Re: Changing the order of SQL generation

I haven't had chance to dig into this, but django-shared-property looks very interesting. IMO it would be great to be able to support it well, or even include that kind of functionality in Django itself. The closest SQLAlchemy equivalent to this seems to be hybrid attributes

Re: Ideas for a new DEP on long-term Django API compatibility

Hi Pascal, I know this is a very late reply, but there have been some things going round my head that I thought I should get down. *First,* some positive changes I think we can make from your suggestions: 1. I think in our release notes, for breaking changes that might need some justificatio

Re: Proposal to format Django using black

iday, April 19, 2019 at 3:25:24 AM UTC-4, Luke Plant wrote: Hi all, An alternative solution to the problem of nit-picky, formatting related PR reviews is simple: let's not do that. We alrea

Re: Proposal to format Django using black

Hi all, An alternative solution to the problem of nit-picky, formatting related PR reviews is simple: let's not do that. We already have an automated code formatting enforcer, flake8. Let's simply drop the requirement on fixing anything that flake8 doesn't

Re: Development story for CBV FormViews using GET

Hi Kyle, My take would be this: What does the code look like if you don't use FormView but just write a function view? How does that compare to using a CBV? This may be the simpler method you are missing - if you are finding you are fighting with inherited functiona

Re: Support for unittest -k option

I use `--keepdb` a lot, I never knew there was a shorthand and even know I do know wouldn't use it. For things like this I usually find it easy to remember the long option. So I'm +1 on changing it too, without a new shorthand for `--keepdb`. In the keyword usage

Re: Post mortem on today's packaging error.

Hi Carlton, I have had problems in the past with `setup.py sdist` and friends actually depending on existing artefacts in build directories from previous runs. A quick google turns up this bug report - https://github.com/pypa/setuptools/issues/436 - originally filed by oh, me :-)  and it

Re: Request to reconsider ticket #27910: using an Enum class in model Field choices

I've also tried to come up with something better than Django's current default, using Enums, and found them lacking when it comes to the caption, especially when you need translations. I would be happy with re-opening the ticket, but in terms of committing a solution I would be -1 unless we ca

Re: CSRF Middlware and usage of request attributes (META, csrf_cookie_needs_reset)

Hi Florian, My own instincts would be steer away from writing to request.META for most things, because request.META also contains things from the environment and indeed from the user request. You really don't want an attacker to be able to set an HTTP header and bypass security controls or di

Re: New Feature: Allow password reset token to expire in under a day

hould implemented if needed. Zach On Friday, September 22, 2017 at 3:04:01 PM UTC-4, Luke Plant wrote: I would be +1 to what Adam wrote from me i.e. just allow the value to accept floats. However, I don't think it will work due to the way that we round the precision of times

Re: New Feature: Allow password reset token to expire in under a day

I would be +1 to what Adam wrote from me i.e. just allow the value to accept floats. However, I don't think it will work due to the way that we round the precision of timestamps to days . This was done partly to r

Re: Automatic prefetching in querysets

This could work something like the way that ForeignKey `on_delete` works - you have options that are enumerated as constants, but in reality they are classes that embody the strategy to be used. We could have something similar - `on_missing_relation=FETCH | WARN | ERROR | IGNORE ... ` Luke On

Re: Automatic prefetching in querysets

ard, where a relation may be accessed once or twice while iterating over a large python filtered queryset. Prefetching this relation based on the original queryset has the potential to add around 5 seconds to the response time (probably more, that table has doubled in size sin

Re: Automatic prefetching in querysets

I agree with Marc here that the proposed optimizations are 'magical'. I think when it comes to optimizations like these you simply cannot know in advance whether doing extra queries is going to a be an optimization or a pessimization. If I can come up with a single example where it would signif

Re: Are there use cases for storing null bytes in CharField/TextField?

