Django security releases issued: 3.1.6, 3.0.12, and 2.2.18

2021-02-01 Thread Mariusz Felisiak 

Details are available on the Django project weblog:

https://www.djangoproject.com/weblog/2021/feb/01/security-releases/

--
You received this message because you are subscribed to the Google Groups "Django 
developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/12755044-60e7-4a27-d8aa-397e8af622b8%40gmail.com.

Re: Fellow Reports - January 2021

2021-02-01 Thread Mariusz Felisiak 
Week ending January 31, 2021 

*Triaged: *
   https://code.djangoproject.com/ticket/32381 - Include number of rows 
matched in bulk_update() return value (accepted) 
   https://code.djangoproject.com/ticket/32380 - GeoDjango lookups should 
support F() expressions. (fixed) 
   https://code.djangoproject.com/ticket/32382 - Django 3.2 app config 
search prevents single-file apps (wontfix) 
   https://code.djangoproject.com/ticket/32375 - Make Sitemap's protocol 
default to "https". (accepted) 
   https://code.djangoproject.com/ticket/26602 - Provide a way to manage 
grouping with RawSQL (needsinfo) 
   https://code.djangoproject.com/ticket/32384 - Can't see list view of 
data in Django Admin (duplicate) 
   https://code.djangoproject.com/ticket/32387 - More efficiant migration 
management (wontfix) 
   https://code.djangoproject.com/ticket/32388 - bulk_update() doesn't 
necessarily ignore duplicates. (accepted) 
   https://code.djangoproject.com/ticket/32389 - ResponseHeaders crashes 
when data is not a mapping. (accepted) 
   https://code.djangoproject.com/ticket/32390 - Drop support for Oracle 
12.2 and 18c. (created) 
   https://code.djangoproject.com/ticket/32392 - ExclusionConstraint() 
crashes with Cast(). (accepted) 
   https://code.djangoproject.com/ticket/32394 - Adjust project template to 
leverage automatic SCRIPT_NAME prefix for STATIC_URL (accepted) 
   https://code.djangoproject.com/ticket/32395 - Migrate signals verbose 
stdout emissions are not capturable (accepted) 
   https://code.djangoproject.com/ticket/20287 - BaseContext (and it's 
subclasses) lack emulation of dictionary items() (wontfix) 
   https://code.djangoproject.com/ticket/32398 - Excluding on annotations 
doesn't apply null handling. (accepted) 

*Reviewed/committed: *
   https://github.com/django/django/pull/13934 - Fixed #32369 -- Fixed 
adding check constraints with pattern lookups and expressions as rhs. 
   https://github.com/django/django/pull/13933 - Fixed #32347 -- Made 
ModelChoiceField include the value in ValidationError for invalid_choice. 
   https://github.com/django/django/pull/13816 - Fixed #32290 -- Fixed 
TemplateNotFound in {% include %} tag for relative path in variable. 
   https://github.com/django/django/pull/13937 - Fixed #32385 -- Removed 
unused and duplicated loading of tags in admin templates. 
   https://github.com/django/django/pull/13294 - Changed "Don't overuse 
count() or exists()" example to Python. 
   https://github.com/django/django/pull/13939 - Fixed #32388 -- Clarified 
QuerySet.bulk_update() caveat about duplicates for multiple batches. 
   https://github.com/django/django/pull/13942 - Fixed #32392 -- Fixed 
ExclusionConstraint crash with Cast() in expressions. 
   https://github.com/django/django/pull/13884 - Fixed #32345 -- Fixed 
preserving encoded query strings in set_language() view. 

*Reviewed: *
   https://github.com/django/django/pull/13936 - Fixed #32348, Refs #29087 
-- Corrected tutorial for updated deleting inlines UI. 

*Authored: *
   https://github.com/django/django/pull/13931 - Refs #32380 -- Added test 
for distance lookups with F() expression.

Best,
Mariusz

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/e58fcb9e-5e40-4e29-9c53-f8a937370941n%40googlegroups.com.

GSOC 2021

2021-02-01 Thread SECOB271_Ganesh Pawar 
Hey guys, is Django going to participate in GSOC this year?

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/7c8554be-afac-4740-afc1-999aa9a5711cn%40googlegroups.com.

Re: GSOC 2021

2021-02-01 Thread Carlton Gibson 
Hello.

Yes, hoping to. Applications opened on Friday and close on the 19th of
February.
I intend to pull together a wiki page for it over the next week or so.

Given the changed format, projects are smaller. My thought is to suggest a
ticket based approach, taking either one or a group depending on size. I’d
suggest browsing the issue tracker by Component, and having a think about
what area of the framework you’re most interested in.

