Hopiu/django
1
0
Fork 0
mirror of https://github.com/Hopiu/django.git synced 2026-05-05 06:04:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
31610 commits 1 branch 0 tags 216 MiB
Commit graph

13258 commits

Author SHA1 Message Date
Markus Holtermann
85ac33591c Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. 
Thanks to Jakob Ackermann for the report.
 2023-02-14 08:18:40 +01:00
Sarah Boyce
1eb94bc8da
Fixed #29994 -- Added warning about performance of FileBasedCache with a large number of files. 
Co-authored-by: sheenarbw <699166+sheenarbw@users.noreply.github.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2023-02-13 21:09:19 +01:00
Sota Tabu
3e9d413231 Fixed #34318 -- Added release note for 4bfe8c0eec. 2023-02-13 11:59:11 +01:00
Paolo Melchiorre
69352d85fa
Fixed #33213 -- Doc'd testing code coverage in parallel and used it. 2023-02-11 09:43:26 +01:00
Carlton Gibson
534ac48297 Refs #34140 -- Applied rst code-block to non-Python examples. 
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
 2023-02-10 19:19:13 +01:00
dennisvang
7bb741d787 Fixed #34325 -- Corrected wording in PercentRank() docs. 
This is consistent with the terminology used for the percent_rank()
function in SQLite docs and PostgreSQL docs.
 2023-02-10 14:07:48 +01:00
p0lygun
358792486e Fixed #34324 -- Mentioned Discord server in contributing index. 2023-02-10 05:55:45 +01:00
Willem Van Onsem
292aacaf6c Fixed #34311 -- Updated serialization docs from unique_together to UniqueConstraint. 2023-02-09 05:28:03 +01:00
Jacob Rief
473283d241
Fixed #34303 –- Allowed customizing admin site log entry list. 
Added AdminSite.get_log_entries() as an override point and made this
available to the template via each_context().
 2023-02-08 18:37:32 +01:00
Carlton Gibson
1964e4367f
Added missing vars to AdminSite.each_context() docs. 2023-02-08 17:59:56 +01:00
Mariusz Felisiak
2fd755b361
Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e.
 2023-02-08 16:38:55 +01:00
Carlton Gibson
1df7814e4b
Refs #34146 -- Fixed typos in tutorial. (#16530) 
- Fixed formatting on index page.
- Removed duplicate What's next section.

Thanks to Tim Graham for the report.
 2023-02-07 20:19:58 +01:00
Tim Schilling
7715c9fef5
Fixed #34146 -- Added 3rd-party lib tutorial step. 
Added a tutorial step that highlights Django Debug Toolbar, on of the
most common third party packages. It also added a mention of
djangopackages.com as a place to search for other libraries and a
link to Adam Johnson’s post on evaluating whether a package is
well-maintained.