I agree with Adam, we should never silently change submitted data at the model layer. My preference would be c), a form-level validation error that prevents saving. Luke On 15/05/17 19:11, Adam Johnson wrote: The problem with (a) - data with null bytes in strings from other databases can't b

Re: DJANGO_SETTINGS_FILE

On 09/04/17 16:16, Josh Smeaton wrote: So I think there are a few questions to go over. 1. What are the more successful strategies that work in the wild? (files in /etc/, PYTHONPATH, env vars, local_settings.py) 2. Are any of the above clearly superior? 3. Is this a serious problem that peo

Re: To keep or not to keep: logging of undefined template variables

My general policy is that warnings should only be logged if there is a good way to silence them. A good way means: 1) fix the bug which is causing them (only applies if there is genuinely a bug or bad practice that should be fixed) 2) disable the warning in a fine tuned way i.e. you can indic

Re: NEW Feature: Collect static order of directories searched. Possible upgrade inside FileSystemFinder.

Like Tim, I'm surprised if there is non-determinism in the order here - a quick look at the code shows the search is in the order specified in STATICFILES_DIRS. Is it possible you are encountering browser caching effects, perhaps triggered by accessing both sites on 'localhost' locally? Luke

Re: Template handling of undefined variables

On 01/03/17 01:53, Tim Martin wrote: On Tuesday, 28 February 2017 13:39:21 UTC, Luke Plant wrote: On 28/02/17 15:24, Marten Kenbeek wrote: What about adding a filter |definedthat returns True if a variable is defined, False otherwise? It may not solve any problems when it&#

Re: Template handling of undefined variables

In the context of template variable interpolation i.e. `{{ }}` syntax, it is defined that `x` in this case will get converted to the empty string (or your 'string_if_invalid' setting) - https://docs.djangoproject.com/en/dev/ref/templates/api/#how-invalid-variables-are-handled

Re: Template handling of undefined variables

On 28/02/17 15:24, Marten Kenbeek wrote: What about adding a filter |definedthat returns True if a variable is defined, False otherwise? It may not solve any problems when it's left implicit, but at least it allows users the explicitly define the behaviour for non-existing template variables,

Re: Template handling of undefined variables

On 05/01/17 02:39, Tim Martin wrote: 2) There appears to be an inconsistency in the default_if_none modifier. If I have a template with x|default_if_none:y = {{x|default_if_none:y}} {% if x|default_if_none:y %} x|default_if_none:y is apparently True {% endif %} with y define

Re: Template handling of undefined variables

On 26/02/17 00:44, Karen Tracey wrote: On Sat, Feb 25, 2017 at 2:10 PM, Tim Graham > wrote: I think any use of undefined template variables should raise an exception. In the long run, keeping a setting to allow some other behavior seems confusing and, co

Re: Template handling of undefined variables

On 19/02/17 12:55, Adam Johnson wrote: +1 for more obvious errors, silently changing the behaviour could indeed lead to unconsidered security holes like {% if user is None %} non-sensitive information {% else %} sensitive information {% endif %} ...which doesn't seem like an unrealistic templa

Re: Consider reverting or adding guidelines on how to use class based views for security sensitive features

Hi all, First, I want to say that complex things fail in complex ways, so there it's probably a fallacy to look for a single root cause. I agree with various other points about mistakes that were made, but not others. Particularly: On 22/11/16 12:41, Florian Apolloner wrote: Hi, On Monday,

Re: Making max_length argument optional

Regarding custom sentinels for values vs custom sentinels for missing values: The added complication in this case is migrations, and migrations that support multiple Django versions, as is common in 3rd party apps. I haven't thought through the implications, but it is vital to do so, because get

Re: Making max_length argument optional

Replying to this and the other emails in the thread: Django should not be settling low arbitrary limits for the sake of a database I'm not even using, that's just crazy. Limits as high as 120 are not "big enough for anyone", and will cause problems. (I can give lots of examples). Maximum field

Re: Django Admin - ModelAdmin exclude

egroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- Clothes make the man. Naked people have little or no influence on society. -- Mark Twain Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are

Re: CSRF_FAILURE_VIEW should not be used when DEBUG is False

p;utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- OSBORN'S LAW Variables won't, constants aren't. Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers (

Re: Support for UNLOGGED tables in PostgreSQL

no feet. So I said, "Got any shoes you're not using?" (Steven Wright) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe

Re: Django Admin - ModelAdmin exclude

r6T9BKf-%2B4rNm6775S7akyHfC%2BNEk4sqSDw8cOb%2Bg%40mail.gmail.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- "He knows the way I take: when he has tried me, I shall come forth as gold" (Job 23:10). Luke Plant || http://luke

Re: does django-admin need a man page?

