Django community: RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
Django News - DjangoCon Europe 2026 CFPs - Dec 12th 2025
News DjangoCon Europe 2026: Call for Proposals Submit talk proposals for DjangoCon Europe 2026 in Athens by February 8, 2026, to present technical or community-focused Django and Python topics. djangocon.eu Python Insider: Python 3.14.2 and 3.13.11 are now available! Python 3.14.2 and 3.13.11 release expedited maintenance updates fixing regressions in multiprocessing, dataclasses, regex and insertdict plus security fixes including CVE-2025-12084. blogspot.com Django Software Foundation Django Code of Conduct Transparency Report 2025 The Django Software Foundation Code of Conduct working group published a 2025 transparency report detailing four reports, two suspensions, process changes, and new liaisons. djangoproject.com Online Community Working Group GitHub repo and project Django Online Community Working Group launched a GitHub repository and project to centralise, track, and triage suggestions across Django's online platforms. djangoproject.com Django Fellow Reports Fellow Report - Natalia Big week. I issued security releases early in the week, and then the Django 6.0 final release right after. Getting both out the door smoothly took most of my focus, and it felt good to see them completed. The flow of LLM driven contributions is becoming hard to ignore, across PRs, tickets, and even security reports. Skynet would be proud (?). This week was also heavy on … -
Django 6.0 - Natalia Bidart
Django 6.0 Released blog post and release notesDeprecations Don't Work for Python LibrariesDjango Forum - Should We Adjust Django's Versioning?django-repl and django-boltTemplate Fragments essay on HTMX.orgdjango-tasksWhat's New in Django 6.0 by Adam JohnsonDjangoCon Europe 2024 | Empowering Django with Background WorkersSponsorThis episode was brought to you by HackSoft, your development partner beyond code. From custom software development to consulting, team augmentation, or opening an office in Bulgaria, they’re ready to take your Django project to the next level! -
Hello world!
Welcome to WordPress. This is your first post. Edit or delete it, then start writing! -
Django: implement HTTP basic authentication
Previously, we covered bearer authentication within HTTP’s general authentication framework. In this post, we’ll implement basic authentication, where the client provides a username and password. To recap, HTTP’s general authentication framework defines a general scheme for authentication: Clients may provide an authorization request header that contains a credential. Servers validate the header and respond with either the requested resource or a 401 (Unauthorized) status code that includes a www-authenticate response header advertising what authentication schemes are supported. Basic authentication is an authentication scheme within the framework that browsers natively support. When accessing a page protected with basic authentication, browsers show a login prompt to the user, like this one in Firefox: After the user enters their credentials, the browser sends a new request with the authorization header set to the string Basic <credentials>, where <credentials> is a base64-encoded string of the form <username>:<password>. The server can then validate the credentials and respond accordingly. Basic authentication is not the best user experience, as the browser login dialog cannot be styled and password managers cannot autofill it. It also requires some security considerations, as the credentials are sent with every request to the protected resource, increasing the risk of exposure, but if … -
Weeknotes (2025 week 49)
Weeknotes (2025 week 49) I seem to be publishing weeknotes monthly, so I’m now thinking about renaming the category :-) Mosparo I have started using a self-hosted mosparo instance for my captcha needs. It’s nicer than Google reCAPTCHA. Also, not sending data to Google and not training AI models on traffic signs feels better. Fixes for the YouTube 153 error Simon Willison published a nice writeup about YouTube embeds failing with a 153 error. We have also encountered this problem in the wild and fixed the feincms3 embedding code to also set the required referrerpolicy attribute. Updated packages since 2025-11-04 django-sitemaps 2.0.2: Uploaded a new release which includes a wheel build. Rebuilding the wheel all the time when creating new container images was getting annoying. The code itself is unchanged. django-prune-uploads 0.3.1: The package now supports pruning a storage backed by django-s3-storage efficiently. I have also looked at django-prune-media but since the package uses the storage API instead of enumerating files using boto3 directly it’s unusably slow for my use case. feincms3-forms 0.6: Much better docs and a new way to reference individual form fields in custom templates. django-json-schema-editor 0.11: Switched from JSON paths to jmespath instances. Made the JSON … -
Django News - Django 6.0 released! - Dec 5th 2025