Third-party packages are one of Django’s strengths. This should give
folks a sound route in.
 2023-02-07 15:26:37 +01:00
Bakdolot
5f3c7b7e1d
Fixed #34317 -- Renamed "instance" argument of BaseModelFormSet.save_existing() method. 2023-02-07 14:18:58 +01:00
Carlton Gibson
fb77be9ae1 Fixed typo in release notes. 2023-02-07 10:11:01 +01:00
Carlton Gibson
7e003428f9 Added stub release notes for 4.0.10 and 3.2.18. 
Set date for 4.1.7 release.
 2023-02-07 10:08:21 +01:00
Marcelo Galigniana
7c6195ef81
Fixed #34310 -- Added deletion example to one-to-one topic. 2023-02-07 08:04:23 +01:00
Mariusz Felisiak
5e9aded33f
Increased the default PBKDF2 iterations for Django 5.0. 
Follow up to 9a1848f48c1f7f627a52b2063a8a8428e77765d6.
 2023-02-04 13:37:44 +01:00
Mariusz Felisiak
f3c89744cc Added stub release notes for 4.1.7. 2023-02-01 13:18:34 +01:00
Mariusz Felisiak
36e3eef7d5 Added CVE-2023-23969 to security archive. 2023-02-01 12:09:03 +01:00
Nick Pope
8c660fb592 Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:44:04 +01:00
Durval Carvalho
40217d1a82 Fixed #34180 -- Added note about resetting language in test tear-downs. 
Co-authored-by: Faris Naimi <farisfaris66@gmail.com>
 2023-01-31 06:35:30 +01:00
fschwebel
0265b1b49b
Fixed typo in docs/topics/auth/passwords.txt. 
Wrapped hashing is only possible if the inner wrapped function is the
same as the previous hasher.
 2023-01-30 08:31:39 +01:00
Mariusz Felisiak
2b1242abb3
Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e.
 2023-01-26 09:31:40 +01:00
Mariusz Felisiak
882f99031e
Moved release note about the default PBKDF2 iterations into django.contrib.auth section. 
Thanks Tim Graham for the report.
 2023-01-25 22:25:29 +01:00
Carlton Gibson
d8e1442ce2 Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 12:26:00 +01:00
Carlton Gibson
1df963ad24 Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 2023-01-25 11:57:04 +01:00
noFFENSE
5cd1385356 Fixed #34242 -- Doc'd that primary key is set to None when deleting objects. 2023-01-20 09:36:36 +01:00
Niccolò Mineo
79c298c9ce Fixed #34266 -- Added ClosestPoint GIS database functions. 2023-01-20 08:13:43 +01:00
Mariusz Felisiak
23e8868862
Refs #34233 -- Used str.removeprefix()/removesuffix(). 2023-01-18 19:11:18 +01:00
Mariusz Felisiak
b209518089
Refs #32339 -- Deprecated transitional form renderers. 2023-01-18 11:08:39 +01:00
Mariusz Felisiak
3bbe22dafc
Fixed #34233 -- Dropped support for Python 3.8 and 3.9. 2023-01-18 09:46:01 +01:00
John Whitlock
d547171183
Fixed typo in docs/releases/4.2.txt. 2023-01-17 19:27:51 +01:00
Mariusz Felisiak
2785e121c7
Doc'd that 4.2 is LTS. 2023-01-17 19:24:31 +01:00
Mariusz Felisiak
a209f66259
Removed remaining empty sections from 4.2 release notes. 
Follow up to 772cd2b15b.
 2023-01-17 14:05:32 +01:00
Sébastien Corbin
e2964fed17
Fixed #34264 -- Moved release note about session cookies into error reporting section. 2023-01-17 13:08:42 +01:00
Mariusz Felisiak
4fc711a108 Increased the default PBKDF2 iterations for Django 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
f39f120302 Advanced deprecation warnings for Django 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
94ad46e9d8 Refs #33543 -- Made Expression.asc()/desc() and OrderBy raise ValueError when nulls_first/nulls_last=False is passed. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
98756c685e Refs #32339 -- Changed default form and formset rendering style to div-based. 
Per deprecation timeline.

