summaryrefslogtreecommitdiff
path: root/django/utils
AgeCommit message (Collapse)Author
2019-11-18[3.0.x] Fixed #30990 -- Fixed example output in 'z' date format docs.Baptiste Mispelon
Backport of 1185c6172b4dd5482b7bc76b12d7a0588320e027 from master
2019-09-30[3.0.x] Fixed #28690 -- Fixed handling of two-digit years in parse_http_date().Ad Timmering
Due to RFC7231 ayear that appears to be more than 50 years in the future are interpreted as representing the past. Backport of 7b5f8acb9e6395a1660dd7bfeb365866ca8ef47c from master
2019-09-04Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler.Nasir Hussain
2019-09-02Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().Carlton Gibson
2019-08-28Adjusted subprocess.run() calls to use arg list, rather than string. Jon Dufresne
The Python docs recommend passing a sequence to subprocess.run() when possible. Doing so allows for automatic escaping and quoting of arguments. https://docs.python.org/3/library/subprocess.html#frequently-used-arguments > args is required for all calls and should be a string, or a sequence > of program arguments. Providing a sequence of arguments is generally > preferred, as it allows the module to take care of any required > escaping and quoting of arguments (e.g. to permit spaces in file > names). Also removed `shell=True` where unnecessary.
2019-08-28Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().Jon Dufresne
The value returned from urllib.parse.quote() is always a string, so can safely call .encode().
2019-08-23Replaced subprocess commands by run() wherever possible.Claude Paroz
2019-08-16Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according ↵Adnan Umer
to RFC 7231.
2019-08-13Refs #30461 -- Added django.utils._os.to_path().Claude Paroz
2019-08-11Fixed #30677 -- Improved error message for urlencode() and Client when None ↵swatantra
is passed as data.
2019-08-01Removed unneeded ValueError catching in django.utils.text._replace_entity().Jon Dufresne
The html.entities.name2codepoint dict contains only valid Unicode codepoints. Either the key exists and chr() will succeed or the key does not exist.
2019-08-01Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in ↵Florian Apolloner
django.utils.encoding.uri_to_iri(). Thanks to Guido Vranken for initial report.
2019-08-01Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in ↵Florian Apolloner
strip_tags() when handling incomplete HTML entities. Thanks to Guido Vranken for initial report.
2019-08-01Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when ↵Florian Apolloner
truncating HTML. Thanks to Guido Vranken for initial report.
2019-07-31Fixed #30160 -- Added support for LZMA and XZ templates to ↵Nick Pope
startapp/startproject management commands.
2019-07-31Refs #30160 -- Simplified archive extension map and added other aliases.Nick Pope
2019-07-30Refs #30160 -- Made destination path a required argument of extract().Nick Pope
2019-07-24Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be ↵Tom Forbes
resolved.
2019-07-24Removed unused BaseReloader.watch_file().Mariusz Felisiak
Unused since its introduction in c8720e7696ca41f3262d5369365cc1bd72a216ca.
2019-07-23Fixed #30506 -- Fixed crash of autoreloader when path contains null characters.Tom Forbes
2019-07-03Refs #30608 -- Added django.utils.encoding.punycode().Mariusz Felisiak
2019-07-02Fixed typos in comments and docs.Min ho Kim
2019-07-01Removed unnecessary import in django/utils/autoreload.py.PatOnTheBack
2019-06-26Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() ↵nsasaki128
decorator.
2019-06-26Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't ↵Tom Forbes
have __file__ attribute.
2019-06-24Simplified handling of non-existent paths in autoreloader with ↵Tom Forbes
Path.resolve(strict=True).
2019-06-20Fixed #30451 -- Added ASGI handler and coroutine-safety.Andrew Godwin
This adds an ASGI handler, asgi.py file for the default project layout, a few async utilities and adds async-safety to many parts of Django.
2019-06-11Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and ↵Jon Dufresne
filesizeformat filters. intword and filesizeformat passed floats to ngettext() which is deprecated in Python 3.7. The rationale for this warning is documented in BPO-28692: https://bugs.python.org/issue28692. For filesizeformat, the filesize value is expected to be an int -- it fills %d string formatting placeholders. It was likely coerced to a float to ensure floating point division on Python 2. Python 3 always does floating point division, so coerce to an int instead of a float to fix the warning. For intword, the number may contain a decimal component. In English, a decimal component makes the noun plural. A helper function, round_away_from_one(), was added to convert the float to an integer that is appropriate for ngettext().
