./www/py-django, Django, a high-level Python Web framework

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.11.6, Package name: py27-django-1.11.6, Maintainer: joerg

Django is a high-level Python Web framework that encourages rapid development
and clean, pragmatic design. Django was designed to make common Web-development
tasks fast and easy.


Required to run:
[devel/py-setuptools] [time/py-pytz] [lang/python27]

Required to build:

Master sites:

SHA1: a3d2e59f5bccff436e59caa4f5e8aadbd490893a
RMD160: 5865cb8eb78f4d81255320ab5a4e1c7ddc3fecc3
Filesize: 7689.893 KB

Version history: (Expand)

CVS history: (Expand)

   2017-10-06 10:52:59 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: update to 1.11.6

* Made the CharField form field convert whitespace-only values to the \ 
empty_value when strip is enabled.
* Fixed crash when using the name of a model’s autogenerated primary key (id) \ 
in an Index’s fields.
* Fixed a regression in Django 1.9 where a custom view error handler such as \ 
handler404 that accesses csrf_token could cause CSRF verification failures on \ 
other pages
   2017-09-06 17:19:17 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
Django 1.11.5:

CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page¶

In older versions, HTML autoescaping was disabled in a portion of the template \ 
for the technical 500 debug page. Given the right circumstances, this allowed a \ 
cross-site scripting attack. This vulnerability shouldn’t affect most \ 
production sites since you shouldn’t run with DEBUG = True (which makes this \ 
page accessible) in your production settings.


Fixed GEOS version parsing if the version has a commit hash at the end (new in \ 
GEOS 3.6.2).
Added compatibility for cx_Oracle 6.
Fixed select widget rendering when option values are tuples.
Django 1.11 inadvertently changed the sequence and trigger naming scheme on \ 
Oracle. This causes errors on INSERTs for some tables if 'use_returning_into': \ 
False is in the OPTIONS part of DATABASES. The pre-1.11 naming scheme is now \ 
restored. Unfortunately, it necessarily requires an update to Oracle tables \ 
created with Django 1.11.[1-4]. Use the upgrade script in 28451 comment 8 to \ 
update sequence and trigger names to use the pre-1.11 naming scheme.
Added POST request support to LogoutView, for equivalence with the \ 
function-based logout() view.
Omitted pages_per_range from BrinIndex.deconstruct() if it’s None.
Fixed a regression where SelectDateWidget localized the years in the select box.
Fixed a regression in 1.11.4 where runserver crashed with non-Unicode system \ 
encodings on Python 2 + Windows.
Fixed a regression in Django 1.10 where changes to a ManyToManyField weren’t \ 
logged in the admin change history and prevented ManyToManyField initial data in \ 
model forms from being affected by subsequent model changes.
Fixed non-deterministic results or an AssertionError crash in some queries with \ 
multiple joins.
Fixed a regression in contrib.auth’s login() and logout() views where they \ 
ignored positional arguments
   2017-09-04 20:08:31 by Thomas Klausner | Files touched by this commit (163)
Log message:
Follow some redirects.
   2017-08-02 12:45:09 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Django 1.11.4:


Fixed a regression in 1.11.3 on Python 2 where non-ASCII format values for \ 
date/time widgets results in an empty value in the widget’s HTML.
Fixed QuerySet.union() and difference() when combining with a queryset raising \ 
Fixed a regression in pickling of LazyObject on Python 2 when the wrapped object \ 
doesn’t have __reduce__().
Fixed crash in runserver’s autoreload with Python 2 on Windows with non-str \ 
environment variables.
Corrected Field.has_changed() to return False for disabled form fields: \ 
BooleanField, MultipleChoiceField, MultiValueField, FileField, ModelChoiceField, \ 
and ModelMultipleChoiceField.
Fixed QuerySet.count() for union(), difference(), and intersection() queries..
Fixed ClearableFileInput rendering as a subwidget of MultiWidget. Custom \ 
clearable_file_input.html widget templates will need to adapt for the fact that \ 
context values checkbox_name, checkbox_id, is_initial, input_text, initial_text, \ 
and clear_checkbox_label are now attributes of widget rather than appearing in \ 
the top-level context.
Fixed queryset crash when using a GenericRelation to a proxy model
   2017-07-03 13:10:41 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes 1.11.3:


Removed an incorrect deprecation warning about a missing renderer argument if a \ 
Widget.render() method accepts **kwargs.
Fixed a regression causing Model.__init__() to crash if a field has an instance \ 
only descriptor.
Fixed an incorrect DisallowedModelAdminLookup exception when using a nested \ 
reverse relation in list_filter.
Fixed admin’s FieldListFilter.get_queryset() crash on invalid input.
Fixed invalid HTML for a required AdminFileWidget.
Fixed model initialization to set the name of class-based model indexes for \ 
models that only inherit models.Model.
Fixed crash in admin’s inlines when a model has an inherited non-editable \ 
primary key.
Fixed QuerySet.union(), intersection(), and difference() when combining with an \ 
Prevented Paginator’s unordered object list warning from evaluating a QuerySet.
Fixed the value of redirect_field_name in LoginView’s template context. \ 
It’s now an empty string (as it is for the original function-based login() \ 
view) if the corresponding parameter isn’t sent in a request (in \ 
particular, when the login page is accessed directly).
Prevented attribute values in the django/forms/widgets/attrs.html template from \ 
being localized so that numeric attributes (e.g. max and min) of NumberInput \ 
work correctly.
Removed casting of the option value to a string in the template context of the \ 
CheckboxSelectMultiple, NullBooleanSelect, RadioSelect, SelectMultiple, and \ 
Select widgets. In Django 1.11.1, casting was added in Python to avoid \ 
localization of numeric values in Django templates, but this made some use cases \ 
more difficult. Casting is now done in the template using the |stringformat:'s' \ 
Prevented a primary key alteration from adding a foreign key constraint if \ 
Fixed UnboundLocalError crash in RenameField with nonexistent field.
Fixed a regression preventing a model field’s limit_choices_to from being \ 
evaluated when a ModelForm is instantiated.
   2017-06-02 09:19:56 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
Django 1.11.2 release notes

Django 1.11.2 adds a minor feature and fixes several bugs in 1.11.1. Also, the \ 
latest string translations from Transifex are incorporated.

