| Age | Commit message (Collapse) | Author |
|
Backport of c92cd22d02349b73d169a3a2ff3b6fe7a54bfb0c from master
|
|
Refs #24704.
Backport of b79fc11d73 from master
|
|
With this change, it's expected to survive anything except errors
that make it impossible to import the settings. It's too complex
to fallback to a sensible behavior with a broken settings module.
Harcoding things about runserver in ManagementUtility.execute is
atrocious but it's the only way out of the chicken'n'egg problem:
the current implementation of the autoreloader primarily watches
imported Python modules -- and then a few other things that were
bolted on top of this design -- but we want it to kick in even if
the project contains import-time errors and django.setup() fails.
At some point we should throw away this code and replace it by an
off-the-shelf autoreloader that watches the working directory and
re-runs `django-admin runserver` whenever something changes.
Backport of fe6ddb837d from master
|
|
This also fixes a test failure on Python 2 when Django is installed in a
non-ASCII path. This problem cannot happen on Python 3.
Backport of c2fcba2ac7 from master
|
|
* When some old files contain errors, the second call to
gen_filenames() should return them.
* When some new files contain errors, the first call to
gen_filenames(only_new=True) should return them.
Backport of 23620cb8e0 from master
|
|
Thanks David Nelson Adamec for the report and Tim Graham for the review.
Backport of 9324935c3 from master.
|
|
Backport of 64982cc2fb from master.
|
|
polling
Commit 15f82c7 ("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
Backport of e5cfa394d79b6ab1b412bd3b30c6a433b415d56b from master
|
|
|
|
Backport of 47fcbe506c04019a12e16221843e25a52249b1ab from master
|
|
Backport of c2b4967e76fd671e6199e4dd54d2a2c1f096b8eb from master
|
|
DurationField
Backport of 262d4db8c4c849b0fdd84550fb96472446cf90df from master
|
|
get_language() can return None when translations are deactivated.
Thanks Nicola Peduzzi for the reporti and Tim Graham for the review.
Backport of 7a0d9b5cda from master.
|
|
non-Django templates.
Backport of 1f2abf784a9fe550959de242d91963b2ad6f7e9c from master
|
|
Backport of 9e83f30cd31 from master.
|
|
This is a security fix; disclosure to follow shortly.
|
|
This is a security fix; disclosure to follow shortly.
|
|
Now that the URL is always unescaped as of refs #22267,
we should re-escape it before inserting it into the anchor.
Backport of 7b1a67cce52e5c191fbfa1bca501c6f0222db019 from master
|
|
Refs #22267.
Thanks Shai Berger for spotting the issue and Tim Graham for the
initial patch.
Backport of ec808e807 from master.
|
|
This speeds up the timesince function/filter substantially.
Backport of d6969ab from master.
|
|
Thanks Tomasz Kontusz for the report, Baptiste Mispelon for
analysis and Tim Graham for the review.
Backport of 3cf1c02695 from master.
|
|
The message for the SuspiciousFileOperation exception needs to
be a unicode string.
Backport of bebc1e53a3ab059849e5c4e5a55b2f5e68b67169 from master
|
|
RFC6454
Backport of 93b3ef9b2e from master.
|
|
Backport of 0ed7d155635da9f79d4dd67e4889087d3673c6da from master
|
|
invocation.
This dramatically improves performance on PyPy. The following benchmark:
python -mtimeit -s "from django.utils.functional import allow_lazy; from django.utils.translation import ugettext_lazy; f = allow_lazy(lambda s: s, str)" "f(ugettext_lazy('abc'))"
goes from 390us per loop to 165us.
Backport of 82e0cd15711c7171aed7af5e481967cc721c9642 from master
|
|
Report and original patch by Kay Cha.
Backport of 540ca563de from master.
|
|
Aymeric says, "It was fun to write, but I don't think it's very useful."
Backport of 607af78bb82404d55cc3e80e5f6772fb87c168ee from master
|
|
The function no longer flushes zfile after each write as doing so can
lead to the gzipped streamed content being larger than the original
content; each flush adds a 5/6 byte type 0 block. Removing this means
buf.read() may return nothing, so only yield if that has some data.
Testing shows without the flush() the buffer is being flushed every 17k
or so and compresses the same as if it had been done as a whole string.
Backport of caa3562d5bec1196502352a715a539bdb0f73c2d from master
|
|
Thanks Stanislas Guerra for the report and Tomas Ehrlich for
the review.
Backport of cd0ceaa102 from master.
|
|
Django imports threading in many other places without fallback.
Backport of 18f3e79b13947de0bda7c985916d5a04e28936dc from master
|
|
Backport of 039465a6a7a18f48ea77ceadb6949990c0ec92e1 from master
|
|
This is a security fix. Disclosure following shortly.
|
|
This fixes a regression caused by f7c287fca9. Thanks Markus Holtermann
for identifying the regression.
|
|
|
|
Since this package is going to hold both the implementation of the Django
Template Language and the infrastructure for Multiple Template Engines,
it should be untied from the DTL as much as possible within our
backwards-compatibility policy.
Only public APIs (i.e. APIs mentioned in the documentation) were left.
|
|
Refs #7261 -- Made strings escaped by Django usable in third-party libs.
The changes in mark_safe and mark_for_escaping are straightforward. The
more tricky part is to handle correctly objects that implement __html__.
Historically escape() has escaped SafeData. Even if that doesn't seem a
good behavior, changing it would create security concerns. Therefore
support for __html__() was only added to conditional_escape() where this
concern doesn't exist.
Then using conditional_escape() instead of escape() in the Django
template engine makes it understand data escaped by other libraries.
Template filter |escape accounts for __html__() when it's available.
|force_escape forces the use of Django's HTML escaping implementation.
Here's why the change in render_value_in_context() is safe. Before Django
1.7 conditional_escape() was implemented as follows:
if isinstance(text, SafeData):
return text
else:
return escape(text)
render_value_in_context() never called escape() on SafeData. Therefore
replacing escape() with conditional_escape() doesn't change the
autoescaping logic as it was originally intended.
This change should be backported to Django 1.7 because it corrects a
feature added in Django 1.7.
Thanks mitsuhiko for the report.
|
|
mark_safe and mark_for_escaping should have been kept similar.
On Python 2 this change has no effect. On Python 3 it fixes the use case
shown in the regression test for mark_for_escaping, which used to raise
a TypeError. The regression test for mark_safe is just for completeness.
|
|
resultclasses.
Co-Authored-By: Rocky Meza <rmeza@fusionbox.com>
|
|
|
|
|
|
This removes the need to load django.test when not testing.
|
|
|
|
A field for storing periods of time - modeled in Python by timedelta. It
is stored in the native interval data type on PostgreSQL and as a bigint
of microseconds on other backends.
Also includes significant changes to the internals of time related maths
in expressions, including the removal of DateModifierNode.
Thanks to Tim and Josh in particular for reviews.
|
|
|
|
comprehension
|
|
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
|
|
|
|
|
|
|
|
|