Dec. 2, 2025 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing releases for Django 5.2.9, Django 5.1.15, and Django 4.2.27. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2025-13372: Potential SQL injection in FilteredRelation column aliases on PostgreSQL FilteredRelation was subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs pass…
Read MoreDec. 1, 2025 » Simon Willison's Weblog: django » [Archived Version]
YouTube embeds fail with a 153 error I just fixed this bug on my blog. I was getting an annoying "Error 153: Video player configuration error" on some of the YouTube video embeds (like this one) on this site. After some digging it turns out the culprit was this HTTP header, which Django's SecurityMiddleware was sending by default: Referrer-Policy: same-origin YouTube's embedded player terms documentation explains why this broke: API Clients that use the YouTube embedded player (including the …
Read MoreNov. 28, 2025 » Django News » [Archived Version]
News Python Black Friday & Cyber Monday sales (2025) More Black Friday and Cyber Monday deals for Python and Django developers! LearnDjango has 50% off courses too! treyhunner.com Django Software Foundation DSF member of the month - Akio Ogasahara Akio Ogasahara, DSF member of the month, contributes extensive Japanese documentation translation, advocates Django admin for operations and highlights Django security alongside AI assiste…
Read MoreNov. 28, 2025 » The Django weblog » [Archived Version]
The 2026 DSF Board Election has closed, and the following candidates have been elected: Jacob Kaplan-Moss Priya Pahwa Ryan Cheley They will all serve two years for their term. 2026 Board Directors elected for the 2025 DSF Board - Abigail Gbadago, Jeff Triplett, Paolo Melchiorre, Tom Carrick - are continuing with one year left to serve on the board. Therefore, the combined 2026 DSF Board of Directors are: Abigail Gbadago Jacob Kaplan-Moss* Jeff Triplett Paolo Melchiorre Priya Pahwa* Ryan Chel…
Read MoreNov. 26, 2025 » Simon Willison's Weblog: django » [Archived Version]
I talked with CL Kao and Dori Wilson for an episode of their new Data Renegades podcast titled Data Journalism Unleashed with Simon Willison. I fed the transcript into Claude Opus 4.5 to extract this list of topics with timestamps and illustrative quotes. It did such a good job I'm using what it produced almost verbatim here - I tidied it up a tiny bit and added a bunch of supporting links. What is data journalism and why it's the most interesting application of data analytics [02:03] "There…
Read MoreNov. 26, 2025 » Better Simple » [Archived Version]
It's easier to contribute to open-source if you connect with people. This post dives into where to do that to connect with the Django community.
Read MoreNov. 26, 2025 » Software Crafts » [Archived Version]
What integrations could exist...
Read MoreNov. 25, 2025 » Adam Johnson » [Archived Version]
HTTP has a general authentication framework that defines a pattern into which various authentication schemes can fit. Clients may provide an authorization request header that contains a credential. If authorization is missing or invalid, the server may respond with a 401 (Unauthorized) status code, including a www-authenticate header advertising what …
Read MoreNov. 21, 2025 » Django News » [Archived Version]
News Django 6.0 release candidate 1 released Django 6.0 release candidate 1 is now available. It represents the final opportunity for you to try out a mosaic of modern tools and thoughtful design before Django 6.0 is released. djangoproject.com Python Insider: Python 3.15.0 alpha 2 This release, 3.15.0a2, is the second of seven planned alpha releases. Alpha releases are intended to make it easier to test the current state of new features a…
Read MoreNov. 20, 2025 » Carlton's latest posts. » [Archived Version]
When I stepped down as Django Fellow, I joked that I was retiring. I wasn’t really going anywhere. I still maintain a whole load of packages, and I remained on the Security Team, but I was stepping away from working on Django day-to-day. Somehow I ended up running for the Steering Council for the current cycle, and being duly elected, I found myself back in the midst of it. We’re coming up for the first 12 months of the current Steering Council’s term. We’re about half-way through, and — on …
Read More