c4-b31a-4675-bd62-95e76369a6e5%40googlegroups.com <https://groups.google.com/d/msgid/django-developers/1ecfaac4-b31a-4675-bd62-95e76369a6e5%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- "He knows the way I take:

Re: Multiple template engines for Django - week 8

ate-engines-for-django/#2014-11-30 > -- "Whom have I in heaven but You? And there is none upon earth that I desire besides You." Psalm 73:25 Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers

Re: Infinite loop in migration code

u define it on the other > model?) this is still something that shouldn't happen. > > /Markus > > On Wednesday, November 26, 2014 8:54:55 AM UTC+1, Luke Plant wrote: > > On 25/11/14 16:23, Markus Holtermann wrote: > > Hey Luke, > > > > It

Re: Infinite loop in migration code

ing the autodetector for this, as fixing the migrations is relatively easy. But I think fixing the infinite loop is another matter, and I'll go ahead and backport that. Thanks for the input, Luke -- "We may not return the affection of those who like us, but we always respect their g

Infinite loop in migration code

their good judgement." -- Libbie Fudim Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it,

Re: sys.exit(1) from makemigrations if no changes found

ogle.com/d/msgid/django-developers/92203dcb-a775-4c17-a831-97d01ce8af3c%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. -- "I was sad because I had no shoes, until I met a man who had no feet. So I said, "

Re: Please don't kill the ecosystem

ing deprecations so that libraries can support both old and new versions without generating deprecation warnings. I've just added one fix to 1.6 release notes on this front. Regards, Luke -- "Cross country skiing is great if you live in a small country." (Steven Wright) Luke Pl

Re: Please don't kill the ecosystem

people appreciate the detail. Luke -- "Cross country skiing is great if you live in a small country." (Steven Wright) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Dj

Re: Why is the CSRF template context processor hardcoded?

ction > > Does anyone remembers the reasoning? > > Thanks, > -- "Cross country skiing is great if you live in a small country." (Steven Wright) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups &qu

Re: Callable LazyObject?

an actual class). Regards, Luke -- "God demonstrates his love towards us in this, that while we were still sinners, Christ died for us." (Romans 5:8) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Djang

Re: BCrypt and PBKDF2 Password Hash Caching

y this needs to be in Django itself. Thanks, Luke -- "DO NOT DISTURB. I'm disturbed enough already." Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group

Re: Proposal: Modifying the CSRF protection scheme

sn't stop the attacker getting and using a valid CSRF cookie/token in the first place. Luke -- "DO NOT DISTURB. I'm disturbed enough already." Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django de

Re: Proposal: Modifying the CSRF protection scheme

ason that I'm pretty unenthusiastic about the proposed changes. I think adding complexity is more likely to confuse us. Luke -- "Because Your lovingkindness is better than life, My lips shall praise You." (Ps 63:3) Luke Plant || http://lukeplant.me.uk/ -- You received this message

Re: Question about password salt and encryption

he difficulties of changing things, we'd have to consider whether the increase in security, in a typical setup, would justify the change. Regards, Luke -- "Pessimism: Every dark cloud has a silver lining, but lightning kills hundreds of people each year trying to find it." (d

Re: Question about password salt and encryption

ills hundreds of people each year trying to find it." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send a

Re: Migrations, commands and syncdb

oesn't solve the other problems. I would like to be able to turn off migrations for tests, and just skip to the final schema. Luke -- "I washed a sock. Then I put it in the dryer. When I took it out, it was gone." (Steven Wright) Luke Plant || http://lukeplant.me.uk/ -- You

Re: Perception of attitude in tickets

ich may link to an existing wiki page or other docs). The first particularly will lead to people closing tickets as WONTFIX without sufficient explanation, and the user getting a 'doorslam' feeling (and probably won't get to the point of attempting to re-open a ticket). Regards, Luke

Re: Perception of attitude in tickets

ge, but I'll tweak the text - feel free to make more changes. Luke -- "If something is hard, it's not worth doing." (Homer Simpson) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers&q

Re: Perception of attitude in tickets

lingList That's my draft, feel free to edit. We don't want it too long, as that is intimidating by itself, but some of the points you make might would be good additions What do people think? Luke -- "I asked mom if I was a gifted child. She said they certainly wouldn't

