summaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2023-11-01[4.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows.Mariusz Felisiak
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
2023-10-30[4.2.x] Fixed #34932 -- Restored varchar_pattern_ops/text_pattern_ops index ↵Tom Carrick
creation when deterministic collaction is set. Regression in f3f9d03edf17ccfa17263c7efa0b1350d1ac9278 (4.2) and 8ed25d65ea7546fafd808086fa07e7e5bb5428fc (5.0). Backport of 34b411762b50883d768d7b67e0a158ec39da8b09 from main.
2023-10-16[4.2.x] Refs #34900, Refs #34118 -- Updated assertion in ↵Mariusz Felisiak
test_skip_class_unless_db_feature() test on Python 3.12.1+. Python 3.12.1+ no longer includes skipped tests in the number of running tests. Check out: https://github.com/python/cpython/issues/110890#issuecomment-1763458686 https://github.com/python/cpython/pull/106588 Backport of 20b7aac7ca60b0352d926340622e618bcbee54a8 from main
2023-10-16[4.2.x] Fixed #34798 -- Fixed QuerySet.aggregate() crash when referencing ↵Simon Charette
expressions containing subqueries. Regression in 59bea9efd2768102fc9d3aedda469502c218e9b7, complements e5c844d6f2a4ac6ae674d741b5f1fa2a688cedf4. Refs #28477, #34551. Thanks Haldun Komsuoglu for the report. Backport of 3b4a571275d967512866012955eb0b3ae486d63c from main
2023-10-12[4.2.x] Refs #34840 -- Fixed ↵Mariusz Felisiak
test_validate_nullable_textfield_with_isnull_true() on databases that don's support table check constraints. Thanks Tim Graham for the report. Backport of 9fd3a0ffc8fb8e532b0d5717f99fb15aff175a6c from main
2023-10-04[4.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in ↵Natalia
django.utils.text.Truncator when truncating HTML text. Thanks Wenchao Li of Alibaba Group for the report.
2023-09-22[4.2.x] Fixed #34840 -- Avoided casting string base fields on PostgreSQL.Mariusz Felisiak
Thanks Alex Vandiver for the report. Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca. Backport of 779cd28acb1f7eb06f629c0ea4ded99b5ebb670a from main.
2023-09-11[4.2.x] Fixed #34821 -- Prevented DEFAULT_FILE_STORAGE/STATICFILES_STORAGE ↵Mariusz Felisiak
settings from mutating the main STORAGES. Regression in 6b965c600054f970bdf94017ecf2e0e6e0a4326b. Backport of a7c73b944f51d6c92ec876fd7e0a171e7c01657d from main
2023-09-04[4.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in ↵Mariusz Felisiak
django.utils.encoding.uri_to_iri(). Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-09-01[4.2.x] Fixed #34803 -- Fixed queryset crash when filtering againts deeply ↵willzhao
nested OuterRef annotations. Thanks Pierre-Nicolas Rigal for the report. Regression in c67ea79aa981ae82595d89f8018a41fcd842e7c9. Backport of 9cc0d7f7f85cecc3ad15bbc471fe6a08e4f515b6 from main
2023-08-19[4.2.x] Fixed #34779 -- Avoided unnecessary selection of non-nullable m2m ↵Juan Alvarez
fields without natural keys during serialization. By using `select_related(None)` instead of `select_related()`, the unnecessary joins are completely avoided. Note that the current tests already covers the change, when the field is not `null=True`. Regression in f9936deed1ff13b20e18bd9ca2b0750b52706b6c. Backport of 517d3bb4dd17e9c51690c98d747b86a0ed8b2fbf from main
2023-08-18[4.2.x] Fixed #34773 -- Fixed syncing ↵Mariusz Felisiak
DEFAULT_FILE_STORAGE/STATICFILES_STORAGE settings with STORAGES. Thanks Petr Dlouhý for the report. Bug in 32940d390a00a30a6409282d314d617667892841. Backport of 6b965c600054f970bdf94017ecf2e0e6e0a4326b from main
2023-08-04[4.2.x] Fixed #34754 -- Fixed JSONField check constraints validation on NULL ↵Simon Charette
