Django

Malcolm Tredinnick was an early member of Django's core team. He contributed a great deal of code to the Django Project, and a vast amount of his time helping and encouraging others. Malcolm died young, in March 2013. In his memory, the Malcolm ... [More] Tredinnick Memorial Prize is awarded annually. It is intended to recognise someone who participates in the Django community in the same spirit as Malcolm: welcoming, nurturing and suppporting newcomers and helping other people. You can read more about Malcolm and his contribution to Django, and about the prize. We invite your nominations for this year's prize. Please drop us a line at foundation@djangoproject.com, telling us whom you'd like to nominate and why you think their contribution is a worthy continuation of Malcolm's work for the Django community. Anyone is welcome to nominate a candidate. Nominations will remain open for two weeks (until Friday 24th November 2017). [Less]

It is that time of year again to think about next year’s Django Software Foundation’s Board of Directors! As you know, the Board guides the direction of the marketing, governance and outreach activities of the Django community. We provide funding ... [More] , resources, and guidance to Django events on a global level. Further we provide support to the Django community with an established Code of Conduct and make decisions and enforcement recommendations for violations. We work closely with our corporate and individual members to raise funds to help support our great community. In order to for our community to continue to grow and advance the Django Web framework, we need your help. The Board of Directors consists of volunteers who are elected to one year terms. This is an excellent opportunity to help advance Django. We can’t do it without volunteers, such as yourself. For the most part, the time commitment is a few of hours per month. There has been some confusion on this in the past, but anyone including current Board members, DSF Members, or the public at large can apply to the Board. It is open to all. If you are interested in helping to support the development of Django we’d enjoy receiving your application for the Board of Directors. Please fill out the application form by 9 December 2017 to be considered. If it is still 9 December somewhere in the world, applications will remain open. If you have any questions about applying, the work, or the process in general please don’t hesitate to reach out via email to foundation@djangoproject.com and one of us will get back with you shortly. Thank you for your time and we look forward to working with you in 2018. The 2017 DSF Board of Directors [Less]

Today we've issued the 1.11.7 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

Django 2.0 beta 1 is an opportunity for you to try out the assortment of new features in Django 2.0. Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 2.0 final (also, translations will be updated ... [More] following the "string freeze" when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around December 1. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list. As with all alpha and beta packages, this is not for production use. But if you'd like to take some of the new features for a spin, or to help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the beta package from our downloads page or on PyPI. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252. [Less]

Today we've issued the 1.11.6 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

Django 2.0 alpha 1 is now available. It represents the first stage in the 2.0 release cycle and is an opportunity for you to try out the changes coming in Django 2.0. Django 2.0 has an assortment of new features which you can read about in the ... [More] in-development 2.0 release notes. This alpha milestone marks a complete feature freeze. The current release schedule calls for a beta release in about a month and a release candidate about a month from then. We'll only be able to keep this schedule if we get early and often testing from the community. Updates on the release schedule schedule are available on the django-developers mailing list. As with all alpha and beta packages, this is not for production use. But if you'd like to take some of the new features for a spin, or to help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the alpha package from our downloads page or on PyPI. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252. [Less]

In accordance with our security release policy, the Django team is issuing Django 1.11.5 and Django 1.10.8. These release addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2017-12794: ... [More] Possible XSS in traceback section of technical 500 debug page In older versions, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you shouldn't run with DEBUG = True (which makes this page accessible) in your production settings. Thanks Charles Bideau for reporting this issue. Affected supported versions Django master development branch Django 1.11 Django 1.10 Per our supported versions policy, Django 1.9 is no longer supported. Django 1.8 is unaffected. Resolution Patches to resolve the issues have been applied to Django's master development branch and the 1.11 and 1.10 release branches. The patches may be obtained from the following changesets: On the development master branch On the 1.11 release branch On the 1.10 release branch The following releases have been issued: Django 1.11.5 (download Django 1.11.5 | 1.11.5 checksums) Django 1.10.8 (download Django 1.10.8 | 1.10.8 checksums) The PGP key ID used for these releases is Tim Graham: 1E8ABDC773EDE252. General notes regarding security reporting As always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance or the django-developers list. Please see our security policies for further information. [Less]

Last June (2016) JetBrains PyCharm partnered with the Django Software Foundation to generate a big boost to Django fundraising. The campaign was a huge success. Together we raised a total of $50,000 for the Django Software Foundation! This year we ... [More] hope to repeat that success. During the two-week campaign, buy a new PyCharm Professional Edition individual license with a 30% discount code, and all the money raised will go to the DSF’s general fundraising and the Django Fellowship program. Promotion details Up until Aug 28th, you can effectively donate to Django by purchasing a New Individual PyCharm Professional annual subscription at 30% off. It’s very simple: When buying a new annual PyCharm subscription in our e-store, on the checkout page, сlick “Have a discount code?”. Enter the following 30% discount promo code: IDONATETODJANGO Alternatively, just click this shortcut link to go to the e-store with the code automatically applied Fill in the other required fields on the page and click the “Place order” button. All of the income from this promotion code will go to the DSF fundraising campaign 2017 – not just the profits, but actually the entire sales amount including taxes, transaction fees – everything. The campaign will help the DSF to maintain the healthy state of the Django project and help them continue contributing to their different outreach and diversity programs. Read more details on the special promotion page. “Django has grown to be a world-class web framework, and coupled with PyCharm’s Django support, we can give tremendous developer productivity,” says Frank Wiles, DSF President. “Last year JetBrains was a great partner for us in support of raising money for the Django Software Foundation, on behalf of the community, I would like to extend our deepest thanks for their generous help. Together we hope to make this a yearly event!” If you have any questions, get in touch with Django at fundraising@djangoproject.com or JetBrains at sales@jetbrains.com. [Less]

Today we've issued the 1.11.4 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

2018's DjangoCon Europe will be held in beautiful Heidelberg, from the 23rd to the 27th May. There is a lot to do, but it's very much worth it – DjangoCon Europe is an extremely friendly, open, inclusive, and informative (for beginners and advanced ... [More] users alike) conference. We're looking for support in the following areas, but if you have other interests and want to help out, please contact us: Sponsors – Contacts, logistics, room/booth assignment Communications – Press, community relations, announcements, social media, attendee tools, volunteer coordination Support – Helpdesk, attendee support contact, visa help, travel management, chat support for attendees, on-site volunteer organization, speaker support Financial Aid – Setup, grant selection, aid organisation Marketing/Design – Brochures, advertisements, banners, flyers, travel guide, t-shirts, lanyards, badges, panels, logo Program – Talk selection, scheduling, session chairs, sprint/openspace/keynote/lightning talks/poster session organization Code of Conduct – Drafting documents, handling of requests and issues Diversity advocate – Accessibility considerations, outreach On-site Team – Catering contacts, child care, social events planning, on-site logistics Of course, we're happy about everyone joining us who has prior experience in one of these areas, but if you don't, that's fine as well! We'll work something out and you'll be experienced in that area afterwards. Your location is not important, either (we can do all things that need to be done in Heidelberg itself) – the only important thing is that you have the energy and free time to help organize a wonderful DjangoCon Europe. You do not need to speak German - all team and attendee communication is in English and we have German-speaking people on board for venue contacts and the like. Don't be shy - drop us a line at 2018@djangocon.eu, because we're looking forward to hearing from you! Tobias Kunze and Raphael Michel [Less]