Re: Fellow Reports - February 2023

2023-03-07 Thread Mariusz Felisiak
Week ending March 5, 2023

*Triaged:*
https://code.djangoproject.com/ticket/34373 - Update docs on ForeignKey 
to suggest setting "to" and object before a string (wontfix)
https://code.djangoproject.com/ticket/34374 - Windows 11 GIS Tests 
Failing (accepted)
https://code.djangoproject.com/ticket/34376 - Admin has no support for 
unique constraint fields. (worksforme)
https://code.djangoproject.com/ticket/34377 - 
AdminSite.catch_all_view() drops query string in redirects (accepted)
https://code.djangoproject.com/ticket/34375 - GDAL and GIS missing LD 
Library error message. (invalid)
https://code.djangoproject.com/ticket/34378 - Using in_bulk() with 
id_list and order_by() (accepted)
https://code.djangoproject.com/ticket/34379 - Invalid regex pattern for 
password reset token in 4.2b1 (invalid)
https://code.djangoproject.com/ticket/34381 - Postgres tests fail on 
Windows (accepted)
https://code.djangoproject.com/ticket/34382 - DEFAULT_AUTO_FIELD 
ignored for new models (invalid)
https://code.djangoproject.com/ticket/34385 - BaseTemporalField child 
fields causing AttributeError to be raised by calling form.is_valid(). 
(wontfix)
https://code.djangoproject.com/ticket/34383 - Layout error in Admin 
when using help_text (needsinfo)
https://code.djangoproject.com/ticket/34387 - DateFormat.P() does not 
follow PHP's date string format (wontfix)

*Reviewed/committed:*
https://github.com/django/django/pull/16600 - Fixed #34372 -- Fixed 
queryset crash on order by aggregation using OrderBy.
https://github.com/django/django/pull/16597 - Fixed #34368 -- Made 
subquery raise NotSupportedError when referencing outer window expression.
https://github.com/django/django/pull/16605 - Refs #34140 -- Corrected 
rst code-block and various formatting issues in docs.
https://github.com/django/django/pull/16596 - Fixed #34367 -- Updated 
instructions for installing GeoDjango on Windows.
https://github.com/django/django/pull/16607 - Documented that 
django.setup() is called under ASGI.
https://github.com/django/django/pull/16605 - Fixed #34374 -- Fixed GIS 
tests on Windows.
https://github.com/django/django/pull/16613 - Fixed #34378 -- Made 
QuerySet.in_bulk() not clear odering when id_list is passed.
https://github.com/django/django/pull/16612 - Fixed #34377 -- Fixed 
preserving query strings in AdminSite.catch_all_view().
https://github.com/django/django/pull/16495 - Fixed #32539 -- Added 
toggleable facet filters to ModelAdmin.
https://github.com/django/django/pull/16627 - Refs #34381, Refs #10929 
-- Fixed 
postgres_tests.test_aggregates.TestGeneralAggretate.test_empty_result_set() 
on PostgreSQL 14+.

*Authored:*
https://github.com/django/django/pull/16604 - Refs #34320 -- Stopped 
recreating check constraints when renaming fields.
https://github.com/django/django/pull/16609 - Fixed #34140 -- 
Reformatted code blocks in docs with blacken-docs.
https://github.com/django/django/pull/16616 - Moved duplicate user 
declarations to setUpTestData() in AdminSiteFinalCatchAllPatternTests.
https://github.com/django/django/pull/16617 - Refs #34381 -- Fixed 
isolation of MigrateTests.test_migrate_fake_initial().
https://github.com/django/django/pull/16624 - Refs #32539 -- Fixed 
facet filter tests on Oracle.

Best,
Mariusz

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/6256f201-ef38-4fb1-8e6e-9f0cc113baban%40googlegroups.com.


Need guidance for my first Open Source Contribution

2023-03-07 Thread 'WASIF AHMED M' via Django developers (Contributions to Django itself)
Hello Everyone!
I'm Wasif Ahmed.
Currently I'm pursuing BE in Civil Engineering from Bannari Amman Institute 
of Technology I know that this is not my field of expertise but i am 
motivated and enthusiastic about changing my current field.
I have some experience in Frontend Development( Python ) and some knowledge 
about how to work as developer.
I'm interested in Open Source Contribution but I don't know anything about 
it. How to start and what things to follow and I want to contribute as a 
developer. Can anyone help me for my first Open Source Contribution...?

Thank you!

Linktree: https://linktr.ee/siddhirajkolwankar

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/0029c9d4-1905-4f0b-8929-f2a77e28f715n%40googlegroups.com.


Re: Need guidance for my first Open Source Contribution

2023-03-07 Thread 'Adam Johnson' via Django developers (Contributions to Django itself)
Welcome!

