| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-07-09 | Fixed CVE-2024-39329 -- Standarized timing of verify_password() when ↵ | Michael Manfre | |
| checking unusuable passwords. Refs #20760. Thanks Michael Manfre for the fix and to Adam Johnson for the review. | |||
| 2024-07-09 | Fixed CVE-2024-38875 -- Mitigated potential DoS in urlize and urlizetrunc ↵ | Adam Johnson | |
| template filters. Thank you to Elias Myllymäki for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> | |||
| 2024-07-08 | Fixed 35506 -- Clarified initial references to URLconf in tutorial 1. | lucas-r-oliveira | |
| 2024-07-04 | Removed outdated note about limitations in Clickjacking protection. | Mariusz Felisiak | |
| There is no need to list old browser versions or point users to workarounds. | |||
| 2024-07-04 | Replaced usage of "patch" with more precise terms in contributing docs. | Andreu Vallbona | |
| 2024-07-04 | Relocated database setup details to install docs to simplify tutorial 2. | Kudz | |
| Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2024-07-04 | Fixed #35560 -- Made Model.full_clean() ignore GeneratedFields for constraints. | Mark Gensler | |
| Accessing generated field values on unsaved models caused a crash when validating CheckConstraints and UniqueConstraints with expressions. | |||
| 2024-07-04 | Removed unneeded hyphens in "counterintuitive". | Carlton Gibson | |
| Follow-up to 65ad4ade74dc9208b9d686a451cd6045df0c9c3a which added counterintuitive to the wordlist. Removes unneeded (antiquated) hyphenated usages. See e.g. https://www.merriam-webster.com/dictionary/counterintuitive | |||
| 2024-07-03 | Added stub release notes and release date for 5.0.7 and 4.2.14. | Natalia | |
| 2024-07-03 | Refs #28900 -- Made SELECT respect the order specified by values(*selected). | Simon Charette | |
| Previously the order was always extra_fields + model_fields + annotations with respective local ordering inferred from the insertion order of *selected. This commits introduces a new `Query.selected` propery that keeps tracks of the global select order as specified by on values assignment. This is crucial feature to allow the combination of queries mixing annotations and table references. It also allows the removal of the re-ordering shenanigans perform by ValuesListIterable in order to re-map the tuples returned from the database backend to the order specified by values_list() as they'll be in the right order at query compilation time. Refs #28553 as the initially reported issue that was only partially fixed for annotations by d6b6e5d0fd4e6b6d0183b4cf6e4bd4f9afc7bf67. Thanks Mariusz Felisiak and Sarah Boyce for review. | |||
| 2024-07-03 | Fixed #35511 -- Documented when the py binary is unavailable on Windows. | alexgmin | |
| 2024-07-01 | Fixed #23790 -- Warned about renaming AppConfig.label in ↵ | Andrew Miller | |
| docs/ref/applications.txt. | |||
| 2024-07-01 | Fixed typo in source file linking Sphinx extension. | Michael | |
| 2024-06-28 | Refs #22712 -- Corrected deprecation of "all" argument in ↵ | Mariusz Felisiak | |
| django.contrib.staticfiles.finders.find(). Features deprecated in Django 5.2 should be removed in Django 6.1. | |||
| 2024-06-27 | Fixed #22712 -- Avoided name shadowing of "all" in ↵ | Andreu Vallbona | |
| django.contrib.staticfiles.finders. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2024-06-26 | Added references to the Django Discord server inside the FAQ docs. | raffaella | |
| 2024-06-25 | Optimized admin docs images. | Sarah Boyce | |
| 2024-06-25 | Refs #35380 -- Updated screenshots in intro docs. | Sarah Boyce | |
| 2024-06-25 | Fixed #35558 -- Increased inline H3 headers color prominence in admin change ↵ | Sarah Boyce | |
| page. | |||
| 2024-06-25 | Refs #35380 -- Updated screenshots in admin docs. | nessita | |
| When listing users, ensure that user first and last name are diverse. | |||
| 2024-06-25 | Fixed #35540 -- Fixed the padding on admin login page. | arjunomray | |
| 2024-06-25 | Fixed #34886 -- Modified sample use of lazy in delayed translations. | lufafajoshua | |
| Modified example to use python standard library function to lower the case of the string. | |||
| 2024-06-24 | Migrated setuptools configuration to pyproject.toml. | Claude Paroz | |
