django.git - django

Age	Commit message (Collapse)	Author
2018-02-27	[1.11.x] Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize ↵	Tim Graham
	and urlizetrunc template filters. Thanks Florian Apolloner for assisting with the patch.
2017-03-04	[1.11.x] Fixed #27900 -- Made escapejs escape backticks for use in ES6 ↵	Tim Graham
	template literals. Backport of 6ae1b04fb584db0fdb22b8e287784c4ed3ac62ac from master
2016-11-10	Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.	za

2015-12-12	Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().	Iacopo Spalletti
	Thanks to bmispelon and uruz for the initial patch.
2015-09-23	Refs #23269 -- Removed the removetags template tag and related functions per ↵	Tim Graham
	deprecation timeline.
2015-09-12	Fixed #23395 -- Limited line lengths to 119 characters.	Dražen Odobašić

2015-06-24	Renamed RemovedInDjangoXYWarnings for new roadmap.	Tim Graham
	Forwardport of ae1d663b7913f6da233c55409c4973248372d302 from stable/1.8.x plus more.
2015-03-27	Fixed #24469 -- Refined escaping of Django's form elements in non-Django ↵	Moritz Sichert
	templates.
2015-03-18	Fixed an infinite loop possibility in strip_tags().	Tim Graham
	This is a security fix; disclosure to follow shortly.
2015-02-06	Sorted imports with isort; refs #23860.	Tim Graham

2014-12-30	Applied ignore_warnings to Django tests	Claude Paroz

2014-12-03	Removed redundant numbered parameters from str.format().	Berker Peksag
	Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-09-09	Fixed urlize after smart_urlquote rewrite	Claude Paroz
	Refs #22267.
2014-09-09	Fixed #22267 -- Fixed unquote/quote in smart_urlquote	Claude Paroz
	Thanks Md. Enzam Hossain for the report and initial patch, and Tim Graham for the review.
2014-08-15	Fixed #23269 -- Deprecated django.utils.remove_tags() and removetags filter.	Tim Graham
	Also the unused, undocumented django.utils.html.strip_entities() function.
2014-03-22	Tweaked strip_tags tests to pass on Python 3.3	Claude Paroz

2014-03-22	Improved strip_tags and clarified documentation	Claude Paroz
	The fact that strip_tags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/
2014-03-21	Removed fix_ampersands template filter per deprecation timeline.	Tim Graham
	Also removed related utility functions: * django.utils.html.fix_ampersands * django.utils.html.clean_html
2014-03-08	Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings	Claude Paroz
	Thanks Anssi Kääriäinen for the idea and Simon Charette for the review.
2014-03-01	Fixed #22130 -- Deprecated fix_ampersands, removed utils.clean_html()	Erik Romijn

2013-10-26	Fix all violators of E231	Alex Gaynor

2013-10-18	Fixed #21287 -- Fixed E123 pep8 warnings	Alasdair Nicol

2013-10-15	Fixed #7261 -- support for __html__ for library interoperability	Unai Zalakain
	The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches.
2013-07-28	Simplified smart_urlquote and added some basic tests.	Florian Apolloner

2013-07-01	Stopped using django.utils.unittest in the test suite.	Aymeric Augustin
	Refs #20680.
2013-05-23	Fixed #19237 (again) - Made strip_tags consistent between Python versions	Claude Paroz

2013-05-22	Fixed #19237 -- Used HTML parser to strip tags	Claude Paroz
	The regex method used until now for the strip_tags utility is fast, but subject to flaws and security issues. Consensus and good practice lead use to use a slower but safer method.
2013-04-12	Modified utils_tests for unittest2 discovery.	Preston Timmons