News Django 6.0 released Django 6.0 introduces template partials, a background task framework, Content Security Policy support, and a modern Email API based on EmailMessage. djangoproject.com 2026 DSF Board Election Results Jacob Kaplan-Moss, Priya Pahwa, and Ryan Cheley were elected to two year terms, joining continuing directors to form the 2026 DSF Board. djangoproject.com Releases Django security releases issued: 5.2.9, 5.1.15, and 4.2.27 Django issues security releases 5.2.9, 5.1.15, and 4.2.27, addressing a FilteredRelation SQL injection on PostgreSQL and an XML serializer DoS vulnerability. djangoproject.com Python 3.14.1 is now available! Python 3.14.1 is a maintenance release that adds deferred annotation evaluation, free-threaded support, an experimental JIT, and numerous bug fixes affecting Django performance and typing. python.org Python 3.13.10 is now available, too, you know! Python 3.13.10 is released as the tenth maintenance update since 3.13.9, delivering around 300 bug fixes, build improvements, and documentation updates. python.org Wagtail 7.2.1 Wagtail 7.2.1 delivers several performance and usability fixes for document and image listings, improves reference index efficiency, and includes minor maintenance updates. github.com Python Software Foundation Python Software Foundation News: Sovereign Tech Agency and PSF Security Partnership Sovereign Tech Agency funds €86,000 to PSF for CPython archive fuzz testing and PyPI account … -
Django: what’s new in 6.0
Django 6.0 was released today, starting another release cycle for the loved and long-lived Python web framework (now 20 years old!). It comes with a mosaic of new features, contributed to by many, some of which I am happy to have helped with. Below is my pick of highlights from the release notes. Upgrade with help from django-upgrade If you’re upgrading a project from Django 5.2 or earlier, please try my tool django-upgrade. It will automatically update old Django code to use new features, fixing some deprecation warnings for you, including five fixers for Django 6.0. (One day, I’ll propose django-upgrade to become an official Django project, when energy and time permit…) Template partials There are four headline features in Django 6.0, which we’ll cover before other notable changes, starting with this one: The Django Template Language now supports template partials, making it easier to encapsulate and reuse small named fragments within a template file. Partials are sections of a template marked by the new {% partialdef %} and {% endpartialdef %} tags. They can be reused within the same template or rendered in isolation. Let’s look at examples for each use case in turn. Reuse partials within the same … -
Safe Django database migrations on Coolify
Deploying Django on Coolify has been fantastic so far: automatic builds, atomic releases, ephemeral containers, and simple scaling. In a previous article I explained how I set up my Django projects in Coolify, including the fact that migrations run as part of the build step. This works great for most migrations: failures abort the build, no partial deploys, no surprises. But it breaks down for one specific class of migrations: schema-destructive migrations, i.e. migrations that remove fields, drop tables, rename columns, or otherwise make the existing running code incompatible with the current database schema. Coolify builds your new container, applies the migrations, and only afterwards starts replacing the running container with the new one. During that in-between period (usually 1–2 minutes depending on your image size) your old Django container is still running code that expects the old schema. If a column has just been removed… boom: 500 errors for users until the new container becomes healthy and takes over. Why you can’t just move the migration step Your first instinct might be to change when the migrations run. Let’s look at some alternatives and why they don’t solve the root problem. Strategy A: the post-deploy hook You could remove … -
Safe Django migrations without server errors
One of the best features of modern container-based deployment platforms (Coolify included) is that they give you zero downtime rolling updates out of the box. When you push code, a new image is built, migrations run, and traffic only shifts to the new container when it’s healthy. However, this convenience creates a hidden trap for Django developers. Because Coolify performs a rolling update, there is a window of time (usually 1–2 minutes) where both the old and new versions of your application are running simultaneously against the same database. This works fine if you are just adding a new table. But if you run a destructive migration, like removing a field or renaming a column, your deployment becomes a race condition. The new container runs the migration, the database schema changes, and your old container (which is still serving live traffic) immediately starts throwing 500 errors because it’s trying to query a column that no longer exists. This isn’t a limitation of Coolify; it is a fundamental constraint of rolling deployments. Heroku, Render, Fly.io, ECS, Kubernetes — anything that swaps containers while the old version is still serving traffic has the same constraint. You cannot fix this by changing where … -
Django News - Sales and AI in the Real World - Nov 28th 2025
News Python Black Friday & Cyber Monday sales (2025) More Black Friday and Cyber Monday deals for Python and Django developers! LearnDjango has 50% off courses too! treyhunner.com Django Software Foundation DSF member of the month - Akio Ogasahara Akio Ogasahara, DSF member of the month, contributes extensive Japanese documentation translation, advocates Django admin for operations and highlights Django security alongside AI assisted development. djangoproject.com Python Software Foundation PyPI and Shai-Hulud: Staying Secure Amid Emerging Threats PyPI warns developers about the Shai-Hulud npm supply chain campaign, revoking exposed tokens and recommending trusted publishers, CI workflow audits, and token rotation. pypi.org Wagtail CMS News Wagtail 7.2.1 Wagtail shipped several fixes that improve userbar previews, document and image handling, search stability, and reference index performance, along with a small search test cleanup. github.com Sponsored Link 1 Sleep tight with HackSoft and our Django services! While you recharge, we keep your software running smoothly - secure, stable, and ready for tomorrow. We are HackSoft - your Django development partner, beyond code. Learn more! hacksoft.io Articles Django: implement HTTP bearer authentication Shows how to implement simple single token HTTP Bearer authentication in Django views with secure compare, unit tests, and a reusable decorator. adamj.eu … -
