From Django 1.11.16.
* Django 1.11.17 fixes several bugs in 1.11.16 and adds compatibility
with Python 3.7.
* Prevented repetitive calls to geos_version_tuple() in the WKBWriter
class in an attempt to fix a random crash involving LooseVersion
since Django 1.11.14 (#29959).
* CVE-2019-3498: Content spoofing possibility in the default 404 page
An attacker could craft a malicious URL that could make spoofed
content appear on the default page generated by the
django.views.defaults.page_not_found() view. The URL path is no
longer displayed in the default 404 template and the request_path
context variable is now quoted to fix the issue for custom
templates that use the path
* CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()
If django.utils.numberformat.format() – used by contrib.admin as
well as the the floatformat, filesizeformat, and intcomma templates
filters – received a Decimal with a large number of digits or a large
exponent, it could lead to significant memory usage due to a call to
'{:f}'.format(). To avoid this, decimals with more than 200 digits
are now formatted using scientific notation.
* Corrected packaging error from 1.11.19 (#30175).
https://docs.djangoproject.com/en/2.1/releases/1.11.17/https://docs.djangoproject.com/en/2.1/releases/1.11.18/https://docs.djangoproject.com/en/2.1/releases/1.11.19/https://docs.djangoproject.com/en/2.1/releases/1.11.20/
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Add tests for the advanced search API. GitLab merge !36.
Thanks to Simeon Walker (@simeon-walker) for the find and fix.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Use sets and remove explicit index node ordering to allow tests
to work regardless of the node creation order. GitLab issue #559.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Add random primary key mixin. Split test case code into mixins.
Make the view test case and the API test cases part of the same
class hierachy. Update tests that failed due to the new import
locations.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Convert the furl instance to text to allow serializing it into
JSON to be passed as arguments to the background task.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Fix spelling errors in documentation and other program texts.
Update the spelling exceptions list.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Add new subsection explaining commit messages structure to be
used in the project.
Updates and expands explanations regarding the Git branch
structure used in the project.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Add support for reindexing documents when their base properties like
the label and description are edited.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
This command displays the current configuration settings.
Default the YAML flow format to False which never uses inline.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
