summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-01-13[1.7.x] Bumped version for 1.7.3 release.1.7.3Tim Graham
2015-01-13[1.7.x] Added dates to release notes.Tim Graham
2015-01-13[1.7.x] Fixed DoS possibility in ModelMultipleChoiceField.Tim Graham
This is a security fix. Disclosure following shortly. Thanks Keryn Knight for the report and initial patch.
2015-01-13[1.7.x] Prevented views.static.serve() from using large memory on large files.Tim Graham
This is a security fix. Disclosure following shortly.
2015-01-13[1.7.x] Fixed is_safe_url() to handle leading whitespace.Tim Graham
This is a security fix. Disclosure following shortly.
2015-01-13[1.7.x] Stripped headers containing underscores to prevent spoofing in WSGI ↵Carl Meyer
environ. This is a security fix. Disclosure following shortly. Thanks to Jedediah Smith for the report.
2015-01-13[1.7.x] Added stub release notes for security releases.Tim Graham
2015-01-13[1.7.x] Fixed bad model example in admin docs.Collin Anderson
Backport of e7771ec380a116dbef481001fb1ce664f5c7311e from master
2015-01-11[1.7.x] Fixed #24110 -- Rewrote migration unapply to preserve intermediate ↵Markus Holtermann
states Backport of fdc2cc948725866212a9bcc97b9b7cf21bb49b90 and be158e36251df0b07556657da47cdaf10913c57a from master
2015-01-10[1.7.x] Fixed #23967 -- Added formats for GreekSerafeim Papastefanos
Backport of 74f02557e0183812d6d60e2548985c5c40b3d27b from master
2015-01-10[1.7.x] Fixed #24097 -- Prevented AttributeError in redirect_to_loginClaude Paroz
Thanks Peter Schmidt for the report and the initial patch. Thanks to Oktay Sancak for writing the original failing test and Alvin Savoy for supporting contributing back to the community. Backport of d7bc37d61 from master.
2015-01-08[1.7.x] Silenced deprecation warning in test_runner app.Tim Graham
2015-01-08[1.7.x] Silenced initial_data fixtures warning in test suite.Tim Graham
2015-01-08[1.7.x] Fixed #24095 -- Prevented WarningLoggerTests from leaking a warnings ↵Tim Graham
filter. Backport of ade985999657eaef6a9510c2aeba9b2196d7bf6e from master
2015-01-06[1.7.x] Fixed #24083 -- Corrected is_bound nature in forms topic docsClaude Paroz
Thanks ajenhl Trac user for the report. Backport of e0080cf57 from master.
2015-01-06[1.7.x] Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middlewareClaude Paroz
Thanks codeitloadit for the report, living180 for investigations and Tim Graham for the review. Backport of 27dd7e7271 from master.
2015-01-05[1.7.x] Added 1.4.18 release notes.Tim Graham
Backport of ce17b045bf5629aac66f872c3f548205906e04db from master
2015-01-03[1.7.x] Increased the default PBKDF2 iterations.Tim Graham
2015-01-03[1.7.x] Added 1.7.3 release notes stub.Tim Graham
Backport of 439f15beabe2e4d21232798f805ba69367611276 from master
2015-01-03[1.7.x] Fixed #23749 -- Documented how to use the database alias in RunPython.Alfred Perlstein
Thanks Markus Holtermann for review and feedback. Backport of db3f7c15cbf4c9025e83065d1302d0e61d570331 from master
2015-01-03[1.7.x] Fixed #24070 -- Added tutorial topics to doc index.Bibhas
Backport of b738178825ec9378198d77ac69699513774f0884 from master
2015-01-02[1.7.x] Post-release version bump.Tim Graham
2015-01-02[1.7.x] Bumped version for 1.7.2 release.1.7.2Tim Graham
2015-01-02[1.7.x] Added dates to release notes.Tim Graham
Backport of 15cd71ed24945ff7be5716580603fd65c0d45ef7 from master
2015-01-02[1.7.x] Updated six to 1.9.0.Tim Graham
Backport of 52f0b2b62262743d5f935ddae29428e661b5d8ea from master
2015-01-01[1.7.x] Removed obsolete item from deprecation timeline.Tim Graham
Initial SQL data will be removed in Django 1.9 so changes to it aren't relevant. Backport of 1729a5250b052832540cd696df3ff0a0a77baddf from master
2015-01-01[1.7.x] Removed doc note about PasswordResetForm requiring an integer PK.Tim Graham
This limitation was lifted in refs #14881. Backport of a7aaabfaf1fa4c20065ab1133d49f40d4de6b409 from master
2014-12-31[1.7.x] Fixed #23366 -- Fixed a crash with the migrate --list command.Tim Graham
Backport of b4bdd5262b18644456d12a00d475adf9897a9255 from master
2014-12-31[1.7.x] Fixed #24008 -- Fixed ValidationError crash with list of dicts.Andrey Maslov
Backport of 7a878ca5cb50ad65fc465cb263a44cc93629f75c from master
2014-12-31[1.7.x] Renamed tests for util -> utils moves; refs #17627.Tim Graham
Backport of 8a9b0c15a6c0ef60dea3ba3042317520bc201206 from master
2014-12-31[1.7.x] Fixed a queries test on Python 2 broken after importing ↵Tim Graham