Stop scrolling the admin apps
Below is a tiny javascript snippet to add to the end of the admin/base.html. This little snippet with ensure the current app in the left hand navigation is always at the top of the viewport when navigating between admin pages. Very handy when you have lots of apps and models! <script> const current_app_nav = document.querySelector(".current-app"); current_app_nav.scrollIntoView(true, {block: 'center', container: 'nearest', inline: 'nearest'}); window.scrollBy(0, -100); </script> Enjoy! -
AI in the Real World - Marlene Mhangami & Tim Allen
Marlene’s personal website and Tim’sKeynote: Django Reimagined For The Age of AI by Marlene at DjangoCon US and GitHub repoWhat a Decade! by Tim at DjangoCon USDjango Girls OfflineSponsorThis episode was brought to you by HackSoft, your development partner beyond code. From custom software development to consulting, team augmentation, or opening an office in Bulgaria, they’re ready to take your Django project to the next level! -
Django and password manager SDKs
In my current project, I'm going to be storing a fair number of different API credentials, first those that we own and then plenty of OAuth credentials from our customers. Today I am pondering the first scenario and wondering what how I can store these securely and with the prinicple of least privilege. Currently I'm using django-allauth's socialaccount models to store these details, it's a nice abstraction and I can add relationships from my models to the models allauth provides to dynamically select the appropriate credentials I need to access the relevant API. However the secrets are stored in plain CharFields and are accessible from the admin. That's fine for now, but soon that's not going to fly. I could store these as environment variables, but this goes against the current dynamic design of holding configuration in the database, which allows me to switch API clients and tokens without a code deploy. Last night I was listening to a 1password advert about their SDK which goes beyond a CLI interface allowing developers to interact with their platform. Bitwarden (my password manager of choice) also has this capability and this got me wondering, what would Django integration to these providers look … -
Django: implement HTTP bearer authentication
HTTP has a general authentication framework that defines a pattern into which various authentication schemes can fit. Clients may provide an authorization request header that contains a credential. If authorization is missing or invalid, the server may respond with a 401 (Unauthorized) status code, including a www-authenticate header advertising what authentication schemes are supported. Otherwise, the server can respond with the authenticated resource. The simplest authentication scheme in this framework is called Bearer, where the client needs to provide a valid token (typically a randomly generated string) in authorization. Bearer authentication is commonly used in APIs, where it’s convenient to provide a single token rather than a username and password. Django-based API frameworks provide built-in support for Bearer authentication, such as Django REST Framework’s TokenAuthentication or django-ninja’s authentication layer. But for simple cases, such frameworks can be a bit heavyweight, and you might want to implement Bearer authentication yourself, which only takes a few lines of code. Here’s an example implementing single-token Bearer authentication for a Django view returning JSON data: import os import secrets from http import HTTPStatus from django.http import JsonResponse SECRET_STUFF_TOKEN = os.environ.get("SECRET_STUFF_TOKEN", "") def secret_stuff(request): authorization = request.headers.get("authorization", "") if not SECRET_STUFF_TOKEN or not secrets.compare_digest( f"Bearer … -
Django News - Django 6.0 release candidate 1 released - Nov 21st 2025
News Django 6.0 release candidate 1 released Django 6.0 release candidate 1 is now available. It represents the final opportunity for you to try out a mosaic of modern tools and thoughtful design before Django 6.0 is released. djangoproject.com Python Insider: Python 3.15.0 alpha 2 This release, 3.15.0a2, is the second of seven planned alpha releases. Alpha releases are intended to make it easier to test the current state of new features and bug fixes and to test the release process. blogspot.com Django Software Foundation Twenty years of Django releases Since we’re celebrating Django’s 20th birthday this year, here are a few release-related numbers that represent Django’s history: djangoproject.com Python Software Foundation New Login Verification for TOTP-based Logins PyPI has added email verification for TOTP-based logins pypi.org Updates to Django Today, "Updates to Django" is presented by Raffaella from Djangonaut Space! 🚀 Last week we had 17 pull requests merged into Django by 9 different contributors - including 2 first-time contributors! Congratulations to Hong Xu and Benedict Etzel for having their first commits merged into Django - welcome on board! News in Django 6.1: The admin site login view now redirects authenticated users to the next URL, if available, instead … -
Django-related Deals for Black Friday 2025
