| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-11-13 | Fixed #36730 -- Fixed constraint validation crash for excluded FK attnames. | Adam Johnson | |
| Regression in e44e8327d3d88d86895735c0e427102063ff5b55. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2025-11-12 | Fixed #36717 -- Redirect authenticated users on admin login view to next URL. | Benedict Etzel | |
| Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2025-11-12 | Refs #35381 -- Made JSONNull deconstruct using convenient import path. | Clifford Gama | |
| 2025-11-11 | Fixed #36053 -- Fixed placement of FilteredSelectMultiple widget label. | Dani Fornons | |
| 2025-11-10 | Fixed #36715 -- Handled non-finite Decimals in intcomma filter. | Kasyap Pentamaraju | |
| 2025-11-07 | Fixed #36420 -- Used actual SQLite limits in last_executed_query() quoting. | myoungjinGo | |
| 2025-11-07 | Fixed #36705 -- Avoided string concatenation in utils. | Kasyap Pentamaraju | |
| Repeated string concatenation performs poorly on PyPy. Thanks Seokchan Yoon for the report. | |||
| 2025-11-07 | Fixed #36315 -- Used TaskGroup instead of asyncio.gather(). | Thomas Grainger | |
| 2025-11-07 | Refs #36315 -- Replaced manual task and cancellation handling with TaskGroup ↵ | Thomas Grainger | |
| in ASGIHandler. | |||
| 2025-11-07 | Refs #36315 -- Used contextlib.closing() in ASGIHandler.handle(). | Thomas Grainger | |
| 2025-11-06 | Fixed #36702 -- Made bulk_create() return pk values set by an expression. | us77ipis | |
| 2025-11-05 | Fixed #36710 -- Fixed a regression in urlize for multipart domain names. | Mehraz Hossain Rumman | |
| Thanks Mehraz Hossain Rumman for the report and Bruno Alla for the triage. Regression in a9fe98d5bd4212d069afe8316101984aadecfbb2. | |||
| 2025-11-05 | Fixed #36709 -- Included static methods in system check for ↵ | Harsh Jain | |
| UserModel.is_anonymous/is_authenticated methods. | |||
| 2025-11-05 | Refs CVE-2025-64459 -- Avoided propagating invalid arguments to Q on ↵ | Jacob Walls | |
| dictionary expansion. | |||
| 2025-11-05 | Fixed CVE-2025-64459 -- Prevented SQL injections in Q/QuerySet via the ↵ | Jacob Walls | |
| _connector kwarg. Thanks cyberstan for the report, Sarah Boyce, Adam Johnson, Simon Charette, and Jake Howard for the reviews. | |||
| 2025-11-05 | Fixed CVE-2025-64458 -- Mitigated potential DoS in ↵ | Jacob Walls | |
| HttpResponseRedirect/HttpResponsePermanentRedirect on Windows. Thanks Seokchan Yoon for the report, Markus Holtermann for the triage, and Jake Howard for the review. Follow-up to CVE-2025-27556 and 39e2297210d9d2938c75fc911d45f0e863dc4821. | |||
| 2025-11-04 | Fixed #36704 -- Fixed system check error for proxy model with a composite pk. | Hal Blackburn | |
| Proxy models subclassing a model with a CompositePrimaryKey were incorrectly reporting check errors because the check that requires only local fields to be used in a composite pk was evaluated against the proxy subclass, which has no fields. To fix this, composite pk field checks are not evaluated against proxy subclasses, as none of the checks are applicable to proxy subclasses. This also has the benefit of not double-reporting real check errors from an invalid superclass pk. Thanks Clifford Gama for the review. | |||
| 2025-11-04 | Fixed #36652 -- Increased determinism when loading migrations from disk. | Jayden Kneller | |
| Ordering still depends on pkgutil.iter_modules, which does not guarantee order, but at least now Django is not introducing additional indeterminism, causing CircularDependencyError to appear or not appear in some edge cases. Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com> | |||
| 2025-11-03 | Fixed #36695 -- Fixed handling of parameterized generics in migration ↵ | Augusto Pontes | |
| serialization. Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com> | |||
| 2025-10-31 | Fixed #36661 -- Added introspection of database-level delete options. | Mariusz Felisiak | |
| 2025-10-31 | Fixed #36696 -- Fixed NameError when inspecting functions with deferred ↵ | Patrick Rauscher | |
| annotations. In Python 3.14, annotations are deferred by default, so we should not assume that the names in them have been imported unconditionally. | |||
| 2025-10-29 | Refs #35381 -- Deprecated using None in JSONExact rhs to mean JSON null. | Clifford Gama | |
| Key and index lookups are exempt from the deprecation. Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com> | |||
| 2025-10-29 | Refs #35381 -- Delegated ArrayField element prepping to ↵ | Clifford Gama | |
| base_field.get_db_prep_save. Previously, ArrayField always used base_field.get_db_prep_value when saving, which could differ from how base_field prepares data for save. This change overrides ArrayField.get_db_prep_save to delegate to the base_field's get_db_prep_save, ensuring elements like None in JSONField arrays are saved correctly as SQL NULL instead of JSON null. | |||
