Thanks to Robert Schoeftner (@robert.schoeftner)for the report
and solution. GitLab issue #574.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Individual link AJAX workers are obsolete now that the menu
is being rendered by its own AJAX renderer.
GitLab issue #562.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
From Django 1.11.16.
* Django 1.11.17 fixes several bugs in 1.11.16 and adds compatibility
with Python 3.7.
* Prevented repetitive calls to geos_version_tuple() in the WKBWriter
class in an attempt to fix a random crash involving LooseVersion
since Django 1.11.14 (#29959).
* CVE-2019-3498: Content spoofing possibility in the default 404 page
An attacker could craft a malicious URL that could make spoofed
content appear on the default page generated by the
django.views.defaults.page_not_found() view. The URL path is no
longer displayed in the default 404 template and the request_path
context variable is now quoted to fix the issue for custom
templates that use the path
* CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()
If django.utils.numberformat.format() – used by contrib.admin as
well as the the floatformat, filesizeformat, and intcomma templates
filters – received a Decimal with a large number of digits or a large
exponent, it could lead to significant memory usage due to a call to
'{:f}'.format(). To avoid this, decimals with more than 200 digits
are now formatted using scientific notation.
* Corrected packaging error from 1.11.19 (#30175).
https://docs.djangoproject.com/en/2.1/releases/1.11.17/https://docs.djangoproject.com/en/2.1/releases/1.11.18/https://docs.djangoproject.com/en/2.1/releases/1.11.19/https://docs.djangoproject.com/en/2.1/releases/1.11.20/
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Add tests for the advanced search API. GitLab merge !36.
Thanks to Simeon Walker (@simeon-walker) for the find and fix.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Use sets and remove explicit index node ordering to allow tests
to work regardless of the node creation order. GitLab issue #559.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Add random primary key mixin. Split test case code into mixins.
Make the view test case and the API test cases part of the same
class hierachy. Update tests that failed due to the new import
locations.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Convert the furl instance to text to allow serializing it into
JSON to be passed as arguments to the background task.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
