| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-11-09 | [1.9.x] Fixed debug view crash during autumn DST change. | Aymeric Augustin | |
| This only happens if USE_TZ = False and pytz is installed (perhaps not the most logical combination, but who am I to jugde?) Refs #23714 which essentially fixed the same problem when USE_TZ = True. Thanks Florian and Carl for insisting until I wrote a complete patch. Backport of 1014ba026e879e56e0f265a8d9f54e6f39843348 from master | |||
| 2015-10-03 | [1.9.x] Fixed #25389 -- Fixed pickling a SimpleLazyObject wrapping a model. | Ben Kraft | |
| Pickling a `SimpleLazyObject` wrapping a model did not work correctly; in particular it did not add the `_django_version` attribute added in 42736ac8. Now it will handle this and other custom `__reduce__` methods correctly. Backport of 35355a4ffedb2aeed52d5fe3034380ffc6a438db from master | |||
| 2015-09-16 | Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN. | Matt Robenolt | |
| Thanks Seth Gottlieb for help with the documentation and Carl Meyer and Joshua Kehn for reviews. | |||
| 2015-09-12 | Fixed #23395 -- Limited line lengths to 119 characters. | Dražen Odobašić | |
| 2015-09-07 | Fixed #24917 -- Made admindocs display model methods that take arguments. | Zan Anderle | |
| 2015-08-29 | Made the autoreloader survive all exceptions. | Aymeric Augustin | |
| Refs #24704. | |||
| 2015-08-29 | Ensured gen_filenames() yields native strings. | Aymeric Augustin | |
| This also fixes a test failure on Python 2 when Django is installed in a non-ASCII path. This problem cannot happen on Python 3. | |||
| 2015-08-29 | Refactored autoreload tests. | Aymeric Augustin | |
| * Added helpers to test uncached and cached access. * Fixed test_project_root_locale: it duplicated test_locale_paths_setting. * Rewrote test_only_new_files: test more cases. | |||
| 2015-08-29 | Accounted for error files in the autoreloader. | Aymeric Augustin | |
| * When some old files contain errors, the second call to gen_filenames() should return them. * When some new files contain errors, the first call to gen_filenames(only_new=True) should return them. | |||
| 2015-07-27 | Fixed #21127 -- Started deprecation toward requiring on_delete for ↵ | Flavio Curella | |
| ForeignKey/OneToOneField | |||
| 2015-07-17 | Fixed #16501 -- Added an allow_unicode parameter to SlugField. | Edward Henderson | |
| Thanks Flavio Curella and Berker Peksag for the initial patch. | |||
| 2015-07-09 | Fixed #25093 -- Added utils.datastructures.OrderedSet.__len__() | darkryder | |
| 2015-06-24 | Renamed RemovedInDjangoXYWarnings for new roadmap. | Tim Graham | |
| Forwardport of ae1d663b7913f6da233c55409c4973248372d302 from stable/1.8.x plus more. | |||
| 2015-06-23 | Fixed #25000 -- Fixed cast to string for lazy objects. | Marten Kenbeek | |
| Implemented __str__() to return the string-representation of the proxied object, not the proxy itself, if the lazy object didn't have a string-like object in its resultclasses. | |||
| 2015-06-13 | Fixed #24978 -- Escaped special characters in loaddata fixture paths | Moritz Sichert | |
| 2015-06-12 | Fixed #24965 -- Made LiveServerTestCase.live_server_url accessible from class | Moritz Sichert | |
| 2015-06-06 | Fixed ImportError message in utils.module_loading.import_string() | Tomasz Kontusz | |
| 2015-06-04 | Fixed #19210 -- Added leap year support to django.utils.timesince() | Raphael Michel | |
| 2015-06-04 | Fixed #24728 -- Renamed mime_type to content_type for syndication feeds | Raphael Michel | |
| Renamed the mime_type properties of RssFeed and Atom1Feed to content_type and start deprecation for the old names. | |||
| 2015-06-02 | Fixed #24897 -- Allowed using choices longer than 1 day with DurationField | zauddelig | |
| 2015-05-27 | Fixed #24836 -- Made force_text() resolve lazy objects. | Tim Graham | |
| 2015-05-20 | Refs #24652 -- Used SimpleTestCase where appropriate. | Simon Charette | |
| 2015-05-17 | Factored skip condition when pytz isn't installed. | Aymeric Augustin | |
| 2015-05-16 | Removed redundant list() calls. | Tim Graham | |
| 2015-04-24 | Fixed #22598 -- Allowed make_aware() to work with ambiguous datetime | Josh Smeaton | |
| 2015-03-27 | Fixed #24469 -- Refined escaping of Django's form elements in non-Django ↵ | Moritz Sichert | |
| templates. | |||
| 2015-03-18 | Made is_safe_url() reject URLs that start with control characters. | Tim Graham | |
| This is a security fix; disclosure to follow shortly. | |||
| 2015-03-18 | Fixed an infinite loop possibility in strip_tags(). | Tim Graham | |
| This is a security fix; disclosure to follow shortly. | |||
| 2015-03-09 | Fixed #24382 -- Allowed unicode chars inside formatted numbers | Claude Paroz | |
| Thanks Jacob Rief for the report and Tim Graham for the review. | |||
| 2015-03-08 | Fixed #23838 -- added missing `__iter__` to LazyObject | Rik | |
| 2015-02-23 | Normalized usage of the tempfile module. | Aymeric Augustin | |
| Specifically stopped using the dir argument. | |||
| 2015-02-17 | Refs #24324 -- Fixed Python 2 test failures when path to Django source ↵ | Tim Graham | |
| contains non-ASCII characters. | |||
| 2015-02-12 | Fixed #24321 -- Improved `utils.http.same_origin` compliance with RFC6454 | Lukas Klein | |
| 2015-02-08 | Fixed #24181 -- Fixed multi-char THOUSAND_SEPARATOR insertion | Varun Sharma | |
| Report and original patch by Kay Cha. | |||
| 2015-02-06 | Sorted imports with isort; refs #23860. | Tim Graham | |
| 2015-02-04 | Fixed #24242 -- Improved efficiency of utils.text.compress_sequence() | Matthew Somerville | |
| The function no longer flushes zfile after each write as doing so can lead to the gzipped streamed content being larger than the original content; each flush adds a 5/6 byte type 0 block. Removing this means buf.read() may return nothing, so only yield if that has some data. Testing shows without the flush() the buffer is being flushed every 17k or so and compresses the same as if it had been done as a whole string. | |||
| 2015-02-03 | Fixed #24149 -- Normalized tuple settings to lists. | darkryder | |
| 2015-01-27 | Cleaned up some forms tests. | Loic Bistuer | |
| Thanks Berker Peksag and Tim Graham for the reviews. Refs #24219. | |||
| 2015-01-18 | Removed utils.module_loading.import_by_path() per deprecation timeline; refs ↵ | Tim Graham | |
| #21674. | |||
| 2015-01-17 | Removed utils.text.javascript_quote() per deprecation timeline; refs #21725. | Tim Graham | |
| 2015-01-17 | Removed django.utils.tzinfo per deprecation timeline; refs #17262. | Tim Graham | |
| 2015-01-17 | Removed django.utils.datastructures.SortedDict per deprecation timeline. | Tim Graham | |
| 2015-01-17 | Removed django.utils.datastructures.MergeDict per deprecation timeline; refs ↵ | Tim Graham | |
| #18659. | |||
| 2015-01-13 | Fixed is_safe_url() to handle leading whitespace. | Tim Graham | |
| This is a security fix. Disclosure following shortly. | |||
| 2015-01-12 | Accounted for multiple template engines in template responses. | Aymeric Augustin | |
| 2014-12-30 | Applied ignore_warnings to Django tests | Claude Paroz | |
| 2014-12-27 | Fixed #23831 -- Supported strings escaped by third-party libs in Django. | Aymeric Augustin | |
| Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter |escape accounts for __html__() when it's available. |force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. | |||
| 2014-12-27 | Fixed an inconsistency introduced in 547b1810. | Aymeric Augustin | |
| mark_safe and mark_for_escaping should have been kept similar. On Python 2 this change has no effect. On Python 3 it fixes the use case shown in the regression test for mark_for_escaping, which used to raise a TypeError. The regression test for mark_safe is just for completeness. | |||
| 2014-12-26 | Fixed #23346 -- Fixed lazy() to lookup methods on the real object, not ↵ | Gavin Wahl | |
| resultclasses. Co-Authored-By: Rocky Meza <rmeza@fusionbox.com> | |||
| 2014-12-22 | Fixed #23998 -- Added datetime.time support to migrations questioner. | Oscar Ramirez | |
