| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-05-26 | Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for ↵ | Hasan Ramezani | |
| template changes. | |||
| 2021-05-21 | Fixed #32375 -- Started deprecation toward changing the default sitemap ↵ | Rohith PR | |
| protocol to https. The default sitemap protocol, when it is built outside the context of a request, will be changed from 'http' to 'https' in Django 5.0. | |||
| 2021-05-20 | Clarified docs about increasing the work factor for bcrypt hasher. | yyyyyyyan | |
| 2021-05-20 | Changed IRC references to Libera.Chat. | Mariusz Felisiak | |
| 2021-05-20 | Fixed note about ISP caching in docs. | Ben Sturmfels | |
| Regression in 7aabd6238028f4bb78d0687bbccc97bcf634e28b. | |||
| 2021-05-20 | Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and ↵ | David Sanders | |
| log_deletion() methods. | |||
| 2021-05-20 | Added note about culling in database cache backend docs. | Mike Lissner | |
| Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-05-19 | Doc'd that HttpRequest.path doesn't contain a query string. | David D Lowe | |
| 2021-05-19 | Fixed #32740 -- Caught possible exception when initializing colorama. | Carlton Gibson | |
| 2021-05-19 | Fixed typo in docs/ref/contrib/admin/index.txt. | David Sanders | |
| 2021-05-18 | Fixed #32379 -- Started deprecation toward changing default USE_TZ to True. | Claude Paroz | |
| Co-authored-by: Nick Pope <nick@nickpope.me.uk> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-05-18 | Fixed #32747 -- Prevented initialization of unused caches. | Mariusz Felisiak | |
| Thanks Alexander Ebral for the report. Regression in 98e05ccde440cc9b768952cc10bc8285f4924e1f. | |||
| 2021-05-18 | Fixed #32733 -- Skipped system check for specifying type of auto-created ↵ | Rust Saiargaliev | |
| primary keys on abstract models. Regression in b5e12d490af3debca8c55ab3c1698189fdedbbdb. | |||
| 2021-05-18 | Fixed #32755 -- Corrected Model.get_absolute_url() example in docs. | Girish Sontakke | |
| 2021-05-18 | Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME. | Slava Skvortsov | |
| Regression in ba31b0103442ac891fb3cb98f316781254e366c3. | |||
| 2021-05-17 | Fixed #32720 -- Added configuration and docs for Sphinx link checker. | Nick Pope | |
| We explicitly ignore checking anchors for line-range anchors on GitHub which are dynamically generated and, otherwise, show up as broken links. See https://github.com/sphinx-doc/sphinx/issues/7388#issuecomment-739961689. We also ignore links to resources that require authentication. | |||
| 2021-05-17 | Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS. | Nick Pope | |
| 2021-05-17 | Refs #32720 -- Fixed some broken links in docs. | Nick Pope | |
| 2021-05-17 | Refs #32720 -- Used full hashes in security archive. | Nick Pope | |
| 2021-05-17 | Corrected commit hashes for security patches. | Mariusz Felisiak | |
| 2021-05-17 | Refs #32720 -- Used :commit: and :source: role in old release notes. | Nick Pope | |
| 2021-05-13 | Added stub release notes for Django 3.2.4. | Mariusz Felisiak | |
| 2021-05-13 | Fixed #32718 -- Relaxed file name validation in FileField. | Mariusz Felisiak | |
| - Validate filename returned by FileField.upload_to() not a filename passed to the FileField.generate_filename() (upload_to() may completely ignored passed filename). - Allow relative paths (without dot segments) in the generated filename. Thanks to Jakub Kleň for the report and review. Thanks to all folks for checking this patch on existing projects. Thanks Florian Apolloner and Markus Holtermann for the discussion and implementation idea. Regression in 0b79eb36915d178aef5c6a7bbce71b1e76d376d3. | |||
| 2021-05-13 | Fixed #32717 -- Fixed filtering of querysets combined with the | operator. | Simon Charette | |
