mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-01 01:22:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
26892 commits 29 branches 451 tags 740 MiB
Commit graph

368 commits

Author SHA1 Message Date
Pablo García
38af257988 [2.2.x] Fixed #30810 -- Fixed WatchmanReloaderTests.test_setting_timeout_from_environment_variable test. 
client_timeout is an instance attribute.

Backport of 2fd610eb30 from master
 2019-09-27 08:36:48 +02:00
Florian Apolloner
cf694e6852 [2.2.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). 
Thanks to Guido Vranken for initial report.
 2019-07-29 11:06:54 +02:00
Florian Apolloner
e34f3c0e9e [2.2.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 
Thanks to Guido Vranken for initial report.
 2019-07-29 11:06:54 +02:00
Florian Apolloner
c3289717c6 [2.2.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 
Thanks to Guido Vranken for initial report.
 2019-07-29 11:00:01 +02:00
Tom Forbes
4d6449e125 [2.2.x] Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 
Backport of fc75694257 from master.
 2019-07-24 14:38:24 +02:00
Tom Forbes
2d2859bec2 [2.2.x] Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 
Backport of 2ff517ccb6 from master.
 2019-07-23 10:41:50 +02:00
Tom Forbes
bdc1de2199 [2.2.x] Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute. 
Backport of 8454f6dea4 from master
 2019-06-26 06:44:57 +02:00
Tom Forbes
7089502b98 [2.2.x] Fixed #30523 -- Fixed updating file modification times on seen files in auto-reloader when using StatReloader. 
Previously we updated the file mtimes if the file has not been seen
before - i.e on the first iteration of the loop.

If the mtime has been changed we triggered the notify_file_changed()
method which in all cases except the translations will result in the
process being terminated. To be strictly correct we need to update the
mtime for either branch of the conditional.

Regression in 6754bffa2b.

Backport of 480492fe70 from master
 2019-05-29 09:43:10 +02:00
Tom Forbes
ace0bec804 [2.2.x] Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with custom signature. 
Regression in c8720e7696.

Backport of 0344565179 from master
 2019-05-29 08:30:22 +02:00
Tom Forbes
5bf2c87ece [2.2.x] Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when using StatReloader. 
Regression in c8720e7696.

Backport of b2790f74d4 from master
 2019-05-28 09:01:29 +02:00
Tom Forbes
d326c743ef [2.2.x] Fixed #30323 -- Fixed detecting changes by autoreloader when using StatReloader. 
Backport of 6754bffa2b from master
 2019-04-29 12:18:29 +02:00
Jacob Green
e45763193f [2.2.x] Fixed #30361 -- Increased the default timeout of watchman client to 5 seconds and made it customizable. 
Made the default timeout of watchman client customizable via
DJANGO_WATCHMAN_TIMEOUT environment variable.

Backport of ed3c59097a from master
 2019-04-26 13:35:47 +02:00
Mariusz Felisiak
505785a71d
[2.2.x] Fixed #30264 -- Fixed crash of test_parsing_year_less_than_70() on 32-bit systems. 
Thanks Andreas Beckmann and Chris Lamb for the report.
Backport of c9888bc8ec from master
 2019-03-20 13:46:31 +01:00
Jon Dufresne
87fad5a392 [2.2.x] Cleaned up exception message checking in some tests. 
Backport of 95b7699ffc from master.
 2019-03-15 19:28:13 -04:00
Matthias Kestenholz
77e53da127 [2.2.x] Refs #30179 -- Moved topological sort functions to django.utils. 
Backport of e04209e181 from master.
 2019-02-27 17:16:48 -05:00
shiningfm
4dac17ac93 [2.2.x] Fixed #30215 -- Fixed autoreloader crash for modules without __spec__. 
Regression in c8720e7696.
Backport of 99cfb28e99 from master.
 2019-02-27 10:35:45 -05:00
Semen Zhydenko
a536cf1f9f [2.2.x] Fixed spelling mistakes in comments and tests. 
Backport of 255d6a26a8 from master.
 2019-02-11 08:56:10 -05:00
Carlton Gibson
83ab3e2664 [2.2.x] Fixed CVE-2019-6975 -- Fixed memory exhaustion in utils.numberformat.format(). 
Thanks Sjoerd Job Postmus for the report and initial patch.
Thanks Michael Manfre, Tim Graham, and Florian Apolloner for review.

