summaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2022-04-11[4.0.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) ↵Mariusz Felisiak
against SQL injection on PostgreSQL. Backport of 6723a26e59b0b5429a0c5873941e01a2e1bdbb81 from main.
2022-04-11[4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), ↵Mariusz Felisiak
and extra() against SQL injection in column aliases. Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main.
2022-04-11[4.0.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ↵Manel Clos
check for template changes. Regression in 68357b2ca9e88c40fc00d848799813241be39129. Backport of 62739b6e2630e37faa68a86a59fad135cc788cd7 from main.
2022-04-04[4.0.x] Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28.Mariusz Felisiak
Backport of 78277faafd38d8360efc1fd0c9c52d7bb5eec002 from main
2022-03-31[4.0.x] Fixed #32129 -- Adjusted the docs for session expiry helpers.sarahboyce
Updated the docs for `get_session_cookie_age`, `get_expiry_age`, and `get_expiry_date` to clarify their intended usage by session backends when saving the session. Backport of ae506181f7fb9d9e74f4935686540bef29b60255 from main
2022-03-30[4.0.x] Fixed #33598 -- Reverted "Removed unnecessary ↵Mariusz Felisiak
reuse_with_filtered_relation argument from Query methods." Thanks lind-marcus for the report. This reverts commit 0c71e0f9cfa714a22297ad31dd5613ee548db379. Regression in 0c71e0f9cfa714a22297ad31dd5613ee548db379. Backport of fac662f4798f7e4e0ed9be6b4fb4a87a80810a68 from main
2022-03-29[4.0.x] Updated Oracle docs links to Oracle 21c.Mariusz Felisiak
Backport of 83c803f161044fbfbfcd9a0c94ca93dc131be662 from main
2022-03-29[4.0.x] Updated various links to HTTPS and new locations.Mariusz Felisiak
Backport of 010a9d8a4f45252b908337988690c3fad138e334 from main
2022-03-28[4.0.x] Corrected models.FileField signature in docs.Sih Sîng-hông薛丞宏
Backport of d4bf3b4c75c0e1229062ad4c937725931f699fb7 from main
2022-03-22[4.0.x] Fixed #33544 -- Expanded the TEMPLATES section of the Deployment ↵Samuel Hartmann
checklist. Clarified that the cached template loader is enabled by default when DEBUG = False. Backport of 5cc9464e4d8fe2762e462560665fd1f28104bbca from main
2022-03-22[4.0.x] Fixed #33585 -- Made example git repo URLs use HTTPS protocol.Carlton Gibson
The SSH-based checkout requires additional configuration, which is beneficial to defer for new contributors. Follow up to 3c6a4fdb6d828a03e368632d88f8261cc30104da. This commit updates the remaining examples. Backport of 9fed515a251d488172feb1652bb5179344364fb3 from main
2022-03-22[4.0.x] Refs #31676 -- Used term "merger" instead of "committer" in docs.Mariusz Felisiak
Follow up to caa2dd08c4722c8702588f5dfe1fa4c506aa66fc. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Backport of 653daaa60cf4de7071136541169285ed3d71974d from main
2022-03-19[4.0.x] Renamed Jenkins wiki page to CI.Mariusz Felisiak
Jenkins is no longer the only CI tool. Backport of b07ee98b27e58992fdc10fec0ec67e68ae1d272d from main
2022-03-17[4.0.x] Added missing backticks to function names.Mariusz Felisiak
Backport of 39ae8d740e30c18e46873cf82aff76588f1974c7 from main
2022-03-17[4.0.x] Corrected CSRF reference in middleware docs.tommcn
Backport of 8e633906403853868bcd7df62ba30a86151a944d from main
2022-03-14[4.0.x] Corrected AppConfig.get_models() signature in docs.David Sanders
Backport of 7c56fc8e91ef34d81cba16eaaa610575667dd2a7 from main
2022-03-01[4.0.x] Added stub release notes for Django 4.0.4.Carlton Gibson
Backport of 9652a118ce8c1cbe1f7cf7a4423adb7c5c50757d from main
2022-03-01[4.0.x] Updated release date for version 4.0.3.Carlton Gibson
Backport of 47143e27d4402b62068bf9eb84aa6dd93d3d4678 from main
2022-03-01[4.0.x] Fixed #33547 -- Fixed error when rendering invalid inlines with ↵Mariusz Felisiak
