Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
24,408 Commits 26 Branches 382 Tags
Commit Graph

21 Commits

Author SHA1 Message Date
Simon Charette
fd393907c9 [1.11.x] Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation. 
This was a regression introduced by 7deeabc7c7526786df6894429ce89a9c4b614086
to address CVE-2019-14234.

Thanks Tim Kleinschmidt for the report and Mariusz for the tests.

Backport of 6c3dfba89215fc56fc27ef61829a6fff88be4abb from master.
 2019-09-16 09:05:48 +02:00
Mariusz Felisiak
473c526b1b [1.11.x] Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params. 
Regression in 4f5b58f5cd3c57fee9972ab074f8dc6895d8f387.

Thanks Florian Apolloner for the report and helping with tests.

Backport of 1f8382d34d54061eddc41df6994e20ee38c60907 from master.
 2019-08-14 15:58:10 +02:00
Mariusz Felisiak
ed682a24fc [1.11.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection. 
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
 2019-07-31 21:29:17 +02:00
David Hoffman
bf84d042e0 Fixed #27582 -- Allowed HStoreField to store null values. 2016-12-15 10:35:44 -05:00
Claude Paroz
283b468462 Fixed #25454 -- Ensured register_hstore_handler is called for all connections 
Thanks Simon Charette for help with the patch.
 2016-07-21 17:54:54 +02:00
Jon Dufresne
4f336f6652 Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-16 14:19:18 -04:00
Brad Melin
f6517a5335 Fixed #26672 -- Fixed HStoreField to raise ValidationError instead of crashing on non-dict JSON input. 2016-06-02 16:28:01 -04:00
Claude Paroz
928c12eb1a Fixed #26215 -- Fixed RangeField/ArrayField serialization with None values 
Also added tests for HStoreField and JSONField.
Thanks Aleksey Bukin for the report and Tim Graham for the initial patch and
the review.
 2016-02-16 21:07:05 +01:00
Greg Chapple
8dea9f089d Fixed #26120 -- Made HStoreField cast keys and values to strings. 
HStoreField now converts all keys and values to string before they're
saved to the database.
 2016-01-29 09:51:23 -05:00
Ian Foote
86eccdc8b6 Fixed #25544 -- Removed duplicate ids in prefetch_related() queries. 2015-12-17 19:08:30 -05:00
Tim Graham
a7b7f27c05 Fixed #25233 -- Fixed HStoreField.has_changed() handling of initial values. 
Thanks Simon Charette for review.
 2015-08-07 13:26:17 -04:00
Curtis Maloney
9f73009e98 Fixed #25215 -- Solved reference to forms.HStoreField in declaration of HStoreField 
Correct test which was using the model field in a test form.
 2015-08-04 19:15:22 +10:00
Andriy Sokolovskiy
2a7c59cd88 Added missing tests for transforms usage with subquery for PostgreSQL fields 2015-06-06 09:04:53 -04:00
Marc Tamlyn
00e8e514e1 Name PostgreSQL correctly. 2015-05-30 23:10:30 +01:00
Marc Tamlyn
74fe4428e5 Add HasAnyKeys lookup for HStoreField. 2015-05-30 21:39:45 +01:00
Florian Apolloner
6128005d90 Fixed forms import. 2015-05-24 17:52:35 +02:00
Andrea Grandi
43b2d88a5b Fixed #24844 -- Corrected has_changed implementation for HStoreField. 2015-05-24 17:32:16 +02:00
Tim Graham
3c8fe5dddf Fixed #24751 -- Fixed HStoreField isnull lookup. 2015-05-13 10:31:59 -04:00
Claude Paroz
36e90d1f45 Stopped special-casing postgres-specific tests 
Refs #23879.
 2015-04-18 15:17:49 +02:00
Tim Graham
8b39f33d78 Fixed #24290 -- Skipped postgres_tests if not running with PostgreSQL. 2015-02-17 06:34:13 -05:00
Marc Tamlyn
36f514f065 Added HStoreField. 
Thanks to `django-hstore` for inspiration in some areas, and many people
for reviews.
 2014-11-04 09:26:40 +00:00