summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-11[4.0.x] Bumped version for 4.0.4 release.4.0.4Mariusz Felisiak
2022-04-11[4.0.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) ↵Mariusz Felisiak
against SQL injection on PostgreSQL. Backport of 6723a26e59b0b5429a0c5873941e01a2e1bdbb81 from main.
2022-04-11[4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), ↵Mariusz Felisiak
and extra() against SQL injection in column aliases. Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main.
2022-04-11[4.0.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ↵Manel Clos
check for template changes. Regression in 68357b2ca9e88c40fc00d848799813241be39129. Backport of 62739b6e2630e37faa68a86a59fad135cc788cd7 from main.
2022-04-04[4.0.x] Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28.Mariusz Felisiak
Backport of 78277faafd38d8360efc1fd0c9c52d7bb5eec002 from main
2022-03-31[4.0.x] Fixed #32129 -- Adjusted the docs for session expiry helpers.sarahboyce
Updated the docs for `get_session_cookie_age`, `get_expiry_age`, and `get_expiry_date` to clarify their intended usage by session backends when saving the session. Backport of ae506181f7fb9d9e74f4935686540bef29b60255 from main
2022-03-30[4.0.x] Fixed #33598 -- Reverted "Removed unnecessary ↵Mariusz Felisiak
reuse_with_filtered_relation argument from Query methods." Thanks lind-marcus for the report. This reverts commit 0c71e0f9cfa714a22297ad31dd5613ee548db379. Regression in 0c71e0f9cfa714a22297ad31dd5613ee548db379. Backport of fac662f4798f7e4e0ed9be6b4fb4a87a80810a68 from main
2022-03-29[4.0.x] Updated Oracle docs links to Oracle 21c.Mariusz Felisiak
Backport of 83c803f161044fbfbfcd9a0c94ca93dc131be662 from main
2022-03-29[4.0.x] Updated various links to HTTPS and new locations.Mariusz Felisiak
Backport of 010a9d8a4f45252b908337988690c3fad138e334 from main
2022-03-28[4.0.x] Corrected models.FileField signature in docs.Sih Sîng-hông薛丞宏
Backport of d4bf3b4c75c0e1229062ad4c937725931f699fb7 from main
2022-03-26[4.0.x] Reverted "Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+."Mariusz Felisiak
This reverts commit 1d9d082acf6e152c06833bb9698f88d688b95e40. Backport of abfdb4d7f384fb06ed9b7ca37b548542df7b5dda from main
2022-03-25[4.0.x] Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+.Mariusz Felisiak
See https://github.com/pallets/jinja/pull/1621. Backport of 1d9d082acf6e152c06833bb9698f88d688b95e40 from main
2022-03-22[4.0.x] Fixed #33544 -- Expanded the TEMPLATES section of the Deployment ↵Samuel Hartmann
checklist. Clarified that the cached template loader is enabled by default when DEBUG = False. Backport of 5cc9464e4d8fe2762e462560665fd1f28104bbca from main
2022-03-22[4.0.x] Fixed #33585 -- Made example git repo URLs use HTTPS protocol.Carlton Gibson
The SSH-based checkout requires additional configuration, which is beneficial to defer for new contributors. Follow up to 3c6a4fdb6d828a03e368632d88f8261cc30104da. This commit updates the remaining examples. Backport of 9fed515a251d488172feb1652bb5179344364fb3 from main
2022-03-22[4.0.x] Refs #31676 -- Used term "merger" instead of "committer" in docs.Mariusz Felisiak
Follow up to caa2dd08c4722c8702588f5dfe1fa4c506aa66fc. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Backport of 653daaa60cf4de7071136541169285ed3d71974d from main
2022-03-19[4.0.x] Renamed Jenkins wiki page to CI.Mariusz Felisiak
Jenkins is no longer the only CI tool. Backport of b07ee98b27e58992fdc10fec0ec67e68ae1d272d from main
2022-03-17[4.0.x] Added missing backticks to function names.Mariusz Felisiak
Backport of 39ae8d740e30c18e46873cf82aff76588f1974c7 from main
2022-03-17[4.0.x] Corrected CSRF reference in middleware docs.tommcn
Backport of 8e633906403853868bcd7df62ba30a86151a944d from main
2022-03-14[4.0.x] Corrected AppConfig.get_models() signature in docs.David Sanders
Backport of 7c56fc8e91ef34d81cba16eaaa610575667dd2a7 from main
2022-03-01[4.0.x] Added stub release notes for Django 4.0.4.Carlton Gibson
Backport of 9652a118ce8c1cbe1f7cf7a4423adb7c5c50757d from main
2022-03-01[4.0.x] Post-release version bump.Carlton Gibson
2022-03-01[4.0.x] Bumped version for 4.0.3 release.4.0.3Carlton Gibson
2022-03-01[4.0.x] Updated release date for version 4.0.3.Carlton Gibson
Backport of 47143e27d4402b62068bf9eb84aa6dd93d3d4678 from main
2022-03-01[4.0.x] Fixed #33547 -- Fixed error when rendering invalid inlines with ↵Mariusz Felisiak
readonly fields in admin. Regression in de95c826673be9ea519acc86fd898631d1a11356. Thanks David Glenck for the report. Backport of 445b075def2c037b971518963b70ce13df5e88a2 from main
2022-02-21[4.0.x] Refs #33476 -- Mentioned black in docs about pre-commit checks.Vaarun Sinha
Backport of fe3518d25edd69b782339729080b0295a8a33952 from main
2022-02-21[4.0.x] Fixed #33530 -- Fixed typo in docs/ref/templates/builtins.txt.Andrey Otto
Backport of f70a875cc05c46b3bfcc1637356081f0c5782bea from main
2022-02-18[4.0.x] Fixed typo in docs/topics/i18n/translation.txt.Philipp Bosch
Backport of 737542390af27616d93f86cd418e2d7f3e874b27 from main
2022-02-16[4.0.x] Fixed #33515 -- Prevented recreation of migration for ↵Mariusz Felisiak
ManyToManyField to lowercased swappable setting. Thanks Chris Lee for the report. Regression in 43289707809c814a70f0db38ca4f82f35f43dbfd. Refs #23916. Backport of 1e2e1be02bdf0fe4add0d0279dbca1d74ae28ad7 from main
2022-02-12[4.0.x] Refs #32074 -- Recommended aiosmtpd for minimal SMTP server.Claude Paroz
Follow up to 569a33579c3cca5f801c544d9b52a34e3c779424. Backport of 5d13cc540e29eedafe695338d8ec9ec500185ccd from main
2022-02-09[4.0.x] Refs #33476 -- Ignored formatting changes in git blame.Mariusz Felisiak
2022-02-08[4.0.x] Refs #33476 -- Refactored code to strictly match 88 characters line ↵Mariusz Felisiak
length. Backport of 7119f40c9881666b6f9b5cf7df09ee1d21cc8344 from main.
