summaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2026-03-25Fixed #36913 -- Optimized MultipleChoiceField.validate().afenoum
2026-03-24Refs #36494 -- Prevented crash in JSONField numeric lookups with expressions.Vignesh Anand
2026-03-24Fixed #36976 -- Made admin action counter a live region for screen readers.davitacols
2026-03-21Refs #36883 -- Split monolithic aggregation/lookup/queries tests.Tim Graham
2026-03-19Fixed #36958 -- Reloaded logging config when logging settings are changed in ↵SnippyCodes
tests. Thanks JaeHyuck Sa and Jake Howard for the reviews.
2026-03-19Refs #36795 -- Deprecated SQLCompiler.quote_name_unless_alias().Simon Charette
It has been superseded with .quote_name(), which ensures aliases are always quoted.
2026-03-19Refs #36795 -- Removed unnecessary prohibits_dollar_signs_in_column_aliases ↵Simon Charette
feature flag. Now that user provided aliases are systematically quoted there is no need to disallow the usage of the dollar sign on Postgres.
2026-03-19Fixed #36795 -- Enforced quoting of all database object names.Simon Charette
This ensures all database identifiers are quoted independently of their orign and most importantly that user provided aliases through annotate() and alias() which paves the way for dropping the allow list of characters such aliases can contain. This will require adjustments to raw SQL interfaces such as RawSQL that might make reference to ORM managed annotations as these will now be quoted. The `SQLCompiler.quote_name_unless_alias` method is kept for now as an alias for the newly introduced `.quote_name` method but will be duly deprecated in a follow up commit.
2026-03-18Fixed #36926 -- Made admin use boolean icons for related BooleanFields in ↵huwaiza tahir
list_display. When using related field lookups like 'parent__is_active' in list_display, the admin now correctly detects if the final field is a BooleanField and displays boolean icons instead of 'True'/'False' text. Modified lookup_field() in django/contrib/admin/utils.py to retrieve the final field from the path when traversing relations using LOOKUP_SEP (__), allowing display_for_field() to properly handle BooleanFields.
2026-03-18Fixed #36987 -- Observed prepared argument in UUIDField.get_db_prep_value().Jacob Walls
This avoids two isinstance() calls per UUID value.
2026-03-17Refs #470 -- Fixed further field_defaults test failures due to year-end ↵Jacob Walls
boundary conditions. Follow-up to 352d860b9107adbcde0f1fe5d0fce8e9090a51e4. Overriding USE_TZ=True during a test creates drift between the SQL compiled for inserted values versus the deployed database default, as Extract() inquires of the current timezone. To resolve this, leave USE_TZ=False and make UTC explicit when asserting the result.
2026-03-16Fixed #36859 -- Made assertContains and assertNotContains idempotent for ↵Baptiste Mispelon
streaming responses.
2026-03-16Fixed #36894 -- Added TypeError for conflicting arguments in mail APIs.Praful Gulani
A TypeError is now raised if fail_silently=True, auth_user, or auth_password are provided along a connection. Updated AdminEmailHandler in django.utils.log to remove redundant fail_silently=True. Thanks Mike Edmunds for the report and Jacob Tyler Walls for the review.
2026-03-16Fixed #36906 -- Handled coalescing JSON-primitive strings and JSON values on ↵Kanin Kearpimy
Oracle.
2026-03-14Refs #12529, #22325 -- Fixed ExecutorTests.test_custom_user isolation.Mariusz Felisiak
2026-03-13Fixed #36966 -- Fixed ValueError when `query_params` and `follow` are used ↵Marc Gibbons
on test client.
2026-03-13Refs #36735 -- Adjusted UUID7 assertions for timezone shifts.Mariusz Felisiak
Thanks Simon Charette and Jacob Walls for reviews.
