Log message:
py-django: updated to 5.0.4

Django 5.0.4 fixes several bugs in 5.0.3.

Bugfixes

Fixed a bug in Django 5.0 that caused a crash of Model.full_clean() on fields \ 
with expressions in db_default. As a consequence, Model.full_clean() no longer \ 
validates for empty values in fields with db_default
Fixed a regression in Django 5.0 where the AdminFileWidget could be rendered \ 
with two id attributes on the “Clear” checkbox
Fixed a bug in Django 5.0 that caused a migration crash on PostgreSQL 15+ when \ 
adding a partial UniqueConstraint with nulls_distinct
Fixed a crash in Django 5.0 when performing queries involving table aliases and \ 
lookups on a GeneratedField of the aliased table
Fixed a bug in Django 5.0 that caused a migration crash when adding a \ 
GeneratedField relying on the __contains or __icontains lookups or using a Value \ 
containing a "%"

Log message:
py-django: updated to 5.0.3

Django 5.0.3 fixes a security issue with severity “moderate” and several \ 
bugs in 5.0.2.

CVE-2024-27351: Potential regular expression denial-of-service in \ 
django.utils.text.Truncator.words()

django.utils.text.Truncator.words() method (with html=True) and \ 
truncatewords_html template filter were subject to a potential regular \ 
expression denial-of-service attack using a suitably crafted string (follow up \ 
to CVE-2019-14232 and CVE-2023-43665).

Bugfixes

Fixed a regression in Django 5.0.2 where intcomma template filter could return a \ 
leading comma for string representation of floats.
Fixed a bug in Django 5.0 that caused a crash of Signal.asend() and \ 
asend_robust() when all receivers were asynchronous functions.
Fixed a regression in Django 5.0.1 where ModelAdmin.lookup_allowed() would \ 
prevent filtering against foreign keys using lookups like __isnull when the \ 
field was not included in ModelAdmin.list_filter.
Fixed a regression in Django 5.0 that caused a crash of @sensitive_variables and \ 
@sensitive_post_parameters decorators on functions loaded from .pyc files.
Fixed a regression in Django 5.0 that caused a crash when reloading a test \ 
database and a base queryset for a base manager used prefetch_related().
Fixed a bug in Django 5.0 where facet filters in the admin would crash on a \ 
SimpleListFilter using a queryset without primary keys.

Log message:
Replace databases/py-mysqldb with databases/py-mysqlclient

Log message:
py-django: updated to 5.0.2

Django 5.0.2 fixes a security issue with severity “moderate” and several \ 
bugs in 5.0.1. Also, the latest string translations from Transifex are \ 
incorporated.

CVE-2024-24680: Potential denial-of-service in intcomma template filter

The intcomma template filter was subject to a potential denial-of-service attack \ 
when used with very long strings.

Bugfixes

Reallowed, following a regression in Django 5.0.1, filtering against local \ 
foreign keys not included in ModelAdmin.list_filter
Fixed a regression in Django 5.0 where links in the admin had an incorrect color
Fixed a bug in Django 5.0 that caused a crash of Model.full_clean() on models \ 
with a GeneratedField
Fixed a regression in Django 5.0 that caused a crash of FilteredRelation() with \ 
querysets as right-hand sides
Fixed a regression in Django 5.0 that caused a crash of the dumpdata management \ 
command when a base queryset used prefetch_related()
Fixed a regression in Django 5.0 that caused the request_finished signal to \ 
sometimes not be fired when running Django through an ASGI server, resulting in \ 
potential resource leaks
Fixed a bug in Django 5.0 that caused a migration crash on MySQL when adding a \ 
BinaryField, TextField, JSONField, or GeometryField with a db_default
Fixed a bug in Django 5.0 that caused a migration crash on models with a literal \ 
db_default of a complex type such as dict instance of a JSONField. Running \ 
makemigrations might generate no-op AlterField operations for fields using \ 
db_default

Log message:
py-django: updated to 4.2.9

4.2.9
Bugfixes
Fixed a regression in Django 4.2.8 where admin fields on the same line could \ 
overflow the page and become non-interactive

Log message:
py-django: updated to 4.2.8

Django 4.2.8 fixes several bugs in 4.2.7 and adds compatibility with Python 3.12.

Bugfixes

Fixed a regression in Django 4.2 that caused makemigrations --check to stop \ 
displaying pending migrations
Fixed a regression in Django 4.2 that caused a crash of QuerySet.aggregate() \ 
with aggregates referencing other aggregates or window functions through \ 
conditional expressions
Fixed a regression in Django 4.2 that caused a crash when annotating a QuerySet \ 
with a Window expressions composed of a partition_by clause mixing field types \ 
and aggregation expressions
Fixed a regression in Django 4.2 where the admin’s change list page had \ 
misaligned pagination links and inputs when using list_editable
Fixed a regression in Django 4.2 where checkboxes in the admin would be centered \ 
on narrower screen widths
Fixed a regression in Django 4.2 that caused a crash of querysets with \ 
aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode was enabled
Fixed a regression in Django 4.2 where the admin’s read-only password widget \ 
and some help texts were incorrectly aligned at tablet widths
Fixed a regression in Django 4.2 that caused a migration crash on SQLite when \ 
altering unsupported Meta.db_table_comment

Log message:
py-django: updated to 4.2.7

4.2.7

CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows

Log message:
py-django: added version 4.2.6

What’s new in Django 4.2

Psycopg 3 support
Comments on columns and tables
Mitigation for the BREACH attack
In-memory file storage
Custom file storages