| Age | Commit message (Collapse) | Author |
|
The {% ssi %} tag in Django 1.4 doesn't support spaces in its argument.
Skip the test if run from a location that contains a space.
|
|
paths.
Thanks Rainer Koirikivi for the report and draft patch.
This is a security fix; disclosure to follow shortly.
Backport of 7fe5b656c9 from master
|
|
Just skip the failing test, the failure isn't really relevant; also,
both the test and the reason for its failure were removed in 1.5.
Thanks Tim Graham for advice on 1.5.
|
|
Backport of 1ae64e96c1 from master
|
|
Made a test checking ORM-generated query string case-insensitive.
Backport of ee0a7c741e from master
|
|
https now.
|
|
Backport of 4d92a0bd86 from master
|
|
The admin_widgets tests were issuing click() to the browser but
didn't wait for the effects of those clicks. This caused the resulting
request to be processed concurrently with the test case. When using
in-memory SQLite this caused weird failures.
Also added wait_page_loaded() to admin selenium tests for code
reuse.
Fixed #19856, cherry-pick of 50677b29af39ca670274fb45087415c883c78b04
|
|
This is a security fix. Disclosure and advisory coming shortly.
|
|
This is a security fix. Disclosure and advisory coming shortly.
Patch by Russell Keith-Magee.
|
|
entity-expansion DoS attacks.
This is a security fix. Disclosure and advisory coming shortly.
|
|
This is a security fix; disclosure and advisory coming shortly.
|
|
The reason was that the except clause needed to remove a connection
from the django.db.connections dict, but other parts of Django do not
expect this to happen. In addition the except clause was silently
swallowing the exception messages.
Refs #19707, special thanks to Carl Meyer for pointing out that this
approach should be taken.
|
|
Backpatch of a4e97cf315142e61bb4bc3ed8259b95d8586d09c.
|
|
Backpatch of f556df90be995a83b979cf875705d98521ab4dc7. Backpatching
these tests so that it will be easier to backpatch the fix for #19707.
|
|
Backport of 1eb0da1c5ba3096f218d1df13d02a2b8e1ac7a36 from master.
|
|
Full disclosure and new release forthcoming.
|
|
malicious users.
|
|
Backport of c196e01100b2
|
|
can be displayed as selected even if the lookup's first element is not a string.
Backport of 88e17156393b
|
|
Backpatch of dc569c880143db07e01b3293d698ad8fe4a0136f
|
|
Refs #18823.
|
|
SQLite used INSERT INTO tbl SELECT %s UNION SELECT %s, the problem
was that there should have been UNION ALL instead of UNION.
Refs #19351
Backpatch of a27582484cf814554907d2d1ad077852de36963f
|
|
There was a potential data-loss issue involved -- when clearing
instance's m2m assignments it was possible some other instance's
m2m data was deleted instead.
This commit also improved None handling for to_field cases.
Backpatch of 611c4d6f1c24763e5e6e331a5dcf9b610288aaa8
|
|
|
|
blocktrans %} accept literals wrapped in single quotes. Thanks to lanyjie for the report.
|
|
Thanks Pedro Lima for the draft patch.
Backport of 06f5da3d78 from master
|
|
wrongly formatted dates passed as url parameters caused an unhandled ValidationError. Thanks to david for the report.
|
|
The qs.bulk_create() method did not work with large batches together
with SQLite3. This commit adds a way to split the bulk into smaller
batches. The default batch size is unlimited except for SQLite3 where
the batch size is limited to 999 SQL parameters per batch.
Thanks to everybody who participated in the discussions at Trac.
Backpatch of 29132ebdef0e0b9c09e456b05f0e6a22f1106a4f from master (with
documentation changes removed).
|
|
Unlike other model fields, the newly introduced (1.4)
GenericIPAddressField did not accept verbose_name and name as the
first positional arguments. This commit fixes it.
Thanks Dan McGee for the report and the patch.
Backport of 306d34873cff2 from master.
|
|
forthcoming.
Backport of 4129201c3e0fa057c198bdefcb34686a23b4a93c from master.
|
|
|
|
object methods.
|
|
On MySQL when checking the server version, a new connection could be
created but never closed. This could result in open connections on
server startup.
Backport of 4423757c0c50afbe2470434778c8d5e5b4a70925.
|
|
Backport of 9350d1d59c1a4e6a9ac246a808f55da35de0df69 from master.
This was a regression in Django 1.4.
Thanks bronger for the report and claudep for the patch.
|
|
more in recent Python versions. Thanks Arfever and Anssi Kaariainen for the report and the patch.
Backport of r17900 from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.4.X@17901 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
backwards through a one-to-one relation. Backport of r17888 from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.4.X@17889 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
changelist. This rectifies a slight change in behavior introduced in Django 1.4 and r17635.
Backport of r17881 from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.4.X@17882 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
the to_field attribute. This fixes a regression introduced in [14674] and Django 1.3. Thanks to graveyboat and Karen Tracey for the report.
Backport of r17854 from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.4.X@17858 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
on proxy models. Refs #17904. Thanks koenb for the report and claudep for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17776 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
date object. Thanks Dmitry Guyvoronsky for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17774 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
app in the template context as mentioned in the startproject docs. Many thanks to Preston Holmes for the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17773 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
like columns named 'number'.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17767 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
jaddison for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17766 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
class variable. Thanks hanson2010, wilfred@potatolondon.com and agriffis for their work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17765 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
it does so loudly instead of getting swallowed by a `IncorrectLookupParameters` exception. This also properly fixes #16705, which hadn't been addressed correctly in [16705].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17763 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17761 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Nate Bragg for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17757 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
databases without deferred constraints. Thanks Nate Bragg for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17756 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17755 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|