*Prospective Mentors: *if you’d fancy helping a student with ideas on a
ticket and timely reviews on a PR, that would be great. Have a think about
whether you’ve got the capacity (it shouldn’t be too burdensome).

Kind regards,
Carlton

On Mon, 1 Feb 2021 at 14:59, SECOB271_Ganesh Pawar 
wrote:

> Hey guys, is Django going to participate in GSOC this year?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django developers (Contributions to Django itself)" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-developers+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-developers/7c8554be-afac-4740-afc1-999aa9a5711cn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/CAJwKpyTvFOLy%3D5B1kEOg_QVQXsOc6%2B9QcXVURjvFu47dhMnk%3Dw%40mail.gmail.com.

First time contributor, requesting permission to work on #32340

2021-02-01 Thread ssban...@gmail.com 

Hi team,

I am a new contributor and working with Django as a Junior Developer. After 
looking into issue tracker, I see #32340 
 as a ticket that I would love 
to work on if nobody else is working on it.

In case I get to work on this, I had a couple of questions regarding what 
needs to be done.

1. For the suggestion of having explicit instructions on the Django 
documentation about the format of the form fields, as described in the 
ticket, should I focus on mentioning the default formats for the following 
fields -

   - Date and time fields – DateField, DatetimeField, TimeField, 
   SplitDateTimeField, DurationField 
   - More technical fields which have very specific formats: SlugField, 
   JSONField, UUIDField, RegexField, GenericIPAddressField 

2. Should the changes in the documentation extend to issues such as #32339 
 or #32338 
 on why it should be avoided? 

Please forgive me if I have not been able to understand the ticket 
responsibility the way it is intended, and I would be very grateful if the 
scope of the changes required could be pointed out to me by any senior 
member of the community. 

Thanks,
Surya

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/570134a1-2fac-4184-9098-360c3ffe02cen%40googlegroups.com.

Re: Fellow Reports -- January 2021

2021-02-01 Thread Carlton Gibson 
Hi all, 



Calendar Week 4 -- ending 31 January.



Triaged:


https://code.djangoproject.com/ticket/32391 -- Replace width with flex 
properties for the changelist filter (Accepted)

https://code.djangoproject.com/ticket/32390 -- Drop support for Oracle 12.2 
and 18c. (Accepted)

https://code.djangoproject.com/ticket/32379 -- Documentation: hypercorn and 
static files (Duplicate of #27325)



Reviewed:


https://github.com/django/django/pull/13932 -- Modernized custom manager 
example.

https://github.com/django/django/pull/13941 -- Fixed #32391 -- Replaced CSS 
width with flex properties for changelist filter.

https://github.com/django/django/pull/13940 -- Fixed #32389 -- Fixed 
ResponseHeaders crash when data is not mapping.

https://github.com/django/django/pull/13914 -- Improved performance of 
django.forms.ChoiceWidget.optgroups()

https://github.com/django/django/pull/13878 -- Improved performance of 
forms.widgets.Media.merge()

https://code.djangoproject.com/ticket/32074 -- Python 3.10 compatibility

https://github.com/django/django/pull/13932 -- Modernized custom manager 
example

https://github.com/django/django/pull/13935 -- Refs #26602 -- Added tests 
for aggregating over a RawSQL() annotation.

https://github.com/django/django/pull/13888 -- Fixed #32348 -- Made 
deleting "extra" inlines in admin impossible.

https://code.djangoproject.com/ticket/32383 -- ManifestStaticFilesStorage 
doesn't update JavaScript source map references


Authored:


https://github.com/django/django/pull/13936 -- Fixed #32348, Refs #29087 -- 
Corrected tutorial for updated deleting …



Worked on: 

https://github.com/django/djangoproject.com/issues/1052 -- Stripe SCA 
support



Kind Regards,


Carlton


On Tuesday, 26 January 2021 at 08:31:17 UTC+1 Carlton Gibson wrote:

> Hi all. 
>
> Calendar Week 3 -- ending 24 January.
>
>
> Released Django 3.2a1. 
>
>
> Triaged:
>
>
> https://code.djangoproject.com/ticket/32373 -- Broken translations since 
> the introduction of TranslationCatalog (worksforme)
>
> https://code.djangoproject.com/ticket/32347 -- ModelChoiceField does not 
> provide value of invalid choice when raising ValidationError (Accepted)
>
> https://code.djangoproject.com/ticket/32363 -- Django shell does not read 
> ~/.python_history (Accepted)
>
>
> Reviewed:
>
>
> https://github.com/django/django/pull/13925 -- Fixed #32367 -- Fixed 
> system check for specifying type of auto-created primary keys for inherited 
> PKs.
>
> https://code.djangoproject.com/ticket/17664 -- {% if %} template tag 
> silences exceptions inconsistently
>
> https://github.com/django/django/pull/13919 -- Refs #31259 -- Made 
> various dark theme adjustments.
>
> https://code.djangoproject.com/ticket/31765 -- 
> schema.tests.SchemaTests.test_db_table fails on MacOS
>
> https://github.com/django/django/pull/13888 -- Fixed #32348 -- Made 
> deleting "extra" inlines in admin impossible.
>
> https://github.com/django/django/pull/13920 -- Fixed isolation of 
> utils_tests.test_autoreload tests.
>
> https://github.com/django/django/pull/13912 -- Corrected versionadded 
> annotations.
>
> https://github.com/django/django/pull/13877 -- Refs #32365 -- Allowed use 
> of non-pytz timezone implementations.
>
>
> Authored:
>
>
> https://github.com/django/django/pull/13916 -- Fixed #32366 -- Updated 
> datetime module usage to recommended approach.
>
>
>
> Kind Regards,
>
>
> Carlton
>
>
>
> On Tuesday, 19 January 2021 at 15:53:12 UTC+1 Carlton Gibson wrote:
>
>> Hi all. 
>>
>>
>>
>> Calendar Week 1 -- ending 10 January.
>>
>>
>> Triaged:
>>
>> https://code.djangoproject.com/ticket/32324 -- Wrapping the header in 
>> base.html of contrib.abmin in {% blocks %}. (Accepted)
>> https://code.djangoproject.com/ticket/32316 -- Access __file__ lazily 
>> rather than at module level (Accepted)
>> https://code.djangoproject.com/ticket/32319 -- Add support to 
>> HashedFilesMixin for ES modules (Accepted)
>> https://code.djangoproject.com/ticket/32313 -- Queryset in_bulk docs 
>> don't explicit field_name as kwarg only (Accepted)
>> https://code.djangoproject.com/ticket/32309 -- Allow including hidden 
>> directories for startproject/startapp --template (Accepted)
>>
>>
>>
>> Reviewed:
>>
>> https://github.com/django/django/pull/13532 -- Fixed #16117 -- Added 
>> decorators for admin action and display functions.
>> https://github.com/django/django/pull/11026 -- Fixed #29010, Fixed 
>> #29138 -- Added limit_choices_to and to_field support to autocomplete fields
>> https://github.com/django/django/pull/12444 -- Fixed #31259 -- Added a 
>> dark theme in the admin module
>> https://github.com/django/django/pull/13435 -- Fixed #32018 -- Extracted 
>> admin colors into CSS variables.
>> https://github.com/django/django/pull/13832 -- Refs #25175 -- Removed 
>> postgresql_psycopg2 in django.db.utils.load_backend().
>> https://github.com/django/django/pull/13849 -- Refs #32191 -- Added 
>> Signer.sign_object()/unsign_object().
>> https://github.com/django/django

Re: First time contributor, requesting permission to work on #32340

2021-02-01 Thread Carlton Gibson 
Hi Surya. Welcome

Do comment on the ticket. Thibauld and Tom should be able to give you more 
specific advice. 
I'm not sure if Thibauld is already planning work, but there should be room 
to collaborate. 
 
Kind Regards,

Carlton


On Tuesday, 2 February 2021 at 02:25:10 UTC+1 Surya wrote:

>
> Hi team,
>
> I am a new contributor and working with Django as a Junior Developer. 
> After looking into issue tracker, I see #32340 
>  as a ticket that I would 
> love to work on if nobody else is working on it.
>
> In case I get to work on this, I had a couple of questions regarding what 
> needs to be done.
>
> 1. For the suggestion of having explicit instructions on the Django 
> documentation about the format of the form fields, as described in the 
> ticket, should I focus on mentioning the default formats for the following 
> fields -
>
>- Date and time fields – DateField, DatetimeField, TimeField, 
>SplitDateTimeField, DurationField 
>- More technical fields which have very specific formats: SlugField, 
>JSONField, UUIDField, RegexField, GenericIPAddressField 
>
> 2. Should the changes in the documentation extend to issues such as #32339 
>  or #32338 
>  on why it should be 
> avoided? 
>
> Please forgive me if I have not been able to understand the ticket 
> responsibility the way it is intended, and I would be very grateful if the 
> scope of the changes required could be pointed out to me by any senior 
> member of the community. 
>
> Thanks,
> Surya
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/4d49125a-61b0-43a7-9698-3ed7e78e6b06n%40googlegroups.com.