From 04f869a80cb41a3e8c6d555cccb305fe7602753b Mon Sep 17 00:00:00 2001 From: Luke Plant Date: Sat, 14 Nov 2009 19:13:33 +0000 Subject: Fixed #12198 - CSRF changes not clearly noted in docs. The docs no longer unhelpfully point to BackwardsIncompatibleChanges, and instead a section has been added to help those upgrading and those following trunk. Tentative 1.2 release notes added. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11738 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- docs/index.txt | 4 +-- docs/releases/1.1.txt | 8 ++++-- docs/releases/1.2-alpha.txt | 52 --------------------------------- docs/releases/1.2.txt | 70 +++++++++++++++++++++++++++++++++++++++++++++ docs/releases/index.txt | 21 ++++++++++---- 5 files changed, 92 insertions(+), 63 deletions(-) delete mode 100644 docs/releases/1.2-alpha.txt create mode 100644 docs/releases/1.2.txt (limited to 'docs') diff --git a/docs/index.txt b/docs/index.txt index d03f90c117..b946600aec 100644 --- a/docs/index.txt +++ b/docs/index.txt @@ -201,7 +201,5 @@ The Django open-source project * **Django over time:** :ref:`API stability ` | - :ref:`Archive of release notes ` | `Backwards-incompatible changes`_ | + :ref:`Release notes ` | :ref:`Deprecation Timeline ` - -.. _Backwards-incompatible changes: http://code.djangoproject.com/wiki/BackwardsIncompatibleChanges diff --git a/docs/releases/1.1.txt b/docs/releases/1.1.txt index cd4bdc5e96..c69a4de2e4 100644 --- a/docs/releases/1.1.txt +++ b/docs/releases/1.1.txt @@ -14,8 +14,10 @@ fixes, and an easy upgrade path from Django 1.0. .. _new features: `What's new in Django 1.1`_ -Backwards-incompatible changes -============================== +.. _backwards-incompatible-changes-1.1: + +Backwards-incompatible changes in 1.1 +===================================== Django has a policy of :ref:`API stability `. This means that, in general, code you develop against Django 1.0 should continue to work @@ -150,6 +152,8 @@ Django 1.1 adds a ``permanent`` argument to the backwards-incompatible if you were using the ``redirect_to`` view with a format-string key called 'permanent', which is highly unlikely. +.. _deprecated-features-1.1: + Features deprecated in 1.1 ========================== diff --git a/docs/releases/1.2-alpha.txt b/docs/releases/1.2-alpha.txt deleted file mode 100644 index 5a0815bf36..0000000000 --- a/docs/releases/1.2-alpha.txt +++ /dev/null @@ -1,52 +0,0 @@ - -Backwards-incompatible changes -============================== - -CSRF Protection ---------------- - -There have been large changes to the way that CSRF protection works, detailed in -:ref:`the CSRF documentaton `. The following are the major -changes that developers must be aware of: - - * ``CsrfResponseMiddleware`` and ``CsrfMiddleware`` have been deprecated, and - will be removed completely in Django 1.4, in favour of a template tag that - should be inserted into forms. - - * All contrib apps use a ``csrf_protect`` decorator to protect the view. This - requires the use of the csrf_token template tag in the template, so if you - have used custom templates for contrib views, you MUST READ THE UPGRADE - INSTRUCTIONS to fix those templates. - - * ``CsrfViewMiddleware`` is included in :setting:`MIDDLEWARE_CLASSES` by - default. This turns on CSRF protection by default, so that views that accept - POST requests need to be written to work with the middleware. Instructions - on how to do this are found in the CSRF docs. - - * All of the CSRF has moved from contrib to core (with backwards compatible - imports in the old locations, which are deprecated). - -LazyObject ----------- - -``LazyObject`` is an undocumented utility class used for lazily wrapping other -objects of unknown type. In Django 1.1 and earlier, it handled introspection in -a non-standard way, depending on wrapped objects implementing a public method -``get_all_members()``. Since this could easily lead to name clashes, it has been -changed to use the standard method, involving ``__members__`` and ``__dir__()``. -If you used ``LazyObject`` in your own code, and implemented the -``get_all_members()`` method for wrapped objects, you need to make the following -changes: - - * If your class does not have special requirements for introspection (i.e. you - have not implemented ``__getattr__()`` or other methods that allow for - attributes not discoverable by normal mechanisms), you can simply remove the - ``get_all_members()`` method. The default implementation on ``LazyObject`` - will do the right thing. - - * If you have more complex requirements for introspection, first rename the - ``get_all_members()`` method to ``__dir__()``. This is the standard method, - from Python 2.6 onwards, for supporting introspection. If you are require - support for Python < 2.6, add the following code to the class:: - - __members__ = property(lambda self: self.