Django

This is the blog version of a talk! If you prefer, watch the recording on YouTube: Sage Abdullah - Run your tests against Django’s main! - Django London Meetup Django is known for its stability. The framework makes a ... [More] strong commitment to API stability and forwards-compatibility, ensuring that developers can rely on it for building long-term, maintainable projects. A key aspect of this commitment involves extensive testing and structured releases—an area where testing by Django users can significantly enhance Django’s reliability. Here’s a closer look at how this works, and how you can contribute 🤝. How Django stays stable Django's stability is upheld through rigorous testing. As of Django 5.2, there are more than 18,000 tests run against all officially supported database backends, Python versions, and operating systems. Additionally, Django follows a well-structured deprecation policy, ensuring that public APIs are deprecated over at least two feature releases before being removed. The feature release schedule is systematic and structured: Active development happens on the main branch. A stable branch (for example stable/5.2.x) is forked when an alpha release is made. After a month, the beta release follows, where only release-blocking bug fixes are allowed. A month later, a release candidate (RC) is published, marking the translation string freeze. If no critical bugs are found, the final release is published after a couple of weeks. With this structured approach, Django ensures that releases are stable. However, bugs can and do occasionally slip through the cracks! Catching issues early The best time to catch issues is before they reach the final release. Ideally, potential bugs should be caught at the pull request stage, but keeping up with all changes is challenging. This is where the community can help—by running their tests with Django's main branch. How you can help You can set up your test suite to run with Django's main branch in your tests pipeline. Here's an example using GitHub Actions, a popular Continuous Integration platform: test: runs-on: ubuntu-latest continue-on-error: ${{ matrix.experimental }} strategy: matrix: include: - python: "3.13" django: "git+https://github.com/django/django.git@main#egg=Django" experimental: true steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python }} - run: pip install -r requirements.txt - if: ${{ matrix.experimental }} run: pip install "${{ matrix.django }}" - run: python -Wd manage.py test If you maintain a Django package, you likely already test with multiple Django versions. Adding the main branch ensures that your project stays ahead of potential breaking changes. Why this helps you Running tests with Django main allows you to detect when changes in Django break your project. Sometimes, this happens due to the removal of internal APIs (that were never intended for reuse outside Django 🙈). If your tests fail, you can identify which commit caused the issue and adjust your code accordingly. For example, on the Wagtail CMS project, recently caught an issue when an internal class, SubqueryConstraint, was removed from Django. This wasn't a bug in Django—it was the removal of an internal workaround that was no longer needed. If your project relies on internal APIs, testing against main is crucial to avoid surprises. Why this helps Django Testing with main doesn't just help your project—it helps Django too. Sometimes, your tests may fail due to legitimate regressions in Django that its test suite doesn't cover. Reporting these issues ensures they get fixed before the next release. For example, just two days before Django 5.2 alpha was released, Wagtail tests on main helped detect a bug where calling .full_clean() on a child model in a multi-table inheritance setup triggered an unintended database query. This regression was promptly fixed, ensuring a smoother release for all users. Take action: test against Django's main and report issues By running your tests against Django's main branch and reporting any issues you find, you contribute to a more stable framework for everyone. It's a small step that makes a big impact. So, take a few minutes today to update your automated tests setup and help keep Django as reliable as ever! [Less]