Minor feature:
* The new LiveServerTestCase.port attribute reallows the use case of binding to \ 
a specific port following the bind to port zero change in Django 1.11.

* Added detection for GDAL 2.1 and 2.0, and removed detection for unsupported \ 
versions 1.7 and 1.8.
* Changed contrib.gis to raise ImproperlyConfigured rather than GDALException if \ 
gdal isn’t installed, to allow third-party apps to catch that exception.
* Fixed django.utils.http.is_safe_url() crash on invalid IPv6 URLs.
* Fixed regression causing pickling of model fields to crash.
* Fixed django.contrib.auth.authenticate() when multiple authentication backends \ 
don’t accept a positional request argument.
* Fixed introspection of index field ordering on PostgreSQL.
* Fixed a regression where Model._state.adding wasn’t set correctly on \ 
multi-table inheritance parent models after saving a child model.
* Allowed DjangoJSONEncoder to serialize django.utils.deprecation.CallableBool.
* Relaxed the validation added in Django 1.11 of the fields in the defaults \ 
argument of QuerySet.get_or_create() and update_or_create() to reallow settable \ 
model properties.
* Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if the \ 
InvalidPage message contains non-ASCII.
* Prevented Subquery from adding an unnecessary CAST which resulted in invalid SQL.
* Corrected detection of GDAL 2.1 on Windows.
* Made date-based generic views return a 404 rather than crash when given an out \ 
of range date.
* Fixed a regression where file_move_safe() crashed when moving files to a CIFS \ 
* Moved the ImageField file extension validation added in Django 1.11 from the \ 
model field to the form field to reallow the use case of storing images without \ 
an extension
   2017-05-08 06:58:58 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
Changes 1.11.1:

Allowed disabling server-side cursors on PostgreSQL

Made migrations respect Index’s name argument. If you created a named index \ 
with Django 1.11, makemigrations will create a migration to recreate the index \ 
with the correct name.
Fixed a crash when using a __icontains lookup on a ArrayField.
Fixed a crash when using a two-tuple in EmailMessage’s attachments argument.
Fixed QuerySet.filter() crash when it references the name of a OneToOneField \ 
primary key.
Fixed empty POST data table appearing instead of “No POST data” in \ 
HTML debug page.
Restored BoundFields without any choices evaluating to True.
Prevented SessionBase.cycle_key() from losing session data if _session_cache \ 
isn’t populated.
Fixed layout of ReadOnlyPasswordHashWidget (used in the admin’s user change \ 
Allowed prefetch calls on managers with custom ModelIterable subclasses.
Fixed change password link in the contrib.auth admin for el, es_MX, and pt \ 
Restored the output of the class attribute in the <ul> of widgets that use \ 
the multiple_input.html template. This fixes ModelAdmin.radio_fields with \ 
Fixed crash in BaseGeometryWidget.subwidgets().
Fixed exception reraising in ORM query execution when cursor.execute() fails and \ 
the subsequent cursor.close() also fails.
Fixed a regression where CheckboxSelectMultiple, NullBooleanSelect, RadioSelect, \ 
SelectMultiple, and Select localized option values.
Corrected the stack level of unordered queryset pagination warnings.
Fixed a regression causing incorrect queries for __in subquery lookups when \ 
models use ForeignKey.to_field.
Fixed crash when overriding the template of django.views.static.directory_index().
Fixed a regression in formset min_num validation with unchanged forms that have \ 
initial data.
Prepared for cx_Oracle 6.0 support.
Updated the contrib.postgres SplitArrayWidget to use template-based widget rendering.
Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs.
Prevented AddIndex and RemoveIndex from mutating model state.
Prevented migrations from dropping database indexes from Meta.indexes when \ 
changing Field.db_index to False.
Fixed a regression in choice ordering in form fields with grouped and \ 
non-grouped options.
Fixed crash in BaseInlineFormSet._construct_form() when using save_as_new.
Fixed a regression where Model._state.db wasn’t set correctly on \ 
multi-table inheritance parent models after saving a child model.
Corrected the return type of ArrayField(CITextField()) values retrieved from the \ 
Fixed QuerySet.prefetch_related() crash when fetching relations in nested \ 
Prefetch objects.
Prevented hiding GDAL errors if it’s not installed when using contrib.gis. \ 
(It’s a required dependency as of Django 1.11.)
Fixed a regression causing __in lookups on a foreign key to fail when using the \ 
foreign key’s parent model as the lookup
   2017-04-05 19:08:49 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 1.11:
As always, the release notes cover the medley of new features in detail, but a \ 
few highlights are:
* Class-based model indexes for creating database indexes.
* Template-based widget rendering to ease customizing form widgets.
* Subquery expressions to create explicit subqueries using the ORM.