summaryrefslogtreecommitdiff
path: root/django
AgeCommit message (Collapse)Author
2019-07-01Fixed #30595 -- Added error message when no objects found to sql* management ↵Hasan Ramezani
commands.
2019-07-01Fixed CVE-2019-12781 -- Made HttpRequest always trust ↵Carlton Gibson
SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review.
2019-06-29Updated translations from TransifexClaude Paroz
Forward port of b3f7262e6e5d9e68e37fb21af89ed6656291faa3 from stable/2.2.x
2019-06-28Fixed #30400 -- Improved typography of user facing strings.Jon Dufresne
Thanks Claude Paroz for assistance with translations.
2019-06-28Fixed #30584 -- Fixed management command when using subparsers with dest ↵Hasan Ramezani
parameter.
2019-06-28Fixed #28408 -- Added error message when updating with annotated expressions ↵can
on joined fields. Co-Authored-By: Simon Charette <charette.s@gmail.com>
2019-06-27Fixed #28725 -- Prevented serializing inherited ManyToManyFields in child model.Nadège Michel
2019-06-26Fixed #30578 - Made SelectDateWidget respect a custom date format when ↵Shubham Bhagat
USE_L10N is disabled.
2019-06-26Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() ↵nsasaki128
decorator.
2019-06-26Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't ↵Tom Forbes
have __file__ attribute.
2019-06-25Fixed #30477 -- Made reverse lookup use Field.get_db_prep_value() from the ↵can
target field.
2019-06-24Fixed #26431 -- Prevented django.urls.resolve() from returning missing ↵daniel a rios
optional parameters. Previous behavior was inconsistent with django.urls.reverse() and caused that translate_url() created an incorrect URL when an optional parameter was missing.
2019-06-24Simplified handling of non-existent paths in autoreloader with ↵Tom Forbes
Path.resolve(strict=True).
2019-06-21Bumped minimum ESLint version to 4.18.2.Markus Holtermann
2019-06-21Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ↵Nadège Michel
ManyToManyField.
2019-06-20Added missing form argument in modelform_factory() docstring.Tobias Kunze
2019-06-20Refs #30451 -- Added more tests for ASGIRequest and ASGIHandler.Mariusz Felisiak
2019-06-20Fixed #30451 -- Added ASGI handler and coroutine-safety.Andrew Godwin
This adds an ASGI handler, asgi.py file for the default project layout, a few async utilities and adds async-safety to many parts of Django.
2019-06-20Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like ↵Chris Jerdonek
object.
2019-06-19Fixed #29834 -- Fixed column mismatch crash with ↵can
QuerySet.values()/values_list() and order_by() on combined querysets.
2019-06-19Fixed #30572 -- Prevented values()/values_list() on combined queryset from ↵Mariusz Felisiak
mutating the list of columns in querysets.
2019-06-17Fixed typos in FakePayload docstring and SimplifiedURLTests test name.Min ho Kim
2019-06-15Refs #30451 -- Added HttpRequest._set_content_type_params() hook.Mariusz Felisiak
2019-06-14Fixed #12952 -- Adjusted admin log change messages to use form labels ↵Sanyam Khurana
instead of field names.
2019-06-13Fixed #30512 -- Used email.headerregistry.parser for parsing emails in ↵Joachim Jablon
sanitize_address().
2019-06-13Fixed #30128 -- Fixed handling timedelta timezone in database functions.can
2019-06-12Simplified django.urls.reverse() a bit.Sergey Fedoseev
2019-06-12Added missing support for PointOnSurface function on MariaDB.Mariusz Felisiak
2019-06-11Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and ↵Jon Dufresne
filesizeformat filters. intword and filesizeformat passed floats to ngettext() which is deprecated in Python 3.7. The rationale for this warning is documented in BPO-28692: https://bugs.python.org/issue28692. For filesizeformat, the filesize value is expected to be an int -- it fills %d string formatting placeholders. It was likely coerced to a float to ensure floating point division on Python 2. Python 3 always does floating point division, so coerce to an int instead of a float to fix the warning. For intword, the number may contain a decimal component. In English, a decimal component makes the noun plural. A helper function, round_away_from_one(), was added to convert the float to an integer that is appropriate for ngettext().
2019-06-10Fixed #30548 -- Improved exception when expression contains mixed types.CruxBox
2019-06-10Fixed #30556 -- Avoided useless query and hasher call in ↵Aymeric Augustin
ModelBackend.authenticate() when credentials aren't provided. There's no need to fetch a user instance from the database unless a username and a password are provided as credentials.
2019-06-07Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.Hasan Ramezani
Thank you to Nick Pope for review. Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07Fixed #30521 -- Fixed invalid HTML in default error pages.Alexandre Varas
2019-06-07Fixed #30550 -- Fixed decoding of non-UTF-8 bytes objects in response.json().Jon Dufresne
2019-06-06Fixed #29706 -- Made RenameContentType._rename() save to the correct database.Hasan Ramezani
2019-06-06Updated Hindi language name.Arpana Mehta
2019-06-05Refs #30226 -- Added User.get_user_permissions() method.Tobias Bengfort
Added to mirror the existing User.get_group_permissions().
2019-06-05Fixed #30226 -- Added BaseBackend for authentication.Tobias Bengfort
2019-06-05Fixed #30542 -- Fixed crash of numerical aggregations with filter.Étienne Beaulé
Filters in annotations crashed when used with numerical-type aggregations (i.e. Avg, StdDev, and Variance). This was caused as the source expressions no not necessarily have an output_field (such as the filter field), which lead to an AttributeError: 'WhereNode' object has no attribute output_field. Thanks to Chuan-Zheng Lee for the report. Regression in c690afb873cac8035a3cb3be7c597a5ff0e4b261 and two following commits.
2019-06-04Fixed #30520 -- Fixed crash of admin model inlines on custom fields without ↵Jones Ambrosi
labels.
2019-06-04Fixed #30534 -- Fixed overriding a field's default in ModelForm.cleaned_data().RobertAKARobin
2019-06-03Fixed #28604 -- Prevented ManifestStaticFilesStorage from leaving ↵Nathan Gaberel
intermediate files.
2019-06-03Applied jQuery patch for CVE-2019-11358.Carlton Gibson
2019-06-03Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before ↵Carlton Gibson
rendering clickable link.
2019-05-31Fixed #30493 -- Fixed prefetch_related() for GenericRelation with different ↵can
content types. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> Thanks Simon Charette for the review.
2019-05-31Refs #30493 -- Added GenericRelatedObjectManager.get_content_type() hook.Mariusz Felisiak
2019-05-31Fixed #26192 -- Fixed crash of ordering by constants on PostgreSQL.Mariusz Felisiak
Thanks Simon Charette for the review.
2019-05-29Simplified SessionMiddleware.process_response() a bit.Daniel Hahler
2019-05-29Fixed #30523 -- Fixed updating file modification times on seen files in ↵Tom Forbes
auto-reloader when using StatReloader. Previously we updated the file mtimes if the file has not been seen before - i.e on the first iteration of the loop. If the mtime has been changed we triggered the notify_file_changed() method which in all cases except the translations will result in the process being terminated. To be strictly correct we need to update the mtime for either branch of the conditional. Regression in 6754bffa2b2df15a741008aa611c1bb0e8dff22b.
2019-05-29Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with ↵Tom Forbes
custom signature. Regression in c8720e7696ca41f3262d5369365cc1bd72a216ca.