| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-02-14 | Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. | Markus Holtermann | |
| Thanks to Jakob Ackermann for the report. | |||
| 2023-02-13 | Fixed #29994 -- Added warning about performance of FileBasedCache with a ↵ | Sarah Boyce | |
| large number of files. Co-authored-by: sheenarbw <699166+sheenarbw@users.noreply.github.com> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2023-02-13 | Fixed #34318 -- Added release note for 4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. | Sota Tabu | |
| 2023-02-11 | Fixed #33213 -- Doc'd testing code coverage in parallel and used it. | Paolo Melchiorre | |
| 2023-02-10 | Refs #34140 -- Applied rst code-block to non-Python examples. | Carlton Gibson | |
| Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for reviews. | |||
| 2023-02-10 | Fixed #34325 -- Corrected wording in PercentRank() docs. | dennisvang | |
| This is consistent with the terminology used for the percent_rank() function in SQLite docs and PostgreSQL docs. | |||
| 2023-02-10 | Fixed #34324 -- Mentioned Discord server in contributing index. | p0lygun | |
| 2023-02-09 | Fixed #34311 -- Updated serialization docs from unique_together to ↵ | Willem Van Onsem | |
| UniqueConstraint. | |||
| 2023-02-08 | Fixed #34303 –- Allowed customizing admin site log entry list. | Jacob Rief | |
| Added AdminSite.get_log_entries() as an override point and made this available to the template via each_context(). | |||
| 2023-02-08 | Added missing vars to AdminSite.each_context() docs. | Carlton Gibson | |
| 2023-02-08 | Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError ↵ | Mariusz Felisiak | |
| with no code. Thanks Mateusz Kurowski for the report. Regression in 667105877e6723c6985399803a364848891513cc. | |||
| 2023-02-07 | Refs #34146 -- Fixed typos in tutorial. (#16530) | Carlton Gibson | |
| - Fixed formatting on index page. - Removed duplicate What's next section. Thanks to Tim Graham for the report. | |||
| 2023-02-07 | Fixed #34146 -- Added 3rd-party lib tutorial step. | Tim Schilling | |
| Added a tutorial step that highlights Django Debug Toolbar, on of the most common third party packages. It also added a mention of djangopackages.com as a place to search for other libraries and a link to Adam Johnson’s post on evaluating whether a package is well-maintained. Third-party packages are one of Django’s strengths. This should give folks a sound route in. | |||
| 2023-02-07 | Fixed #34317 -- Renamed "instance" argument of ↵ | Bakdolot | |
| BaseModelFormSet.save_existing() method. | |||
| 2023-02-07 | Fixed typo in release notes. | Carlton Gibson | |
| 2023-02-07 | Added stub release notes for 4.0.10 and 3.2.18. | Carlton Gibson | |
| Set date for 4.1.7 release. | |||
| 2023-02-07 | Fixed #34310 -- Added deletion example to one-to-one topic. | Marcelo Galigniana | |
| 2023-02-04 | Increased the default PBKDF2 iterations for Django 5.0. | Mariusz Felisiak | |
| Follow up to 9a1848f48c1f7f627a52b2063a8a8428e77765d6. | |||
| 2023-02-01 | Added stub release notes for 4.1.7. | Mariusz Felisiak | |
| 2023-02-01 | Added CVE-2023-23969 to security archive. | Mariusz Felisiak | |
| 2023-02-01 | Fixed CVE-2023-23969 -- Prevented DoS with pathological values for ↵ | Nick Pope | |
| Accept-Language. The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Accept-Language headers are now limited to a maximum length in order to avoid this issue. | |||
| 2023-01-31 | Fixed #34180 -- Added note about resetting language in test tear-downs. | Durval Carvalho | |
| Co-authored-by: Faris Naimi <farisfaris66@gmail.com> | |||
| 2023-01-30 | Fixed typo in docs/topics/auth/passwords.txt. | fschwebel | |
