summaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2021-05-26Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for ↵Hasan Ramezani
template changes.
2021-05-21Fixed #32375 -- Started deprecation toward changing the default sitemap ↵Rohith PR
protocol to https. The default sitemap protocol, when it is built outside the context of a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-20Clarified docs about increasing the work factor for bcrypt hasher.yyyyyyyan
2021-05-20Changed IRC references to Libera.Chat.Mariusz Felisiak
2021-05-20Fixed note about ISP caching in docs.Ben Sturmfels
Regression in 7aabd6238028f4bb78d0687bbccc97bcf634e28b.
2021-05-20Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and ↵David Sanders
log_deletion() methods.
2021-05-20Added note about culling in database cache backend docs.Mike Lissner
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-19Doc'd that HttpRequest.path doesn't contain a query string.David D Lowe
2021-05-19Fixed #32740 -- Caught possible exception when initializing colorama.Carlton Gibson
2021-05-19Fixed typo in docs/ref/contrib/admin/index.txt.David Sanders
2021-05-18Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.Claude Paroz
Co-authored-by: Nick Pope <nick@nickpope.me.uk> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18Fixed #32747 -- Prevented initialization of unused caches.Mariusz Felisiak
Thanks Alexander Ebral for the report. Regression in 98e05ccde440cc9b768952cc10bc8285f4924e1f.
2021-05-18Fixed #32733 -- Skipped system check for specifying type of auto-created ↵Rust Saiargaliev
primary keys on abstract models. Regression in b5e12d490af3debca8c55ab3c1698189fdedbbdb.
2021-05-18Fixed #32755 -- Corrected Model.get_absolute_url() example in docs.Girish Sontakke
2021-05-18Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.Slava Skvortsov
Regression in ba31b0103442ac891fb3cb98f316781254e366c3.
2021-05-17Fixed #32720 -- Added configuration and docs for Sphinx link checker.Nick Pope
We explicitly ignore checking anchors for line-range anchors on GitHub which are dynamically generated and, otherwise, show up as broken links. See https://github.com/sphinx-doc/sphinx/issues/7388#issuecomment-739961689. We also ignore links to resources that require authentication.
2021-05-17Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.Nick Pope
2021-05-17Refs #32720 -- Fixed some broken links in docs.Nick Pope
2021-05-17Refs #32720 -- Used full hashes in security archive.Nick Pope
2021-05-17Corrected commit hashes for security patches.Mariusz Felisiak
2021-05-17Refs #32720 -- Used :commit: and :source: role in old release notes.Nick Pope
2021-05-13Added stub release notes for Django 3.2.4.Mariusz Felisiak
2021-05-13Fixed #32718 -- Relaxed file name validation in FileField.Mariusz Felisiak
- Validate filename returned by FileField.upload_to() not a filename passed to the FileField.generate_filename() (upload_to() may completely ignored passed filename). - Allow relative paths (without dot segments) in the generated filename. Thanks to Jakub Kleň for the report and review. Thanks to all folks for checking this patch on existing projects. Thanks Florian Apolloner and Markus Holtermann for the discussion and implementation idea. Regression in 0b79eb36915d178aef5c6a7bbce71b1e76d376d3.
2021-05-13Fixed #32717 -- Fixed filtering of querysets combined with the | operator.Simon Charette
Address a long standing bug in a Where.add optimization to discard equal nodes that was surfaced by implementing equality for Lookup instances in bbf141bcdc31f1324048af9233583a523ac54c94. Thanks Shaheed Haque for the report.
2021-05-13Fixed #32031 -- Added model class for each model to AdminSite.each_context().Raffaele Salmaso
2021-05-12Fixed #26721 -- Doc'd setting UTF-8 on Windows.David Smith
2021-05-12Fixed #32738 -- Deprecated django.utils.datetime_safe module.Nick Pope
2021-05-12Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection ↵Nick Pope
options in MySQL backend. The 'db' and 'passwd' connection options have been deprecated, use 'database' and 'password' instead (available since mysqlclient >= 1.3.8). This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12Refs #32366 -- Avoided use of datetime.utcnow() in the documentation.Nick Pope
2021-05-12Fixed a typo in docs/ref/models/fields.txt.Nick Pope
datetime.date.utcnow() doesn't exist, should be .today().
2021-05-12Refs #32718 -- Corrected CVE-2021-31542 release notes.Mariusz Felisiak
2021-05-12Fixed #32735 -- Made DateFormat.Y() return a zero-padded year.Nick Pope
2021-05-07Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.Jordi Castells
2021-05-07Fixed #32712 -- Deprecated django.utils.baseconv module.Hasan Ramezani
2021-05-06Fixed typo in docs/internals/contributing/writing-documentation.txt.Nick Pope
2021-05-06Added stub release notes for Django 3.2.3.Mariusz Felisiak
2021-05-06Added CVE-2021-32052 to security archive.Mariusz Felisiak
2021-05-06Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being ↵Mariusz Felisiak
accepted in URLValidator on Python 3.9.5+. In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines and tabs from URLs [1, 2]. Unfortunately it created an issue in the URLValidator. URLValidator uses urllib.urlsplit() and urllib.urlunsplit() for creating a URL variant with Punycode which no longer contains newlines and tabs in Python 3.9.5+. As a consequence, the regular expression matched the URL (without unsafe characters) and the source value (with unsafe characters) was considered valid. [1] https://bugs.python.org/issue43882 and [2] https://github.com/python/cpython/commit/76cd81d60310d65d01f9d7b48a8985d8ab89c8b4
2021-05-05Fixed #32714 -- Prevented recreation of migration for Meta.ordering with ↵Simon Charette
OrderBy expressions. Regression in c8b659430556dca0b2fe27cf2ea0f8290dbafecd. Thanks Kevin Marsh for the report.
2021-05-04Added commits for CVE-2021-31542 to security archive.Carlton Gibson
2021-05-04Added CVE-2021-31542 to security archive.Carlton Gibson
2021-05-04Added stub release notes for Django 3.2.2.Carlton Gibson
2021-05-04Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.Florian Apolloner
2021-04-30Added spelling option to make.bat.Susan Wright
2021-04-30Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.Tim Graham
2021-04-30Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ↵Hasan Ramezani
ExceptionReporter._get_raw_insecure_uri().
2021-04-29Refs #32178 -- Doc'd ↵Hasan Ramezani
DatabaseFeatures.django_test_skips/django_test_expected_failures in contributing guide.
2021-04-29Fixed capitalization of "ECMAScript" and "JavaScript".Nick Pope
2021-04-29Refs #32674 -- Noted that auto-created through table PKs cannot be ↵Carlton Gibson
automatically migrated.
2021-04-29Refs #32682 -- Renamed lookup_needs_distinct() to lookup_spawns_duplicates().Mariusz Felisiak
Follow up to 187118203197801c6cb72dc8b06b714b23b6dd3d.