Re: [GSOC] Query Refactor List Field

2010-07-26 Thread Alex Gaynor
On Fri, Jul 23, 2010 at 12:59 AM, Russell Keith-Magee wrote: > On Fri, Jul 23, 2010 at 4:37 AM, Alex Gaynor wrote: >> Hey all, >> >> As I said in my last update, this week I've been working on some >> ListField stuff.  So far I have a basic

Re: Regression problem on admin date format

2010-07-26 Thread Horst Gutmann
On Tue, Jul 13, 2010 at 9:48 AM, Jannis Leidel wrote: > > Am 13.07.2010 um 01:35 schrieb Russell Keith-Magee: > >>> On Sun, Jul 11, 2010 at 10:36 AM, Antoni Aloy wrote: Hi, I have confirmed the bug with other non speaking people and I

Re: Security Review

2010-07-26 Thread Sergej dergatsjev eecho
2010/7/26 Craig Younkins : >> "As far I can determine, only badly-written user code could result in >> SQL injection." > > And with that statement you define the world of application security. Nearly > all the exploits and vulnerabilities we see are not because the security >

Re: Security Review

2010-07-26 Thread Alex Gaynor
On Mon, Jul 26, 2010 at 2:57 PM, Jacob Kaplan-Moss wrote: > Hi Craig -- > > Once again, thanks for this work; I can see it paying off big. And I > know you know this, but for the benefit of anyone else reading this > thread: > > **PLEASE report any security issues — potential

Re: Security Review

2010-07-26 Thread Jacob Kaplan-Moss
Hi Craig -- Once again, thanks for this work; I can see it paying off big. And I know you know this, but for the benefit of anyone else reading this thread: **PLEASE report any security issues — potential or otherwise — to secur...@djangoproject.com.** (More on our security policy:

Security Review

2010-07-26 Thread Craig Younkins
At Python Security [1] we are beginning to turn our focus towards an in-depth but informal review of Django. Below is an excerpt from the email [2] I sent to our mailing list: [4] is the wiki page for Django. As you can see, we already have a bunch of information. In particular, I've taken a look

Re: Documenting new features: built-in obsolescence of the "versionadded" tag.

2010-07-26 Thread Jacob Kaplan-Moss
On Mon, Jul 26, 2010 at 9:44 AM, Ramiro Morales wrote: > Richard has opened ticket [1]14000 for tracking work on this. 14,000! > One additional question: Should the 'versionchanged' notes > get the same treatment? Yeah, I think so. Remember: we might need to edit/rewrite

Re: Documenting new features: built-in obsolescence of the "versionadded" tag.

2010-07-26 Thread Ramiro Morales
On Fri, Jul 23, 2010 at 4:49 PM, Jacob Kaplan-Moss wrote: > On Fri, Jul 23, 2010 at 9:37 AM, Jeremy Dunck wrote: >> I think maybe the rendering can just be altered to ignore tags with >> the old values? > > Actually, I think I'd rather just remove them --

Re: Can a core developer or ticket triager please look at #6932

2010-07-26 Thread Jeremy Dunck
On Sun, Jul 25, 2010 at 1:13 PM, faldridge wrote: > I have an open ticket that adds a get_flatpages template tag to the > flatpages contrib app to retrieve and iterate over all the installed > flatpages for a given site. > > The ticket is #6932; it is in the 'accepted'

Re: memcached-based-cache - timeout=0 does not work as intended by memcached

2010-07-26 Thread Tobias McNulty
On Sat, Jul 24, 2010 at 4:07 PM, Carl Meyer wrote: > It's not obvious to me why .extra or .raw are the appropriate analogy > here, instead of the rest of the ORM API, which does attempt to > present the same semantics regardless of backend. > The issue is about values