| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2026-06-09 | Fixed #37130 -- Skipped DB cache deletion when culling offset is zero. | vishwa | |
| 2026-06-09 | Refs #36560, CVE-2026-35193 -- Replaced substring check on cache-control ↵ | Jacob Walls | |
| directives in UpdateCacheMiddleware. Avoid false positives from hypothetical extension directives that could be superstrings of the ones we are checking. | |||
| 2026-06-08 | Refs CVE-2026-48587 -- Added helper to properly split header values. | Natalia | |
| Extracted the repeated `split(",")` + per-token `.strip()` pattern into a `split_header_value()` generator in django/utils/http.py. The previous `cc_delim_re` regex only stripped whitespace adjacent to the comma delimiter, leaving leading or trailing whitespace on the first and last tokens. Now, `split_header_value()` strips every token fully, matching RFC 9110's optional-whitespace rules. Thanks to Shai Berger, Jacob Walls, and Sarah Boyce for reviews. | |||
| 2026-06-08 | Fixed #32785 -- Optimized cull frequency for DBCache. | eevelweezel | |
| 2026-06-03 | Fixed CVE-2026-48587 -- Ignored whitespace padding when checking Vary header ↵ | Jake Howard | |
| values. Thanks to Navid Rezazadeh for the report and Jacob Walls for review. | |||
| 2026-06-03 | Fixed CVE-2026-35193 -- Varied on Authorization when caching non-public ↵ | Jacob Walls | |
| responses. Thanks Shai Berger for the report, and Natalia Bidart and Sarah Boyce for reviews. | |||
| 2026-06-03 | Fixed CVE-2026-8404 -- Used Cache-Control directives case-insensitively in ↵ | Jake Howard | |
| UpdateCacheMiddleware. Thanks Ahmed Badawe for the report, and Jacob Walls for reviews. | |||
| 2026-05-05 | Fixed CVE-2026-6907 -- Prevented caching of requests when Vary header ↵ | Sarah Boyce | |
| contains an asterisk. Thank you Ahmad Sadeddin for the report and Jacob Walls for the review. | |||
| 2026-02-25 | Refs #36879, #36936 -- Fixed typo in RedisCacheTests.test_client_driver_info. | pmppk | |
| 2026-02-03 | Fixed #36879 -- Identified Django client in Redis client metadata. | ar3ph | |
| 2025-12-19 | Fixed #36590 -- Made async cache methods use specialized sync versions if ↵ | eevelweezel | |
| available. Thanks Simon Charette, Sarah Boyce, and Jacob Walls for reviews. | |||
| 2025-08-21 | Fixed #36560 -- Prevented UpdateCacheMiddleware from caching responses with ↵ | mengxun | |
| Cache-Control 'no-cache' or 'no-store'. | |||
| 2025-07-23 | Refs #36500 -- Rewrapped long docstrings and block comments via a script. | django-bot | |
| Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505. | |||
| 2024-09-05 | Fixed #32831 -– Allowed cache tests to be retried via a new "retry" decorator. | Wassef Ben Ahmed | |
| 2024-03-13 | Fixed #34901 -- Added async-compatible interface to session engines. | Jon Janzen | |
| Thanks Andrew-Chen-Wang for the initial implementation which was posted to the Django forum thread about asyncifying contrib modules. | |||
| 2024-02-21 | Fixed #34806 -- Made cached_db session backend resilient to cache write errors. | Sulabh Katila | |
| Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2024-02-05 | Fixed #27225 -- Added "Age" header when fetching cached responses. | Rinat Khabibiev | |
| Co-Authored-By: Author: Alexander Lazarević <laza@e11bits.com> | |||
| 2023-12-31 | Used addCleanup() in tests where appropriate. | Mariusz Felisiak | |
| 2023-12-27 | Improved cache.tests.FileBasedCacheTests.test_touch to avoid flakiness due ↵ | Natalia | |
| to slow file system access. | |||
| 2023-02-01 | Refs #33476 -- Applied Black's 2023 stable style. | David Smith | |
| Black 23.1.0 is released which, as the first release of the year, introduces the 2023 stable style. This incorporates most of last year's preview style. https://github.com/psf/black/releases/tag/23.1.0 | |||
| 2023-01-04 | Refs #34074 -- Used headers argument for RequestFactory and Client in docs ↵ | David Wobrock | |
| and tests. | |||
| 2022-12-16 | Fixed #34212 -- Made RedisCacheClient.incr() use write connection. | Leo | |
| Co-authored-by: Sin-Woo Bang <sinwoobang@gmail.com> | |||
| 2022-12-13 | Fixed #34209 -- Prevented FileBasedCache.has_key() crash caused by a race ↵ | Marti Raudsepp | |
| condition. | |||
| 2022-07-06 | Fixed #33826 -- Fixed RedisCache.set_many()/delete_many() crash with an ↵ | Christos Kopanos | |