readonly fields in admin. Regression in de95c826673be9ea519acc86fd898631d1a11356. Thanks David Glenck for the report. Backport of 445b075def2c037b971518963b70ce13df5e88a2 from main
2022-02-21[4.0.x] Refs #33476 -- Mentioned black in docs about pre-commit checks.Vaarun Sinha
Backport of fe3518d25edd69b782339729080b0295a8a33952 from main
2022-02-21[4.0.x] Fixed #33530 -- Fixed typo in docs/ref/templates/builtins.txt.Andrey Otto
Backport of f70a875cc05c46b3bfcc1637356081f0c5782bea from main
2022-02-18[4.0.x] Fixed typo in docs/topics/i18n/translation.txt.Philipp Bosch
Backport of 737542390af27616d93f86cd418e2d7f3e874b27 from main
2022-02-16[4.0.x] Fixed #33515 -- Prevented recreation of migration for ↵Mariusz Felisiak
ManyToManyField to lowercased swappable setting. Thanks Chris Lee for the report. Regression in 43289707809c814a70f0db38ca4f82f35f43dbfd. Refs #23916. Backport of 1e2e1be02bdf0fe4add0d0279dbca1d74ae28ad7 from main
2022-02-12[4.0.x] Refs #32074 -- Recommended aiosmtpd for minimal SMTP server.Claude Paroz
Follow up to 569a33579c3cca5f801c544d9b52a34e3c779424. Backport of 5d13cc540e29eedafe695338d8ec9ec500185ccd from main
2022-02-08[4.0.x] Refs #33476 -- Refactored code to strictly match 88 characters line ↵Mariusz Felisiak
length. Backport of 7119f40c9881666b6f9b5cf7df09ee1d21cc8344 from main.
2022-02-08[4.0.x] Refs #33476 -- Reformatted code with Black.django-bot
Backport of 9c19aff7c7561e3a82978a272ecdaad40dda5c00 from main.
2022-02-08[4.0.x] Refs #33476 -- Adjusted docs and config files for Black.Carlton Gibson
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> Backport of ba94488196a74e312177ef2621fbd427956836ef from main
2022-02-08[4.0.x] Fixed #32518 -- Doc'd that QuerySet.contains() should not be overused.John Hollingsworth
Thanks Tim McCurrach for the idea. Backport of d70b4bea18c96e518ce14dca96085e9265e8ebb6 from main
2022-02-05[4.0.x] Refs #32243 -- Fixed typo in docs/topics/files.txt.Grace Hawkins
Backport of 25514b604a64686ba603bf10a8a63390dc38b79d from main
2022-02-03[4.0.x] Fixed #32243 -- Added docs examples for manually saving Files.Joshua Massover
Backport of c9d6e3595cfd0aa58cde1656bd735ecfcd7a872b from main
2022-02-03[4.0.x] Improved example of using a custom queryset in Model formsets docs.Mike Lissner
Backport of e459b0f5a0b2bfbc2ac45b3e7f21047ec9e4f345 from main
2022-02-02[4.0.x] Added Redis to warning about using cached sessions in docs.Theofilos Alexiou
Backport of 3ba60951fcbc8fca3e71d3b78083b100491fa7f9 from main
2022-02-02[4.0.x] Fixed typo in release notes.David Smith
Backport of 770d3e6a4ce8e0a91a9e27156036c1985e74d4a3 from main
2022-02-01[4.0.x] Refs #33476 -- Used vertical hanging indentation for format lists ↵Mariusz Felisiak
with inline comments. Lists with multiple values and comments per-line are reformatted by Black to multiple lines with a single comment. For example: DATE_INPUT_FORMATS = "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06' ] is reformatted to the: DATE_INPUT_FORMATS = "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06' ] This reformats affected entries to multiple lines with corresponding comments. Backport of ca88caa1031c0de545d82de8d90dcae0e03651fb from main
2022-02-01[4.0.x] Added stub release notes for 4.0.3.Mariusz Felisiak
Backport of ba4a6880d1783190de4081bd456d934beb45cb19 from main
2022-02-01[4.0.x] Added CVE-2022-22818 and CVE-2022-23833 to security archive.Mariusz Felisiak
Backport of 9e0df0d6dde441dbbad2b548d777e0a01d633286 from main
2022-02-01[4.0.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.Mariusz Felisiak
Thanks Alan Ryan for the report and initial patch. Backport of fc18f36c4ab94399366ca2f2007b3692559a6f23 from main.