2026-03-12Fixed #36727 -- Deprecated Field.get_placeholder in favor of ↵Simon Charette
get_placeholder_sql. The lack of ability of the get_placeholder call chain to return SQL and parameters separated so they can be mogrified by the backend at execution time forced implementations to dangerously interpolate potentially user controlled values. The get_placeholder_sql name was chosen due to its proximity to the previous method, but other options such as Field.as_sql were considered but ultimately rejected due to its different input signature compared to Expression.as_sql that might have lead to confusion. There is a lot of overlap between what Field.get_db_prep_value and get_placeholder_sql do but folding the latter in the former would require changing its return signature to return expression which is a way more invasive change than what is proposed here. Given we always call get_db_prep_value it might still be an avenue worth exploring in the future to offer a publicly documented interface to allow field to take an active part in the compilation chain. Thanks Jacob for the review.
2026-03-11Refs #28455 -- Implemented private API methods for preventing QuerySet cloning.Keryn Knight
Multiple calls are idempotent assuming they're balanced. Also, multiple calls to disable cloning followed by a single call to re-enable cloning will subsequently cause clones to occur - it is not a stack, just a toggle. @contextlib.contextmanager is intentionally not used for performance reasons: - decorator takes 1.1µs to execute, or 2µs if used correctly in a `with ...:` statement - custom class takes 300ns to execute, or 900ns if used correctly in a `with ...:` statement Based on work originally done by Anssi Kääriäinen and Tim Graham.
2026-03-10Fixed #36943 -- Preserved any exception from URLconf module in autoreloader.varunkasyap
Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2026-03-09Fixed a typo in tests/conditional_processing/tests.py.jun
2026-03-09Fixed #36293 -- Avoided buffering streaming responses in GZipMiddleware.farhan
This avoids latency and/or blocking. The example of streaming a CSV file was rewritten to employ batching for greater efficiency in all layers (db, HTTP, etc.). The improved performance from batching should outweigh the drag introduced by an additional byte for each flush. Co-authored-by: huoyinghui <huoyinghui@users.noreply.github.com>
2026-03-08Fixed #12529 -- Fixed migrate --run-syncdb crash for existing model with ↵Mariusz Felisiak
truncated db_table names.
2026-03-06Fixed #36940 -- Fixed script name edge case in ASGIRequest.path_info.khadyottakale
Paths that happened to begin with the script name were inappropriately stripped, instead of checking that script name preceded a slash.
2026-03-06Fixed #36968 -- Improved error message when collectstatic can't find a ↵James Bligh
referenced file.
2026-03-06Fixed #36679 -- Fixed Basque date formats to use parenthetical declension ↵Unai Loidi
suffixes. Basque (eu) grammar requires conditional suffixes on years and day articles that depend on the final sound of the preceding word. Since Django's format strings are static, the CLDR parenthetical convention ("(e)ko" instead of "ko") is used to express the optionality. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2026-03-06Refs #28877 -- Added special ordinal context when humanizing value 1.Julien Palard
Some languages use a different ordinal suffix for the number 1 than for other values ending in 1 (e.g. 21, 31). Added a dedicated pgettext context "ordinal is 1" to allow translators to handle this distinction. For example, in French, 1 is written as "1er" while 21, 31, etc. use "21e", "31e", etc. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2026-03-04Fixed #21080 -- Ignored urls inside comments during collectstatic.James Bligh
Thanks Mariusz Felisiak for the review. Co-authored-by: Nathan Gaberel <nathan@gnab.fr>
2026-03-03Fixed #36923 -- Added tests for non-hierarchical URI schemes in ↵Natalia
URLField.to_python(). Follow up to 951ffb3832cd83ba672c1e3deae2bda128eb9cca.
2026-03-03Fixed CVE-2026-25674 -- Prevented potentially incorrect permissions on file ↵Natalia
system object creation. This fix introduces `safe_makedirs()` in the `os` utils as a safer alternative to `os.makedirs()` that avoids umask-related race conditions in multi-threaded environments. This is a workaround for https://github.com/python/cpython/issues/86533 and the solution is based on the fix being proposed for CPython. Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> Co-authored-by: Zackery Spytz <zspytz@gmail.com> Refs CVE-2020-24583 and #31921. Thanks Tarek Nakkouch for the report, and Jake Howard, Jacob Walls, and Shai Berger for reviews.
