Navigation:
Browse pkgsrc
(this page) 2021-01-06 13:17:15 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: py-django3: updated to 3.1.5 Django 3.1.5 fixes several bugs in 3.1.4. Fixed __isnull=True lookup on key transforms for JSONField with Oracle and SQLite. Fixed a bug in Django 3.1 that caused a crash when processing middlewares in an \ async context with a middleware that raises a MiddlewareNotUsed exception. Fixed a regression in Django 3.1 that caused the incorrect prefixing of \ STATIC_URL and MEDIA_URL settings, by the server-provided value of SCRIPT_NAME \ (or / if not set), when set to a URL specifying the protocol but without a \ top-level domain, e.g. http://myhost/ |
| 2020-12-03 19:10:48 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 3.1.4 Django 3.1.4 fixes several bugs in 3.1.3. Bugfixes Fixed setting the Content-Length HTTP header in AsyncRequestFactory. Fixed passing extra HTTP headers to AsyncRequestFactory request methods. Fixed crash of key transforms for JSONField on PostgreSQL when using on a \ Subquery() annotation. Fixed a regression in Django 3.1 that caused a crash of auto-reloader for \ certain invocations of runserver on Windows with Python 3.7 and below. Fixed a regression in Django 3.1 that caused the incorrect grouping by a Q \ object annotation. Fixed a regression in Django 3.1 that caused suppressing connection errors when \ JSONField is used on SQLite. Fixed a crash on SQLite, when QuerySet.values()/values_list() contained key \ transforms for JSONField returning non-string primitive values |
| 2020-11-02 12:12:01 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.1.3 Django 3.1.3 fixes several bugs in 3.1.2 and adds compatibility with Python 3.9. Bugfixes Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin \ changelist search bar Fixed a regression in Django 3.1.2 that caused the incorrect width of the admin \ changelist search bar on a filtered page Fixed displaying Unicode characters in forms.JSONField and read-only \ models.JSONField values in the admin Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg \ with ordering on key transforms for JSONField Fixed a regression in Django 3.1 that caused a crash of __in lookup when using \ key transforms for JSONField in the lookup value Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with \ key transforms for JSONField Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL \ when adding an ExclusionConstraint with key transforms for JSONField in \ expressions Fixed a regression in Django 3.1 where ProtectedError.protected_objects and \ RestrictedError.restricted_objects attributes returned iterators instead of set \ of objects Fixed a regression in Django 3.1.2 that caused incorrect form input layout on \ small screens in the admin change form view Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset \ tokens Added support for asgiref 3.3 Fixed a regression in Django 3.1 that caused incorrect textarea layout on \ medium-sized screens in the admin change form view with the sidebar open Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases in the \ GROUP BY clause |
| 2020-10-02 04:14:03 by Wen Heping | Files touched by this commit (2) |
Log message:
Update to 3.1.2
Upstream changes:
Django 3.1.2 release notes¶
October 1, 2020
Django 3.1.2 fixes several bugs in 3.1.1.
Bugfixes¶
Fixed a bug in Django 3.1 where FileField instances with a callable storage \
were not correctly deconstructed (#31941).
Fixed a regression in Django 3.1 where the QuerySet.ordered attribute \
returned incorrectly True for GROUP BY queries (e.g. .annotate().values()) on \
models with Meta.ordering. A model’s Meta.ordering doesn’t affect such \
queries (#31990).
Fixed a regression in Django 3.1 where a queryset would crash if it \
contained an aggregation and a Q object annotation (#32007).
Fixed a bug in Django 3.1 where a test database was not synced during \
creation when using the MIGRATE test database setting (#32012).
Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a \
GenericRelation (#32038).
Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar \
would not scroll for a long list of available filters (#31986).