For April 2025, we welcome Öykü Gümüş as our DSF member of the month! ⭐ Öykü Gümüş has been Django developer for many years. She has been DjangoCon Europe organizer in 2018 and Django Girls mentor in Istanbul for multiple years. She has been a DSF ... [More] member since November 2019. You can learn more about Öykü by visiting Öykü's GitHub Profile. Let’s spend some time getting to know Öykü better! Can you tell us a little about yourself (hobbies, education, etc) Hi, I am Öykü, software engineer currently based in Germany. I studied Computer Engineering in Istanbul, and during my university years, I realised I really enjoy being part of tech communities such as Django Girls, PyLadies and etc.. And I have been trying to play an active role in such groups ever since! Apart from that, I like drawing, and currently trying to improve my illustration skills. In general, I enjoy learning new things. For example started learning cello after 25 years of age, and loving every minute of my attempts to play it. I also love cycling and hiking. Germany is offering so much in those areas and I am always looking for a chance to get on the road. How did you start using Django? During my university studies, I started working as a part time developer and my first ever job was with Django. Loved how versatile it was! What other framework do you know and if there is anything you would like to have in Django if you had magical powers? Besides Django, I’ve used Flask, which gives you more control and is great for microservices, and FastAPI, which I really like for its async capabilities and performance. If I had magical powers to add something to Django, I’d probably improve its async support to make it more seamless throughout the stack. Right now, you can work around it, but it’s not as smooth as in FastAPI, for example. What projects are you working on now? Lately, I’ve been diving into GraphQL—experimenting with Graphene in Django and playing around with Apollo Client on the frontend. It’s been interesting to compare it with traditional REST APIs and explore how it can streamline data fetching in more complex UIs. Which Django libraries are your favorite (core or 3rd party)? There are a few Django libraries I keep reaching for, both core and third-party. Core-wise, I really appreciate how solid the django.contrib.admin is. It saves so much time in early development. Also, Django’s ORM and authentication system are very well designed—I rarely need to look elsewhere unless I’m doing something super custom. For third-party libraries, a few that I really enjoy using: django-rest-framework django-allauth and graphene-django What are the top three things in Django that you like? The ORM, the "Batteries Included" policy and Django's amazing community ❤️ You have been mentor for DjangoGirls+ multiple times, how did you start to mentor? Do you have any recommendation for potential folks interested to mentor? Oh yes, I met with Django Girls in Istanbul and immediately wanted to take part by mentoring and couldn't love it more! It has great atmosphere and provides such a supportive environment, that I can safely suggest everyone just at least try it once. It's amazing to see the direct impact you can make on people by simply being there. One thing anyone interested in mentoring should never forget is to always maintain an inclusive and safe space. You were part of the DjangoCon Europe organization in 2018, what makes you volunteer for this event? The kindness of the organisers of another conference actually. It was Europython 2017 folks, and they kindly provided me, student at the time, a financial aid to join the conference and it was my first tech conference ever! Loved it so much, that I thought I should pay it forward. 🙂 Is there anything else you'd like to say? Thanks so much for the chat—really enjoyed it! I also just want to say how valuable communities like this are, especially for folks starting out or navigating their path. Having spaces where people can share, support, and learn from each other makes a huge difference. Thank you for doing the interview, Öykü ! [Less]

For April 2025, we welcome Öykü Gümüş as our DSF member of the month! ⭐ Öykü Gümüş has been Django developer for many years. She has been DjangoCon Europe organizer in 2018 and Django Girls mentor in Istanbul for multiple years. She has been a DSF ... [More] member since November 2019. You can learn more about Öykü by visiting Öykü's GitHub Profile. Let’s spend some time getting to know Cory better! Can you tell us a little about yourself (hobbies, education, etc) Hi, I am Öykü, software engineer currently based in Germany. I studied Computer Engineering in Istanbul, and during my university years, I realised I really enjoy being part of tech communities such as Django Girls, PyLadies and etc.. And I have been trying to play an active role in such groups ever since! Apart from that, I like drawing, and currently trying to improve my illustration skills. In general, I enjoy learning new things. For example started learning cello after 25 years of age, and loving every minute of my attempts to play it. I also love cycling and hiking. Germany is offering so much in those areas and I am always looking for a chance to get on the road. How did you start using Django? During my university studies, I started working as a part time developer and my first ever job was with Django. Loved how versatile it was! What other framework do you know and if there is anything you would like to have in Django if you had magical powers? Besides Django, I’ve used Flask, which gives you more control and is great for microservices, and FastAPI, which I really like for its async capabilities and performance. If I had magical powers to add something to Django, I’d probably improve its async support to make it more seamless throughout the stack. Right now, you can work around it, but it’s not as smooth as in FastAPI, for example. What projects are you working on now? Lately, I’ve been diving into GraphQL—experimenting with Graphene in Django and playing around with Apollo Client on the frontend. It’s been interesting to compare it with traditional REST APIs and explore how it can streamline data fetching in more complex UIs. Which Django libraries are your favorite (core or 3rd party)? There are a few Django libraries I keep reaching for, both core and third-party. Core-wise, I really appreciate how solid the django.contrib.admin is. It saves so much time in early development. Also, Django’s ORM and authentication system are very well designed—I rarely need to look elsewhere unless I’m doing something super custom. For third-party libraries, a few that I really enjoy using: django-rest-framework django-allauth and graphene-django What are the top three things in Django that you like? The ORM, the "Batteries Included" policy and Django's amazing community ❤️ You have been mentor for DjangoGirls+ multiple times, how did you start to mentor? Do you have any recommendation for potential folks interested to mentor? Oh yes, I met with Django Girls in Istanbul and immediately wanted to take part by mentoring and couldn't love it more! It has great atmosphere and provides such a supportive environment, that I can safely suggest everyone just at least try it once. It's amazing to see the direct impact you can make on people by simply being there. One thing anyone interested in mentoring should never forget is to always maintain an inclusive and safe space. You were part of the DjangoCon Europe organization in 2018, what makes you volunteer for this event? The kindness of the organisers of another conference actually. It was Europython 2017 folks, and they kindly provided me, student at the time, a financial aid to join the conference and it was my first tech conference ever! Loved it so much, that I thought I should pay it forward. 🙂 Is there anything else you'd like to say? Thanks so much for the chat—really enjoyed it! I also just want to say how valuable communities like this are, especially for folks starting out or navigating their path. Having spaces where people can share, support, and learn from each other makes a huge difference. Thank you for doing the interview, Öykü ! [Less]