Re: Perception of attitude in tickets

clarifying our processes and so on, but I think you picked an example that demonstrates exactly the opposite of what you claimed. Best regards, Luke -- "God demonstrates his love towards us in this, that while we were still sinners, Christ died for us." (Romans 5:8) Luke Plant |

Re: Recommending a Python 3-compatible MySQL connector

for any purpose. It's only when a project becomes a distributor of the GPL code that it is required to abide by the other terms. Regards, Luke -- "God demonstrates his love towards us in this, that while we were still sinners, Christ died for us." (Romans 5:8) Luke Plant || h

Re: Ticket 19445

7;].widget = ... ...and lots of similar code In many ways, setting 'Meta.fields = "__all__"' is exactly the flag you are talking about, only it operates at the ModelForm metaclass level. Regards, Luke -- Luke Plant || http://lukeplant.me.uk/ -- You received this message beca

Ticket 19445

te ModelForm.Meta class for you, as it does currently. There is, in fact, already a ModelAdmin in the test suite that fails validation if it is updated according to the method above, which is what brought me to ticket 19445. ~~ Thoughts? Luke -- CARLSON'S CONSOLATION Nothi

Re: Setting aside easy-pickings for sprints

e -- A woman's mind is cleaner than a man's. She changes it more often. (Oliver Herford) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop re

Re: Request method in urls.py

has started doing something very different from what I what I expect it to do). Luke -- A mosquito cried out in pain: "A chemist has poisoned my brain!" The cause of his sorrow was para-dichloro- diphenyltrichloroethane Luke Plant || http://lukeplant.me.uk/ -- You received this

Re: Request method in urls.py

n argument against having the *option* to do method-name dispatching in the URLconf - I can see that there are valid use cases for that. Regards, Luke -- Environmentalists are much too concerned with planet earth. Their geocentric attitude prevents them from seeing the greater picture -- lots of

Re: Ticket 20147 - deprecate and replace request.META

ses don't need to change. It was simply for consistency that I proposed fixing them. Regards, Luke -- Clothes make the man. Naked people have little or no influence on society. -- Mark Twain Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are su

Re: Ticket 20147 - deprecate and replace request.META

uot;two ways to do it". If you want to grep for a particular header, you've got 2 things to grep for now. However, that problem already existed due to META - you've got things like QUERY_STRING and request.GET, HTTP_HOST and request.get_host(), X_REQUESTED_WITH and request.is_ajax(). Regards,

Re: Ticket 20147 - deprecate and replace request.META

essary, then we could extend the deprecation cycle - 1.7 would give PendingDeprecationWarning. Regards, Luke -- Be careful of reading health books, you might die of a misprint. -- Mark Twain Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed

Ticket 20147 - deprecate and replace request.META

strongly opposed to this? If not, in Aymeric's spirit of decisiveness, I'll push it forward. https://code.djangoproject.com/ticket/20147 Regards, Luke -- Be careful of reading health books, you might die of a misprint. -- Mark Twain Luke Plant || http://lukeplant.me.uk/ -- You received this mess

Re: ModelForms and the Rails input handling vulnerability

d the docs will be re-written to assume that you are going to provide 'fields' (at the moment the opposite is assumed). How does that sound? Luke -- "If you're not part of the solution, you're part of the precipitate." (Steven Wright) Luke Plant || http:/

Re: Writing class-based contrib.admin actions

. You can always do: def my_admin_action(modeladmin, request, queryset): return MyView.as_view(request, modeladmin, queryset) And then take it to the next step: my_admin_action = cbv_to_admin_action(MyView) Luke -- "I am going to let you move around more, just to break up th

Re: Relative path support for TEMPLATE_DIRS and others in settings.py (django ticket 694)

tc., as mentioned by Shai. Luke -- A mosquito cried out in pain: "A chemist has poisoned my brain!" The cause of his sorrow was para-dichloro- diphenyltrichloroethane Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Gro

Re: Relative path support for TEMPLATE_DIRS and others in settings.py (django ticket 694)

nd visualise world peace for an hour, imagine how serene and quiet it would be until the looting started" -- Anon Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this

Re: Relative path support for TEMPLATE_DIRS and others in settings.py (django ticket 694)

template, and updating the help text for TEMPLATE_DIRS and STATICFILES_DIRS to mention it. Luke -- The fashion wears out more apparel than the man. -- William Shakespeare Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Grou