| empty list. | |||
| 2022-05-16 | Fixed #33681 -- Made Redis client pass CACHES["OPTIONS"] to a connection pool. | Mariusz Felisiak | |
| Thanks Ben Picolo for the report. | |||
| 2022-02-22 | Removed redundant QuerySet.all() calls in docs and tests. | Nick Pope | |
| Most QuerySet methods are mapped onto the Manager and, in general, it isn't necessary to call .all() on the manager. | |||
| 2022-02-07 | Refs #33476 -- Refactored code to strictly match 88 characters line length. | Mariusz Felisiak | |
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2022-02-03 | Refs #33476 -- Refactored problematic code before reformatting by Black. | Mariusz Felisiak | |
| In these cases Black produces unexpected results, e.g. def make_random_password( self, length=10, allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789', ): or cursor.execute(""" SELECT ... """, [table name], ) | |||
| 2021-12-14 | Fixed #33361 -- Fixed Redis cache backend crash on booleans. | Jeremy Lainé | |
| 2021-12-14 | Refs #33361 -- Added Added DummyCache.set() test for boolean values. | Jeremy Lainé | |
| 2021-12-09 | Fixed #33340 -- Fixed unquoted column names in queries used by DatabaseCache. | Arsa | |
| 2021-11-03 | Fixed #33252 -- Made cache middlewares thread-safe. | Iuri de Silvio | |
| 2021-11-03 | Refs #33252 -- Used @override_settings in ↵ | Iuri de Silvio | |
| BaseCacheTests.test_cache_write_unpicklable_object() | |||
| 2021-09-20 | Refs #32193 -- Removed MemcachedCache per deprecation timeline. | Mariusz Felisiak | |
| 2021-09-14 | Fixed #33012 -- Added Redis cache backend. | Daniyal | |
| Thanks Carlton Gibson, Chris Jerdonek, David Smith, Keryn Knight, Mariusz Felisiak, and Nick Pope for reviews and mentoring this Google Summer of Code 2021 project. | |||
| 2021-09-07 | Fixed #32076 -- Added async methods to BaseCache. | Andrew-Chen-Wang | |
| This also makes DummyCache async-compatible. | |||
| 2021-09-07 | Refs #33060 -- Ensured cache backends validate keys. | Nick Pope | |
| The validate_key() function should be called after make_key() to ensure that the validation is performed on the key that will actually be stored in the cache. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-09-07 | Refs #33060 -- Added memcached test for make_key() making keys invalid. | Mariusz Felisiak | |
| 2021-09-02 | Refs #31907 -- Fixed incorrect argument for delete_many() in cache tests. | Nick Pope | |
| 2021-08-31 | Fixed #33061 -- Fixed handling nonexistent keys with negative deltas in ↵ | Sondre Lillebø Gundersen | |
| incr()/decr() in memcached backends. Thanks Chris Jerdonek for the review. | |||
| 2021-08-31 | Refs #33061 -- Added DummyCache.incr()/decr() tests for nonexistent keys ↵ | Sondre Lillebø Gundersen | |
| with negative deltas. | |||
| 2021-05-26 | Fixed #32772 -- Made database cache count size once per set. | Michael Lissner | |
| 2021-05-18 | Fixed #32747 -- Prevented initialization of unused caches. | Mariusz Felisiak | |
| Thanks Alexander Ebral for the report. Regression in 98e05ccde440cc9b768952cc10bc8285f4924e1f. | |||
| 2021-05-05 | Fixed #32705 -- Prevented database cache backend from checking .rowcount on ↵ | ecogels | |
| closed cursor. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2020-12-17 | Fixed #29867 -- Added support for storing None value in caches. | Nick Pope | |
| Many of the cache operations make use of the default argument to the .get() operation to determine whether the key was found in the cache. The default value of the default argument is None, so this results in these operations assuming that None is not stored in the cache when it actually is. Adding a sentinel object solves this issue. Unfortunately the unmaintained python-memcached library does not support a default argument to .get(), so the previous behavior is preserved for the deprecated MemcachedCache backend. | |||
| 2020-12-09 | Fixed #32193 -- Deprecated MemcachedCache. | Mariusz Felisiak | |
| 2020-12-08 | Fixed #32233 -- Cleaned-up duplicate connection functionality. | Florian Apolloner | |
| 2020-12-08 | Refs #32233 -- Added tests for nonexistent cache backend. | Mariusz Felisiak | |
| 2020-12-08 | Refs #32233 -- Added tests for nonexistent cache and databases aliases. | Mariusz Felisiak | |
