| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-03-01 | [4.2.x] Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. | django-bot | |
| 2023-02-14 | [4.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. | Markus Holtermann | |
| Thanks to Jakob Ackermann for the report. | |||
| 2023-02-10 | [4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples. | Carlton Gibson | |
| Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for reviews. Backport of 534ac4829764f317cf2fbc4a18354fcc998c1425 from main. | |||
| 2023-01-16 | Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase. | sarahboyce | |
| Co-authored-by: Christian Bundy <me@christianbundy.com> | |||
| 2023-01-12 | Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. | Jarosław Wygoda | |
| 2023-01-12 | Fixed #26029 -- Allowed configuring custom file storage backends. | Jarosław Wygoda | |
| 2022-11-24 | Fixed #34064 -- Adjusted locale override wording in settings docs. | Tibor Leupold | |
| 2022-11-02 | Fixed #34054 -- Created a new fixtures topic. | Filip Lajszczak | |
| Moved material from django-admin document into a new document, and added new material. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2022-08-24 | Fixed #33920 -- Doc'd dependency of LOGGING_CONFIG callback on non-empty ↵ | Kanza | |
| LOGGING. | |||
| 2022-05-17 | Removed versionadded/changed annotations for 4.0. | Carlton Gibson | |
| 2022-04-28 | Removed hyphen from pre-/re- prefixes. | David | |
| "prepopulate", "preload", and "preprocessing" are already in the spelling_wordlist. This also removes hyphen from double "e" combinations with "pre" and "re", e.g. preexisting, preempt, reestablish, or reenter. See also: - https://ahdictionary.com/word/search.html?q=rerun - https://ahdictionary.com/word/search.html?q=recreate - https://ahdictionary.com/word/search.html?q=predetermined - https://ahdictionary.com/word/search.html?q=reuse - https://ahdictionary.com/word/search.html?q=reopening | |||
| 2022-03-23 | Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols ↵ | Thomas Schmidt | |
| in the header value. | |||
| 2022-02-01 | Refs #33476 -- Used vertical hanging indentation for format lists with ↵ | Mariusz Felisiak | |
| inline comments. Lists with multiple values and comments per-line are reformatted by Black to multiple lines with a single comment. For example: DATE_INPUT_FORMATS = "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06' ] is reformatted to the: DATE_INPUT_FORMATS = "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06' ] This reformats affected entries to multiple lines with corresponding comments. | |||
| 2022-02-01 | Fixed #30360 -- Added support for secret key rotation. | tschilling | |
| Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com> | |||
| 2022-01-13 | Fixed #29708 -- Deprecated PickleSerializer. | Adam Johnson | |
| 2021-12-22 | Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs. | Adam Johnson | |
| 2021-12-01 | Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting. | Przemysław Suliga | |
| The CONN_HEALTH_CHECKS setting can be used to enable database connection health checks for Django's persistent DB connections. Thanks Florian Apolloner for reviews. | |||
| 2021-11-29 | Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret. | Chris Jerdonek | |
| This also adds CSRF_COOKIE_MASKED transitional setting helpful in migrating multiple instance of the same project to Django 4.1+. Thanks Florian Apolloner and Shai Berger for reviews. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-10-18 | Refs #32956 -- Changed docs to treat the acronym HTTP phonetically. | David Smith | |
| 2021-09-20 | Removed versionadded/changed annotations for 3.2. | Mariusz Felisiak | |
| 2021-09-20 | Fixed #31026 -- Switched form rendering to template engine. | David Smith | |
| Thanks Carlton Gibson, Keryn Knight, Mariusz Felisiak, and Nick Pope for reviews. Co-authored-by: Johannes Hoppe <info@johanneshoppe.com> | |||
| 2021-09-16 | Fixed #32365 -- Made zoneinfo the default timezone implementation. | Carlton Gibson | |
| Thanks to Adam Johnson, Aymeric Augustin, David Smith, Mariusz Felisiak, Nick Pope, and Paul Ganssle for reviews. | |||
| 2021-09-16 | Doc'd Jinja2 form renderer. | David Smith | |
| 2021-09-14 | Fixed #33012 -- Added Redis cache backend. | Daniyal | |