2019-05-29Fixed #30523 -- Fixed updating file modification times on seen files in ↵Tom Forbes
auto-reloader when using StatReloader. Previously we updated the file mtimes if the file has not been seen before - i.e on the first iteration of the loop. If the mtime has been changed we triggered the notify_file_changed() method which in all cases except the translations will result in the process being terminated. To be strictly correct we need to update the mtime for either branch of the conditional. Regression in 6754bffa2b2df15a741008aa611c1bb0e8dff22b.
2019-05-29Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with ↵Tom Forbes
custom signature. Regression in c8720e7696ca41f3262d5369365cc1bd72a216ca.
2019-05-28Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when ↵Tom Forbes
using StatReloader. Regression in c8720e7696ca41f3262d5369365cc1bd72a216ca.
2019-05-27Refs #30485 -- Avoided unnecessary instance checks in urlencode.Simon Charette
Given doseq defaults to False it should avoid an unnecessary instance check in most cases.
2019-05-24Fixed #30485 -- Adjusted django.utils.http.urlencode for doseq=False case.Johan Lübcke
2019-05-22Fixed #30498 -- Fixed proxy class caching in lazy().Ran Benita
lazy() should prepare the proxy class only once (the first time it's used) not on every call. Regression in b4e76f30d12bfa8a53cc297c60055c6f4629cc4c.
2019-05-20Fixed #27635 -- Used secrets module in django.utils.crypto.Nick Pope
2019-05-20Refs #27635 -- Removed fallback when SystemRandom() isn't available that ↵Nick Pope
doesn't work. Fallback was untested and likely never triggered.
2019-05-15Refs #27685 -- Logged unexpected Watchman autoreloader errors.Daniel Hahler
2019-05-08Refs #27753 -- Deprecated django.utils.text.unescape_entities().Jon Dufresne
The function was undocumented and only required for compatibility with Python 2. Code should use Python's html.unescape() that was added in Python 3.4.
2019-05-03Ignored pywatchman.SocketTimeout in Watchman autoreloader.Daniel Hahler
Bumped minimum supported pywatchman version to 1.2.0. These exceptions don't require checking a server status.
2019-04-29Fixed #30323 -- Fixed detecting changes by autoreloader when using StatReloader.Tom Forbes
2019-04-29Refs #30323 -- Prevented crash of autoreloader when ↵Tom Forbes
get_resolver().urlconf_module raising an exception.
2019-04-29Refs #30323 -- Simplified utils.autoreload.ensure_echo_on().Tom Forbes
2019-04-26Fixed #30361 -- Increased the default timeout of watchman client to 5 ↵Jacob Green
seconds and made it customizable. Made the default timeout of watchman client customizable via DJANGO_WATCHMAN_TIMEOUT environment variable.
2019-04-25Fixed #30399 -- Changed django.utils.html.escape()/urlize() to use ↵Jon Dufresne
html.escape()/unescape().
2019-04-13Fixed #30363 -- Do not use exponential notation for small decimal numbers.Sjoerd Job Postmus
In 9cc6a60040b0f64f8ea066dd215176d4bd16621d a security patch was introduced to prevent allocating large segments of memory when a very large or very small decimal number was to be formatted. As a side-effect, there was a change in formatting of small decimal numbers even when the `decimal_pos` argument was provided, which meant that reasonable small decimal numbers (above 1e-199) would be formatted as `0.00`, while smaller decimal numbers (under 1e-200) would be formatted as `1e-200`.
2019-03-28Fixed "byte string" typo in various docs and comments.Mariusz Felisiak
2019-02-27Fixed #30215 -- Fixed autoreloader crash for modules without __spec__.shiningfm
Regression in c8720e7696ca41f3262d5369365cc1bd72a216ca.
2019-02-25Refs #27685 -- Removed "watchman unavailable" message.Tom Forbes
2019-02-25Refs #30179 -- Moved topological sort functions to django.utils.Matthias Kestenholz
2019-02-23Fixed #30141 -- Fixed parse_duration() for some negative durations.Seunghun Lee