Backport of 402c0caa85 from master
 2019-02-11 11:10:38 +01:00
Tom Forbes
728358c5cf [2.2.x] Fixed #25624 -- Fixed autoreload crash with jinja2.ModuleLoader. 
Backport of 1e92407f83 from master.
 2019-01-28 14:42:46 -05:00
Santiago Basulto
4fc35a9c3e Fixed #20147 -- Added HttpRequest.headers. 2019-01-16 13:38:47 -05:00
Tom Forbes
c8720e7696 Fixed #27685 -- Added watchman support to the autoreloader. 
Removed support for pyinotify (refs #9722).
 2019-01-13 20:33:47 -05:00
Tim Graham
0004daa536
Used 4 space hanging indent for dictionaries. 
Thanks Mariusz Felisiak for auditing.
 2019-01-02 18:18:19 -05:00
Jon Dufresne
6fe9c45b72 Fixed #30024 -- Made urlencode() and Client raise TypeError when None is passed as data. 2018-12-27 11:19:55 -05:00
Tim Graham
193c109327 Switched TestCase to SimpleTestCase where possible in Django's tests. 2018-11-27 08:58:44 -05:00
Thomas Grainger
0607699902 Fixed #29478 -- Added support for mangled names to cached_property. 
Co-Authored-By: Sergey Fedoseev <fedoseev.sergey@gmail.com>
 2018-11-19 13:40:49 -05:00
Srinivas Thatiparthy (శ్రీనివాస్ తాటిపర్తి)
a7ef4a56e0 Fixed #29920 -- Added a test for smart_urlquote()'s UnicodeError branch. 2018-11-09 12:39:08 -05:00
Hasan Ramezani
6b7f1c2530 Increased test coverage of django.utils.http. 2018-11-03 11:13:28 -04:00
aspalding
dc5e75d419 Fixed #29838 -- Fixed crash when combining Q objects with __in lookups and lists. 
Regression in fc6528b25a.
 2018-10-17 11:34:49 -04:00
aspalding
217f82d713 Refs #29838 -- Fixed make_hashable() for values that have lists or dicts nested in tuples. 
And for non-hashable values that are iterable, e.g. sets.
 2018-10-17 11:17:50 -04:00
aspalding
834c4ec8e4 Moved make_hashable() to django.utils and added tests. 2018-10-17 11:17:23 -04:00
Hasan Ramezani
b5d7604cb0 Completed FixedOffset test coverage. 2018-10-09 20:32:08 -04:00
Sergey Fedoseev
8ef8bc0f64 Refs #28909 -- Simplifed code using unpacking generalizations. 2018-09-28 09:57:12 -04:00
Jon Dufresne
82f286cf6f Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
Javier Buzzi
a0d63b02c3 Fixed #29772 -- Made LazyObject proxy __lt__() and __gt__(). 2018-09-19 13:51:01 -04:00
Claude Paroz
201017df30 Fixed #29654 -- Made text truncation an ellipsis character instead of three dots. 
Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review.
 2018-08-21 17:46:45 +02:00
Mariusz Felisiak
9fee229874
Fixed #29643 -- Fixed crash when combining Q objects with __in lookups and lists. 
Regression in fc6528b25a.
 2018-08-08 08:51:20 +02:00
Josh Schneier
f1bf069ec1 Refs #29244 -- Fixed django.utils.inspect.method_has_no_args() for bound methods. 2018-08-07 17:37:35 -04:00
Josh Schneier
756b859576 Renamed django.utils.inspect.func_has_no_args() to method_has_no_args(). 2018-08-07 17:37:35 -04:00
Tim Graham
2092206bee
Refs #29600 -- Updated django.utils.datetime_safe now that Python 2 is unsupported. 2018-08-02 10:20:24 -04:00
Andreas Hug
a656a68127 Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. 2018-08-01 09:28:42 -04:00
Claude Paroz
b004bd62e8 Fixed #29412 -- Stopped marking slugify() result as HTML safe. 2018-07-20 10:44:30 -04:00
Claude Paroz
0adfba968e Fixed #29578 -- Made numberformat.format() honor forced l10n usage. 
Thanks Sassan Haradji for the report.
 2018-07-19 16:44:40 -04:00
Sergey Fedoseev
338f741c5e Fixed #29546 -- Deprecated django.utils.timezone.FixedOffset. 2018-07-09 16:33:36 -04:00
Sergey Fedoseev
c9088cfc7b Fixed some assertTrue() that were intended to be assertEqual(). 2018-07-09 11:13:40 -04:00
Sergey Fedoseev
bdcde79c5f Made test for memoryview handling in force_bytes() more strict. 2018-07-09 11:01:42 -04:00
Przemysław Suliga
d22b90b4ea Fixed #29525 -- Allowed is_safe_url()'s allowed_hosts arg to be a string. 2018-06-29 10:17:52 -04:00
Carlton Gibson
f4ef71c689 Refs #29514 -- Added test for get_default_timezone()/timezone.utc equality. 2018-06-28 11:14:26 -04:00
Tim Graham
911af0d24b Added more tests for django.utils.html.urlize(). 2018-03-06 08:30:41 -05:00
Tim Graham
97b7dd59bb Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. 
Thanks James Davis for suggesting the fix.
 2018-03-06 08:30:40 -05:00
Tim Graham
8618271caa Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. 
Thanks Florian Apolloner for assisting with the patch.
 2018-03-06 08:30:40 -05:00