| Address a long standing bug in a Where.add optimization to discard equal nodes that was surfaced by implementing equality for Lookup instances in bbf141bcdc31f1324048af9233583a523ac54c94. Thanks Shaheed Haque for the report. | |||
| 2021-05-13 | Fixed #32031 -- Added model class for each model to AdminSite.each_context(). | Raffaele Salmaso | |
| 2021-05-12 | Fixed #26721 -- Doc'd setting UTF-8 on Windows. | David Smith | |
| 2021-05-12 | Fixed #32738 -- Deprecated django.utils.datetime_safe module. | Nick Pope | |
| 2021-05-12 | Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection ↵ | Nick Pope | |
| options in MySQL backend. The 'db' and 'passwd' connection options have been deprecated, use 'database' and 'password' instead (available since mysqlclient >= 1.3.8). This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL. | |||
| 2021-05-12 | Refs #32366 -- Avoided use of datetime.utcnow() in the documentation. | Nick Pope | |
| 2021-05-12 | Fixed a typo in docs/ref/models/fields.txt. | Nick Pope | |
| datetime.date.utcnow() doesn't exist, should be .today(). | |||
| 2021-05-12 | Refs #32718 -- Corrected CVE-2021-31542 release notes. | Mariusz Felisiak | |
| 2021-05-12 | Fixed #32735 -- Made DateFormat.Y() return a zero-padded year. | Nick Pope | |
| 2021-05-07 | Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem. | Jordi Castells | |
| 2021-05-07 | Fixed #32712 -- Deprecated django.utils.baseconv module. | Hasan Ramezani | |
| 2021-05-06 | Fixed typo in docs/internals/contributing/writing-documentation.txt. | Nick Pope | |
| 2021-05-06 | Added stub release notes for Django 3.2.3. | Mariusz Felisiak | |
| 2021-05-06 | Added CVE-2021-32052 to security archive. | Mariusz Felisiak | |
| 2021-05-06 | Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being ↵ | Mariusz Felisiak | |
| accepted in URLValidator on Python 3.9.5+. In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines and tabs from URLs [1, 2]. Unfortunately it created an issue in the URLValidator. URLValidator uses urllib.urlsplit() and urllib.urlunsplit() for creating a URL variant with Punycode which no longer contains newlines and tabs in Python 3.9.5+. As a consequence, the regular expression matched the URL (without unsafe characters) and the source value (with unsafe characters) was considered valid. [1] https://bugs.python.org/issue43882 and [2] https://github.com/python/cpython/commit/76cd81d60310d65d01f9d7b48a8985d8ab89c8b4 | |||
| 2021-05-05 | Fixed #32714 -- Prevented recreation of migration for Meta.ordering with ↵ | Simon Charette | |
| OrderBy expressions. Regression in c8b659430556dca0b2fe27cf2ea0f8290dbafecd. Thanks Kevin Marsh for the report. | |||
| 2021-05-04 | Added commits for CVE-2021-31542 to security archive. | Carlton Gibson | |
| 2021-05-04 | Added CVE-2021-31542 to security archive. | Carlton Gibson | |
| 2021-05-04 | Added stub release notes for Django 3.2.2. | Carlton Gibson | |
| 2021-05-04 | Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. | Florian Apolloner | |
| 2021-04-30 | Added spelling option to make.bat. | Susan Wright | |
| 2021-04-30 | Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. | Tim Graham | |
| 2021-04-30 | Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ↵ | Hasan Ramezani | |
| ExceptionReporter._get_raw_insecure_uri(). | |||
| 2021-04-29 | Refs #32178 -- Doc'd ↵ | Hasan Ramezani | |
| DatabaseFeatures.django_test_skips/django_test_expected_failures in contributing guide. | |||
| 2021-04-29 | Fixed capitalization of "ECMAScript" and "JavaScript". | Nick Pope | |
| 2021-04-29 | Refs #32674 -- Noted that auto-created through table PKs cannot be ↵ | Carlton Gibson | |
| automatically migrated. | |||
| 2021-04-29 | Refs #32682 -- Renamed lookup_needs_distinct() to lookup_spawns_duplicates(). | Mariusz Felisiak | |
| Follow up to 187118203197801c6cb72dc8b06b714b23b6dd3d. | |||
