| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-02-14 | Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. | Markus Holtermann | |
| Thanks to Jakob Ackermann for the report. | |||
| 2023-02-13 | Fixed #34316 -- Fixed layout of admin password change forms and help texts. | sarahboyce | |
| Regression in 96a598356a9ea8c2c05b22cadc12e256a3b295fd. | |||
| 2023-02-11 | Fixed #33213 -- Doc'd testing code coverage in parallel and used it. | Paolo Melchiorre | |
| 2023-02-10 | Fixed #32813 -- Made runserver display port after binding. | Dhanush | |
| Thanks Florian Apolloner for the review. | |||
| 2023-02-08 | Fixed #34303 –- Allowed customizing admin site log entry list. | Jacob Rief | |
| Added AdminSite.get_log_entries() as an override point and made this available to the template via each_context(). | |||
| 2023-02-08 | Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError ↵ | Mariusz Felisiak | |
| with no code. Thanks Mateusz Kurowski for the report. Regression in 667105877e6723c6985399803a364848891513cc. | |||
| 2023-02-08 | Fixed #34315 -- Preserved admin changelist filters on "Close" button. | Bakdolot | |
| 2023-02-07 | Removed hardcoded date in SetCookieTests.test_far_expiration(). | Bernhard M. Wiedemann | |
| Follow up to a92c83828785f12dcf90477413c2d04e1855fbb9. | |||
| 2023-02-07 | Fixed #34285 -- Fixed index/slice lookups on filtered aggregates with ↵ | Nils VAN ZUIJLEN | |
| ArrayField. Thanks Simon Charette for the review. | |||
| 2023-02-07 | Fixed #33638 -- Fixed GIS lookups crash with geography fields on PostGIS. | Jacob Walls | |
| 2023-02-07 | Fixed #34301 -- Made admin's submit_row check add permission for "Save as ↵ | Frederic Mheir | |
| new" button. | |||
| 2023-02-04 | Increased the default PBKDF2 iterations for Django 5.0. | Mariusz Felisiak | |
| Follow up to 9a1848f48c1f7f627a52b2063a8a8428e77765d6. | |||
| 2023-02-03 | Fixed #34259 -- Passed called_from_command_line to command subparsers. | Adam Johnson | |
| 2023-02-02 | Fixed #34286 -- Fixed admindocs markups for case-sensitive template/view names. | skidipap | |
| 2023-02-01 | Refs #33476 -- Applied Black's 2023 stable style. | David Smith | |
| Black 23.1.0 is released which, as the first release of the year, introduces the 2023 stable style. This incorporates most of last year's preview style. https://github.com/psf/black/releases/tag/23.1.0 | |||
| 2023-02-01 | Fixed CVE-2023-23969 -- Prevented DoS with pathological values for ↵ | Nick Pope | |
| Accept-Language. The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Accept-Language headers are now limited to a maximum length in order to avoid this issue. | |||
| 2023-01-31 | Fixed #34304 -- Made MySQL's SchemaEditor.remove_constraint() don't create ↵ | sage | |
| foreign key index when unique constraint is ignored. Regression in b731e8841558ee4caaba766c83f34ea9c7004f8b. | |||
| 2023-01-30 | Fixed #34283 -- Escaped title in admin's changelist filters. | Stanislav Volyk | |
| Regression in 27aa7035f57f0db30b6632e4274e18b430906799. | |||
| 2023-01-27 | Fixed #28054 -- Made runserver not return response body for HEAD requests. | Sarah Boyce | |
| Co-authored-by: jannschu <jannik.schuerg@posteo.de> | |||
| 2023-01-26 | Fixed #34254 -- Fixed return value of Exists() with empty queryset. | Raj Desai | |
| Thanks Simon Charette for reviews. | |||
| 2023-01-26 | Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint ↵ | Mariusz Felisiak | |
| with ordered expressions. Thanks Dan F for the report. Bug in 667105877e6723c6985399803a364848891513cc. | |||
| 2023-01-24 | Fixed #34227 -- Fixed QuerySet.select_related() with multi-level ↵ | 朱穆穆 | |
| FilteredRelation. | |||
| 2023-01-23 | Fixed #34192 -- Preserved callable storage when it returns default_storage. | Matt Westcott | |
| 2023-01-20 | Fixed #34267 -- Fixed sliced QuerySet.union() crash. | Francesco Panico | |