__dir__()) diff --git a/docs/releases/1.2.txt b/docs/releases/1.2.txt new file mode 100644 index 0000000000..f67588926c --- /dev/null +++ b/docs/releases/1.2.txt @@ -0,0 +1,70 @@ +.. _releases-1.2: + +============================================ +Django 1.2 release notes — UNDER DEVELOPMENT +============================================ + +This page documents release notes for the as-yet-unreleased Django 1.2. As such +it is tentative and subject to change. It provides up-to-date information for +those who are following trunk. + +.. _backwards-incompatible-changes-1.2: + +Backwards-incompatible changes in 1.2 +===================================== + +CSRF Protection +--------------- + +There have been large changes to the way that CSRF protection works, detailed in +:ref:`the CSRF documentaton `. The following are the major +changes that developers must be aware of: + + * ``CsrfResponseMiddleware`` and ``CsrfMiddleware`` have been deprecated, and + will be removed completely in Django 1.4, in favour of a template tag that + should be inserted into forms. + + * All contrib apps use a ``csrf_protect`` decorator to protect the view. This + requires the use of the csrf_token template tag in the template, so if you + have used custom templates for contrib views, you MUST READ THE UPGRADE + INSTRUCTIONS to fix those templates. + + * ``CsrfViewMiddleware`` is included in :setting:`MIDDLEWARE_CLASSES` by + default. This turns on CSRF protection by default, so that views that accept + POST requests need to be written to work with the middleware. Instructions + on how to do this are found in the CSRF docs. + + * All of the CSRF has moved from contrib to core (with backwards compatible + imports in the old locations, which are deprecated). + +LazyObject +---------- + +``LazyObject`` is an undocumented utility class used for lazily wrapping other +objects of unknown type. In Django 1.1 and earlier, it handled introspection in +a non-standard way, depending on wrapped objects implementing a public method +``get_all_members()``. Since this could easily lead to name clashes, it has been +changed to use the standard method, involving ``__members__`` and ``__dir__()``. +If you used ``LazyObject`` in your own code, and implemented the +``get_all_members()`` method for wrapped objects, you need to make the following +changes: + + * If your class does not have special requirements for introspection (i.e. you + have not implemented ``__getattr__()`` or other methods that allow for + attributes not discoverable by normal mechanisms), you can simply remove the + ``get_all_members()`` method. The default implementation on ``LazyObject`` + will do the right thing. + + * If you have more complex requirements for introspection, first rename the + ``get_all_members()`` method to ``__dir__()``. This is the standard method, + from Python 2.6 onwards, for supporting introspection. If you are require + support for Python < 2.6, add the following code to the class:: + + __members__ = property(lambda self: self.__dir__()) + +.. _deprecated-features-1.2: + +Features deprecated in 1.2 +========================== + +None. diff --git a/docs/releases/index.txt b/docs/releases/index.txt index e5c4fde537..7b0f30e9a2 100644 --- a/docs/releases/index.txt +++ b/docs/releases/index.txt @@ -24,11 +24,20 @@ changes made in that version. 1.1-rc-1 1.1 -.. seealso:: +Upgrading +========= - The list of `backwards-incompatible changes`_ made in the current - development "trunk". If you're running versions of Django newer than an - official release, you should keep track of new pieces pointed there. It's - also fun reading if you're looking forward to new versions of Django. +For those upgrading to a new version of Django, you will need to check all the +backwards-incompatible changes and deprecated features for each 'final' release +from the one after your old version up to and including your new version. The +relevant sections of the release notes are linked below below for your +convenience. -.. _backwards-incompatible changes: http://code.djangoproject.com/wiki/BackwardsIncompatibleChanges +For those following trunk, the tentative release notes for the next version to +be released are also included at the bottom. This is kept up to date with new +features and changes that you need to be aware of. + + * :ref:`backwards-incompatible-changes-1.1` + * :ref:`deprecated-features-1.1` + * :ref:`backwards-incompatible-changes-1.2` + * :ref:`deprecated-features-1.2` -- cgit v1.3