| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-11-01 | Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True. | Tim Graham | |
| This is a security fix. | |||
| 2016-11-01 | Fixed CVE-2016-9013 -- Generated a random database user password when ↵ | Marti Raudsepp | |
| running tests on Oracle. This is a security fix. | |||
| 2016-11-01 | Added stub release notes for 1.9.11/1.8.16. | Tim Graham | |
| 2016-11-01 | Fixed #27363 -- Replaced unsafe redirect in SessionMiddleware with ↵ | Andrew Nester | |
| SuspiciousOperation. | |||
| 2016-10-31 | Fixed #27400 -- Documented {% static %} encoding change in 1.10. | Henry Dang | |
| 2016-10-31 | Fixed #27063 -- Prevented i18n_patterns() from using too much of the URL as ↵ | Krzysztof Urbaniak | |
| the language. | |||
| 2016-10-28 | Fixed #27188 -- Allowed using unique=True with FileField. | Michael Scott | |
| Thanks Tim Graham for the initial patch. | |||
| 2016-10-28 | Added require_ready argument to get_model methods. | Aymeric Augustin | |
| This allows bringing back the behavior of Django < 1.7. Also fixed the check for the app registry being ready in AppConfig.get_model(s), which was inconsistent with the equivalent check in Apps.get_model(s). That part is a backwards-incompatible change. | |||
| 2016-10-28 | Modified readiness check in AppConfig.get_model(s). | Aymeric Augustin | |
| It was inconsistent with the equivalent check in Apps.get_model(s) because I made incorrect assumptions when I wrote that code and needlessly complicated readiness checks. This is a backwards-incompatible change. | |||
| 2016-10-27 | Fixed #27327 -- Simplified time zone handling by requiring pytz. | Tim Graham | |
| 2016-10-26 | Fixed #27299 -- Documented the Widget.use_required_attribute() method. | Jon Dufresne | |
| Thanks Tim Graham for the review and edits. | |||
| 2016-10-25 | Reverted "Fixed #26401 -- Added BaseAuthConfig to use auth without migrations." | Jon Dufresne | |
| This reverts commit 1ec1633cb294d8ce2a65ece6b56c258483596fba as it doesn't handle ContentType's auth.Permission dependency. Thus, it doesn't allow auth without migrations. | |||
| 2016-10-25 | Fixed #27385 -- Fixed QuerySet.bulk_create() on PostgreSQL when the number ↵ | David Barragán Merino | |
| of objects is a multiple plus one of batch_size. | |||
| 2016-10-22 | Fixed #27374 -- Made JavaScriptCatalog respect the packages argument. | Alvin Lindstam | |
| 2016-10-14 | Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware. | Tim Graham | |
| 2016-10-13 | Fixed #27200 -- Provided makemigration's allow_migrate() with model_name. | Tim Graham | |
| 2016-10-10 | Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ↵ | Denis Cornehl | |
| ConditionalGetMiddleware. | |||
| 2016-10-07 | Fixed #24941 -- Added ModelAdmin.get_exclude(). | Zach Borboa | |
| Thanks Ola Sitarska for the initial patch. | |||
| 2016-10-07 | Fixed #26327 -- Added JsonAgg to contrib.postgres. | Mads Jensen | |
| Thanks Tim Graham for review. | |||
| 2016-10-06 | Fixed docs typos in lines ending with a dash. | Tim Graham | |
| 2016-10-04 | Refs #18974 -- Deprecated @models.permalink() decorator. | Tim Graham | |
| 2016-10-04 | Fixed #27279 -- Fixed a migration performance regression related to ↵ | Simon Charette | |
| RenameModel operations. Thanks Trac alias mtomiyoshi for the report, Marten Kenbeek for the initial patch and Tim for the review. | |||
| 2016-10-04 | Fixed #27309 -- Added CallableBool.__hash__(). | Reto Aebersold | |
| 2016-10-02 | Fixed #27305 -- Removed BaseCommand.can_import_settings unused attribute | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2016-10-01 | Added stub release notes for 1.10.3. | Tim Graham | |
| 2016-10-01 | Fixed #27302 -- Fixed ModelAdmin.construct_change_message() changed field ↵ | Claude Paroz | |
| detection Thanks Ramiro Morales for the report and Tim Graham for the review. | |||
| 2016-10-01 | Added release date for 1.10.2. | Tim Graham | |
| 2016-10-01 | Refs #26940 -- Re-allowed makemessages without settings | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2016-09-30 | Refs #27186 -- Fixed model form default fallback for CheckboxSelectMultiple. | Tim Graham | |
| 2016-09-30 | Updated links to the current version of PostGIS docs. | Tim Graham | |
| 2016-09-30 | Updated links to the current version of MySQL docs. | Tim Graham | |
| 2016-09-29 | Normalized spelling of "Web server/page" in docs. | Tim Graham | |
| 2016-09-28 | Fixed #27226 -- Removed patch_response_headers()'s setting of the ↵ | Rinat Khabibiev | |
| Last-Modified header. | |||
| 2016-09-28 | Fixed 27283 -- Fixed typo in 1.8 release notes. | Alasdair Nicol | |
| 2016-09-27 | Fixed #20705 -- Allowed using PasswordResetForm with user models with an ↵ | levental | |
| email field not named 'email'. | |||
| 2016-09-27 | Fixed #27271 -- Fixed a crash in runserver logging. | Sergey Fursov | |
| Allowed ServerFormatter to handle simple string messages or messages with formatting arguments. The formatter will set the server_time variable on the log record if it's required by the format string but wasn't passed in extra parameters. | |||
| 2016-09-26 | Added CVE-2016-7401 to the security release archive. | Tim Graham | |
| 2016-09-26 | Added a CVE role for Sphinx. | Tim Graham | |
| 2016-09-26 | Added release notes for 1.9.10 and 1.8.15 releases. | Tim Graham | |
| 2016-09-24 | Fixed #27118 -- Made QuerySet.get_or_create()/update_or_create() error for a ↵ | François Freitag | |
| non-field in their arguments. | |||
| 2016-09-22 | Fixed #27186 -- Fixed model form default fallback for MultiWidget, ↵ | Tim Graham | |
| FileInput, SplitDateTimeWidget, SelectDateWidget, and SplitArrayWidget. Thanks Matt Westcott for the review. | |||
| 2016-09-22 | Fixed #27056 -- Allowed migrating geometry field dimension on PostGIS | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2016-09-21 | Fixed #27256 -- Changed Select widget's selected attribute to use HTML5 ↵ | Jon Dufresne | |
| boolean syntax. | |||
| 2016-09-21 | Fixed #26610 -- Added CITextField to contrib.postgres. | Mads Jensen | |
| 2016-09-19 | Fixed #27238 -- Disabled check_pattern_startswith_slash if ↵ | Alasdair Nicol | |
| settings.APPEND_SLASH=False. Thanks strycore for the report and timgraham for suggesting the solution. | |||
| 2016-09-16 | Refs #27083 -- Updated conditional header comparison to match RFC 7232. | Kevin Christopher Henry | |
| 2016-09-16 | Fixed #26697 -- Removed contrib.gis.maps. | Tim Graham | |
| 2016-09-12 | Fixed #23155 -- Added request argument to user_login_failed signal. | Gavin Wahl | |
| 2016-09-12 | Fixed #25187 -- Made request available in authentication backends. | Aleksej Manaev | |
| 2016-09-12 | Fixed #27098 -- Deprecated DatabaseIntrospection.get_indexes | Claude Paroz | |
| Thanks Akshesh <aksheshdoshi@gmail.com> for help with the PostgreSQL query. Thanks Tim Graham for the review. | |||