| Regression in 3d734c09ff0138441dfe0a59010435871d17950f. Thanks Raphaël Stefanini for the report. | |||
| 2023-01-20 | Fixed #34266 -- Added ClosestPoint GIS database functions. | Niccolò Mineo | |
| 2023-01-19 | Fixed #34272 -- Fixed floatformat crash on zero with trailing zeros to zero ↵ | David Wobrock | |
| decimal places. Regression in 08c5a787262c1ae57f6517d4574b54a5fcaad124. Thanks Andrii Lahuta for the report. | |||
| 2023-01-19 | Refs #32528 -- Simplified Media.merge(). | Nick Pope | |
| This avoids building up a second datastructure for the duplicate files warning case and simply flatten and strip duplicates if that case ever arises. | |||
| 2023-01-19 | Fixed #32528 -- Replaced django.utils.topological_sort with ↵ | Nick Pope | |
| graphlib.TopologicalSort(). graphlib.TopologicalSort() is available since Python 3.9. | |||
| 2023-01-18 | Refs #34233 -- Used str.removeprefix()/removesuffix(). | Mariusz Felisiak | |
| 2023-01-18 | Refs #34233 -- Used types.NoneType. | Nick Pope | |
| Available since Python 3.10 where it was reintroduced. | |||
| 2023-01-18 | Refs #34233 -- Used aiter() and anext(). | Nick Pope | |
| Available since Python 3.10. | |||
| 2023-01-18 | Refs #32339 -- Deprecated transitional form renderers. | Mariusz Felisiak | |
| 2023-01-18 | Fixed #34233 -- Dropped support for Python 3.8 and 3.9. | Mariusz Felisiak | |
| 2023-01-17 | Increased the default PBKDF2 iterations for Django 5.0. | Mariusz Felisiak | |
| 2023-01-17 | Advanced deprecation warnings for Django 5.0. | Mariusz Felisiak | |
| 2023-01-17 | Refs #33263 -- Removed warning in BaseDeleteView when delete() method is ↵ | Mariusz Felisiak | |
| overridden. | |||
| 2023-01-17 | Refs #33543 -- Made Expression.asc()/desc() and OrderBy raise ValueError ↵ | Mariusz Felisiak | |
| when nulls_first/nulls_last=False is passed. Per deprecation timeline. | |||
| 2023-01-17 | Refs #32339 -- Changed default form and formset rendering style to div-based. | Mariusz Felisiak | |
| Per deprecation timeline. This also removes "django/forms/default.html" and "django/forms/formsets/default.html" templates. | |||
| 2023-01-17 | Refs #33691 -- Removed django.contrib.auth.hashers.CryptPasswordHasher per ↵ | Mariusz Felisiak | |
| deprecation timeline. | |||
| 2023-01-17 | Refs #33348 -- Removed support for passing response object and form/formset ↵ | Mariusz Felisiak | |
| name to SimpleTestCase.assertFormError()/assertFormSetError(). Per deprecation timeline. | |||
| 2023-01-17 | Refs #32365 -- Removed django.utils.timezone.utc per deprecation timeline. | Mariusz Felisiak | |
| 2023-01-17 | Refs #15619 -- Removed support for logging out via GET requests. | Mariusz Felisiak | |
| Per deprecation timeline. | |||
| 2023-01-17 | Refs #33561 -- Made created=True required in signature of ↵ | Mariusz Felisiak | |
| RemoteUserBackend.configure_user() subclasses. Per deprecation timeline. | |||
| 2023-01-17 | Refs #31486 -- Removed ability to pass unsaved model instances to related ↵ | Mariusz Felisiak | |
| filters. Per deprecation timeline. | |||
| 2023-01-17 | Refs #29984 -- Made QuerySet.iterator() without chunk_size raise ValueError ↵ | Mariusz Felisiak | |
| after prefetch_related(). Per deprecation timeline. | |||
| 2023-01-17 | Refs #29708 -- Removed PickleSerializer per deprecation timeline. | Mariusz Felisiak | |
| 2023-01-17 | Refs #33348 -- Removed support for passing errors=None to ↵ | Mariusz Felisiak | |
| SimpleTestCase.assertFormError()/assertFormsetErrors(). Per deprecation timeline. | |||
| 2023-01-17 | Refs #33342 -- Removed ExclusionConstraint.opclasses per deprecation timeline. | Mariusz Felisiak | |
| 2023-01-17 | Refs #30127 -- Removed name argument for ↵ | Mariusz Felisiak | |
| django.utils.functional.cached_property(). Per deprecation timeline. | |||
| 2023-01-17 | Refs #32800 -- Removed CSRF_COOKIE_MASKED transitional setting per ↵ | Mariusz Felisiak | |
| deprecation timeline. | |||