values. The __isnull lookup of JSONField must special case Value(None, JSONField()) left-hand-side in order to be coherent with its convoluted null handling. Since psycopg>=3 offers no way to pass a NULL::jsonb the issue is resolved by optimizing IsNull(Value(None), True | False) to True | False. Regression in 5c23d9f0c32f166c81ecb6f3f01d5077a6084318. Thanks Alexandre Collet for the report. Backport of 3434dbd39d373df7193ad006b970c09c1a909ea3 from main
2023-08-01[4.2.x] Fixed #34750 -- Fixed QuerySet.count() when grouping by unused ↵Mariusz Felisiak
multi-valued annotations. Thanks Toan Vuong for the report. Thanks Simon Charette for the review. Regression in 59bea9efd2768102fc9d3aedda469502c218e9b7. Backport of c9b9a52edc66be117c6e5b5214fa788a4d5db7a8 from main
2023-07-30[4.2.x] Fixed warnings per flake8 6.1.0.Mariusz Felisiak
Backport of 22b0b73c7732ba67db4e69fd9fa75aad84c8e5c4 from main
2023-07-30[4.2.x] Fixed #34748 -- Fixed queryset crash when grouping by a reference in ↵Simon Charette
a subquery. Regression in dd68af62b2b27ece50d434f6a351877212e15c3f. Thanks Toan Vuong for the report. Backport of 4087367ba869be9cf305dac39a8887d4aa4041d2 from main
2023-07-19[4.2.x] Fixed #34717 -- Fixed QuerySet.aggregate() crash when referencing ↵Simon Charette
window functions. Regression in 59bea9efd2768102fc9d3aedda469502c218e9b7. Refs #28477. Thanks younes-chaoui for the report. Backport of 68912e4f6f84f21322f92a2c7b6c77f68f91b9c9 from main
2023-07-03[4.2.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator ↵Mariusz Felisiak
and URLValidator. Thanks Seokchan Yoon for reports.
2023-06-13[4.2.x] Refs #30220 -- Bumped required version of Selenium to 3.8.0.Mariusz Felisiak
Follow up to 8d010f39869f107820421631111417298d1c5bb9. Backport of 06881341d48dd17a4fdf25afc96991de4fb3b1ac from main
2023-06-09[4.2.x] Fixed #34645 -- Restored alignment for admin date/time timezone ↵Mariusz Felisiak
warnings. Regression in 96a598356a9ea8c2c05b22cadc12e256a3b295fd. Backport of caf80cb41f13e84803a94928282cae75333bbdfc from main
2023-06-04[4.2.x] Fixed #34620 -- Fixed serialization crash on m2m fields without ↵Mariusz Felisiak
natural keys when base querysets use select_related(). Regression in 19e0587ee596debf77540d6a08ccb6507e60b6a7. Thanks Martin Svoboda for the report. Backport of f9936deed1ff13b20e18bd9ca2b0750b52706b6c from main
2023-06-01[4.2.x] Fixed #34612 -- Fixed QuerySet.only() crash on reverse relationships.Simon Charette
Regression in b3db6c8dcb5145f7d45eff517bcd96460475c879. Thanks Ian Cubitt for the report. This also corrected test_inheritance_deferred2() test which was previously properly defined and marked as an expected failure but was then wrongly adjusted to mask the lack of support for per-alias deferral that was fixed by #21204. Backport of 2cf76f2d5d1aa16acfadaf53db3d30128a34b088 from main
2023-05-24[4.2.x] Fixed #34590 -- Reverted "Refs #33308 -- Improved adapting ↵David Sanders
DecimalField values to decimal." This reverts 7990d254b0af158baf827fafbd90fe8e890f23bd. Thanks Marc Odermatt for the report. Backport of 0c1518ee429b01c145cf5b34eab01b0b92f8c246 from main
2023-05-23[4.2.x] Refs #34118 -- Fixed ↵Mariusz Felisiak
FunctionalTests.test_cached_property_reuse_different_names() on Python 3.12+. Python 3.12+ no longer wraps exceptions in __set_name__, see https://github.com/python/cpython/commit/55c99d97e14618dfce41472dd4446f763b0da13f Backport of fc9c90d9c4611d441d2617a7d74f622b1f520f7c from main
2023-05-23[4.2.x] Fixed #34551 -- Fixed QuerySet.aggregate() crash when referencing ↵Simon Charette