| Thanks Carlton Gibson, Chris Jerdonek, David Smith, Keryn Knight, Mariusz Felisiak, and Nick Pope for reviews and mentoring this Google Summer of Code 2021 project. | |||
| 2021-09-14 | Fixed #32873 -- Deprecated settings.USE_L10N. | Claude Paroz | |
| Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-07-30 | Refs #32956 -- Updated words ending in -wards. | David Smith | |
| AP styleguide: Virtually none of the words ending with -wards end with an s. | |||
| 2021-07-29 | Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵ | David Smith | |
| appropriate. | |||
| 2021-07-14 | Added note about zero timeout in cache settings docs. | Nick Pope | |
| 2021-05-18 | Fixed #32379 -- Started deprecation toward changing default USE_TZ to True. | Claude Paroz | |
| Co-authored-by: Nick Pope <nick@nickpope.me.uk> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-04-30 | Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. | Tim Graham | |
| 2021-04-29 | Refs #32674 -- Noted that auto-created through table PKs cannot be ↵ | Carlton Gibson | |
| automatically migrated. | |||
| 2021-03-30 | Fixed #31840 -- Added support for Cross-Origin Opener Policy header. | bankc | |
| Thanks Adam Johnson and Tim Graham for the reviews. Co-authored-by: Tim Graham <timograham@gmail.com> | |||
| 2021-03-18 | Fixed #16010 -- Added Origin header checking to CSRF middleware. | Tim Graham | |
| Thanks David Benjamin for the original patch, and Florian Apolloner, Chris Jerdonek, and Adam Johnson for reviews. | |||
| 2021-03-18 | Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme. | Tim Graham | |
| 2021-02-24 | Fixed #32446 -- Deprecated SERIALIZE test database setting. | Simon Charette | |
| Whether or not the state of a test database should be serialized can be inferred from the set of databases allowed to be access from discovered TestCase/TransactionTestCase enabling the serialized_rollback feature which makes this setting unnecessary. This should make a significant test suite bootstraping time difference on large projects that didn't explicitly disable test database serialization. | |||
| 2021-02-06 | Refs #32394 -- Changed STATIC_URL/MEDIA_URL to relative paths in tests and ↵ | Markus Holtermann | |
| docs where appropriate. | |||
| 2021-01-14 | Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting. | Mariusz Felisiak | |
| Per deprecation timeline. | |||
| 2021-01-14 | Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation ↵ | Mariusz Felisiak | |
| timeline. | |||
| 2021-01-14 | Removed versionadded/changed annotations for 3.1. | Mariusz Felisiak | |
| 2021-01-04 | Refs #28741 -- Doc'd SESSION_COOKIE_DOMAIN requirement with CSRF_USE_SESSIONS. | Tim Graham | |
| Similar considerations as refs #32065, again adding some nuance to afd375fc343baa46e61036087bc43b3d096bb0ca. | |||
| 2020-12-15 | Corrected formatting in settings docs. | Carlton Gibson | |
| 2020-12-15 | Fixed #31007 -- Allowed specifying type of auto-created primary keys. | Tom Forbes | |
| This also changes the default type of auto-created primary keys for new apps and projects to BigAutoField. | |||
| 2020-12-09 | Fixed #32193 -- Deprecated MemcachedCache. | Mariusz Felisiak | |
| 2020-11-02 | Updated {% static %} tag examples in docs to use single quotes where ↵ | Nikita Sobolev | |
| appropriate. | |||
| 2020-10-07 | Fixed #32065 -- Restored leading dot to CSRF_COOKIE_DOMAIN examples. | Carlton Gibson | |
| Partially reverts afd375fc343baa46e61036087bc43b3d096bb0ca. Thanks to Tim Graham for review. | |||
| 2020-09-23 | Fixed #32012 -- Made test database creation sync apps models when migrations ↵ | Mariusz Felisiak | |
| are disabled. Thanks Jaap Roes for the report. | |||
| 2020-09-16 | Fixed #29887 -- Added a cache backend for pymemcache. | Nick Pope | |
| 2020-08-31 | Fixed #31934 -- Added note about the default of SameSite cookie flag in ↵ | Hasan Ramezani | |
| modern browsers. | |||
| 2020-08-04 | Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting. | Mariusz Felisiak | |
| It's a transitional setting helpful in migrating multiple instance of the same project to Django 3.1+. Thanks Markus Holtermann for the report and review, Florian Apolloner for the implementation idea and review, and Carlton Gibson for the review. | |||
| 2020-07-23 | Fixed #31821 -- Removed outdated note in FILE_UPLOAD_PERMISSIONS docs. | Harpreet Sharma | |
| Follow up to 22aab8662f0368b63f91f2526bdd0532524bc0fe | |||
