Oct. 10, 2025 » The Django weblog » [Archived Version]
We are pleased to announce that the 2025 Malcolm Tredinnick Memorial Prize has been awarded to Tim Schilling! Tim embodies the values that define the Django community: generosity, respect, thoughtfulness, and a deep commitment to supporting others. He is a tireless community leader who creates spaces where newcomers thrive ❤️ exactly in the spirit of our prize and Malcolm Tredinnick’s work. About Tim As a co-founder of Djangonaut Space, Tim has encouraged countless people to take their first s…
Read MoreOct. 1, 2025 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing releases for Django 5.2.7, Django 5.1.13, and Django 4.2.25. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() methods were subject to SQL injection…
Read MoreSept. 21, 2025 » The Django weblog » [Archived Version]
Hello Djangonauts, At the end of this month, I'll be stepping away from my role as Django Fellow for some time while I'm on maternity leave. During this period, I don't anticipate being active on Trac, in PR reviews, on the Forum, or on Discord. I would appreciate folks giving me space to settle in with my new baby. Django will be well looked after by our Fellows, Natalia Bidart and Jacob Walls, who will continue supporting the project and community while I'm away. I'm grateful to be part of su…
Read MoreSept. 17, 2025 » The Django weblog » [Archived Version]
Django 6.0 alpha 1 is now available. It represents the first stage in the 6.0 release cycle and is an opportunity to try out the changes coming in Django 6.0. Django 6.0 assembles a mosaic of modern tools and thoughtful design, which you can read about in the in-development 6.0 release notes. This alpha milestone marks the feature freeze. The current release schedule calls for a beta release in about a month and a release candidate roughly a month after that. We'll only be able to keep this sch…
Read MoreSept. 13, 2025 » The Django weblog » [Archived Version]
Hello Everyone 👋 It is that time of year again when we recognize someone from our community in memory of our friend Malcolm. Malcolm was an early core contributor to Django and had a huge influence on Django as we know it today. Besides being knowledgeable he was also especially friendly to new users and contributors. He exemplified what it means to be an amazing Open Source contributor. We still miss him to this day. The prize Our prizes page summarizes it nicely: The Malcolm Tredinnick Memo…
Read MoreSept. 8, 2025 » The Django weblog » [Archived Version]
In July, I joined Raffaella Suardini and Sage Abdullah for the Djangonaut Space Space Reviewers Episode 6, where we reviewed a Django PR during a live stream. This was a fun event. I won’t get into the technical aspects of the review, and I won’t point out the many mistakes I made. Instead, I want to revisit several “getting started with open source” community events and reflect on my personal growth since I first got involved with open source. I hope this encourages others to attend those even…
Read MoreSept. 5, 2025 » The Django weblog » [Archived Version]
This year, the Django Software Foundation (DSF) was invited by EuroPython to come to the event, showcase the framework and the vibrant community around it. The DSF had a booth in the community area where attendees could learn more about Django and meet maintainers. This year was extra special: Django’s 20th birthday was right at the beginning of the conference! The milestone was marked in style, starting on Wednesday evening at Pyvo, the local Python community meetup in Prague, where we celebr…
Read MoreSept. 4, 2025 » The Django weblog » [Archived Version]
DjangoCon US starts next week in Chicago, IL on September 8-12th, 2025! With three amazing keynotes and over fifty presentations over three days, join us in person or online where you can watch presentations on your own schedule or stream live with us during the live event. Can't make it to Chicago? Our online tickets give you the best of both worlds. Watch live as it happens or catch up on your own schedule – all talks will be available to stream throughout the conference and beyond. You'll ge…
Read MoreSept. 4, 2025 » The Django weblog » [Archived Version]
This summer I participated in the Google Summer of Code program with Django. My work focused on introducing keyboard shortcuts to the Django admin interface which led to a new package: django-admin-keyshortcuts. Proposal and Community Discussions My original GSoC proposal was to improve the existing django-admin-keyboard-shortcuts package maintained by one of my mentors, Tom. The plan was to fix bugs, add new keyboard shortcuts, build a command palette, and eventually merge these features into …
Read MoreSept. 3, 2025 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing releases for Django 5.2.6, Django 5.1.12, and Django 4.2.24. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases FilteredRelation was subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.an…
Read More