subqueries. Regression in 59bea9efd2768102fc9d3aedda469502c218e9b7. Refs #28477. Thanks Denis Roldán and Mariusz for the test. Backport of e5c844d6f2a4ac6ae674d741b5f1fa2a688cedf4 from main
2023-05-23[4.2.x] Refs #34551 -- Fixed QuerySet.aggregate() crash on precending ↵Simon Charette
aggregation reference. Regression in 1297c0d0d76a708017fe196b61a0ab324df76954. Refs #31679. Backport of 2ee01747c32a7275a7a1a5f7862acba7db764921 from main
2023-05-17[4.2.x] Fixed #34568 -- Made makemigrations --update respect --name option.Mariusz Felisiak
Thanks David Sanders for the report. Backport of c52f4295f254e1c14af769d22b1a5f516a941f58 from main
2023-05-17[4.2.x] Fixed #34570 -- Silenced noop deferral of many-to-many and GFK.Simon Charette
While deferring many-to-many and GFK has no effect, the previous implementation of QuerySet.defer() ignore them instead of crashing. Regression in b3db6c8dcb5145f7d45eff517bcd96460475c879. Thanks Paco Martínez for the report. Backport of 99e5dff737cd20b12d060e4794e097063b61ec40 from main
2023-05-16[4.2.x] Fixed #34539 -- Restored get_prep_value() call when adapting JSONFields.Julie Rymer
Regression in 5c23d9f0c32f166c81ecb6f3f01d5077a6084318. Backport of 0ec60661e61b153e6bcec64649b1b7f524eb3e18 from main
2023-05-08[4.2.x] Fixed #34544 -- Avoided DBMS_LOB.SUBSTR() wrapping with IS NULL ↵Mariusz Felisiak
condition on Oracle. Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca. Thanks Michael Smith for the report. This also reverts commit 1e4da439556cdd69eb9f91e07f99cf77997e70d2. Backport of 1586a09b7949bbb7b0d84cb74ce1cadc25cbb355 from main
2023-05-04[4.2.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if ↵Mariusz Felisiak
Pillow isn't installed. Follow up to fb4c55d9ec4bb812a7fb91fa20510d91645e411b. Backport of fcfbf08abe3e6dc54894df6988024f055abc6c40 from main
2023-05-03[4.2.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of ↵Mariusz Felisiak
validation when uploading multiple files using one form field. Thanks Moataz Al-Sharida and nawaik for reports. Co-authored-by: Shai Berger <shai@platonix.com> Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-05-03[4.2.x] Fixed #34529, Refs #34525 -- Reduced index operations with ↵Mariusz Felisiak
Meta.indexes/index_together when optimizing migrations. This makes squashing migrations an available path for changing Meta.index_together, which is deprecated, to Meta.indexes. Follow up to f81032572107846922745b68d5b7191058fdd5f5. Backport of 8e2460d599aec95f8cfe514d3cc8acdd4ca4b1fb from main.
2023-05-02[4.2.x] Fixed #34515 -- Made LocaleMiddleware prefer language from paths ↵Mariusz Felisiak
when i18n patterns are used. Regression in 94e7f471c4edef845a4fe5e3160132997b4cca81. This reverts commit 94e7f471c4edef845a4fe5e3160132997b4cca81 (refs #34069) and partly reverts commit 3b4728310a7a64f8fcc548163b0aa5f98a5c78f5. Thanks Anthony Baillard for the report. Co-Authored-By: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Backport of 0e444e84f87d174713a2aef0c4f9704ce2865586 from main
2023-04-26[4.2.x] Fixed #34512 -- Restored breadcrumbs on admin app index view.Mariusz Felisiak
Thanks Adam (ataylor32) for the report. Regression in 872b61193b013a700ff88cf50f0eb2cf2c266ff7. Backport of 9440f6ba41e5e96458cd7949fc6d605ef5bd09e9 from main
2023-04-14[4.2.x] Refs #34483 -- Fixed timesince()/timeuntil() with timezone-aware ↵Mariusz Felisiak
dates on different days and interval less than 1 day. Follow up to 813015d67e2557fa859a07930a9becec4e5f64a0. Regression in 8d67e16493c903adc9d049141028bc0fff43f8c8. Backport of 198a19b692699ad3940373d9ed797fe9155f3f4a from main