2022-02-01[4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.Markus Holtermann
Thanks Keryn Knight for the report. Backport of 394517f07886495efcf79f95c7ee402a9437bd68 from main. Co-authored-by: Adam Johnson <me@adamj.eu>
2022-02-01[4.0.x] Fixed #33480 -- Fixed makemigrations crash when renaming field of ↵Kirill Safronov
renamed model. Regression in aa4acc164d1247c0de515c959f7b09648b57dc42. Backport of 97a72744681d0993b50dee952cf32cdf9650ad9f from main
2022-01-31[4.0.x] Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on ↵Mariusz Felisiak
aggregates with default. Thanks Adam Johnson for the report. Backport of 71e7c8e73712419626f1c2b6ec036e8559a2d667 from main
2022-01-29[4.0.x] Updated translations from Transifex.Claude Paroz
Updated Bulgarian, Czech, German, Uzbek, and Vietnamese translations.
2022-01-28[4.0.x] Fixed #33459 -- Clarified index type in full text search docs.Thomas Aglassinger
Backport of 3a9b8b25d48c5768633e73edc5ddca20c3fd716c from main
2022-01-27[4.0.x] Fixed #33462 -- Fixed migration crash when altering type of primary ↵Mariusz Felisiak
key with MTI and foreign key. This prevents duplicated operations when altering type of primary key with MTI and foreign key. Previously, a foreign key to the base model was added twice, once directly and once by the inheritance model. Thanks bcail for the report. Regression in 325d7710ce9f6155bb55610ad6b4580d31263557. Backport of e972620ada4f9ed7bc57f28e133e85c85b0a7b20 from main
2022-01-26[4.0.x] Fixed #33048 -- Doc'd that DEBUG static files requests don't use ↵Kaushik Chintam
middleware chain. Backport of 1625a8c8eba0b00ebdd1d7a8ba697b2729ec40ed from main
2022-01-26[4.0.x] Fixed #33407 -- Fixed .radiolist admin CSS.Carlton Gibson
Regression in 5942ab5eb165ee2e759174e297148a40dd855920. Backport of 85f2a9fb0f0973930abc84a725bc30703aa3d98b from main
2022-01-25[4.0.x] Added stub release notes and release date for 4.0.2, 3.2.12, and 2.2.27.Mariusz Felisiak
Backport of eeca9342381c8583be16f18942774e785ab7e527 from main
2022-01-21[4.0.x] Fixed #33449 -- Fixed makemigrations crash on models without ↵Fabian Büchler
Meta.order_with_respect_to but with _order field. Regression in aa4acc164d1247c0de515c959f7b09648b57dc42. Backport of eeff1787b0aa23016e4844c0f537d5093a95a356 from main
2022-01-20[4.0.x] Improved wording in running Django’s test suite in contributing ↵Tilak
tutorial. Backport of 2c76c27a951ee76c6f763a05c7e119305a21c78d from main
2022-01-17[4.0.x] Fixed #33443 -- Clarified when PasswordResetView sends an email.Brad Solomon
Backport of b55ebe32417e0884b6b8b3e1bc0379033aa221af from main
2022-01-12[4.0.x] Fixed typo in docs/ref/contrib/admin/index.txt.Scott Pashley
Backport of 367d6920ece44639e54650d9a98f8c24e10f7229 from main