summaryrefslogtreecommitdiff
path: root/django
AgeCommit message (Collapse)Author
2025-04-03Fixed #36292 -- Fixed crash when aggregating over a group mixing transforms ↵Simon Charette
and references. Regression in 65ad4ade74dc9208b9d686a451cd6045df0c9c3a. Refs #28900 Thanks Patrick Altman for the report.
2025-04-02Fixed CVE-2025-27556 -- Mitigated potential DoS in ↵Sarah Boyce
url_has_allowed_host_and_scheme() on Windows. Thank you sw0rd1ight for the report.
2025-04-02Fixed #36267 -- Fixed contenttypes shortcut() view crash with an invalid ↵Ahmed Nassar
object_id for a UUIDField pk.
2025-04-01Fixed typo in django/db/models/options.py.Clifford Gama
2025-04-01Fixed #36284, Refs #31170 -- Ensured related lookup popups are closed properly.nessita
In the admin, when selecting related objects via the helpers defined in `RelatedObjectLookups.js`, the `dismissRelatedLookupPopup` function was attempting to access `window.relatedWindows`, which does not exist in real execution, causing related lookup popups to remain open. This change ensures that this code correctly accesses the module-local `relatedWindows` by explicitly assigning it to `window.relatedWindows`. Regression in 91bebf1adb43561b54bac18e76224759dc70acb3. Thanks Matthias Kestenholz for the report, the fix ideas, and testing. Co-authored-by: Matthias Kestenholz <mk@feinheit.ch>
2025-04-01Fixed #36184 -- Allowed migrating forward to squashed migrations.Jacob Walls
2025-04-01Fixed #36283 -- Reverted "Fixed #35798, Refs #31641 -- Prevented admin ↵Mariusz Felisiak
navigation sidebar loading flicker." This reverts commit 747b417a220b0412ed806001a383959449aac6da that caused a visual regression when both navigation and filter sidebars are visible.
2025-03-31Refs #28909 -- Simplified code using unpacking generalizations.Aarni Koskela
2025-03-31Fixed #22977 -- Added system check for clashing managers and reverse related ↵Anthony Joseph
fields. With thanks to Konrad Świat, Loïc Bistuer, Russell Keith-Magee, and Mariusz Felisiak. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2025-03-31Updated translations from Transifex.Sarah Boyce
Forwardport of cc31b389a11559396fc039511c0dc567d9ade469 from stable/5.2.x.
2025-03-31Fixed #36265 -- Added support for serialization of ZoneInfo instances in ↵Song Junho
migrations.
2025-03-31Refs #36055 -- Prevented overlap of object-tools buttons and page header in ↵Mariusz Felisiak
the admin on small screens. Visual regression in b1324a680add78de24c763911d0eefa19b9263bc.
2025-03-30Fixed warnings per flake8 7.2.0.Mariusz Felisiak
https://github.com/PyCQA/flake8/releases/tag/7.2.0
2025-03-28Fixed #36239 -- Fixed a crash in ManyToManyField.through_fields check when ↵saJaeHyukc
to model is invalid. Signed-off-by: saJaeHyukc <wogur981208@gmail.com>
2025-03-28Refs #34619 -- Fixed labels width in FilteredSelectMultiple in the admin.Mariusz Felisiak
Visual regression in 857b1048d53ebf5fc5581c110e85c212b81ca83a.
2025-03-27Fixed #34917 -- Underlined links in the main content area of the admin.antoliny0919
2025-03-27Fixed #35440 -- Simplified parse_header_parameters by leveraging stdlid's ↵Khudyakov Artem
Message. The `parse_header_parameters` function historically used Python's `cgi` module (now deprecated). In 34e2148fc725e7200050f74130d7523e3cd8507a, the logic was inlined to work around this deprecation ( #33173). Later, in d4d5427571b4bf3a21c902276c2a00215c2a37cc, the header parsing logic was further cleaned up to align with `multipartparser.py` (#33697). This change takes it a step further by replacing the copied `cgi` logic with Python's `email.message.Message` API for a more robust and maintainable header parsing implementation. Thanks to Raphael Gaschignard for testing, and to Adam Johnson and Shai Berger for reviews. Co-authored-by: Ben Cail <bcail@crossway.org> Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-03-26Refs #34619 -- Corrected selector description in the admin.Mariusz Felisiak
2025-03-26Fixed #34819 -- Made GenericForeignKey prefetching use matching pk ↵Clifford Gama
representations. Ensured that rel_obj_attr and instance_attr return matching (pk, cls) tuples in GenericForeignKey.get_prefetch_queryset(), preventing mismatches when prefetching related objects where pk and get_prep_value() differ. Using value_to_string() also makes this code compatible with composite primary keys.
2025-03-26Refs #36260 -- Moved _is_pk_set checks into _prepare_for_bulk_create().Simon Charette
To avoid looping over objs twice.
2025-03-26Fixed #36260 -- Made bulk_create() work with DB-generated primary keys.Dmitry Shachnev
Co-authored-by: Simon Charette <charette.s@gmail.com>
2025-03-25Fixed #35529 -- Added support for positional arguments in querystring ↵Giannis Terzopoulos
template tag. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-03-25Fixed #36262 -- Made GeneratedField.db_persist a required key-word argument.Jason Cameron
2025-03-25Fixed #35452 -- Deprecated orphans being more than or equal to page_size in ↵wookkl
pagination.
2025-03-25Fixed #36276 -- Omitted size=None from ArrayField.deconstruct().Tim Graham
2025-03-24Fixed #36271 -- Raised TemplateSyntaxError when using a relative template ↵YogyaChugh
path with an unknown origin.
2025-03-24Fixed #36268 -- Added leading `?` in every querystring template tag result.Natalia
Thanks Sarah Boyce for the report.
2025-03-24Improved and reorganized querystring template tag docstring and ref docs.Natalia
2025-03-21Fixed #36266 -- Renamed HIDE_PRODUCTION_WARNING environment variable to ↵Johanan Oppong Amoateng
DJANGO_RUNSERVER_HIDE_WARNING.
2025-03-21Fixed #36138 -- Changed ADMINS and MANAGERS settings to lists of strings.Mike Edmunds
Previously, the ADMINS and MANAGERS settings were lists of (name, address) tuples (where the name had been unused). Deprecated use of tuples. Updated settings value sanity checks, and changed from ValueError to ImproperlyConfigured.
2025-03-19Updated source translation catalogs.Mariusz Felisiak
Forwardport of d2b1ec551567c208abfdd21b27ff6d08ae1a6371 from stable/5.2.x
2025-03-19Fixed #36000 -- Deprecated HTTP as the default protocol in urlize and ↵Ahmed Nassar
urlizetrunc.
2025-03-18Handled WebDriverException from Chrome driver version 113+.Sarah Boyce
2025-03-18Refs #36138 -- Cleaned up duplicate code in mail_admins()/mail_managers().Mike Edmunds
2025-03-17Fixed #34865 -- Released memory earlier than garbage collection on database ↵fowczrek
wrapping layers. Thank you Florian Apolloner, Jake Howard and Patryk Zawadzki for the clarifying comments and reviews.
2025-03-17Fixed #36252 -- Handled duplicate automatic imports in the shell command.hesham942
2025-03-17Fixed #33537 -- Made test database cloning on MySQL reraise unexpected errors.Mariusz Felisiak
Thanks Faakhir Zahid and Stephen Finucane for the initial patch. Thanks Simon Charette for the review.
2025-03-12Fixed #36234 -- Restored single_object argument to ↵Adam Johnson
LogEntry.objects.log_actions(). Thank you Adam Johnson for the report and fix. Thank you Sarah Boyce for your spot on analysis. Regression in c09bceef68e5abb79accedd12dade16aa6577a09, which is partially reverted in this branch. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2025-03-12Fixed #35945 -- Added async interface to Paginator.wookkl
2025-03-12Fixed #35676 -- Made BaseModelForm validate constraints that reference an ↵Clifford Gama
InlineForeignKeyField. Co-authored-by: Simon Charette <charette.s@gmail.com>
2025-03-11Fixed #35816 -- Handled parsing of scientific notation in DTL. (#19213)haileyajohnson
* Refs #35816 -- Improved test coverage of FilterExpression. * Fixed #35816 -- Made FilterExpression parse scientific numbers. --------- Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2025-03-11Fixed #36177 -- Added a trailing newline to JSON serializer. (#19232)Tom Carrick
2025-03-10Fixed #33579 -- Specialized exception raised on forced update failures.Simon Charette
Raising DatabaseError directly made it harder than it should to differentiate between IntegrityError when a forced update resulted in no affected rows. Introducing a specialized exception allows for callers to more easily silence, log, or turn them update failures into user facing exceptions (e.g. 404s). Thanks Mariusz for the review.
2025-03-10Fixed #36222 -- Fixed ExclusionConstraint validation crash on excluded ↵saJaeHyukc
fields in condition. Signed-off-by: saJaeHyukc <wogur981208@gmail.com>
2025-03-10Used _expression_refs_exclude() hook in ↵Mariusz Felisiak
CheckConstraint/UniqueConstraint.validate().
2025-03-10Fixed #36201 -- Caught ValidationError in ↵saJaeHyukc
ModelChoiceField/ModelMultipleChoiceField.clean(). Signed-off-by: saJaeHyukc <wogur981208@gmail.com>
2025-03-09Fixed #35487 -- Removed CASCADE from RemoveField() on PostgreSQL.petr.prikryl
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> Co-authored-by: Adam Johnson <me@adamj.eu> Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2025-03-07Fixed #36224 -- Fixed shell imports when settings not configured.Sarah Boyce
Thank you Raffaella for the report. Thank you Tim Schilling and Natalia Bidart for the reviews.
2025-03-06Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template filter.Sarah Boyce
Thanks sw0rd1ight for the report.
2025-03-05Clarified cryptic comment in django/core/cache/backends/redis.py.Tim Graham