| Wrapped hashing is only possible if the inner wrapped function is the same as the previous hasher. | |||
| 2023-01-26 | Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint ↵ | Mariusz Felisiak | |
| with ordered expressions. Thanks Dan F for the report. Bug in 667105877e6723c6985399803a364848891513cc. | |||
| 2023-01-25 | Moved release note about the default PBKDF2 iterations into ↵ | Mariusz Felisiak | |
| django.contrib.auth section. Thanks Tim Graham for the report. | |||
| 2023-01-25 | Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. | Carlton Gibson | |
| 2023-01-25 | Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. | Carlton Gibson | |
| 2023-01-20 | Fixed #34242 -- Doc'd that primary key is set to None when deleting objects. | noFFENSE | |
| 2023-01-20 | Fixed #34266 -- Added ClosestPoint GIS database functions. | Niccolò Mineo | |
| 2023-01-18 | Refs #34233 -- Used str.removeprefix()/removesuffix(). | Mariusz Felisiak | |
| 2023-01-18 | Refs #32339 -- Deprecated transitional form renderers. | Mariusz Felisiak | |
| 2023-01-18 | Fixed #34233 -- Dropped support for Python 3.8 and 3.9. | Mariusz Felisiak | |
| 2023-01-17 | Fixed typo in docs/releases/4.2.txt. | John Whitlock | |
| 2023-01-17 | Doc'd that 4.2 is LTS. | Mariusz Felisiak | |
| 2023-01-17 | Removed remaining empty sections from 4.2 release notes. | Mariusz Felisiak | |
| Follow up to 772cd2b15b158679b9dc15fb599aa935ec7c25b1. | |||
| 2023-01-17 | Fixed #34264 -- Moved release note about session cookies into error ↵ | Sébastien Corbin | |
| reporting section. | |||
| 2023-01-17 | Increased the default PBKDF2 iterations for Django 5.0. | Mariusz Felisiak | |
| 2023-01-17 | Advanced deprecation warnings for Django 5.0. | Mariusz Felisiak | |
| 2023-01-17 | Refs #33543 -- Made Expression.asc()/desc() and OrderBy raise ValueError ↵ | Mariusz Felisiak | |
| when nulls_first/nulls_last=False is passed. Per deprecation timeline. | |||
| 2023-01-17 | Refs #32339 -- Changed default form and formset rendering style to div-based. | Mariusz Felisiak | |
| Per deprecation timeline. This also removes "django/forms/default.html" and "django/forms/formsets/default.html" templates. | |||
| 2023-01-17 | Refs #33691 -- Removed django.contrib.auth.hashers.CryptPasswordHasher per ↵ | Mariusz Felisiak | |
| deprecation timeline. | |||
| 2023-01-17 | Refs #27674 -- Removed django.contrib.gis.admin.OpenLayersWidget per ↵ | Mariusz Felisiak | |
| deprecation timeline. | |||
| 2023-01-17 | Refs #33348 -- Removed support for passing response object and form/formset ↵ | Mariusz Felisiak | |
| name to SimpleTestCase.assertFormError()/assertFormSetError(). Per deprecation timeline. | |||
| 2023-01-17 | Refs #32365 -- Removed django.utils.timezone.utc per deprecation timeline. | Mariusz Felisiak | |
| 2023-01-17 | Refs #15619 -- Removed support for logging out via GET requests. | Mariusz Felisiak | |
| Per deprecation timeline. | |||
| 2023-01-17 | Refs #33561 -- Made created=True required in signature of ↵ | Mariusz Felisiak | |
| RemoteUserBackend.configure_user() subclasses. Per deprecation timeline. | |||
| 2023-01-17 | Refs #31486 -- Removed ability to pass unsaved model instances to related ↵ | Mariusz Felisiak | |
| filters. Per deprecation timeline. | |||
| 2023-01-17 | Refs #29984 -- Made QuerySet.iterator() without chunk_size raise ValueError ↵ | Mariusz Felisiak | |
| after prefetch_related(). Per deprecation timeline. | |||
| 2023-01-17 | Refs #29708 -- Removed PickleSerializer per deprecation timeline. | Mariusz Felisiak | |
| 2023-01-17 | Refs #33348 -- Removed support for passing errors=None to ↵ | Mariusz Felisiak | |
| SimpleTestCase.assertFormError()/assertFormsetErrors(). Per deprecation timeline. | |||
