Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
31,014 Commits 26 Branches 382 Tags
Commit Graph

31014 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mariusz Felisiak
44f6bb5652 [4.1.x] Added CVE-2023-36053 to security archive. 
Backport of 1d6fbf16f24200a556beb6dd197439944deb6837 from main
 2023-07-03 10:31:12 +02:00
Mariusz Felisiak
ba584f69fd [4.1.x] Post-release version bump. 2023-07-03 08:31:07 +02:00
Mariusz Felisiak
f9a14b8f06 [4.1.x] Bumped version for 4.1.10 release. 4.1.10 2023-07-03 08:28:10 +02:00
Mariusz Felisiak
beb3f3d559 [4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator. 
Thanks Seokchan Yoon for reports.
 2023-07-03 08:27:05 +02:00
Mariusz Felisiak
3b48fe413f [4.1.x] Added stub release notes for 4.1.10 and 3.2.20. 
Backport of 2360ba22742c3ee8729697bfe2d508110465af56 from main
 2023-06-26 14:37:24 +02:00
Mariusz Felisiak
0e5948b8df [4.1.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if Pillow isn't installed. 
Follow up to fb4c55d9ec4bb812a7fb91fa20510d91645e411b.
Backport of fcfbf08abe3e6dc54894df6988024f055abc6c40 from main
 2023-05-04 08:09:50 +02:00
Mariusz Felisiak
66e1e9b006 [4.1.x] Added CVE-2023-31047 to security archive. 
Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main
 2023-05-03 15:22:12 +02:00
Mariusz Felisiak
d1385cc51b [4.1.x] Post-release version bump. 2023-05-03 13:57:05 +02:00
Mariusz Felisiak
dceb634ba4 [4.1.x] Bumped version for 4.1.9 release. 4.1.9 2023-05-03 13:55:10 +02:00
Mariusz Felisiak
e7c3a2ccc3 [4.1.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field. 
Thanks Moataz Al-Sharida and nawaik for reports.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
 2023-05-03 13:54:21 +02:00
Mariusz Felisiak
491dccec1a [4.1.x] Added missing backticks in docs/releases/1.7.txt. 2023-04-26 09:30:14 +02:00
Mariusz Felisiak
6d334a0ca5 [4.1.x] Added stub release notes for 4.1.9 and 3.2.19. 
Backport of 18a7f2c711529f8e43c36190a5e2479f13899749 from main
 2023-04-26 08:51:18 +02:00
Mariusz Felisiak
f55bcff9dc [4.1.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on Python 3.11.4+. 
5342f5e713

Follow up to 38e63c9e61152682f3ff982c85a73793ab6d3267.

Backport of 2eb1f37260f0e0b71ef3a77eb5522d2bb68d6489 from main
 2023-04-07 11:09:36 +02:00
Mariusz Felisiak
685721b4c5 [4.1.x] Post-release version bump. 2023-04-05 07:58:12 +02:00
Mariusz Felisiak
bbce015391 [4.1.x] Bumped version for 4.1.8 release. 4.1.8 2023-04-05 07:50:32 +02:00
Mariusz Felisiak
67a79dcf5b [4.1.x] Added release date for 4.1.8. 
Backport of fdf0a367bdd72c70f91fb3aed77dabbe9dcef69f from main
 2023-04-05 06:19:38 +02:00
David Wobrock
ba1654cb54 [4.1.x] Fixed #34384 -- Fixed session validation when rotation secret keys. 
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7.

Thanks Eric Zarowny for the report.

Backport of 2396933ca99c6bfb53bda9e53968760316646e01 from main
 2023-03-08 11:33:47 +01:00
Mariusz Felisiak
ff3e3eb2bd [4.1.x] Added stub release notes for 4.1.8. 
Backport of 9a07999aef7958c9b5441e368cd90646d0edc5c9 from main
 2023-03-06 17:38:07 +01:00
Mariusz Felisiak
60be5909a2 [4.1.x] Refs #21080, Refs #34322 -- Added warning to ManifestStaticFilesStorage docs about paths in comments. 
Backport of bae053d497ba8a8de7e4f725973924bfb1885fd2 from main.
 2023-02-16 19:24:28 +01:00
David Smith
7fd69e52a5 [4.1.x] Refs #32339 -- Doc'd BaseFormSet.as_div() 
Backport of 4038a8df0b8c20624ba826cf9af8f532e5a51aaa from main.
 2023-02-15 09:26:17 +01:00
Carlton Gibson
991461a3b3 [4.1.x] Added CVE-2023-24580 to security archive. 
Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
 2023-02-14 09:53:25 +01:00
Carlton Gibson
e3b40353f1 [4.1.x] Post-release version bump. 2023-02-14 09:13:22 +01:00
Carlton Gibson
c57ff9ba5e [4.1.x] Bumped version for 4.1.7 release. 4.1.7 2023-02-14 09:11:53 +01:00
Markus Holtermann
628b33a854 [4.1.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. 
Thanks to Jakob Ackermann for the report.
 2023-02-14 08:24:06 +01:00
Sota Tabu
425c75f56f [4.1.x] Fixed #34318 -- Added release note for 4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. 
Backport of 3e9d413231edc29768cc7ca0427e63b19233f562 from main
 2023-02-13 14:13:36 +01:00
Mariusz Felisiak
590a92e456 [4.1.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e6723c6985399803a364848891513cc.
Backport of 2fd755b361d3da2cd0440fc9839feb2bb69b027b from main
 2023-02-08 16:40:38 +01:00
Carlton Gibson
ae53649b38 [4.1.x] Added stub release notes for 4.0.10 and 3.2.18. 
Set date for 4.1.7 release.

