Unicode codepoints. Either the key exists and chr() will succeed or the key does not exist. | |||
| 2019-08-01 | Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when ↵ | Florian Apolloner | |
| truncating HTML. Thanks to Guido Vranken for initial report. | |||
| 2019-05-08 | Refs #27753 -- Deprecated django.utils.text.unescape_entities(). | Jon Dufresne | |
| The function was undocumented and only required for compatibility with Python 2. Code should use Python's html.unescape() that was added in Python 3.4. | |||
| 2018-10-04 | Simplified utils.text.StreamingBuffer. | Sergey Fedoseev | |
| 2018-09-25 | Normalized spelling of "lowercase" and "lowercased". | Jon Dufresne | |
| 2018-08-21 | Fixed #29654 -- Made text truncation an ellipsis character instead of three ↵ | Claude Paroz | |
| dots. Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review. | |||
| 2018-07-20 | Fixed #29412 -- Stopped marking slugify() result as HTML safe. | Claude Paroz | |
| 2018-03-06 | Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in ↵ | Tim Graham | |
| django.utils.text.Truncator. Thanks James Davis for suggesting the fix. | |||
| 2017-12-04 | Fixed #28860 -- Removed unnecessary len() calls. | Дилян Палаузов | |
| 2017-04-27 | Refs #27795 -- Replaced many force_text() with str() | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-04-10 | Removed duplicate lines in slugify(). | Jon Dufresne | |
| 2017-03-04 | Refs #27795 -- Removed unneeded force_text calls | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-02-11 | Refs #27656 -- Updated django.utils docstring verbs according to PEP 257. | Anton Samarchyan | |
| 2017-02-07 | Converted usage of ugettext* functions to their gettext* aliases | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-01-26 | Refs #23919, #27778 -- Removed obsolete mentions of unicode. | Vytis Banaitis | |
| 2017-01-25 | Refs #23919 -- Replaced super(ClassName, self) with super(). | chillaranand | |
| 2017-01-21 | Refs #23919 -- Removed re.U and re.UNICODE (default on Python 3). | Mariusz Felisiak | |
| 2017-01-19 | Refs #23919 -- Stopped inheriting from object to define new style classes. | Simon Charette | |
| 2017-01-18 | Refs #23919 -- Removed most of remaining six usage | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-01-18 | Refs #23919 -- Removed six.<various>_types usage | Claude Paroz | |
| Thanks Tim Graham and Simon Charette for the reviews. | |||
| 2017-01-18 | Refs #23919 -- Removed six.PY2/PY3 usage | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-01-18 | Refs #23919 -- Removed encoding preambles and future imports | Claude Paroz | |
| 2016-11-14 | Fixed E305 flake8 warnings. | Ramin Farajpour Cami | |
| 2016-11-14 | Decorated a few functions. | Tim Graham | |
| 2016-10-14 | Refs #19705 -- Changed gzip modification times to 0. | Kevin Christopher Henry | |
| This makes gzip output deterministic, which allows ConditionalGetMiddleware to reliably compare ETags on gzipped content (views using the gzip_page() decorator in particular). | |||
| 2016-09-17 | Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6. | Tim Graham | |
| http://bugs.python.org/issue27364 | |||
| 2016-08-24 | Fixed #26866 -- Added format_lazy function | Mattias Loverot | |
| Added format_lazy function to django.utils.text module. Useful when dealing with relative complex lazy string concatenations (e.g. in urls.py when translating urls in regular expressions). | |||
| 2016-08-04 | Fixed #27020 -- Used a context manager to close files. | Ville Skyttä | |
| 2016-04-08 | Fixed E128 flake8 warnings in django/. | Tim Graham | |
| 2016-01-25 | Fixed #26125 -- Fixed E731 flake warnings. | userimack | |
| 2015-12-12 | Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy(). | Iacopo Spalletti | |
| Thanks to bmispelon and uruz for the initial patch. | |||