2022-02-08[4.0.x] Refs #33476 -- Reformatted code with Black.django-bot
Backport of 9c19aff7c7561e3a82978a272ecdaad40dda5c00 from main.
2022-02-08[4.0.x] Refs #33476 -- Changed quotation marks in ↵Mariusz Felisiak
DebugViewTests.test_template_exceptions(). This prevents a failure after reformatting the code with Black. Backport of f68fa8b45dfac545cfc4111d4e52804c86db68d3 from main
2022-02-08[4.0.x] Refs #33476 -- Added GitHub action to run black linter.Carlton Gibson
Backport of cf5e61cf6c721121abf7347baff3d41a0ad3c23e from main
2022-02-08[4.0.x] Refs #33476 -- Adjusted docs and config files for Black.Carlton Gibson
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> Backport of ba94488196a74e312177ef2621fbd427956836ef from main
2022-02-08[4.0.x] Fixed #32518 -- Doc'd that QuerySet.contains() should not be overused.John Hollingsworth
Thanks Tim McCurrach for the idea. Backport of d70b4bea18c96e518ce14dca96085e9265e8ebb6 from main
2022-02-05[4.0.x] Refs #32243 -- Fixed typo in docs/topics/files.txt.Grace Hawkins
Backport of 25514b604a64686ba603bf10a8a63390dc38b79d from main
2022-02-03[4.0.x] Refs #33476 -- Refactored problematic code before reformatting by Black.Mariusz Felisiak
In these cases Black produces unexpected results, e.g. def make_random_password( self, length=10, allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789', ): or cursor.execute(""" SELECT ... """, [table name], ) Backport of c5cd8783825b5f6384417dac5f3889b4210b7d08 from main.
2022-02-03[4.0.x] Fixed #32243 -- Added docs examples for manually saving Files.Joshua Massover
Backport of c9d6e3595cfd0aa58cde1656bd735ecfcd7a872b from main
2022-02-03[4.0.x] Improved example of using a custom queryset in Model formsets docs.Mike Lissner
Backport of e459b0f5a0b2bfbc2ac45b3e7f21047ec9e4f345 from main
2022-02-02[4.0.x] Added Redis to warning about using cached sessions in docs.Theofilos Alexiou
Backport of 3ba60951fcbc8fca3e71d3b78083b100491fa7f9 from main
2022-02-02[4.0.x] Fixed typo in release notes.David Smith
Backport of 770d3e6a4ce8e0a91a9e27156036c1985e74d4a3 from main
2022-02-01[4.0.x] Refs #33476 -- Used vertical hanging indentation for format lists ↵Mariusz Felisiak
with inline comments. Lists with multiple values and comments per-line are reformatted by Black to multiple lines with a single comment. For example: DATE_INPUT_FORMATS = "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06' ] is reformatted to the: DATE_INPUT_FORMATS = "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06' ] This reformats affected entries to multiple lines with corresponding comments. Backport of ca88caa1031c0de545d82de8d90dcae0e03651fb from main
2022-02-01[4.0.x] Added stub release notes for 4.0.3.Mariusz Felisiak
Backport of ba4a6880d1783190de4081bd456d934beb45cb19 from main
2022-02-01[4.0.x] Added CVE-2022-22818 and CVE-2022-23833 to security archive.Mariusz Felisiak
Backport of 9e0df0d6dde441dbbad2b548d777e0a01d633286 from main
2022-02-01[4.0.x] Post-release version bump.Mariusz Felisiak
2022-02-01[4.0.x] Bumped version for 4.0.2 release.4.0.2Mariusz Felisiak
2022-02-01[4.0.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.Mariusz Felisiak
Thanks Alan Ryan for the report and initial patch. Backport of fc18f36c4ab94399366ca2f2007b3692559a6f23 from main.
2022-02-01[4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.Markus Holtermann
Thanks Keryn Knight for the report. Backport of 394517f07886495efcf79f95c7ee402a9437bd68 from main. Co-authored-by: Adam Johnson <me@adamj.eu>
2022-02-01[4.0.x] Fixed #33480 -- Fixed makemigrations crash when renaming field of ↵Kirill Safronov
renamed model. Regression in aa4acc164d1247c0de515c959f7b09648b57dc42. Backport of 97a72744681d0993b50dee952cf32cdf9650ad9f from main
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 20:53:37 +0000