Django

Today we've issued the 5.1.2 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E.

Nominations are open for the 2025 Django Software Foundation Board of Directors. In 2023 we introduced a staggered term for directors. Of our 7 directors, there are 4 positions currently open, with each position serving for two years. Decisions ... [More] around the 2025 officer roles will be made during the meeting of the new board. You don’t need to specify which position you are nominating for. As you know, the Board guides the direction of the marketing, governance and outreach activities of the Django community. We provide funding, resources, and guidance to Django events on a global level. Further we provide support to the Django community with an established Code of Conduct and make decisions and enforcement recommendations for violations. We work with our corporate and individual members to raise funds to help support our great community. In order for our community to continue to grow and advance the Django Web framework, we need your help. The Board of Directors consists of seven volunteers who are elected to two year terms. This is an excellent opportunity to help advance Django. We can’t do it without volunteers, such as yourself. Anyone including current Board members, DSF Members, or the public at large can apply to the Board. It is open to all. 2025 DSF Board Nomination Form If you are interested in helping to support the development of Django we’d enjoy receiving your application for the Board of Directors. Please fill out the 2025 DSF Board Nomination form by October 25, 2024 Anywhere on Earth to be considered. If you have any questions about applying, the work, or the process in general please don’t hesitate to reach out via email to [email protected]. Thank you for your time and we look forward to working with you in 2025. The 2024 DSF Board of Directors. [Less]

Nominations are open for the 2025 Django Software Foundation Board of Directors. In 2023 we introduced a staggered term for directors. Of our 7 directors, there are 4 positions currently open, with each position serving for two years. Decisions ... [More] around the 2025 officer roles will be made during the meeting of the new board. You don’t need to specify which position you are nominating for. As you know, the Board guides the direction of the marketing, governance and outreach activities of the Django community. We provide funding, resources, and guidance to Django events on a global level. Further we provide support to the Django community with an established Code of Conduct and make decisions and enforcement recommendations for violations. We work with our corporate and individual members to raise funds to help support our great community. In order for our community to continue to grow and advance the Django Web framework, we need your help. The Board of Directors consists of seven volunteers who are elected to two year terms. This is an excellent opportunity to help advance Django. We can’t do it without volunteers, such as yourself. Anyone including current Board members, DSF Members, or the public at large can apply to the Board. It is open to all. 2025 DSF Board Nomination Form If you are interested in helping to support the development of Django we’d enjoy receiving your application for the Board of Directors. Please fill out the 2025 DSF Board Nomination form by 23:59 on October 25, 2024 Anywhere on Earth to be considered. If you have any questions about applying, the work, or the process in general please don’t hesitate to reach out via email to [email protected]. Thank you for your time and we look forward to working with you in 2025. The 2024 DSF Board of Directors. [Less]

The Django Software Foundation's biggest fundraising event of the year is here! Get 30% off PyCharm, Support Django Each year, our friends at JetBrains, the creators of PyCharm, run an incredible deal. You get a 30% discounted year of PyCharm, AND ... [More] the DSF gets 100% of the money. Yes, 100%! It's making a donation and directly getting a great product in return! This is available for new users, and those who had used PyCharm in the past, stopped, and want to try again. The fundraiser The fundraiser started during DjangoCon Europe in June, and is now back on from September 22nd to October 6th. Buy PyCharm and support Django! In the past, JetBrains through the PyCharm fundraiser has provided approximately one quarter of the Django Software Foundation's budget!  Donations like this fundraiser allow the DSF to function. Our two wonderful Fellows, Natalia Bidart and Sarah Boyce keep Django running smoothly, picking up pieces that would otherwise not happen. The other side of the DSF is our support for Django groups across the globe. We supported every DjangoCon, particularly with donating funding towards opportunity grants for more people to be able to attend these conferences. The DSF also supports smaller events around the world, including DjangoGirls events. PyCharm Finally, I want to tell you about PyCharm itself. PyCharm is an integrated development environment (IDE) that helps professional Python web developers be more productive, be more confident, and write better code. It supports the full Python web workflow out of the box, including popular Python web frameworks, such as Django, frontend technologies, and databases. Here are the main benefits of using PyCharm in your Django development: Django (including templates), Flask, FastAPI Database management (Postgres, Redis) JS, React, Node.js, TailwindCSS Built-in HTTP Client and endpoint tools Get Django work done with PyCharm, a powerful IDE tailored for Django web development! Consider this the easiest charitable donation you will ever make, when you get such a great product in return! Get 30% off PyCharm, Support Django Other ways to donate If you would like to donate in another way, especially if you are already a PyCharm customer, here are other ways to donate to the DSF: On our website via credit card Via GitHub Sponsors For those able to make a larger donation, particularly corporate sponsors ($2000+), more information is here: Corporate membership [Less]

