summaryrefslogtreecommitdiff
path: root/django
AgeCommit message (Collapse)Author
2020-09-02Fixed #31858 -- Reallowed whitespaces in URL paths outside of parameters.Tim Park
Regression in 22394bd3a18a7d9a8957a0b431f8ae4e5ca03a8c. Thanks David Smith for the review.
2020-09-02Refs #29887, Refs #24212 -- Added servers configuration hook for memcached ↵Nick Pope
backends. The servers property can be overridden to allow memcached backends to alter the server configuration prior to it being passed to instantiate the client. This allows avoidance of documentation for per-backend differences, e.g. stripping the 'unix:' prefix for pylibmc.
2020-09-02Fixed #31948 -- Added tzinfo parameter to TruncDate() and TruncTime().Joe Jackson
2020-09-01Refs #29887 -- Simplified memcached client instantiation.Nick Pope
2020-09-01Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level ↵Mariusz Felisiak
directories of the file system cache on Python 3.7+.
2020-09-01Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level ↵Mariusz Felisiak
static and storage directories on Python 3.7+. Thanks WhiteSage for the report.
2020-09-01Fixed #31901 -- Prevented content overflowing in the admin changelist with ↵007gzs
navigation sidebar.
2020-08-31Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.Federico Jaramillo Martínez
Thanks dacotagh for the report.
2020-08-31Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.Simon Charette
The optimization introduced in 7acef095d73 did not properly handle deletion involving filters against aggregate annotations. It initially was surfaced by a MariaDB test failure but misattributed to an undocumented change in behavior that resulted in the systemic generation of poorly performing database queries in 5b83bae031. Thanks Anton Plotkin for the report. Refs #23576.
2020-08-31Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations.Simon Charette
2020-08-28Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder ↵Mariusz Felisiak
on PostgreSQL. Thanks Marc Debureaux for the report. Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28Fixed #31954 -- Fixed migration optimization for MTI model creation with ↵Koen De Wit
parent model with mixed case app label.
2020-08-28Fixed #31928 -- Fixed detecting an async get_response in various middlewares.Kevin Michel
SecurityMiddleware and the three cache middlewares were not calling super().__init__() during their initialization or calling the required MiddlewareMixin._async_check() method. This made the middlewares not properly present as coroutine and confused the middleware chain when used in a fully async context. Thanks Kordian Kowalski for the report.
2020-08-28Refs #31928 -- Made SessionMiddleware call super().__init__().Kevin Michel
2020-08-28Fixed #31912 -- Removed strict=True in Path.resolve() in project template ↵Mariusz Felisiak
and CommonPasswordValidator. This caused permission errors when user didn't have permissions to all intermediate directories in a Django installation path. Thanks tytusd and leonyxz for reports. Regression in edeec1247e52de6fc32cee93e96d4ce36003ea4b and 26554cf5d1e96db10d0d5f4b69683a22fb82fdf8.
2020-08-27Refs #31913 -- Corrected comment in PasswordResetTokenGenerator.Phil Gyford
Follow up to da4923ea87124102aae4455e947ce24599c0365b.
2020-08-27Fixed #31947 -- Made QuerySet.update_or_create() reuse get_or_create().Alexander
2020-08-26Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.Mariusz Felisiak
This resolves an issue on databases without a native JSONField (MariaDB, MySQL, SQLite, Oracle), where values must be wrapped. Thanks Sébastien Pattyn for the report.
2020-08-26Fixed #31942 -- Made settings cleansing work with dictionary settings with ↵Jeremy Lainé
non-string keys.
2020-08-26Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field.Kaustubh
2020-08-26Fixed #31905 -- Made MiddlewareMixin call ↵Michael Galler
process_request()/process_response() with thread sensitive. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-24Fixed #24533 -- Dropped PostgreSQL sequence and Oracle identity when ↵Tim Graham
migrating away from AutoField.
2020-08-24Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing ↵Mariusz Felisiak
URL kwargs into context." This reverts commit 4ed534758cb6a11df9f49baddecca5a6cdda9311.
