summaryrefslogtreecommitdiff
path: root/docs/ref/settings.txt
AgeCommit message (Collapse)Author
2026-04-28Refs CVE-2026-25674 -- Clarified role of umask in upload permissions.Shai Berger
2026-04-22Fixed #35870 -- Made blank choice label in forms more accessible.Annabelle Wiegart
Added new constant django.db.models.fields.BLANK_CHOICE_LABEL for an accessible and translatable blank choice label in forms. Deprecated django.db.models.fields.BLANK_CHOICE_DASH constant. Added the immediately deprecated transitional setting USE_BLANK_CHOICE_DASH. Co-Authored-By: Marijke Luttekes <mail@marijkeluttekes.dev>
2026-04-07Refs CVE-2026-33034 -- Improved security documentation on handling large ↵Jake Howard
request bodies. Notably that the limit can be bypassed under ASGI.
2026-02-18Refs #19221 -- Fixed outdated KEY_FUNCTION definition in docs/ref/settings.txt.Mike Edmunds
Replaced outdated version of `default_key_func` in settings reference with pointer to current version in cache topic. Rewrote description to match parameter order and behavior of default implementation. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2026-01-19Fixed unbalanced parentheses in docs.Clifford Gama
2025-11-06Removed community packages admonition from settings docs.Tim Schilling
2025-10-30Added community package storage backends mention to docs.Tim Schilling
Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2025-10-29Fixed #36329 -- Removed non-code custom link text when cross-referencing ↵Clifford Gama
Python objects. Thanks Bruno Alla, Sarah Boyce, and Jacob Walls for reviews. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2025-09-17Refs #35859 -- Removed support for Task enqueuing on transaction commit.Jacob Walls
This removes the ability to configure Task enqueueing via a setting, since the proposed `ENQUEUE_ON_COMMIT` did not support multi-database setups. Thanks to Simon Charette for the report. Follow-up to 4289966d1b8e848e5e460b7c782dac009d746b20.
2025-09-16Fixed #35859 -- Added background Tasks framework interface.Jake Howard
This work implements what was defined in DEP 14 (https://github.com/django/deps/blob/main/accepted/0014-background-workers.rst). Thanks to Raphael Gaschignard, Eric Holscher, Ran Benita, Sarah Boyce, Jacob Walls, and Natalia Bidart for the reviews.
2025-09-12Fixed #36597 -- Corrected directives for functions from email module in docs.Mridul Dhall
Thanks Mike Edmunds for the report.
2025-09-05Fixed #36564 -- Changed DEFAULT_AUTO_FIELD from AutoField to BigAutoField.Tim Graham
2025-08-25Refs #36485 -- Rewrapped docs to 79 columns line length.David Smith
Lines in the docs files were manually adjusted to conform to the 79 columns limit per line (plus newline), improving readability and consistency across the content.
2025-08-25Refs #36485 -- Removed double spaces after periods in sentences.Natalia
2025-08-25Refs #36485 -- Removed unnecessary parentheses in :meth: and :func: roles in ↵David Smith
docs.
2025-06-27Fixed #15727 -- Added Content Security Policy (CSP) support.Rob Hudson
This initial work adds a pair of settings to configure specific CSP directives for enforcing or reporting policy violations, a new `django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the appropriate headers to responses, and a context processor to support CSP nonces in templates for safely inlining assets. Relevant documentation has been added for the 6.0 release notes, security overview, a new how-to page, and a dedicated reference section. Thanks to the multiple reviewers for their precise and valuable feedback. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-03-21Fixed #36138 -- Changed ADMINS and MANAGERS settings to lists of strings.Mike Edmunds
Previously, the ADMINS and MANAGERS settings were lists of (name, address) tuples (where the name had been unused). Deprecated use of tuples. Updated settings value sanity checks, and changed from ValueError to ImproperlyConfigured.
2025-03-19Fixed #36000 -- Deprecated HTTP as the default protocol in urlize and ↵Ahmed Nassar
urlizetrunc.
2025-01-21Refs 35653 -- Clarified docs for EMAIL_SSL_CERTFILE and EMAIL_SSL_KEYFILE ↵Igor Scheller
settings.