| 2025-10-29 | Fixed #35381 -- Added JSONNull() expression. | Clifford Gama | |
| Thanks Jacob Walls for the review. | |||
| 2025-10-29 | Fixed #36678 -- Limited retries in ParallelTestRunner. | Jacob Walls | |
| Thanks Natalia Bidart for the review. | |||
| 2025-10-29 | Refs #35972 -- Returned params in a tuple in further lookups. | Jacob Walls | |
| 2025-10-28 | Reverted "Fixed #26434 -- Removed faulty clearing of ordering field when ↵ | Jacob Walls | |
| missing from explicit grouping." This reverts commit ea3a71c2d09f8281d8a50ed20e40e1fb13db5cd9. The implementation was flawed, as self.group_by contains Cols, not aliases. | |||
| 2025-10-28 | Fixed #36596 -- Made parallel test runner respect django_test_skips and ↵ | Mariusz Felisiak | |
| django_test_expected_failures. | |||
| 2025-10-27 | Fixed #26434 -- Removed faulty clearing of ordering field when missing from ↵ | Michal Mládek | |
| explicit grouping. Co-authored-by: Simon Charette <charette.s@gmail.com> | |||
| 2025-10-27 | Fixed #36624 -- Dropped support for MySQL < 8.4. | Mariusz Felisiak | |
| 2025-10-25 | Fixed #36683 -- Added error message on QuerySet.update() following ↵ | Matthew Shirley | |
| distinct(*fields). | |||
| 2025-10-24 | Fixed #36674 -- Fixed memory leak in select_related(). | Ken Nzioka | |
| 2025-10-23 | Fixed #35095 -- Clarified Swiss number formatting in ↵ | Annabelle Wiegart | |
| docs/topics/i18n/formatting.txt. Co-authored-by: Ahmed Nassar <a.moh.nassar00@gmail.com> | |||
| 2025-10-21 | Fixed #36677 -- Fixed scheduling of system checks in ParallelTestSuite workers. | Jacob Walls | |
| Running system checks in workers must happen after database aliases are set up. Regression in 606fc352799e372928fa2c978ab99f0fb6d6017c. | |||
| 2025-10-21 | Fixed #36656 -- Avoided truncating async streaming responses in GZipMiddleware. | Adam Johnson | |
| 2025-10-20 | Fixed #36470 -- Prevented log injection in runserver when handling NOT FOUND. | YashRaj1506 | |
| Migrated `WSGIRequestHandler.log_message()` to use a more robust `log_message()` helper, which was based of `log_response()` via factoring out the common bits. Refs CVE-2025-48432. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2025-10-18 | Fixed #36671 -- Dropped support for SQLite < 3.37. | Mariusz Felisiak | |
| 2025-10-18 | Fixed #21961 -- Added support for database-level delete options for ForeignKey. | Mariusz Felisiak | |
| Thanks Simon Charette for pair programming. Co-authored-by: Nick Stefan <NickStefan12@gmail.com> Co-authored-by: Akash Kumar Sen <71623442+Akash-Kumar-Sen@users.noreply.github.com> Co-authored-by: Simon Charette <charette.s@gmail.com> | |||
| 2025-10-16 | Bumped minimum isort version to 7.0.0. | Jacob Walls | |
| Added ignores relating to https://github.com/PyCQA/isort/issues/2352. | |||
| 2025-10-16 | Refs #28586 - Copied fetch mode in QuerySet.create(). | Adam Johnson | |
| This change allows the pattern `MyModel.objects.fetch_mode(...).create(...)` to set the fetch mode for a new object. | |||
| 2025-10-16 | Refs #28586 -- Copied fetch modes to related objects. | Adam Johnson | |
| This change ensures that behavior and performance remain consistent when traversing relationships. | |||
| 2025-10-16 | Refs #28586 -- Simplified related descriptor get_queryset() methods. | Adam Johnson | |
| Modify these methods to accept an instance parameter which is clearer and allows us to set the instance hint earlier. | |||
| 2025-10-16 | Refs #28586 -- Made fetch modes pickle as singletons. | Adam Johnson | |
| This change ensures that we don’t create new instances of fetch modes when pickling and unpickling, saving memory and preserving their singleton nature. | |||
| 2025-10-16 | Fixed #28586 -- Added model field fetch modes. | Adam Johnson | |
| May your database queries be much reduced with minimal effort. co-authored-by: Andreas Pelme <andreas@pelme.se> co-authored-by: Simon Charette <charette.s@gmail.com> co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com> | |||
| 2025-10-15 | Fixed 36622 -- Prevented LazyObject FileField storages from evaluating at ↵ | Clifford Gama | |
| boot time. Co-authored-by: Fabien MICHEL <fmichel@adista.fr> | |||
| 2025-10-15 | Fixed #36659 -- Fixed flatpage content selector in admin forms.css. | Baptiste Mispelon | |
| Regression in bb145e2c47d71b7f68280c00ced727442d2effa2. | |||
| 2025-10-14 | Fixed #36648, Refs #33772 -- Accounted for composite pks in first()/last() ↵ | Jacob Walls | |
| when aggregating. | |||
| 2025-10-14 | Fixed #36654 -- Corrected Model._do_update()'s docstring. | Augusto Pontes | |
| 2025-10-14 | Refs #31223 -- Added __class_getitem__() to SetPasswordMixin. | Thibaut Decombe | |
| 2025-10-14 | Fixed #34041 -- Added aria-current attribute to admin breadcrumbs. | antoliny0919 | |
| Co-authored by: farita1699 <uwanjerry25@gmail.com> | |||
