date:20191021

Re: Fellow Reports - October 2019

2019-10-21 Thread Mariusz Felisiak

Week ending October 20, 2019.

Released Django 3.0.b1.

*Triaged:*
https://code.djangoproject.com/ticket/30877 - User Password Automatically
changes after 15 days. (invalid)
https://code.djangoproject.com/ticket/30876 - Move classproperty to the
django.utils.functional. (accepted)
https://code.djangoproject.com/ticket/30878 - Django catched a request
error when deploy nameserver to IP. (invalid)
https://code.djangoproject.com/ticket/30880 - Optimize the
_tx_resource_for_name() function in django/scripts/manage_translations.py
(wontfix)
https://code.djangoproject.com/ticket/24042 - Custom AutoField fields do
not work correctly on postgres. (fixed)
https://code.djangoproject.com/ticket/30879 - Nested foreign key test
failures in 3.0~beta1. (invalid)
https://code.djangoproject.com/ticket/30882 - Promote that Django already
drop Python 2.7 support. (invalid)
https://code.djangoproject.com/ticket/30885 - Drop support for MariaDB
10.1. (created)
https://code.djangoproject.com/ticket/30886 - Bug in TestCase tutorial.
(invalid)
https://code.djangoproject.com/ticket/30890 - Support relate spatial lookup
on MariaDB 10.1+. (created)
https://code.djangoproject.com/ticket/30889 - gis.measure:
Distance/Distance should error. (wontfix)
https://code.djangoproject.com/ticket/30891 - Convert a Dictionary Into
Query-Set and Perform All Orm Queries into it without hitting database.
(wontfix)
https://code.djangoproject.com/ticket/30893 - Django tutorial part 3
documentation minor fix. (invalid)

*Reviewed/committed:*
https://github.com/django/django/pull/11910 - Fixed #30868 -- Prevented
unnecessary AlterField when renaming a referenced pk.
https://github.com/django/django/pull/11872 - Fixed #30808 -- Added the
Django Forum to contributing index.
https://github.com/django/django/pull/11906 - Fixed #30816 -- Doc'd how to
create projects with a local copy of Django.
https://github.com/django/django/pull/11903 - Fixed #30872 -- Improved
unknown command message when settings are manually configured.
https://github.com/django/django/pull/11847 - Refs #28816 -- Prevented
silencing data loss when decreasing CharField.max_length for
ArrayField.base_field on PostgreSQL.
https://github.com/django/django/pull/11935 - Fixed #28337 -- Preserved
extra headers of requests made with django.test.Client in assertRedirects().
https://github.com/django/django/pull/7436 - Fixed #27391 -- Implemented
SimpleTestCase.debug().

*Reviewed:*
https://github.com/django/django/pull/11452 - Fixed #12990 -- Added
JSONField model field.

*Authored:*
https://github.com/django/django/pull/11911 - Fixed #30870 -- Fixed showing
that RunPython operations are irreversible by migrate --plan.
https://github.com/django/django/pull/11922 - Fixed #30859 -- Fixed
DatabaseFeatures.supports_aggregate_filter_clause on SQLite 3.30.1+.
https://github.com/django/django/pull/11925 - Refs #28436 -- Corrected docs
regarding MySQL support of distance lookups.
https://github.com/django/django/pull/11927 - Fixed #30562 -- Doc'd MariaDB
support for GIS spatial lookups.
https://github.com/django/django/pull/11928 - Fixed #30885 -- Dropped
support for MariaDB 10.1.
https://github.com/django/django/pull/11933 - Fixed #30890 -- Added MariaDB
support for the relate lookup.

Best regards,
Mariusz

--
You received this message because you are subscribed to the Google Groups
"Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/5c816ae8-e334-4ee9-a0f7-d9048350a93a%40googlegroups.com.

Re: django-admin startproject settings.py has some security holes

2019-10-21 Thread Taymon A. Beal

Is the requirement here to avoid introduce additional barriers to getting 
up and running in local development, or to deploying a site so that it's 
accessible from the public internet?

Both of these are important goals, but trading off security against the 
latter worries me. I don't think we're doing beginners any favors if we 
make it easier for them to deploy sites with security issues, especially 
since they won't be in a good position to appreciate the consequences. 
Ideally we'd make it easy for beginners to deploy sites without security 
issues, but that's a hard problem given the diversity of production 
environments; in the meantime, I think we need to accept the reality that 
figuring out how to store secrets *is* a prerequisite to deploying Django 
in production, notwithstanding how much we wish it weren't.

I'd be interested in trying to contribute a solution more secure than the 
status quo without introducing more barriers to local development, if it 
would have a chance of being accepted.

Taymon

On Friday, October 11, 2019 at 8:00:59 AM UTC-7, Carlton Gibson wrote:
>
> It's just scope:
>
>* Not clear we need to _replace_ the space for books, and blog posts, 
> and so on, in the main docs. 
>
> and bandwidth:
>
>* These things are difficult to get right, and it needs someone to do 
> them. (PRs always warmly received!)
>
> On balance, I have to say, I think the default project template does very 
> well. 
> Taking a beginner, say, and adding, "As well as the million things you're 
> already dealing with, there are these things called environment variable 
> and..." is a step I'd be very cautious about taking. 
>
> Yes, granted, for professional deployment, you might want different — but 
> we have to serve everyone. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/826f3d41-8e8a-4452-8b66-b1ba5f22c06d%40googlegroups.com.