2023-04-14[4.2.x] Fixed #34486 -- Fixed DatabaseOperations.compose_sql() crash with no ↵Scott Macpherson
existing database connection on PostgreSQL. Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca. Backport of 53aee470d5b35e2708864d5221d2b5655e10c091 from main
2023-04-14[4.2.x] Refs #34483 -- Fixed utils_tests.test_timesince crash on Python 3.8.Mariusz Felisiak
2023-04-13[4.2.x] Fixed #34483 -- Fixed timesince()/timeuntil() with timezone-aware ↵nessita
dates and interval less than 1 day. Regression in 8d67e16493c903adc9d049141028bc0fff43f8c8. Thanks Lorenzo Peña for the report. Backport of 813015d67e2557fa859a07930a9becec4e5f64a0 from main
2023-04-12[4.2.x] Refs #34482 -- Reverted "Fixed #32969 -- Fixed pickling HttpResponse ↵Mariusz Felisiak
and subclasses." This reverts commit d7f5bfd241666c0a76e90208da1e9ef81aec44db. Thanks Márton Salomváry for the report. Backport of 173034b00589c083793d495e8b07e35be2cb1cf0 from main
2023-04-12[4.2.x] Fixed #34484, Refs #34482 -- Reverted "Fixed #29186 -- Fixed ↵Mariusz Felisiak
pickling HttpRequest and subclasses." This reverts commit 6220c445c40a6a7f4d442de8bde2628346153963. Thanks Adam Johnson and Márton Salomváry for reports. Backport of 280ca147af9cdfce1ca9cb14cc3c5527ff6c7a02 from main
2023-04-10[4.2.x] Fixed #34455 -- Restored i18n_patterns() respect of ↵sarahboyce
prefix_default_language argument when fallback language is used. Regression in 94e7f471c4edef845a4fe5e3160132997b4cca81. Thanks Oussama Jarrousse for the report. Backport of 3b4728310a7a64f8fcc548163b0aa5f98a5c78f5 from main
2023-04-07[4.2.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on ↵Mariusz Felisiak
Python 3.11.4+. https://github.com/python/cpython/commit/5342f5e713e0cc45b6f226d2d053a8cde1b4d68e Follow up to 38e63c9e61152682f3ff982c85a73793ab6d3267. Backport of 2eb1f37260f0e0b71ef3a77eb5522d2bb68d6489 from main
2023-04-07[4.2.x] Fixed #34470 -- Enforced UTF-8 encoding on PostgreSQL.Mariusz Felisiak
Regression in 6a2165816394ab4bb259f6171e82417e098e97a6. Backport of 5b8a043bf51ab8bcf4a758d0b4646f30a84be183 from main
2023-04-07[4.2.x] Fixed #34466 -- Reallowed setting cursor_factory in ↵Anders Kaseorg
DATABASES["options"] on PostgreSQL. Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca. Backport of 73cbb372baa45d1fdafd571e2f430a980831f722 from main
2023-04-07[4.2.x] Fixed #34464 -- Fixed queryset aggregation over group by reference.Simon Charette
Regression in 59bea9efd2768102fc9d3aedda469502c218e9b7. Refs #28477. Thanks Ian Cubitt for the report. Backport of 9daf8b4109c3e133eb57349bb44d73cc60c5773c from main
2023-04-06[4.2.x] Fixed #34459 -- Fixed SearchVector() crash for parameters with % symbol.Mariusz Felisiak
Thanks Patryk Zawadzki for the report. Regression in 09ffc5c1212d4ced58b708cbbf3dfbfb77b782ca. Backport of 4bf4222010fd8e413963c6c873e4088614332ef9 from main
2023-04-06[4.2.x] Moved SearchVectorIndexTests.test_search_vector_index to ↵Mariusz Felisiak
postgres_tests.test_indexes. Backport of 02a04ab79ae8c9e1aa10a91ee8b73fc5252a58e8 from main
2023-04-05[4.2.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on ↵Mariusz Felisiak
Python 3.12+. https://github.com/python/cpython/commit/2a4d8c0a9e88f45047da640ce5a92b304d2d39b1 Backport of 38e63c9e61152682f3ff982c85a73793ab6d3267 from main
2023-04-05[4.2.x] Fixed #34458 -- Fixed QuerySet.defer() crash on attribute names.Simon Charette
Thanks Andrew Cordery for the report. Regression in b3db6c8dcb5145f7d45eff517bcd96460475c879. Backport of 87c63bd8df0eb0109df333df1264c6a96707d6a4 from main