Re: Could prefetch_related be modified to utilize select_related for ForeignKey relations?

valents of both select_related and prefetch_related. What I'm saying is that in the absence of that better API, or some way of specifying the query you want, we shouldn't guess and convert one optimisation into another. Luke -- OSBORN'S LAW Variables won't, co

Re: proposal: post-collectstatic signal

ust be in want of a wife." (Jane Austen) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this

contrib.markup deprecation

Martin Mahner, the author of django-rstify to participate in this thread. I think we should have recommendations for alternatives for rendering markdown as well. Regards, Luke -- "Christ Jesus came in to the world to save sinners" (1 Timothy 1:15) Luke Plant || http://lukeplant.me.uk/ --

Re: Django 1.5: AUTH_USER_MODEL and GeoManager

ld post this. If you could create a ticket, that will ensure this is not forgotten. It sounds like it should be a release blocker. Luke -- "Because Your lovingkindness is better than life, My lips shall praise You." (Ps 63:3) Luke Plant || http://lukeplant.me.uk/ -- You received

Re: Schema Alteration update

make life hard for them. I don't know what that means in practice, but if we got feedback from the developers of those other solutions it would be good. We might need something like a 'syncdb --ignore-migrations' option. Luke -- "Because Your lovingkindness is better t

Re: Backporting some Python 3 support features to 1.4.x?

I'm +1 on adding forwards compatibility to 1.4.X, assuming a safe patch. Luke -- "In your presence there is fullness of joy; at your right hand are pleasures forevermore" Psalm 16:11 Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed t

Re: ORM refactoring, part 2

seems like a bad idea to you, > then please say so (preferably before I commit anything)... > > I am sorry if I haven't worked on other patches I thought I had time > to work on. The core ORM refactorings are IMO really important to work > on, and thus they have bypassed some other i

Re: GSoC Check-in: Security Enhancements

3–11%) of users >> This makes strict referer checking a non-started, and lax referer checking (only check it if it is present) has known flaws. Regards, Luke -- "Pretension: The downside of being better than everyone else is that people tend to assume you're pretentious."

Re: OT: security announcements for Django-related libraries

be great. > > On Mon, Jul 23, 2012 at 5:55 AM, Luke Plant <mailto:l.plant...@cantab.net>> wrote: > > Hi all, > > I started a thread on the 'Python security' list about the need for a > place for 3rd party Django/Python libraries to announce secu

OT: security announcements for Django-related libraries

e group is moderated, so I've got a couple of replies that haven't shown up yet. Luke -- "Pretension: The downside of being better than everyone else is that people tend to assume you're pretentious." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received t

Re: GSoC Check-in: Security Enhancements

e else is that people tend to assume you're pretentious." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@g

Re: Skip session save on 500 responses

ng to find it." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group

Re: Skip session save on 500 responses

e -- "Pessimism: Every dark cloud has a silver lining, but lightning kills hundreds of people each year trying to find it." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" g

Re: I think adding a "first" method to the QuerySet be useful.

ed by first(): {% if items %} {{ items.0.something }} {% endif %} Luke -- Parenthetical remarks (however relevant) are unnecessary Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to t

Re: Proposal: use SQLAlchemy Core for query generation

t Django does. It would be surprising if it was really doing the same thing! I think it's one of those things where we really won't know the impact until we've got most of the way there, and even then differences of approach could make all the difference. Luke -- Parenthetical rema

Re: Proposal: use SQLAlchemy Core for query generation

#x27;t need most 3rd party DB backends, or can plug them in via SQLAlchemy's extension points, which are cleaner than ours from what I can see. Luke -- Parenthetical remarks (however relevant) are unnecessary Luke Plant || http://lukeplant.me.uk/ -- You received this message because you

Proposal: use SQLAlchemy Core for query generation

e Bayer for the time he took just looking at this proposal, and for his feedback, some of which I've incorporated into this. Comments? It would be good to get other developers' comments on the whole idea of "Django 2.0" as well - when do we see it happening? Regards, Luke [1] http:/

Re: XSS and string interpolation

t if it wasn't fit for purpose? :-) Actually my main objection is that it's a bit long, the above is just rationalisation. Some other alternatives: build_html, build_html_safe, format_html Luke -- Parenthetical remarks (however relevant) are unnecessary Luke Plant || http://lukeplan