Re: Removing old branches from the Django Git repository.

2019-10-21 Thread Shai Berger

+1 for keeping some way to reach these.

I was going to suggest two steps: Moving the soc*/* branches "under"
attic (that is, renaming them with the attic prefix), and using
something like "zzzattic" for the attic prefix so all attic branches
get pushed to the end of the list and don't get in the way so much.

But tags sound even better.

On Fri, 11 Oct 2019 07:01:19 +0200
Carlton Gibson  wrote:

> Tom’s Tag idea seems to hit the balance.
> 
> I’d like to clean them out. I use git branch all day and they’re just
> noise there.
> 
> Tags would keep the references we’d need to check them out, without
> the additional work of creating a separate repo, or learning
> new/arcane git features, which don’t merit the effort on any given
> day.
> 
> On Fri, 11 Oct 2019 at 02:28, Tim Graham  wrote:
> 
> > Same proposal from 2016:
> > https://groups.google.com/d/topic/django-developers/sf2adeIAkQA/discussion
> >
> > On Thursday, October 10, 2019 at 4:09:24 PM UTC-4, Tom Forbes
> > wrote:  
> >>
> >> I second this, there are a few other branches in that list
> >> (successful or not) that have historic value to Django. Is there a
> >> pressing need to delete them, other than spring cleaning?
> >>
> >> I guess maybe it’s sentimental value, and nobody would ever check
> >> them out, but still...
> >>
> >> Tom
> >>
> >> On 10 Oct 2019, at 20:15, Adam Johnson  wrote:
> >>
> >> Can we leave magic-removal as a tag since it’s such a pivotal
> >> point in djangos history? xD
> >>
> >> On Thu, 10 Oct 2019 at 19:09, Mariusz Felisiak
> >>  wrote:
> >>
> >> Hi y'all,  
> >>>
> >>> We're going to remove some old branches from the Django Git
> >>> repository on 1st November 2019:
> >>>
> >>>- *9* old branches related with Google SOC projects:
> >>>- soc2009/admin-ui
> >>>   - soc2009/http-wsgi-improvements
> >>>   - soc2009/i18n-improvements
> >>>   - soc2009/model-validation
> >>>   - soc2009/multidb
> >>>   - soc2009/test-improvements
> >>>   - soc2010/app-loading
> >>>   - soc2010/query-refactor
> >>>   - soc2010/test-refactor
> >>>- *17* *attic* branches:
> >>>   - attic/boulder-oracle-sprint
> >>>   - attic/full-history
> >>>   - attic/generic-auth
> >>>   - attic/gis
> >>>   - attic/i18n
> >>>   - attic/magic-removal
> >>>   - attic/multi-auth
> >>>   - attic/multiple-db-support
> >>>   - attic/new-admin
> >>>   - attic/newforms-admin
> >>>   - attic/per-object-permissions
> >>>   - attic/queryset-refactor
> >>>   - attic/schema-evolution
> >>>   - attic/schema-evolution-ng
> >>>   - attic/search-api
> >>>   - attic/sqlalchemy
> >>>   - attic/unicode
> >>>
> >>> Best,
> >>> Mariusz
> >>>
> >>> --
> >>> You received this message because you are subscribed to the Google
> >>> Groups "Django developers (Contributions to Django itself)" group.
> >>>  
> >> To unsubscribe from this group and stop receiving emails from it,
> >> send an  
> >>> email to django-d...@googlegroups.com.
> >>> To view this discussion on the web visit
> >>> https://groups.google.com/d/msgid/django-developers/9837cb41-66bc-40f2-8296-75f0ad173ee3%40googlegroups.com
> >>> 
> >>> .
> >>>  
> >> --
> >> Adam
> >>
> >> --
> >> You received this message because you are subscribed to the Google
> >> Groups "Django developers (Contributions to Django itself)" group.
> >> To unsubscribe from this group and stop receiving emails from it,
> >> send an email to django-d...@googlegroups.com.
> >> To view this discussion on the web visit
> >> https://groups.google.com/d/msgid/django-developers/CAMyDDM2kqTztbjzBg%2BOtTCO1M-5TxpaguH60BNv3m5TUe2T-dw%40mail.gmail.com
> >> 
> >> .
> >>
> >> --  
> > You received this message because you are subscribed to the Google
> > Groups "Django developers (Contributions to Django itself)" group.
> > To unsubscribe from this group and stop receiving emails from it,
> > send an email to django-developers+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/django-developers/c044ea54-e537-4141-ad1c-a3b034149f5d%40googlegroups.com
> > 
> > .
> >  
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/20191021214232.0acb6

Re: Fellow Reports - October 2019

Re: django-admin startproject settings.py has some security holes

Re: Removing old branches from the Django Git repository.

3 matches

Site Navigation

Mail list logo

Footer information