2025-01-15Refs #34380 -- Changed the URLField default scheme to https and removed ↵Sarah Boyce
FORMS_URLFIELD_ASSUME_HTTPS per deprecation timeline.
2024-09-03Added EMAIL_USE_SSL to the 'Core Settings Topical Index' docs.github-user-en
2024-06-24Fixed #35306 -- Documented fallback localization formats in templates when ↵lufafajoshua
localization is disabled.
2024-06-13Fixed #35470 -- Separated i18n and l10n globalization settings docs.lufafajoshua
2024-05-22Removed versionadded/changed annotations for 5.0.Natalia
This also removes remaining versionadded/changed annotations for older versions.
2024-05-22Fixed #31405 -- Added LoginRequiredMiddleware.Hisham Mahmood
Co-authored-by: Adam Johnson <me@adamj.eu> Co-authored-by: Mehmet İnce <mehmet@mehmetince.net> Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2024-04-05Refs #35354 -- Clarified FORCE_SCRIPT_NAME docs.Carlton Gibson
2024-03-06Fixed broken links and redirects in docs.Mariusz Felisiak
2024-02-20Fixed #35153 -- Added note about locale name notation to FORMAT_MODULE_PATH ↵sandjio
docs. Co-authored-by: Paul Hermans <paul.hermans@benemtech.com>
2024-01-29Fixed #35141 -- Clarified the expected type of CACHE_MIDDLEWARE_SECONDS setting.Alexander Lazarević
2024-01-26Applied Black's 2024 stable style.Mariusz Felisiak
https://github.com/psf/black/releases/tag/24.1.0
2024-01-16Used more specific link to email backends in EMAIL_BACKEND docs.Baptiste Mispelon
2023-12-28Improved DEFAULT_FROM_EMAIL/SERVER_EMAIL docs.David D Lowe
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-12-14Added clarifications about the DATABASES.TIME_ZONE setting in docs.David Sanders
These include: - Doc'd which is the default used when DATABASES.TIME_ZONE is None. - Doc'd that the database connection's time zone setting is set for PostgreSQL and clarified that it may be necessary to set it to the same value as TIME_ZONE. Co-authored-by: David Smith <39445562+smithdc1@users.noreply.github.com> Co-authored-by: Natalia Bidart <124304+nessita@users.noreply.github.com>
2023-11-29Refs #25778 -- Updated some links and references to HTTPS.Adam Johnson
2023-11-28Refs #34380 -- Added FORMS_URLFIELD_ASSUME_HTTPS transitional setting.Mariusz Felisiak
This allows early adoption of the new default "https".
2023-10-06Refs #32275 -- Added scrypt password hasher to PASSWORD_HASHERS setting docs.ume
2023-10-04Corrected wrap_socket() reference in docs/ref/settings.txt.Mariusz Felisiak
2023-09-18Refs #26029 -- Removed DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings.Mariusz Felisiak
This also removes django.core.files.storage.get_storage_class(). Per deprecation timeline.
2023-09-18Removed versionadded/changed annotations for 4.2.Mariusz Felisiak
This also removes remaining versionadded/changed annotations for older versions.
2023-07-24Refs #34712 -- Doc'd that defining STORAGES overrides the default configuration.Bruno Alla
2023-06-23Improved style of n-tuple wording in docs and comments.Nick Pope
2023-04-21Added meaningful titles to ..admonition:: directives.Mariusz Felisiak
2023-03-01Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.django-bot
2023-02-14Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.Markus Holtermann
Thanks to Jakob Ackermann for the report.
2023-02-10Refs #34140 -- Applied rst code-block to non-Python examples.Carlton Gibson
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for reviews.
2023-01-17Refs #32800 -- Removed CSRF_COOKIE_MASKED transitional setting per ↵Mariusz Felisiak
deprecation timeline.
2023-01-17Refs #32365 -- Removed support for pytz timezones per deprecation timeline.Mariusz Felisiak
2023-01-17Refs #32873 -- Removed settings.USE_L10N per deprecation timeline.Mariusz Felisiak
2023-01-17Refs #32379 -- Changed default USE_TZ to True.Mariusz Felisiak
Per deprecation timeline.
2023-01-17Refs #32446 -- Removed SERIALIZE test database setting per deprecation timeline.Mariusz Felisiak