XSS and string interpolation

#x27;t ask "why did this happen? What is the root cause? How can we stop it ever happening again?" We need to be much more rigorous about applying things like the "5 Whys" http://en.wikipedia.org/wiki/5_Whys especially for security problems. Regards, Luke --

Re: Reg Memcache issue.

is the django-users list, or file a ticket on our Trac instance (code.djangoproject.com) if you think you've found a bug in Django BTW, there is no cache_anonymous decorator in Django, so it is likely your problem is elsewhere. Thanks, Luke -- Parenthetical remarks (however rele

Re: QuerySet refactoring

ds on when we think 'Django 2.0' will happen). If you've got a particular interest in the ORM, you might be interested in that proposal. I completely agree regarding how to handle NoSQL as well. Regards, Luke -- "Outside of a dog, a book is a man's best friend... insid

ModelForms and the Rails input handling vulnerability

r options to bring to the table, please do. Apologies to the core devs if I missed or misrepresented something. Thanks, Luke [1] http://chrisacky.posterous.com/github-you-have-let-us-all-down [2] http://weblog.rubyonrails.org/2012/3/21/strong-parameters/ -- OSBORN'S LAW Variables w

Re: json vs simplejson

**kwargs) But like that, it would create more problems if the json module ever gained that keyword argument in the future. Luke -- OSBORN'S LAW Variables won't, constants aren't. Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscri

Re: json vs simplejson

uses simplejson.dumps() (either via 'import simplejson' or 'import django.utils.simplejson') will break. I found this already with django-piston. I think we at least need a bigger section in the release notes about this. Luke -- OSBORN'S LAW Variables won't, const

Re: json vs simplejson

s I probably not the only one affected by this, if it's happened on two quite different machines. Looking at this discussion: http://stackoverflow.com/questions/712791/json-and-simplejson-module-differences-in-python it seems that lots of people don't have the C extension for json (reporting jso

json vs simplejson

tigate the impact of this. It's likely to crop up in all kinds of horrible places, deep in libraries that you can't do much about. In my case I was loading config, including passwords, from a config file in JSON, and the password was now exploding inside smtplib because it was a unicode

Git questions

. I've observed this several times. If I do 'git fetch upstream', rather than 'git pull upstream master', then the pointers always update, but I thought the whole point of doing 'pull' was 'pull=fetch then merge'. Am I doing something wrong? Thanks i

Re: startproject template context

an exception, not the default template rendered with "tempate=/home/me/foo". The feature given in the patch on ticket #18277, is however, much more like it - you have to pass the context using --add-context Regards, Luke -- OSBORN'S LAW Variables won't, constants aren

Re: Will django escaping ever consider context of javascript and CSS?

elevant previous discussions: http://goo.gl/XZ7Pt http://goo.gl/T8tkx Luke -- OSBORN'S LAW Variables won't, constants aren't. Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developer

Re: Django's CVB - Roadmap?

you have some gotchas with things like POST requests. I found I had to write something like this snippet: https://gist.github.com/2596285 But it's not ideal in a number of ways, like needing its own documentation, since it doesn't just set parameters on ListView. Luke -- O

Re: GitHub migration planning

needed a BDFL decision, there was no point making the pretence of discussion in a wider forum. (Adrian/Jacob feel may correct me if I'm guessing wrongly). Luke -- "My capacity for happiness you could fit into a matchbox without taking out the matches first." (Marvin the

Re: GitHub migration planning

rac also has pretty nice reporting abilities, and report building abilities: https://code.djangoproject.com/wiki/Reports No-one thinks Trac is ideal, it's just much better than GitHub Issues which, in its own words, is a "lightweight" issue management system. Luke -- "My ca

Re: GitHub migration planning

ir own ticket solutions (Puppet uses Redmine, Chef uses Jira). The Pinax folks wrote their own issue system rather than using GitHub's! """ Cheers, Luke -- "My capacity for happiness you could fit into a matchbox without taking out the matches first." (Marvin the

Re: GSoC 2012: Security Enhancements

his one I think: http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html Luke -- "My capacity for happiness you could fit into a matchbox without taking out the matches first." (Marvin the paranoid android) Luke Plant || http://lukeplant.me.uk/ -- You received this

  1   2   3   4   5   6   7   8   >