We’re organizing an annual meeting for members of the Django Software Foundation! It will be held at DjangoCon Europe 2025 in two weeks in Dublin, bright and early on the second day of the conference. The meeting will be held in person at the venue ... [More] , and participants can also join remotely. Register to join the annual meeting What to expect This is an opportunity for current and aspiring members of the Foundation to directly contribute to discussions about our direction. We will cover our current and future projects, and look for feedback and possible contributions within our community. If this sounds interesting to you but you’re not currently an Individual Member, do review our membership criteria and apply! [Less]

We’re organizing an annual meeting for members of the Django Software Foundation! It will be held at DjangoCon Europe 2025 in two weeks in Dublin, bright and early on the second day of the conference. The meeting will be held in person at the venue ... [More] , and participants can also join remotely. Register to join the annual meeting What to expect This is an opportunity for current and aspiring members of the Foundation to directly contribute to discussions about our direction. We will cover our current and future projects, and look for feedback and possible contributions within our community. If this sounds interesting to you but you’re not currently an Individual Member, do review our membership criteria and apply! [Less]

We’re organizing an annual meeting for members of the Django Software Foundation! It will be held at DjangoCon Europe 2025 in two weeks in Dublin, bright and early on the second day of the conference. The meeting will be held in person at the venue ... [More] , and participants can also join remotely. Register to join the annual meeting What to expect This is an opportunity for current and aspiring members of the Foundation to directly contribute to discussions about our direction. We will cover our current and future projects, and look for feedback and possible contributions within our community. If this sounds interesting to you but you’re not currently an Individual Member, do review our membership criteria and apply! [Less]

The Django team is happy to announce the release of Django 5.2. The release notes showcase a composite of new features. A few highlights are: All models are automatically imported in the shell by default. Django now supports composite primary keys! ... [More] The new django.db.models.CompositePrimaryKey allows tables to be created with a primary key consisting of multiple fields. Overriding a BoundField got a lot easier: this can now be set on a form, field or project level. You can get Django 5.2 from our downloads page or from the Python Package Index. The PGP key ID used for this release is: 3955B19851EA96EF With the release of Django 5.2, Django 5.1 has reached the end of mainstream support. The final minor bug fix release, 5.1.8, which was also a security release, was issued today. Django 5.1 will receive security and data loss fixes until December 2025. All users are encouraged to upgrade before then to continue receiving fixes for security issues. Django 5.0 has reached the end of extended support. The final security release, 5.0.14, was issued today. All Django 5.0 users are encouraged to upgrade to Django 5.1 or later. See the downloads page for a table of supported versions and the future release schedule. [Less]

In accordance with our security release policy, the Django team is issuing releases for Django 5.1.8 and Django 5.0.14. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. ... [More] CVE-2025-27556: Potential denial-of-service vulnerability in LoginView, LogoutView, and set_language() on Windows Python's NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language were subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters. Thanks to sw0rd1ight for the report. This issue has severity "moderate" according to the Django security policy. Affected supported versions Django main Django 5.2 (currently at release candidate status) Django 5.1 Django 5.0 Resolution Patches to resolve the issue have been applied to Django's main, 5.2 (currently at release candidate status), 5.1, and 5.0 branches. The patches may be obtained from the following changesets. CVE-2025-27556: Potential denial-of-service vulnerability in LoginView, LogoutView, and set_language() on Windows On the main branch On the 5.2 branch On the 5.1 branch On the 5.0 branch The following releases have been issued Django 5.1.8 (download Django 5.1.8 | 5.1.8 checksums) Django 5.0.14 (download Django 5.0.14 | 5.0.14 checksums) The PGP key ID used for this release is : 3955B19851EA96EF General notes regarding security reporting As always, we ask that potential security issues be reported via private email to [email protected], and not via Django's Trac instance, nor via the Django Forum. Please see our security policies for further information. [Less]