This also removes "django/forms/default.html" and
"django/forms/formsets/default.html" templates.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
b5ac6e78f8 Refs #33691 -- Removed django.contrib.auth.hashers.CryptPasswordHasher per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ce7b4f39e3 Refs #27674 -- Removed django.contrib.gis.admin.OpenLayersWidget per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
71d1203b07 Refs #33348 -- Removed support for passing response object and form/formset name to SimpleTestCase.assertFormError()/assertFormSetError(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
d6816bff73 Refs #32365 -- Removed django.utils.timezone.utc per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
9a01311d20 Refs #15619 -- Removed support for logging out via GET requests. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ba082e0952 Refs #33561 -- Made created=True required in signature of RemoteUserBackend.configure_user() subclasses. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4d78d7338c Refs #31486 -- Removed ability to pass unsaved model instances to related filters. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
1391356276 Refs #29984 -- Made QuerySet.iterator() without chunk_size raise ValueError after prefetch_related(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
b119f4329c Refs #29708 -- Removed PickleSerializer per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
23c8787439 Refs #33348 -- Removed support for passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
23ec318988 Refs #33342 -- Removed ExclusionConstraint.opclasses per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
5c10041f46 Refs #30127 -- Removed name argument for django.utils.functional.cached_property(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
e01970e9d2 Refs #32800 -- Removed CSRF_COOKIE_MASKED transitional setting per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
daf88e778b Refs #25916 -- Removed SitemapIndexItem.__str__() per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
31878b4d73 Refs #31026 -- Removed ability to return string when rendering ErrorDict/ErrorList. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
182d25eb7a Refs #31026 -- Removed BaseForm._html_output() per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4982958ec0 Refs #27674 -- Removed GeoModelAdmin and OSMGeoAdmin per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
2fad163257 Refs #32365 -- Removed is_dst argument for various methods and functions. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
e6f82438d4 Refs #32365 -- Removed support for pytz timezones per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
8d98f99a4a Refs #32873 -- Removed settings.USE_L10N per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
0be8095b25 Refs #10929 -- Stopped forcing empty result value by PostgreSQL aggregates. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
43b01300b7 Refs #32655 -- Removed extra_tests argument for DiscoverRunner.build_suite()/run_tests(). 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4eb97a90f0 Refs #32375 -- Changed default sitemap protocol to https. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
602d9a312f Refs #32379 -- Changed default USE_TZ to True. 
Per deprecation timeline.
 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
4aa0689080 Refs #32738 -- Removed django.utils.datetime_safe module per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ef46f3778a Refs #32712 -- Removed django.utils.baseconv module per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
6c0539ed7c Refs #32446 -- Removed SERIALIZE test database setting per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
490cccbe7e Removed versionadded/changed annotations for 4.1. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
ea92a4dc28 Added stub release notes for 5.0. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
d18d6d0d78 Bumped version; master is now 5.0 pre-alpha. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
9409312eef Updated man page for Django 4.2 alpha. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
e734cccea0 Made cosmetic edits to docs/releases/4.2.txt. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
772cd2b15b Removed empty sections from 4.2 release notes. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
0e2649fdf4 Fixed #34255 -- Made PostgreSQL backend use client-side parameters binding with psycopg version 3. 
Thanks Guillaume Andreu Sabater for the report.

Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
 2023-01-17 08:24:08 +01:00
Mariusz Felisiak
c8a76059ff Refs #34255 -- Bumped required psycopg version to 3.1.8. 2023-01-17 08:24:08 +01:00
sarahboyce
0fbdb9784d Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase. 
Co-authored-by: Christian Bundy <me@christianbundy.com>
 2023-01-16 09:31:34 +01:00
Steven
4b7016866a Fixed "nulls characters" typo in docs. 2023-01-16 07:54:00 +01:00
Leo
5da5f3773e Fixed #34234 -- Dropped support for PROJ 4. 2023-01-13 12:31:41 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Jarosław Wygoda
1ec3f0961f Fixed #26029 -- Allowed configuring custom file storage backends. 2023-01-12 06:20:57 +01:00
Mariusz Felisiak
d4b4c1cae4
Corrected used JS libraries in GIS widget docs. 
Follow up to 1833eb3f3e.
 2023-01-10 14:25:44 +01:00
Mariusz Felisiak
552384fa97
Refs #31014 -- Added FromWKB and FromWKT GIS database functions. 
Co-authored-by: Ondřej Böhm <ondrej.bohm@firma.seznam.cz>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
 2023-01-10 11:51:09 +01:00
Francesco Panico
72efd840a8 Fixed #34110 -- Added in-memory file storage. 
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
 2023-01-10 10:56:59 +01:00
Nick Pope
b47f2f5b90 Fixed #33865 -- Optimized LimitedStream wrapper. 
The current implementation of LimitedStream is slow because .read()
performs an extra copy into a buffer and .readline() performs two
extra copies. The stream being wrapped is already typically a BytesIO
object so this is unnecessary.

This implementation has largely been untouched for 12 years and,
inspired by a simpler implementation in werkzeug, it was possible to
achieve the following performance improvement:

LimitedStream.read() (single line):
  Mean +- std dev: [bench_limitedstream-main] 286 ns +- 6 ns
  -> [bench_limitedstream-patch] 227 ns +- 6 ns: 1.26x faster
LimitedStream.readline() (single line):
  Mean +- std dev: [bench_limitedstream-main] 507 ns +- 11 ns
  -> [bench_limitedstream-patch] 232 ns +- 8 ns: 2.18x faster
LimitedStream.read(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 360 ns +- 8 ns
  -> [bench_limitedstream-patch] 297 ns +- 6 ns: 1.21x faster
LimitedStream.readline(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 602 ns +- 10 ns
  -> [bench_limitedstream-patch] 305 ns +- 10 ns: 1.98x faster
LimitedStream.read() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 290 ns +- 5 ns
  -> [bench_limitedstream-patch] 236 ns +- 6 ns: 1.23x faster
LimitedStream.readline() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 517 ns +- 19 ns
  -> [bench_limitedstream-patch] 239 ns +- 7 ns: 2.16x faster
LimitedStream.read(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 363 ns +- 8 ns
  -> [bench_limitedstream-patch] 311 ns +- 11 ns: 1.17x faster
LimitedStream.readline(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 601 ns +- 12 ns
  -> [bench_limitedstream-patch] 308 ns +- 7 ns: 1.95x faster

Geometric mean: 1.59x faster
 2023-01-05 19:26:56 +01:00
Mariusz Felisiak
63d1cb0092
Refs #32355 -- Bumped minimum supported versions of 3rd-party packages. 
This bumps minimum supported versions of 3rd-party packages to the first
releases to support Python 3.8.
 2023-01-05 18:09:33 +01:00
Mariusz Felisiak
7d9329935a
Refs #32355 -- Bumped mysqlclient requirement to >= 1.4.3. 
mysqlclient 1.4.3 is the first release to support Python 3.8.
 2023-01-05 16:34:14 +01:00
Raj Desai
d2310f6473 Fixed #34232 -- Fixed typo in docs/intro/tutorial07.txt. 2023-01-04 13:26:34 +01:00
Mariusz Felisiak
5cf9ff970e
Fixed #33961 -- Updated admin's jQuery to 3.6.3. 2023-01-04 11:28:09 +01:00
David Wobrock
99bd5fb4c2 Refs #34074 -- Used headers argument for RequestFactory and Client in docs and tests. 2023-01-04 09:11:36 +01:00
Mike Crute
0b78ac3fc7 Fixed #34200 -- Made the session role configurable on PostgreSQL. 2023-01-03 09:30:53 +01:00
Claude Paroz
2a14b8df39 Fixed #33783 -- Added IsEmpty GIS database function and __isempty lookup on PostGIS. 2023-01-03 05:47:44 +01:00
Florian Apolloner
afa2e28205 Fixed #34235 -- Added ManifestFilesMixin.manifest_hash attribute. 
This adds ManifestFilesMixin.manifest_hash attribute exposing a "hash"
of the full manifest. This allows applications to determine when their
static files have changed.
 2023-01-02 09:53:52 +01:00
Mariusz Felisiak
75500feecd Added stub release notes for 4.1.6. 2023-01-02 08:50:33 +01:00
Mariusz Felisiak
174d8157b5 Added release date for 4.1.5. 2023-01-02 08:10:59 +01:00
Mariusz Felisiak
ecbb5db65d
Fixed #34208 -- Confirmed support for GDAL 3.6. 2022-12-29 11:35:41 +01:00
Paul Schilling
298d02a77a Fixed #25617 -- Added case-insensitive unique username validation in UserCreationForm. 
Co-Authored-By: Neven Mundar <nmundar@gmail.com>
 2022-12-29 09:42:22 +01:00
Claude Paroz
1833eb3f3e
Upgraded OpenLayers to v.7.2.2. 2022-12-29 08:30:30 +01:00
Mariusz Felisiak
279967ec85
Disabled auto-created table of contents entries on Sphinx 5.2+. 
Auto-created table of contents entries for all domain objects (e.g.
functions, classes, attributes, etc.) were added in Sphinx 5.2, see
https://github.com/sphinx-doc/sphinx/issues/6316.

An option to control new table of contents entries was added in Sphinx
5.2.3, see https://github.com/sphinx-doc/sphinx/pull/10886.
 2022-12-29 06:07:51 +01:00
Adrian Torres
7eee1dca42 Fixed #14094 -- Added support for unlimited CharField on PostgreSQL. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-12-28 12:31:04 +01:00
kimsoungryoul
78f163a4fb Fixed #18468 -- Added support for comments on columns and tables. 
Thanks Jared Chung, Tom Carrick, David Smith, Nick Pope, and Mariusz
Felisiak for reviews.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2022-12-28 06:28:07 +01:00