DjangoCon US starts next week in Durham, NC on September 22nd! If you aren't able to join in person, please consider purchasing an online ticket: https://ti.to/defna/djangocon-us-2024 The conference is full of a variety of talks with excellent ... [More] keynote speakers! It's shaping up to be an event you'll want to experience live. If you'd like to learn more about DjangoCon US visit them at their website or reach out to them at [email protected]. [Less]

Hello Everyone 👋 It is that time of year again when we recognize someone from our community in memory of our friend Malcolm. Malcolm was an early core contributor to Django and had both a huge influence and impact on Django as we know it today. ... [More] Besides being knowledgeable he was also especially friendly to new users and contributors. He exemplified what it means to be an amazing Open Source contributor. We still miss him to this day. The prize The Django Software Foundation Prizes page summarizes it nicely: The Malcolm Tredinnick Memorial Prize is a monetary prize, awarded annually, to the person who best exemplifies the spirit of Malcolm’s work - someone who welcomes, supports, and nurtures newcomers; freely gives feedback and assistance to others, and helps to grow the community. The hope is that the recipient of the award will use the award stipend as a contribution to travel to a community event -- a DjangoCon, a PyCon, a sprint -- and continue in Malcolm’s footsteps. Please make your nominations using our form: 2024 Malcolm Tredinnick Memorial Prize. We will take nominations until Monday, September 30th, 2024, Anywhere on Earth, and will announce the winner(s) soon after the next DSF Board meeting in October. If you have any questions please reach out to the DSF Board at [email protected]. Submit a nomination [Less]

Hello Everyone 👋 It is that time of year again when we recognize someone from our community in memory of our friend Malcolm. Malcolm was an early core contributor to Django and had both a huge influence and impact on Django as we know it today. ... [More] Besides being knowledgeable he was also especially friendly to new users and contributors. He exemplified what it means to be an amazing Open Source contributor. We still miss him to this day. The prize The Django Software Foundation Prizes page summarizes it nicely: The Malcolm Tredinnick Memorial Prize is a monetary prize, awarded annually, to the person who best exemplifies the spirit of Malcolm’s work - someone who welcomes, supports, and nurtures newcomers; freely gives feedback and assistance to others, and helps to grow the community. The hope is that the recipient of the award will use the award stipend as a contribution to travel to a community event -- a DjangoCon, a PyCon, a sprint -- and continue in Malcolm’s footsteps. Please make your nominations using our form: 2024 Malcolm Tredinnick Memorial Prize. Nominations are welcome from everyone. We will take nominations until Monday, September 30th, 2024, Anywhere on Earth, and will announce the winner(s) soon after the next DSF Board meeting in October. If you have any questions please reach out to the DSF Board at [email protected]. Submit a nomination [Less]