2026-03-03Fixed CVE-2026-25673 -- Simplified URLField scheme detection.Natalia
This simplicaftion mitigates a potential DoS in URLField on Windows. The usage of `urlsplit()` in `URLField.to_python()` was replaced with `str.partition(":")` for URL scheme detection. On Windows, `urlsplit()` performs Unicode normalization which is slow for certain characters, making `URLField` vulnerable to DoS via specially crafted POST payloads. Thanks Seokchan Yoon for the report, and Jake Howard and Shai Berger for the review. Refs #36923. Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2026-03-02Fixed #36961 -- Fixed TypeError in deprecation warnings if Django is ↵Jacob Walls
imported by namespace.
2026-02-28Fixed #36914 -- Fixed background-color to also apply to select options in ↵Antoliny0919
TabularInline.
2026-02-27Fixed #36946 -- Respected test database name when running tests in parallel ↵S​age Abdullah
on SQLite. The "spawn" and "forkserver" multiprocessing modes were affected.
2026-02-27Refs #35972 -- Returned params in a tuple in further expressions.Jacob Walls
2026-02-27Fixed #27489 -- Renamed permissions upon model renaming in migrations.Artyom Kotovskiy
Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2026-02-27Fixed #34643 -- Moved inputs beneath labels and errors in admin forms.antoliny0919
Thanks Sarah Boyce and Jacob Walls for reviews. Co-authored-by: Hrushikesh Vaidya <hrushikeshrv@gmail.com>
2026-02-26Fixed #22079 -- Added tests for stripping empty list values in RequestFactory.Anurag Verma
2026-02-26Refs #36936 - Adjusted tests to set PYTHON_COLORS environment variable.Pete Rosenblum
When "FORCE_COLOR" was set in the environment (such as in django-docker-box) several test cases that rely on string comparisons against exception messages or command line results would fail due to ANSI escape sequences being present in the output. This change resolved the issue by setting the "PYTHON_COLORS" environment variable to "0" for those specific tests, which takes precendence over the presence of "FORCE_COLOR".
2026-02-26Fixed #36750 -- Made ordering of M2M objects deterministic in serializers.VIZZARD-X
Co-authored-by: Simon Charette <charette.s@gmail.com> Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2026-02-25Refs #36652, #36936 -- Improved path manipulation in a migration test ↵pmppk
launching a subprocess.
2026-02-25Refs #36879, #36936 -- Fixed typo in RedisCacheTests.test_client_driver_info.pmppk
2026-02-25Fixed #36951 -- Removed empty exc_info from log_task_finished signal handler.Elias Hernandis
Before, if no exception occurred, "None Type: None" was logged.
2026-02-25Fixed #36944 -- Removed MAX_LENGTH_HTML and related 5M chars limit ↵Natalia
references from HTML truncation docs.
2026-02-25Fixed #36839 -- Warned when model renames encounter conflicts from stale ↵AbhimanyuGit2507
ContentTypes.
2026-02-24Fixed #36931 -- Handled LookupError in multipart parser for invalid RFC 2231 ↵sammiee5311
encoding. Added LookupError to the except clause so invalid headers are silently skipped, consistent with other malformed header handling.
2026-02-23Fixed a typo in tests/admin_views/tests.py.Zac Iloka
2026-02-21Fixed #36899 -- Implemented SessionBase.__bool__.Amar
2026-02-21Fixed #36937 -- Added missing positive permission cases in test_client tests.Saish Mungase
2026-02-21Fixed #36935 -- Added fallback in ContentType.app_labeled_name when ↵Marco Aurélio da Rosa Haubrich
model_class() is None. Updated ContentType.app_labeled_name to include the app_label in its string representation. This removed ambiguity for content types whose models were not present in the current codebase (for example, when multiple applications share the same database). Adjusted related tests to reflect the new representation.