| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-03-04 | Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions ↵ | Mariusz Felisiak | |
| and aggregates on Oracle. Thanks to Norbert Szetei for the report. | |||
| 2020-03-03 | Fixed #31147 -- Added SearchHeadline to django.contrib.postgres. | Hannes Ljungberg | |
| 2020-03-03 | Fixed #31150 -- Included subqueries that reference related fields in GROUP ↵ | Mariusz Felisiak | |
| BY clauses. Thanks Johannes Hoppe for the report. Regression in fb3f034f1c63160c0ff13c609acd01c18be12f80. Co-authored-by: Simon Charette <charette.s@gmail.com> | |||
| 2020-03-02 | Fixed #31274 -- Used signing infrastructure in SessionBase.encode()/decode(). | Claude Paroz | |
| Thanks Mariusz Felisiak and Florian Apolloner for the reviews. | |||
| 2020-02-28 | Fixed #31032 -- Updated admin browser support FAQ for 2020. | Carlton Gibson | |
| Following web standards, the modern _evergreen_ browsers are all supported. This applies equally to mobile platforms. Assuming current trends continue, this should be a sustainable policy. Microsoft deprecated all versions of Internet Explorer. IE 11, the last version, is described as a "compatibility solution" rather than a web browser. Whilst it will receive security updates for the lifetime of Windows 10 it's use is actively discouraged. The IE 11 downloads page makes it clear: "We recommend you use the new Microsoft Edge". | |||
| 2020-02-27 | Fixed #31312 -- Properly ordered temporal subtraction params on MySQL. | Simon Charette | |
| Regression in 9bcbcd599abac91ea853b2fe10b784ba32df043e. Thanks rick2ricks for the report. | |||
| 2020-02-20 | Fixed #31182 -- Adjusted release notes for ASGI support. | Adam Johnson | |
| 2020-02-18 | Refs #26601 -- Deprecated passing None as get_response arg to middleware ↵ | Claude Paroz | |
| classes. This is the new contract since middleware refactoring in Django 1.10. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2020-02-18 | Fixed #31271 -- Preserved ordering when unifying query parameters on Oracle. | Mariusz Felisiak | |
| This caused misplacing parameters in logged SQL queries. Regression in 79065b55a70cd220820a260a1c54851b7be0615a. Thanks Hans Aarne Liblik for the report. | |||
| 2020-02-18 | Fixed #20995 -- Added support for iterables of template names to {% include ↵ | Keshav Kumar | |
| %} template tag. Thanks Adam Johnson for the review. | |||
| 2020-02-12 | Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm. | Claude Paroz | |
| 2020-02-11 | Fixed #31246 -- Fixed locking models in QuerySet.select_for_update(of=()) ↵ | Abhijeet Viswa | |
| for related fields and parent link fields with multi-table inheritance. Partly regression in 0107e3d1058f653f66032f7fd3a0bd61e96bf782. | |||
| 2020-02-11 | Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used. | Florian Apolloner | |
| Thanks to Oskar Persson for the report. | |||
| 2020-02-11 | Fixed #31253 -- Fixed data loss possibility when using caching from async code. | Jon Dufresne | |
| Case missed in a415ce70bef6d91036b00dd2c8544aed7aeeaaed. | |||
| 2020-02-10 | Added stub release notes for 2.2.11. | Mariusz Felisiak | |
| 2020-02-10 | Added "Bugfixes" section to release notes for 3.0.4. | Mariusz Felisiak | |
| 2020-02-07 | Refs #31055 -- Made DiscoverRunner skip running system checks on unused test ↵ | Simon Charette | |
| databases. | |||
| 2020-02-07 | Refs #31055 -- Added --database option to the check management command. | Simon Charette | |
| This avoids enabling the ``database`` checks unless they are explicitly requested and allows to disable on a per-alias basis which is required when only creating a subset of the test databases. This also removes unnecessary BaseCommand._run_checks() hook. | |||
| 2020-02-06 | Refs #31233 -- Changed DatabaseWrapper._nodb_connection to _nodb_cursor(). | Jon Dufresne | |
| It is now a method instead of a property and returns a context manager that yields a cursor on entry and closes the cursor and connection upon exit. | |||
| 2020-02-05 | Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. | Adam Johnson | |