We are thrilled to announce that Djangonaut Space, a mentorship program, is open for applicants for our next cohort! Djangonaut Space is holding a third session this year! This session will start on October 14th, 2024. We are accepting applications ... [More] until September 14th, 2024. More details can be found in the website. Djangonaut Space is a free, 8-week group mentoring program where individuals will work self-paced in a semi-structured learning environment. It seeks to help members of the community who wish to level up their current Django code contributions and potentially take on leadership roles in Django in the future. “I signed up for this program with the goal of starting my journey as a contributor, but I ended up gaining so much more. In this community, I found incredible people who not only guide you toward solutions but also encourage and celebrate every achievement along the way.” - Raffaella, Djangonaut If you have questions, they are holding an AMA session on Zoom next week. See their social media account for more details: Twitter/X Mastodon [Less]

In accordance with our security release policy, the Django team is issuing releases for Django 5.1.1, Django 5.0.9, and Django 4.2.16. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as ... [More] possible. CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. Thanks to MProgrammer for the report. This issue has severity "moderate" according to the Django security policy. CVE-2024-45231: Potential user email enumeration via response status on password reset Due to unhandled email sending failures, the django.contrib.auth.forms.PasswordResetForm class allowed remote attackers to enumerate user emails by issuing password reset requests and observing the outcomes. To mitigate this risk, exceptions occurring during password reset email sending are now handled and logged using the django.contrib.auth logger. Thanks to Thibaut Spriet for the report. This issue has severity "low" according to the Django security policy. Affected supported versions Django main branch Django 5.1 Django 5.0 Django 4.2 Resolution Patches to resolve the issue have been applied to Django's main, 5.1, 5.0, and 4.2 branches. The patches may be obtained from the following changesets. CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() On the main branch On the 5.1 branch On the 5.0 branch On the 4.2 branch CVE-2024-45231: Potential user email enumeration via response status on password reset On the main branch On the 5.1 branch On the 5.0 branch On the 4.2 branch The following releases have been issued Django 5.1.1 (download Django 5.1.1 | 5.1.1 checksums) Django 5.0.9 (download Django 5.0.9 | 5.0.9 checksums) Django 4.2.16 (download Django 4.2.16 | 4.2.16 checksums) The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E General notes regarding security reporting As always, we ask that potential security issues be reported via private email to [email protected], and not via Django's Trac instance, nor via the Django Forum, nor via the django-developers list. Please see our security policies for further information. [Less]

