summaryrefslogtreecommitdiff
path: root/tests/utils_tests/test_os_utils.py
AgeCommit message (Collapse)Author
2026-03-03Fixed CVE-2026-25674 -- Prevented potentially incorrect permissions on file ↵Natalia
system object creation. This fix introduces `safe_makedirs()` in the `os` utils as a safer alternative to `os.makedirs()` that avoids umask-related race conditions in multi-threaded environments. This is a workaround for https://github.com/python/cpython/issues/86533 and the solution is based on the fix being proposed for CPython. Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> Co-authored-by: Zackery Spytz <zspytz@gmail.com> Refs CVE-2020-24583 and #31921. Thanks Tarek Nakkouch for the report, and Jake Howard, Jacob Walls, and Shai Berger for reviews.
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2019-08-13Refs #30461 -- Added django.utils._os.to_path().Claude Paroz
2014-12-03Removed redundant numbered parameters from str.format().Berker Peksag
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-11-11Raised SuspiciousFileOperation in safe_join.Aymeric Augustin
Added a test for the condition safe_join is designed to prevent. Previously, a generic ValueError was raised. It was impossible to tell an intentional exception raised to implement safe_join's contract from an unintentional exception caused by incorrect inputs or unexpected conditions. That resulted in bizarre exception catching patterns, which this patch removes. Since safe_join is a private API and since the change is unlikely to create security issues for users who use it anyway -- at worst, an uncaught SuspiciousFileOperation exception will bubble up -- it isn't documented.
2013-07-01Stopped using django.utils.unittest in the test suite.Aymeric Augustin
Refs #20680.
2013-04-12Modified utils_tests for unittest2 discovery.Preston Timmons