| 2020-02-05 | Improved grammar in 3.0 release notes for SECURE_CONTENT_TYPE_NOSNIFF change. | Adam Johnson | |
| 2020-02-04 | Fixed #31210 -- Doc'd how to reproduce HttpRequest.is_ajax() in release notes. | Adam Johnson | |
| 2020-02-04 | Fixed typo in docs/releases/3.1.txt. | Adam Johnson | |
| 2020-02-04 | Fixed #27604 -- Used the cookie signer to sign message cookies. | Claude Paroz | |
| Co-authored-by: Craig Anderson <craiga@craiga.id.au> | |||
| 2020-02-03 | Added stub release notes for 3.0.4. | Carlton Gibson | |
| 2020-02-03 | Added CVE-2020-7471 to security archive. | Carlton Gibson | |
| 2020-02-03 | Added release date for 3.0.3. | Carlton Gibson | |
| 2020-02-03 | Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter. | Simon Charette | |
| 2020-01-31 | Fixed 31207 -- Prevented references to non-local remote fields in ↵ | Hasan Ramezani | |
| ForeignKey.to_field. Thanks Simon Charette for the initial patch and review. | |||
| 2020-01-29 | Refs #25778 -- Updated some links to HTTPS and new locations. | Mariusz Felisiak | |
| 2020-01-28 | Refs #30997 -- Added link to Fetch API in release notes. | Nick Pope | |
| 2020-01-27 | Fixed #30997 -- Deprecated HttpRequest.is_ajax(). | Claude Paroz | |
| 2020-01-27 | Refs #30997 -- Removed HttpRequest.is_ajax() usage. | Claude Paroz | |
| 2020-01-24 | Refs #30997 -- Added HttpRequest.accepts(). | Claude Paroz | |
| 2020-01-23 | Fixed #27888 -- Added link to clear all filters in the admin changelist view. | Hasan Ramezani | |
| 2020-01-22 | Fixed #31190 -- Fixed prefetch_related() crash for GenericForeignKey with ↵ | Eugene Hatsko | |
| custom ContentType foreign key. Regression in dffa3e1992562ba60512d96d1eb5859ffff2ceb5. | |||
| 2020-01-16 | Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. | Pavel Lysak | |
| 2020-01-16 | Fixed #30765 -- Made cache_page decorator take precedence over max-age ↵ | Flavio Curella | |
| Cache-Control directive. | |||
| 2020-01-15 | Fixed #31124 -- Fixed setting of get_FOO_display() when overriding inherited ↵ | Carlton Gibson | |
| choices. Regression in 2d38eb0ab9f78d68c083a5b78b1eca39027b279a | |||
| 2020-01-14 | Refs #31097 -- Added release notes for 2f565f84aca136d9cc4e4d061f3196ddf9358ab8. | Carlton Gibson | |
| . | |||
| 2020-01-11 | Removed unused ExceptionReporterFilter class. | Carlton Gibson | |
| Unused since 8f8c54f70bfa3aa8e311514297f1eeded2c32593. | |||
| 2020-01-11 | Fixed #31155 -- Fixed a system check for the longest choice when a named ↵ | Mariusz Felisiak | |
| group contains only non-string values. Regression in b6251956b69512bf230322bd7a49b629ca8455c6. Thanks Murat Guchetl for the report. | |||
| 2020-01-10 | Fixed #23004 -- Added request.META filtering to SafeExceptionReporterFilter. | Carlton Gibson | |
| Co-authored-by: Ryan Castner <castner.rr@gmail.com> | |||
| 2020-01-10 | Refs #23004 -- Allowed exception reporter filters to customize settings ↵ | Carlton Gibson | |
| filtering. Thanks to Tim Graham for the original implementation idea. Co-authored-by: Daniel Maxson <dmaxson@ccpgames.com> | |||
| 2020-01-10 | Fixed #31154 -- Added support for using enumeration types in templates. | Adam Johnson | |
| Enumeration helpers are callables, so the template system tried to call them with no arguments. Thanks Rupert Baker for helping discover this. | |||
| 2020-01-09 | Fixed #30995 -- Allowed converter.to_url() to raise ValueError to indicate ↵ | Jack Cushman | |
| no match. | |||
| 2020-01-08 | Fixed #31118 -- Made FileInput to avoid the required attribute when initial ↵ | Shubham singh | |
| data exists. | |||
| 2020-01-08 | Fixed #31141 -- Relaxed system check of translation settings for sublanguages. | Mariusz Felisiak | |
| Regression in 4400d8296d268f5a8523cd02ddc33b12219b2535. Thanks Enrique Matías Sánchez for the report. | |||
| 2020-01-07 | Fixed #15982 -- Added DATE_INPUT_FORMATS to forms.DateTimeField default ↵ | Claude Paroz | |
| input formats. | |||
| 2020-01-06 | Fixed #11385 -- Made forms.DateTimeField accept ISO 8601 date inputs. | Claude Paroz | |
| Thanks José Padilla for the initial patch, and Carlton Gibson for the review. | |||