| This branch migrates setuptools configuration from setup.py/setup.cfg to pyproject.toml. In order to ensure that the generated binary files have consistent casing (both the tarball and the wheel), setuptools version is limited to ">=61.0.0,<69.3.0". Configuration for flake8 was moved to a dedicated .flake8 file since it cannot be configured via pyproject.toml. Also, __pycache__ exclusion was removed from MANIFEST and the extras/Makefile was replaced with a simpler build command. Co-authored-by: Nick Pope <nick@nickpope.me.uk> | |||
| 2024-06-24 | Fixed #35306 -- Documented fallback localization formats in templates when ↵ | lufafajoshua | |
| localization is disabled. | |||
| 2024-06-21 | Fixed #35461 -- Updated misleading django-debug-toolbar instructions. | Rosana Rufer | |
| The DjDT "handle" isn't visible on the polls application as the templates are missing <body> tags for brevity. | |||
| 2024-06-21 | Fixed #35528 -- Added EmailMultiAlternatives.body_contains() helper method. | Ronny Vedrilla | |
| 2024-06-21 | Cleaned up EmailMultiAlternatives docs. | Sarah Boyce | |
| 2024-06-20 | Fixed #35537 -- Changed EmailMessage.attachments and ↵ | Jake Howard | |
| EmailMultiAlternatives.alternatives to use namedtuples. This makes it more descriptive to pull out the named fields. | |||
| 2024-06-20 | Fixed #35441 -- Documented Context and RequestContext keyword arguments. | John Higgins | |
| 2024-06-18 | Fixed #12978 -- Added support for RSS feed stylesheets. | Baptiste Mispelon | |
| 2024-06-18 | Fixed #35505 -- Added extrabody block to admin/base.html. | stefan.ivic | |
| 2024-06-18 | Restructured the EmailMultiAlternatives docs. | Sarah Boyce | |
| 2024-06-13 | Fixed #35470 -- Separated i18n and l10n globalization settings docs. | lufafajoshua | |
| 2024-06-12 | Fixed #35401 -- Documented the conditional_page() decorator. | lufafajoshua | |
| 2024-06-12 | Refs #35401 -- Linked the CsrfViewMiddleware docs to the csrf_protect() ↵ | lufafajoshua | |
| decorator. | |||
| 2024-06-09 | Moved confirmation about dev server running to earlier in tutorial 1. | Andreu Vallbona | |
| 2024-06-09 | Replaced usage of "patch" with more precise terms in faq, howto, and intro docs. | Andreu Vallbona | |
| 2024-06-09 | Simplified tutorial 1 when describing how to run the dev server. | Andreu Vallbona | |
| 2024-06-08 | Fixed #35503 -- Removed distracting PHP reference in tutorial 1. | Ismael | |
| 2024-05-31 | Updated release date for Django 5.0.7. | Natalia | |
| 2024-05-30 | Made cosmetic edits to code snippets reformatted with blacken-docs. | Mariusz Felisiak | |
| 2024-05-29 | Fixed 35467 -- Replaced urlparse with urlsplit where appropriate. | Jake Howard | |
| This work should not generate any change of functionality, and `urlsplit` is approximately 6x faster. Most use cases of `urlparse` didn't touch the path, so they can be converted to `urlsplit` without any issue. Most of those which do use `.path`, simply parse the URL, mutate the querystring, then put them back together, which is also fine (so long as urlunsplit is used). | |||
| 2024-05-29 | Fixed #35473 -- Fixed CVE number in security archive. | samruddhiDharankar | |
| Updated to CVE-2009-3695 from CVE-2009-3965. | |||
| 2024-05-27 | Fixed #35443 -- Changed ordinal to return negative numbers unchanged. | Simon Törnqvist | |
| Previously, `-1` was converted to `"-1th"`. This has been updated to return negative numbers "as is", so that for example `-1` is converted to `"-1"`. This is now explicit in the docs. Co-authored-by: Martin Jonson <artin.onson@gmail.com> | |||
| 2024-05-27 | Fixed #35479 -- Dropped support for PostgreSQL 13 and PostGIS 3.0. | Mariusz Felisiak | |
| 2024-05-23 | Fixed #35430 -- Corrected docs on timezone conversion in templates. | い。 | |
| 2024-05-23 | Fixed #24076 -- Added warnings on usage of dates with DateTimeField and ↵ | Adam Zapletal | |
| datetimes with DateField. | |||
| 2024-05-22 | Increased the default PBKDF2 iterations for Django 5.2. | Natalia | |
| 2024-05-22 | Advanced deprecation warnings for Django 5.2. | Natalia | |
| 2024-05-22 | Removed versionadded/changed annotations for 5.0. | Natalia | |
| This also removes remaining versionadded/changed annotations for older versions. | |||
