| Age | Commit message (Collapse) | Author |
|
compound queries on SQLite."
This mostly reverts 2314cdf1ff860058a6579bb9f9bac1253fc9ab43,
but keeps the removal of some test skips.
|
|
queries also.
Thanks Shai Berger for the report.
Regression in 087bb9e8f3478d53f12b1737af865992af17c5f2.
(That commit drove more traffic into an error that would have been
reachable only with an explicit order_by() after each union().)
Co-authored-by: Simon Charette <charettes@gmail.com>
Co-authored-by: siddus <dcsid10@gmail.com>
|
|
|
|
This commit deprecates the "fetch all relations" form of
`QuerySet.select_related()` due to its poor performance characteristics, and
updates several tests relying on that feature to ignore the new warning.
|
|
This commit prepares for the deprecation of select_related() without arguments
by updating tests that used select_related() as a shorthand to explicitly
specify the related fields to be selected.
|
|
Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
|
|
This allows backends that don't support extra() to skip it.
|
|
Thanks Simon Charette and Tim Graham for reviews, and Jason Hall for a
prior iteration.
|
|
|
|
It has been superseded with .quote_name(), which ensures aliases are
always quoted.
|
|
This ensures all database identifiers are quoted independently of their orign
and most importantly that user provided aliases through annotate() and alias()
which paves the way for dropping the allow list of characters such aliases can
contain.
This will require adjustments to raw SQL interfaces such as RawSQL that might
make reference to ORM managed annotations as these will now be quoted.
The `SQLCompiler.quote_name_unless_alias` method is kept for now as an alias
for the newly introduced `.quote_name` method but will be duly deprecated in
a follow up commit.
|
|
Multiple calls are idempotent assuming they're balanced. Also, multiple
calls to disable cloning followed by a single call to re-enable cloning
will subsequently cause clones to occur - it is not a stack, just a
toggle.
@contextlib.contextmanager is intentionally not used for performance
reasons:
- decorator takes 1.1µs to execute, or 2µs if used correctly in a
`with ...:` statement
- custom class takes 300ns to execute, or 900ns if used correctly in a
`with ...:` statement
Based on work originally done by Anssi Kääriäinen and Tim Graham.
|
|
These tests were developed during work on MongoDB and capture edge cases
discovered there.
|
|
|
|
control characters.
Control characters in FilteredRelation column aliases could be used for
SQL injection attacks. This affected QuerySet.annotate(), aggregate(),
extra(), values(), values_list(), and alias() when using dictionary
expansion with **kwargs.
Thanks Solomon Kebede for the report, and Simon Charette, Jacob Walls,
and Natalia Bidart for reviews.
|
|
test_intersection_in_nested_subquery.
It's problematic on MongoDB. Simon: "It seems odd that we'd use
__in=OuterRef("pk") over __in=[OuterRef("pk")]. It's a SQLism that
only works because right-hand-side is wrapped with (...) and that's
interpreted as a singleton tuple which is allowed with IN."
|
|
already-closed cursor.
|
|
dictionary expansion.
|
|
_connector kwarg.
Thanks cyberstan for the report, Sarah Boyce, Adam Johnson, Simon
Charette, and Jake Howard for the reviews.
|
|
|
|
and extra() against SQL injection in column aliases on MySQL/MariaDB.
Thanks sw0rd1ight for the report.
Follow up to 93cae5cb2f9a4ef1514cf1a41f714fef08005200.
|
|
even if a value is set.
The logic could likely be adjusted to assign the pre_save value in most cases
to avoid the database transit but it could break in subtle ways so it's not
worth the complexity it would require.
Regression in 94680437a45a71c70ca8bd2e68b72aa1e2eff337.
Co-authored-by: Tim Graham <timograham@gmail.com>
|
|
Follow-up to 94680437a45a71c70ca8bd2e68b72aa1e2eff337.
|
|
This allows the proper resolving of lookups when performing constraint
validation involving Q and Case objects.
Thanks Andrew Roberts for the report and Sarah for the tests and review.
|
|
Rewrapped long docstrings and block comments to 79 characters + newline
using script from https://github.com/medmunds/autofix-w505.
|
|
Follow up to c1fa3fdd040718356e5a3b9a0fe699d73f47a940.
|
|
The for_save flag wasn't properly propagated when resolving expressions, which
prevented get_db_prep_save() from being called in some cases. This affected
fields like JSONField where None would be saved as JSON null instead of SQL NULL.
Regression in 00c690efbc0b10f67924687f24a7b30397bf47d9.
Thanks to David Sanders and Simon Charette for reviews.
Co-authored-by: Adam Johnson <me@adamj.eu>
|
|
Regression in 9cb8baa0c4fa2c10789c5c8b65f4465932d4d172.
Thank you to Antoine Humeau for the report and Simon Charette for the review.
|
|
|
|
Now that selected aliases are stored in sql.Query.selected: dict[str, Any]
the values_list() method must ensures that duplicate field name references are
assigned unique aliases.
Refs #28900.
Regression in 65ad4ade74dc9208b9d686a451cd6045df0c9c3a.
Thanks Claude for the report.
|
|
Non-tuple exact and in lookups have specialized logic for subqueries that can
be adapted to properly assign select mask if unspecified and ensure the number
of involved members are matching on both side of the operator.
|
|
Regression in bf7b17d16d3978b2e1cee4a0f7ce8840bd1a8dc4.
Thanks Sage Abdullah for the report.
|
|
models and DateTimeField annotations.
Ticket was resolved by 65ad4ade74dc9208b9d686a451cd6045df0c9c3a as part of #28900.
|
|
on PostgreSQL 17+.
|
|
Just like normal queries, combined queries' outer references might fully
resolve before their reference is assigned its final alias.
Refs #29338.
Thanks Antony_K for the report and example, and thanks Mariusz Felisiak
for the review.
|
|
unusable state.
Co-authored-by: Simon Charette <charette.s@gmail.com>
|
|
|
|
While refs #34125 focused on the SQL correctness of slicing of union of
potentially empty queries it missed an optimization opportunity to avoid
performing a query at all when all queries are empty.
Thanks Lucidiot for the report.
|
|
Previously, only the selected column aliases would be propagated and
annotations were ignored.
|
|
Previously the order was always extra_fields + model_fields + annotations with
respective local ordering inferred from the insertion order of *selected.
This commits introduces a new `Query.selected` propery that keeps tracks of the
global select order as specified by on values assignment. This is crucial
feature to allow the combination of queries mixing annotations and table
references.
It also allows the removal of the re-ordering shenanigans perform by
ValuesListIterable in order to re-map the tuples returned from the database
backend to the order specified by values_list() as they'll be in the right
order at query compilation time.
Refs #28553 as the initially reported issue that was only partially fixed
for annotations by d6b6e5d0fd4e6b6d0183b4cf6e4bd4f9afc7bf67.
Thanks Mariusz Felisiak and Sarah Boyce for review.
|
|
Thank you to Mariusz Felisiak and Natalia Bidart for the reviews.
|
|
co-authored-by: Gordon <gordon.wrigley@gmail.com>
co-authored-by: Simon Charette <charette.s@gmail.com>
|
|
operators.
Thanks Alan for the report.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
|
|
https://github.com/psf/black/releases/tag/24.1.0
|
|
|
|
Thanks Eugene Morozov and Ben Nace for the reports.
|
|
The implementation of some core types differ between CPython and PyPy
and this may affect the way that pickling works such that errors are
raised in differing locations in the interpreter or not at all.
Use our own custom non-pickleable type instead to avoid these quirks.
|
|
PostgreSQL 16+.
|
|
|
|
dict_keys.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
|