six.moves.range(). Backport of 837fc2d8cdfefce375697d95e241836c7be12696 from master
2014-12-31[1.7.x] Fixed #23758 -- Allowed more than 5 levels of subqueriesPiotr Pawlaczek
Refactored bump_prefix() to avoid infinite loop and allow more than than 5 subquires by extending the alphabet to use multi-letters. Backport of 41fc1c0b5eac156e200a10233c7c9210a1c0fed8 from master
2014-12-31[1.7.x] Renamed variables to avoid name collision with import of ↵Russell Keith-Magee
django.db.models. Backport of 013c2d8d02e679c969255d9b11214d020dd34418 from master
2014-12-30[1.7.x] Revert "Updated some docs for the delayed deprecation of legacy ↵Tim Graham
table creation; refs #22340." The deprecation was moved back to 1.9 in 61da5f3f02f34810aaa6fcddac3808318a5b95c4. Backport of d7fc6eb8ca67a6a628e8c7ce669731cf563606e7 from master
2014-12-30[1.7.x] Added test for an intermediate swappable model change in migration ↵Markus Holtermann
state. refs #22563 Backport of fca866763acb6b3414c20ca3772b94cb5d111733 from master
2014-12-30[1.7.x] Fixed #23581 -- Prevented extraneous DROP DEFAULT statements.Tim Graham
Thanks john_scott for the report and Markus Holtermann for review. Backport of ab4f709da4516672b0bd811f2b4d0c4ba9f5b636 from master
2014-12-29Revert "[1.7.x] Fixed #23938 -- Added migration support for m2m to concrete ↵Tim Graham
fields and vice versa" This reverts commit 1702bc52cc20ed0729893177fc8f4391b4b3183c. This doesn't work on stable/1.7.x because #23844 wasn't backported and we're not willing to do so because it's a large change.
2014-12-29[1.7.x] Fixed #23938 -- Added migration support for m2m to concrete fields ↵Markus Holtermann
and vice versa Thanks to Michael D. Hoyle for the report and Tim Graham for the review. Backport of 623ccdd598625591d1a12fc1564cf3ef9a87581f from master
2014-12-27[1.7.x] Fixed #24056 -- Fixed syntax highlighting in topics/testing/tools.txt.Tim Graham
Backport of 3d0c3a0482496fc1914a40ec3c3eb70e67f0d643 from master
2014-12-27[1.7.x] Fixed #23831 -- Supported strings escaped by third-party libs in Django.Aymeric Augustin
Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter |escape accounts for __html__() when it's available. |force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. Backport of 6d52f6f from master.
2014-12-27[1.7.x] Fixed an inconsistency introduced in 547b1810.Aymeric Augustin
mark_safe and mark_for_escaping should have been kept similar. On Python 2 this change has no effect. On Python 3 it fixes the use case shown in the regression test for mark_for_escaping, which used to raise a TypeError. The regression test for mark_safe is just for completeness. Backport of 5c5eb5fe from master.
2014-12-27[1.7.x] Fixed #24000 -- Corrected contrib.sites default site creation in a ↵Tim Graham
multiple database setup. Backport of 89e2c60f4396241c667b7a1de37765b7c96d702f from master
2014-12-27[1.7.x] Fixed #23929 -- Added more tests for create_default_site.wrwrwr
Backport of 1f98ec2e53e4636863396ab54f671f4546f9ba4c from master
2014-12-27[1.7.x] Fixed #24051 -- Made schema infrastructure honor tablespacesClaude Paroz
Partial backport of 30cbd5d36. Thanks Douglas J. Reynolds for the report and initial patch.
2014-12-26[1.7.x] Clarified custom header instructions in tutorial 2.Collin Anderson
Backport of 0821b3d53ccd575de92ed679d173d779e1ad5acd from master
2014-12-26[1.7.x] Fixed #24054 -- Enabled sqlsequencereset for apps with migrations.Tim Graham
Backport of c2e419c26781b88f2b34b445f450b735267155b0 from master
2014-12-24[1.7.x] Fixed #24041 -- Documented effect of changing a model instance's ↵Helen Sherwood-Taylor
primary key. Backport of 4ccdf6e57f49d7e981dcd88c1db65229b8b92487 from master
2014-12-23[1.7.x] Fixed #24035 -- Clarified docs on CACHE_MIDDLEWARE_KEY_PREFIX vs ↵Frankie Robertson
KEY_PREFIX Backport of 446b50b90e9e60760618b236d8b0ea75a3b19d5a from master
2014-12-23[1.7.x] Fixed #24037 -- Prevented data loss possibility when changing ↵Tim Graham
Meta.managed. The migrations autodetector now issues AlterModelOptions operations for Meta.managed changes instead of DeleteModel + CreateModel. Thanks iambibhas for the report and Simon and Markus for review. Backport of 061caa5b386681dc7bdef16918873043224a299c from master
2014-12-22[1.7.x] Fixed #23525 -- Fixed admindocs crash on apps installed as eggs.Tim Graham
Thanks welbornprod for report and initial patch. Backport of 01ab84c61330ffa5ac87c637249611c5e5343e57 from master
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 20:53:50 +0000