We are looking for the next group of organizers to own and lead the 2026 DjangoCon Europe conference. Could your town - or your football stadium, circus tent, private island or city hall - host this wonderful community event? DjangoCon Europe is a ... [More] major pillar of the Django community, as people from across the world meet and share. This includes many qualities that make it a unique event - unconventional and conventional venues, creative happenings, a feast of talks and a dedication to inclusion and diversity. Hosting a DjangoCon is an ambitious undertaking. It's hard work, but each year it has been successfully run by a team of community volunteers, not all of whom have had previous experience - more important is enthusiasm, organizational skills, the ability to plan and manage budgets, time and people - and plenty of time to invest in the project. For 2026, we want to kickstart the organization much earlier than in previous years to allow more flexibility for the organizing team, and open up more opportunities for support from our DjangoCon Europe support working group. Step 1: Submit your expression of interest If you’re considering organizing DjangoCon Europe (🙌 great!), fill in our DjangoCon Europe 2026 expression of interest form with your contact details. No need to fill in all the information at this stage if you don’t have it all already, we’ll reach out and help you figure it out. Express your interest in organizing Step 2: We’re here to help! We've set up a DjangoCon Europe support working group of previous organizers that you can reach out to with questions about organizing and running a DjangoCon Europe. The group will be in touch with everyone submitting the expression of interest form, or you can reach out to them directly: [email protected] We'd love to hear from you as soon as possible, so your proposal can be finalized and sent to the DSF board by October 6th 2024. The selected hosts will be publicly announced at DjangoCon Europe 2025 by the current organizers. Step 3: Submitting the proposal The more detailed and complete your final proposal is, the better. Basic details include: Organizing committee members: You won’t have a full team yet, probably, naming just some core team members is enough. The legal entity that is intended to run the conference: Even if the entity does not exist yet, please share how you are planning to set it up. Dates: See “What dates are possible in 2026?” below. We must avoid conflicts with major holidays, EuroPython, DjangoCon US, and PyCon US. Venue(s), including size, number of possible attendees, pictures, accessibility concerns, catering, etc. Transport links and accommodation: Can your venue be reached by international travelers? Budgets and ticket prices: Talk to the DjangoCon Europe Support group to get help with this, including information on past event budgets. We also like to see: Timelines Pictures Plans for online participation, and other ways to make the event more inclusive and reduce its environmental footprint Draft agreements with providers Alternatives you have considered Have a look at our proposed (draft, feedback welcome) DjangoCon Europe 2026 Licensing Agreement for the fine print on contractual requirements and involvement of the Django Software Foundation. Submit your completed proposal by October 6th 2024 via our DjangoCon Europe 2026 expression of interest form, this time filling in as many fields as possible. We look forward to reviewing great proposals that continue the excellence the whole community associates with DjangoCon Europe. Q&A Can I organize a conference alone? We strongly recommend that a team of people submit an application. I/we don’t have a legal entity yet, is that a problem? Depending on your jurisdiction, this is usually not a problem. But please share your plans about the entity you will use or form in your application. Do I/we need experience with organizing conferences? The support group is here to help you succeed. From experience, we know that many core groups of 2-3 people have been able to run a DjangoCon with guidance from previous organizers and help from volunteers. What is required in order to announce an event? Ultimately, a contract with the venue confirming the dates is crucial, since announcing a conference makes people book calendars, holidays, buy transportation and accommodation etc. This, however, would only be relevant after the DSF board has concluded the application process. Naturally, the application itself cannot contain any guarantees, but it’s good to check concrete dates with your venues to ensure they are actually open and currently available, before suggesting these dates in the application. Do we have to do everything ourselves? No. You will definitely be offered lots of help by the community. Typically, conference organizers will divide responsibilities into different teams, making it possible for more volunteers to join. Local organizers are free to choose which areas they want to invite the community to help out with, and a call will go out through a blog post announcement on djangoproject.com and social media. What kind of support can we expect from the Django Software Foundation? The DSF regularly provides grant funding to DjangoCon organizers, to the extent of $6,000 in recent editions. We also offer support via specific working groups: The dedicated DjangoCon Europe support working group. The social media working group can help you promote the event. The Code of Conduct working group works with all event organizers. In addition, a lot of Individual Members of the DSF regularly volunteer at community events. If your team aren’t Individual Members, we can reach out to them on your behalf to find volunteers. What dates are possible in 2026? For 2026, DjangoCon Europe should happen between January 5th and April 27th, or June 4th and June 28th. This is to avoid the following community events’ provisional dates: PyCon US 2026: May 2026 EuroPython 2026: July 2026 DjangoCon US 2026: September - October 2026 DjangoCon Africa 2026: August - September 2026 We also want to avoid the following holidays: New Year's Day: Wednesday 1st January 2026 Chinese New Year: Tuesday 17th February 2026 Eid Al-Fitr: Friday 20th March 2026 Passover: Wednesday 1st - Thursday 9th April 2026 Easter: Sunday 5th April 2026 Eid Al-Adha: Tuesday 26th - Friday 29th May 2026 Rosh Hashanah: Friday 11th - Sunday 13th September 2026 Yom Kippur: Sunday 20th - Monday 21st September 2026 What cities or countries are possible? Any city in Europe. This can be a city or country where DjangoCon Europe has happened in the past (Vigo, Edinburgh, Porto, Copenhagen, Heidelberg, Florence, Budapest, Cardiff, Toulon, Warsaw, Zurich, Amsterdam, Berlin), or a new locale. References Past calls Interested in organizing DjangoCon Europe 2016? Could you host DjangoCon Europe 2017? DjangoCon Europe 2019 - where will it be? Could you host DjangoCon Europe 2023? Last Chance for a DjangoCon Europe 2023 [Less]