2020-08-24Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg ↵Mariusz Felisiak
deprecation warning." This reverts commit 20799cc0a6d98816b9ef0577e24691bd26b80d7d.
2020-08-24Fixed #31907 -- Fixed missing validate_key() calls in cache backends.Nick Pope
2020-08-20Refs #29887, #27480 -- Moved touch() to BaseMemcachedCache.Nick Pope
2020-08-20Fixed comments related to nonexistent keys for incr()/decr() in memcached ↵Nick Pope
backends.
2020-08-19Fixed #31895 -- Fixed crash when decoding invalid session data.Mariusz Felisiak
Thanks Matt Hegarty for the report. Regression in d4fff711d4c97356bd6ba1273d2a5e349326eb5f.
2020-08-19Fixed #31902 -- Fixed crash of ExclusionConstraint on expressions with params.Maxim Petrov
2020-08-18Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms.Mariusz Felisiak
Follow up to 162765d6c3182e36095d29543e21b44b908625fc.
2020-08-18Refs #20347 -- Allowed customizing the maximum number of instantiated forms ↵Mariusz Felisiak
in generic_inlineformset_factory(). Follow up to 433dd737f94b09043f64b873b0ac067b3f97364b.
2020-08-14Fixed #31826 -- Made AlterField operation a noop when adding db_column.Iuri de Silvio
AlterField operation with adding a db_column is a noop if the column name is not changed.
2020-08-14Added missing items to django.test.client.__all__ and django.test.utils.__all__.Mads Jensen
2020-08-14Removed unnecessary urlsplit() call from SimpleTestCase.assertRedirects().Mads Jensen
2020-08-14Fixed #31878 -- Made createsuperuser respect --database option in default ↵Yan Mitrofanov
usernames.
2020-08-13Refs #31811 -- Added optional timing outputs to the test runner.Ahmad A. Hussein
2020-08-13Fixed #31792 -- Made Exists() reuse QuerySet.exists() optimizations.Simon Charette
The latter is already optimized to limit the number of results, avoid selecting unnecessary fields, and drop ordering if possible without altering the semantic of the query.
2020-08-13Fixed #31825 -- Made RenameField operation a noop for fields with db_column.Iuri de Silvio
2020-08-13Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning.Adam Johnson
SimpleLazyObjects cause a crash when filtering. Thanks Tim L. White for the report. Regression in 4ed534758cb6a11df9f49baddecca5a6cdda9311.
2020-08-12Fixed #31382 -- Made Model.save(update_fields=...) raise ValueError on ↵Pat Garcia
non-concrete fields.
2020-08-12Fixed #31863 -- Prevented mutating model state by copies of model instances.Gert Burger
Regression in bfb746f983aa741afa3709794e70f1e0ab6040b5.
2020-08-11Fixed #21181 -- Added Collate database function.Tom Carrick
Thanks Simon Charette for reviews.
2020-08-11Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()).Daniel Hillier
2020-08-11Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging.Carlton Gibson
Thanks to Mariusz Felisiak for review.
2020-08-10Fixed #31870 -- Fixed crash when populating app registry with empty or ↵Iuri de Silvio
without apps module. Regression in 3f2821af6bc48fa8e7970c1ce27bc54c3172545e.
2020-08-10Fixed #31871 -- Updated SESSION_COOKIE_SAMESITE comment in global_settings.py.אורי
Follow up to b33bfc383935cd26e19a2cf71d066ac6edd1425f.
2020-08-08Fixed #31831 -- Fixed migration operations ordering when adding ↵Iuri de Silvio
order_with_respect_to and constraints/indexes.
2020-08-07Fixed #31864 -- Fixed encoding session data during transition to Django 3.1.Mariusz Felisiak
Thanks אורי for the report.
2020-08-06Fixed #25513 -- Extracted admin pagination to Paginator.get_elided_page_range().Nick Pope
2020-08-06Refs #25513 -- Fixed admin pagination elision bounds.Nick Pope
It doesn't make sense to elide a single page number which could be a clickable link to that page. We only want to elide two or more pages.