Django 5.2 release candidate 1 is the final opportunity for you to try out a composite of new features before Django 5.2 is released. The release candidate stage marks the string freeze and the call for translators to submit translations. Provided no ... [More] major bugs are discovered that can't be solved in the next two weeks, Django 5.2 will be released on or around April 2. Any delays will be communicated on the on the Django forum. Please use this opportunity to help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the release candidate package from our downloads page or on PyPI. The PGP key ID used for this release is Sarah Boyce: 3955B19851EA96EF [Less]

For March 2025, we welcome Cory Zue (@coryzue.com) as our DSF member of the month! ⭐ Cory Zue has been Django developer for many years. He is currently a member of the DSF Social Media Working Group and he has been a DSF member since October 2022. ... [More] You can learn more about Cory by checking out his website or visiting Cory's GitHub Profile. Let’s spend some time getting to know Cory better! Can you tell us a little about yourself (hobbies, education, etc) I'm a programmer-turned-manager-turned-entrepreneur and currently run a portfolio of businesses on my own (using Django of course!). I grew up in Massachusetts and studied Computer Science at MIT where I met the founders of Dimagi, where I ended up as CTO for 10 years before starting my own businesses. In 2016, I moved to Cape Town, South Africa for a "temporary" relocation, and have been here ever since. These days my main hobbies include surfing, trail running, and exploring nature with my wife and two boys. How did you start using Django? My first major Django project was working on an SMS-based system that helped with the distribution of millions of bednets in Nigeria. It was built on top of a Django-based platform called RapidSMS that was initially developed by UNICEF. After that I worked on several other RapidSMS systems before eventually leading Dimagi's CommCare server team. CommCare eventually became -- to my knowledge -- the largest open source Django codebase in terms of contributions/commits. What other framework do you know and if there is anything you would like to have in Django if you had magical powers? I still love Django and use it for most projects that need a backend. That said, I find Django's "hands off" approach to modern front end development to be a big barrier for people who aren't already familiar with the framework. If I had magical powers I would convince the Django community that it is worth providing some out-of-the-box support for modern front end tooling like TailwindCSS or a JavaScript bundler. I'd also try to get official "starter projects" built into the framework that show how you can use Django with some of the more popular front end options like React and HTMX. What projects are you working on now? My main project right now is SaaS Pegasus, which is a Django codebase creator that helps you spin up new projects more efficiently by bundling in even more batteries than Django itself. This includes things like configuring auth, front end, and deployment, but also has some more powerful features like multi-tenancy and billing baked in. One of the great things about running Pegasus is that I can justify building new Django apps as dogfooding the product. So I always have other Django projects I'm working on. Right now the biggest one is a RAG chat-with-your-data LLM project called Scriv.ai. Within the Django community my main contributions are in the form of writing in-depth guides to using Django, as well as pitching in on the Social Media working group to help grow Django's audience. Which Django libraries are your favorite (core or 3rd party)? It's hard to go with anything other than the ORM (and migrations framework), which I still feel is Django's greatest and most important feature. It just fits my brain much better than SQLAlchemy or other options I've used. One lesser-known library I'll shout out that I have been enjoying lately is django-cotton, which provides a nice little layer of syntactic sugar and tooling that makes working with components in Django templates much nicer. What are the top three things in Django that you like? The ORM + migrations. The community. That nearly every backend use case I have already has a feature that's been built to accommodate it (e.g. middleware, messages, i18n, etc.). I feel like the modern JavaScript frameworks I've used are way behind on this front. What would you recommend to someone who wants to start out as an entrepreneur like you? I have an entire talk/article about this! But if I were to emphasize the most important part that worked for me, it was creating enough space in my life for deep, uninterrupted work and structuring it in a way that I never ran out of money or energy while I was trying (by working part time while I was getting started). In general, the path to success usually takes a long time, so giving yourself plenty of time is really important. The tactics you can figure out as you go, but the space and time to do it is the most important thing to have in place. Your main goal is not to quit. Is there anything else you'd like to say? Thank you for including me in this series! Thank you for doing the interview, Cory! [Less]