|
| 2020-09-10 11:37:17 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: py-django3: updated to 3.1.1 Django 3.1.1 fixes two security issues and several bugs in 3.1. CVE-2020-24583: Incorrect permissions on intermediate-level directories on \ Python 3.7+ On Python 3.7+, FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to \ intermediate-level directories created in the process of uploading files and to \ intermediate-level collected static directories when using the collectstatic \ management command. You should review and manually fix permissions on existing intermediate-level \ directories. CVE-2020-24584: Permission escalation in intermediate-level directories of the \ file system cache on Python 3.7+ On Python 3.7+, the intermediate-level directories of the file system cache had \ the system’s standard umask rather than 0o077 (no group or others \ permissions). Bugfixes Fixed wrapping of translated action labels in the admin’s navigation sidebar \ for East Asian languages. Fixed wrapping of long model names in the admin’s navigation sidebar. Fixed encoding session data while upgrading multiple instances of the same \ project to Django 3.1. Adjusted admin’s navigation sidebar template to reduce debug logging when \ rendering. Fixed a data loss possibility in the select_for_update(). When using related \ fields pointing to a proxy model in the of argument, the corresponding model was \ not locked. Fixed a data loss possibility, following a regression in Django 2.0, when \ copying model instances with a cached fields value. Fixed a regression in Django 3.1 that caused a crash when decoding an invalid \ session data. Reverted a deprecation in Django 3.1 that caused a crash when passing deprecated \ keyword arguments to a queryset in TemplateView.get_context_data(). Enforced thread sensitivity of the MiddlewareMixin.process_request() and \ process_response() hooks when in an async context. Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, \ and SQLite. Fixed a regression in Django 3.1 that caused permission errors in \ CommonPasswordValidator and settings.py generated by the startproject command, \ when user didn’t have permissions to all intermediate directories in a Django \ installation path. Fixed detecting an async get_response callable in various builtin middlewares. Fixed a QuerySet.order_by() crash on PostgreSQL when ordering and grouping by \ JSONField with a custom decoder. Fixed a QuerySet.delete() crash on MySQL, following a performance regression in \ Django 3.1 on MariaDB 10.3.2+, when filtering against an aggregate function. Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on reverse \ relations. Prevented content overflowing in the admin changelist view when the navigation \ sidebar is enabled What’s new in Django 3.1 Asynchronous views and middleware support JSONField for all supported database backends DEFAULT_HASHING_ALGORITHM settings |
| 2020-07-08 17:08:31 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.0.8 Django 3.0.8 fixes several bugs in 3.0.7. Bugfixes Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings raised \ by cache key validation. Fixed a regression in Django 3.0.7 that caused a queryset crash when grouping by \ a many-to-one relationship. Reallowed, following a regression in Django 3.0, non-expressions having a \ filterable attribute to be used as the right-hand side in queryset filters. Fixed a regression in Django 3.0.2 that caused a migration crash on PostgreSQL \ when adding a foreign key to a model with a namespaced db_table. Added compatibility for cx_Oracle 8 |
| 2020-06-03 17:29:36 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.0.7 Django 3.0.7 fixes two security issues and several bugs in 3.0.6. CVE-2020-13254: Potential data leakage via malformed memcached keys In cases where a memcached backend does not perform key validation, passing \ malformed cache keys could result in a key collision, and potential data \ leakage. In order to avoid this vulnerability, key validation is added to the \ memcached cache backends. CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget Query parameters for the admin ForeignKeyRawIdWidget were not properly URL \ encoded, posing an XSS attack vector. ForeignKeyRawIdWidget now ensures query \ parameters are correctly URL encoded. Bugfixes Fixed a regression in Django 3.0 by restoring the ability to use field lookups \ in Meta.ordering. Fixed a regression in Django 3.0 where QuerySet.values() and values_list() \ crashed if a queryset contained an aggregation and a subquery annotation. Fixed a regression in Django 3.0 where aggregates used wrong annotations when a \ queryset has multiple subqueries annotations. Fixed a regression in Django 3.0 where QuerySet.values() and values_list() \ crashed if a queryset contained an aggregation and an Exists() annotation on \ Oracle. Fixed a regression in Django 3.0 where all resolved Subquery() expressions were \ considered equal. Fixed a regression in Django 3.0.5 that affected translation loading for apps \ providing translations for territorial language variants as well as a generic \ language, where the project has different plural equations for the language. Tracking a jQuery security release, upgraded the version of jQuery used by the \ admin from 3.4.1 to 3.5.1. |
| 2020-05-12 08:55:20 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.0.6 3.0.6: Fixed a regression in Django 3.0 that caused a crash when filtering a Subquery() \ annotation of a queryset containing a single related field against a \ SimpleLazyObject. |
| 2020-04-06 19:01:07 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.0.5 Django 3.0.5: Added the ability to handle .po files containing different plural equations for \ the same language. Fixed a regression in Django 3.0 where QuerySet.values() and values_list() \ crashed if a queryset contained an aggregation and Subquery() annotation that \ collides with a field name. |
| 2020-03-12 17:18:54 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.0.4 Django 3.0.4 fixes a security issue and several bugs in 3.0.3. CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS functions \ and aggregates on Oracle GIS functions and aggregates on Oracle were subject to SQL injection, using a \ suitably crafted tolerance. Bugfixes Fixed a data loss possibility when using caching from async code. Fixed a regression in Django 3.0 that caused a file response using a temporary \ file to be closed incorrectly. Fixed a data loss possibility in the select_for_update(). When using related \ fields or parent link fields with Multi-table inheritance in the of argument, \ the corresponding models were not locked. Fixed a regression in Django 3.0 that caused misplacing parameters in logged SQL \ queries on Oracle. Fixed a regression in Django 3.0.3 that caused misplacing parameters of SQL \ queries when subtracting DateField or DateTimeField expressions on MySQL. Fixed a regression in Django 3.0 that didn’t include subqueries spanning \ multivalued relations in the GROUP BY clause |
New packages: