Feb. 6, 2026 » Django News » [Archived Version]
News Django security releases issued: 6.0.2, 5.2.11, and 4.2.28 Django releases 6.0.2, 5.2.11, and 4.2.28 patch multiple security bugs, including PostGIS SQL injection, ASGI and Truncator denial of service, and timing and user enumeration. djangoproject.com Django Commons: We're recruiting new admins! Django Commons is recruiting new admins to manage projects, membership, governance, and infrastructure; apply via the Admin Interest Form by…
Read MoreFeb. 6, 2026 » Better Simple » [Archived Version]
Ever wonder why you need to use safe=False to return arrays of JSON object in JsonResponse? Welp, it's because of ECMAScript 4 and you don't have to worry these days.
Read MoreFeb. 4, 2026 » The Django weblog » [Archived Version]
Yesterday, Django issued security releases mitigating six vulnerabilities of varying severity. Django is a secure web framework, and that hasn’t changed. What feels new is the remarkable consistency across the reports we receive now. Almost every report now is a variation on a prior vulnerability. Instead of uncovering new classes of issues, these reports explore how an underlying pattern from a recent advisory might surface in a similar code path or under a slightly different configuration. Th…
Read MoreFeb. 4, 2026 » Latest Django Videos » [Archived Version]
Wagtail is great for content editors to author pages, but what about automation? Whether you're writing automated tests, or migrating content from another platform, you'll want to write code that creates and updates pages, snippets, users and other things. - How Wagtail models page content, in brief (multi-table inheritance, treebeard, revisions, Streamfield, translations). - Creating and updating pages. - Migrating content: handling concurrency issues and circular references. - Testing: cachi…
Read MoreFeb. 3, 2026 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing releases for Django 6.0.2, Django 5.2.11, and Django 4.2.28. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler The django.contrib.auth.handlers.modwsgi.check_password() function for authentication via mod_wsgi allowed remote attackers to enumerate use…
Read MoreFeb. 1, 2026 » Better Simple » [Archived Version]
A review of Sarah Boyce's DjangoCon Europe 2025 keynote on the topic of code reviews for the Django framework.
Read MoreJan. 30, 2026 » Django News » [Archived Version]
News Python Developers Survey 2026 This is the ninth iteration of the official Python Developers Survey. It is run by the PSF (Python Software Foundation) to highlight the current state of the Python ecosystem and help with future goals. Note that the official Django Developers Survey is currently being finalized and will come out hopefully in March or April. jetbrains.com The French government is building an entire productivity ecosystem using D…
Read MoreJan. 29, 2026 » Adam Johnson » [Archived Version]
Memory usage can be hard to keep under control in Python projects. The language doesn’t make it explicit where memory is allocated, module imports can have signficant costs, and it’s all too easy to create a global data structure that accidentally grows unbounded, leaking memory. Django projects can …
Read MoreJan. 28, 2026 » Simon Willison's Weblog: django » [Archived Version]
My blog uses aggressive caching: it sits behind Cloudflare with a 15 minute cache header, which guarantees it can survive even the largest traffic spike to any given page. I've recently added a couple of dynamic features that work in spite of that full-page caching. Here's how those work. Edit links that are visible only to me This is a Django site and I manage it through the Django admin. I have four types of content - entries, link posts (aka blogmarks), quotations and notes. Each of those ha…
Read MoreJan. 23, 2026 » Django News » [Archived Version]
News uvx.sh by Astral Astral, makers of uv, have a new "install Python tools with a single command" website. uvx.sh Python Software Foundation Announcing Python Software Foundation Fellow Members for Q4 2025! The PSF announces new PSF Fellows for Q4 2025, recognizing community leaders who contribute projects, education, events, and mentorship worldwide. blogspot.com Departing the Python Software Foundation (S…
Read More