Backport of 7e003428f96d616c1f77fed84882a95e63bc3644 from main
 2023-02-07 10:12:12 +01:00
Mariusz Felisiak
83c88af9f8 [4.1.x] Added stub release notes for 4.1.7. 
Backport of f3c89744cc801cc7d134bca9958c4a74aa76380f from main
 2023-02-01 13:22:50 +01:00
Mariusz Felisiak
9ac634ff26 [4.1.x] Added CVE-2023-23969 to security archive. 
Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main
 2023-02-01 12:10:18 +01:00
Mariusz Felisiak
f3b6a4f1f3 [4.1.x] Ignored a637d0bd22665edfe7af40b4da3297462ec3c9cf formatting changes in git blame. 2023-02-01 11:45:09 +01:00
David Smith
a637d0bd22 [4.1.x] Refs #33476 -- Applied Black's 2023 stable style. 
Black 23.1.0 is released which, as the first release of the year,
introduces the 2023 stable style. This incorporates most of last year's
preview style.

https://github.com/psf/black/releases/tag/23.1.0

Backport of 097e3a70c1481ee7b042b2edd91b2be86fb7b5b6 from main.
 2023-02-01 11:44:13 +01:00
Mariusz Felisiak
c629c7891a [4.1.x] Post-release version bump. 2023-02-01 09:53:49 +01:00
Mariusz Felisiak
f4909f7f7e [4.1.x] Bumped version for 4.1.6 release. 4.1.6 2023-02-01 09:50:23 +01:00
Nick Pope
9d7bd5a56b [4.1.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:46:23 +01:00
Mariusz Felisiak
d3edac6c07 [4.1.x] Bumped versions in pre-commit and npm configurations. 
Backport of f825536b5e09b3a047fec0c10aabd91bace0995c from main
 2023-01-31 14:00:43 +01:00
Mariusz Felisiak
a5a36da28b [4.1.x] Fixed E501 flake8 error. 2023-01-31 13:33:36 +01:00
Durval Carvalho
f586c12f01 [4.1.x] Fixed #34180 -- Added note about resetting language in test tear-downs. 
Co-authored-by: Faris Naimi <farisfaris66@gmail.com>

Backport of 40217d1a82b0c16cddba377325d12b2c253f402a from main
 2023-01-31 07:29:55 +01:00
Mariusz Felisiak
26b7a25632 [4.1.x] Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e6723c6985399803a364848891513cc.

Backport of 2b1242abb3989f5d74e787b09132d01bcbee5b55 from main.
 2023-01-26 09:34:15 +01:00
Carlton Gibson
bc48c7dfd6 [4.1.x] Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of d8e1442ce2c56282785dd806e5c1147975e8c857 from main
 2023-01-25 12:27:07 +01:00
Carlton Gibson
bb59ef749f [4.1.x] Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of 1df963ad2476726d63be132c0cee47e07b8250d7 from main
 2023-01-25 11:58:50 +01:00
Stephen
c1bf918bad [4.1.x] Corrected passenv value for tox 4.0.6+. 
Backport of 34b328814976a2e2f7907361a494202763649f3f from main
 2023-01-25 06:11:46 +01:00
noFFENSE
2a32d3963c [4.1.x] Fixed #34242 -- Doc'd that primary key is set to None when deleting objects. 
Backport of 5cd1385356d4b275133ddb0f8c78b2f37c5901eb from main
 2023-01-20 10:57:47 +01:00
sarahboyce
d550e3cccd [4.1.x] Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase. 
Co-authored-by: Christian Bundy <me@christianbundy.com>

Backport of 0fbdb9784da915fce5dcc1fe82bac9b4785749e5 from main
 2023-01-16 10:04:03 +01:00
Steven
d805010d68 [4.1.x] Fixed "nulls characters" typo in docs. 
Backport of 4b7016866a80ec8582f55fc7eedfa692039e9648 from main
 2023-01-16 08:24:21 +01:00
Mariusz Felisiak
7ebcda3331 [4.1.x] Fixed thread termination in servers.tests.LiveServerPort on Python 3.10.9+, 3.11.1+, and 3.12+. 
Class cleanups registered in TestCase subclasses are no longer called
as TestCase.doClassCleanups() only cleans up the particular class, see

c2102136be
Backport of d02a9f0cee84e3d23f676bdf2ab6aadbf4a5bfe8 from main
 2023-01-12 06:06:24 +01:00
Raj Desai
420f3230a2 [4.1.x] Fixed #34232 -- Fixed typo in docs/intro/tutorial07.txt. 
Backport of d2310f6473593d28c14b63a72253408b568e100a from main
 2023-01-04 19:32:08 +01:00
Mariusz Felisiak
f6d138eeff [4.1.x] Added stub release notes for 4.1.6. 
Backport of 75500feecddcb27b6ab65c9057e7317024cef761 from main
 2023-01-02 08:51:44 +01:00
Mariusz Felisiak
4651ef5a80 [4.1.x] Post-release version bump. 2023-01-02 08:31:10 +01:00
Mariusz Felisiak
eba81c8390 [4.1.x] Bumped version for 4.1.5 release. 4.1.5 2023-01-02 08:15:12 +01:00
Mariusz Felisiak
7bcf84d363 [4.1.x] Added release date for 4.1.5. 
Backport of 174d8157b5700f6451ac0bdc3eef7e73121bc4a4 from main
 2023-01-02 08:11:41 +01:00