There are many different ways to contribute to Django - the forum,
blogging, translating, documenting, writing code, and more. Our
Contributing Guide can help you get started with many of these:
https://docs.djangoproject.com/en/stable/internals/contributing/

If you’re looking to work with the code base (for documentation or code),
check out the “Advice for New Contributors” section:
https://docs.djangoproject.com/en/stable/internals/contributing/new-contributors/
. Then see if you can work through the “Writing Your First Patch” tutorial:
https://docs.djangoproject.com/en/stable/intro/contributing/ .

If you get stuck or have questions, post back here or in the “Mentorship”
section on the forum:
https://forum.djangoproject.com/c/internals/mentorship/10

Hope that helps,

Adam

On Tue, Mar 7, 2023 at 6:13 AM 'WASIF AHMED M' via Django developers
(Contributions to Django itself)  wrote:

> Hello Everyone!
> I'm Wasif Ahmed.
> Currently I'm pursuing BE in Civil Engineering from Bannari Amman
> Institute of Technology I know that this is not my field of expertise but i
> am motivated and enthusiastic about changing my current field.
> I have some experience in Frontend Development( Python ) and some
> knowledge about how to work as developer.
> I'm interested in Open Source Contribution but I don't know anything about
> it. How to start and what things to follow and I want to contribute as a
> developer. Can anyone help me for my first Open Source Contribution...?
>
> Thank you!
>
> Linktree: https://linktr.ee/siddhirajkolwankar
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django developers (Contributions to Django itself)" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-developers+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-developers/0029c9d4-1905-4f0b-8929-f2a77e28f715n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/CAMyDDM23pDzQHCmv_p3Sd%2BBa8zHK3ms%3DeCzD3aYRB1n8n5qV9Q%40mail.gmail.com.


GSOC 2023 Proposal Feedback on Security: Bring CORS and CSP into core

2023-03-07 Thread Anvesh Mishra


I created a draft proposal GSOC Proposal [Security: Bring CORS and CSP into 
core] - Google Docs 3 

 I 
would be glad if you could review it once [image: :smile:] 
Some key notes on the proposal:

   1. CSP is to be added to SecurityMiddleware as suggested by @timgraham 
    in his closing notes on 
   PR-5776  
   . I 
   will be following the design of Referrer Policy and implementing some extra 
   features such as nonce context processor.
   2. A doubt that I had is since CSP consists of a number of directives so 
   will creating settings attributes for each one of them be a valid option or 
   we can stick to the proposed way of declaring it in a single comma 
   separated string as done with Referrer Policy.
   3. Currently this proposal proposes CORS to be implemented via the 
   addition of CORSMiddleware but I was thinking if implementing CORS into 
   SecurityMiddleware would be the right way or not?
   4. Also since I propose to add CSP to SecurityMiddleware we would have 
   to create SecurityMiddleware._make_nonce(request), I don’t know if this 
   breaks the design of SecurityMiddleware. The mock implementation of CSP 
   in SecurityMiddleware can be seen here CSP mock implementation 
   

.
   5. Decorators will be added to both CORS and CSP with CORS having 3 
   decorators and CSP having 4 decorators.


-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/03a6602d-9f95-46be-9dc0-39f841bcd9bcn%40googlegroups.com.


Re: GSOC 2023 Proposal Feedback on Security: Bring CORS and CSP into core

2023-03-07 Thread Carlton Gibson
Hi Anvesh.

I replied to your forum post:
https://forum.djangoproject.com/t/gsoc-2023-discussion-on-security-bring-cors-and-csp-into-core/18932/7
— let's keep the discussion in one place please. Thanks.

On Tue, 7 Mar 2023 at 17:59, Anvesh Mishra  wrote:

> I created a draft proposal GSOC Proposal [Security: Bring CORS and CSP
> into core] - Google Docs 3
> 
>  I
> would be glad if you could review it once [image: :smile:]
> Some key notes on the proposal:
>
>1. CSP is to be added to SecurityMiddleware as suggested by @timgraham
> in his closing notes on
>PR-5776
>. I
>will be following the design of Referrer Policy and implementing some extra
>features such as nonce context processor.
>2. A doubt that I had is since CSP consists of a number of directives
>so will creating settings attributes for each one of them be a valid option
>or we can stick to the proposed way of declaring it in a single comma
>separated string as done with Referrer Policy.
>3. Currently this proposal proposes CORS to be implemented via the
>addition of CORSMiddleware but I was thinking if implementing CORS
>into SecurityMiddleware would be the right way or not?
>4. Also since I propose to add CSP to SecurityMiddleware we would have
>to create SecurityMiddleware._make_nonce(request), I don’t know if
>this breaks the design of SecurityMiddleware. The mock implementation
>of CSP in SecurityMiddleware can be seen here CSP mock implementation
>
> 
> .
>5. Decorators will be added to both CORS and CSP with CORS having 3
>decorators and CSP having 4 decorators.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django developers (Contributions to Django itself)" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-developers+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-developers/03a6602d-9f95-46be-9dc0-39f841bcd9bcn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/CAJwKpySjRD0miatiC%2BpSFAUGRnjtiHyNwfm5wsF2vY6eLMCK%3DA%40mail.gmail.com.