Here are some Django-related deals for this year’s Black Friday (28th November) and Cyber Monday (1st December), including my own. I’ll keep this post up to date with any new deals I learn about. If you are also a creator, email me with details of your offer and I’ll add it here. My books My four books have a 50% discount, for both individual and team licenses, until the end of Cyber Monday (1st December), including Boost Your GitHub DX, which I released last week. This deal stacks with the bundle offers and purchasing power parity discount for those in lower-income countries. Individual books: Boost Your GitHub DX - $22 instead of $44 Boost Your Git DX - $22 instead of $44 Boost Your Django DX - $22 instead of $44 Speed Up Your Django Tests - $24.50 instead of $49 Bundles: Boost Your Git* DX Bundle - the Git and GitHub “Boost Your DX” books, $39 instead of $78 Boost Your DX Bundle - all three “Boost Your DX” books, $58.50 instead of $117 Aidas Bendoraitis’ paid packages Aidas Bendoraitis of djangotricks.com has created three paid packages. Use the links below for a 20% discount, available until the end … -
Ansible-lint pre-commit problem + "fix"
I'm used to running pre-commit autoupdate regularly to update the versions of the linters/formatters that I use. Especially when there's some error. For example, a couple of months ago, there was some problem with ansible-lint. You have an ansible-lint, ansible and ansible-core package and one of them needed an upgrade. I'd get an error like this: ModuleNotFoundError: No module named 'ansible.parsing.yaml.constructor' The solution: pre-commit autoupdate, which grabbed a new ansible-lint version that solved the problem. Upgrading is good. But... little over a month ago, ansible-lint pinned python to 3.13 in the pre-commit hook. So when you update, you suddenly need to have 3.13 on your machine. I have that locally, but on the often-used "ubuntu latest" (24.04) github action runner, only 3.12 is installed by default. Then you'd get this: [INFO] Installing environment for https://github.com/pre-commit/pre-commit-hooks. [INFO] Once installed this environment will be reused. [INFO] This may take a few minutes... [INFO] Installing environment for https://github.com/astral-sh/ruff-pre-commit. [INFO] Once installed this environment will be reused. [INFO] This may take a few minutes... [INFO] Installing environment for https://github.com/ansible-community/ansible-lint.git. [INFO] Once installed this environment will be reused. [INFO] This may take a few minutes... An unexpected error has occurred: CalledProcessError: command: ('/opt/hostedtoolcache/Python/3.12.12/x64/bin/python', '-mvirtualenv', '/home/runner/.cache/pre-commit/repomm4m0yuo/py_env-python3.13', … -
Understanding the Different POST Content Types
After more than 20 years of building for the web, this topic somehow kept slipping past me. It always felt obvious, so I never looked deeper. Recently I finally took the time to explore it properly, did some quick research, and now I’m sharing the results. Here’s a simple walkthrough of the different content types you can send in POST requests. Standard Form Data When you submit a basic HTML form like <form method="post" action=""></form>, for example a login form, the browser sends the data using the application/x-www-form-urlencoded content type. The body of the request looks like a URL-encoded query string, the same format typically used in GET requests. Example: username=john_doe&password=pass123. A POST request with this content type using the fetch API looks like this: async function sendURLEncoded() { const params = new URLSearchParams(); params.append('username', 'john_doe'); params.append('email', 'john@example.com'); params.append('password', 'Secret123'); params.append('bio', 'This is a multi-line\nbio text.\nIt supports newlines!'); const response = await fetch('/api/urlencoded/', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'X-CSRFToken': getCSRFToken() }, body: params }); const result = await response.json(); console.log(result); } On the Django side, validation with a Django form is the usual approach: from django import forms from django.http import JsonResponse from django.views.decorators.http import require_http_methods from .forms … -
Django News - PyCharm 30% Promotion Extended! - Nov 14th 2025
News Support the Django Software Foundation by buying PyCharm at a 30% Discount The Django Software Foundation’s primary fundraiser has been extended, so you can get 30 percent off PyCharm Pro and support Django until November 19. jetbrains.com Call for Proposals for DjangoCon US 2026 Website! DjangoCon US 2026 requests proposals to redesign branding, illustrations, and the 11ty and Tailwind website for Chicago, including swag, signage, and starter code. defna.org “Boost Your GitHub DX” out now Boost Your GitHub DX by Adam Johnson provides practical guidance on GitHub features, gh CLI, and Actions to streamline collaboration and speed software delivery. adamj.eu Django Software Foundation Five ways to discover Django packages New Django ecosystem page plus resources like State of Django survey, Django Packages, Awesome Django, Reddit and newsletters help developers discover third-party Django packages. djangoproject.com Django at PyCon FR 2025 Highlights from PyCon France where 27 contributors joined together in sprints, discussions of Django's direction, htmx presentations, and more. djangoproject.com Python Software Foundation Trusted Publishing is popular, now for GitLab Self-Managed and Organizations Django projects can now use PyPI Trusted Publishing to securely publish packages, with GitLab Self Managed beta support and organization pending publishers. pypi.org Updates to Django Today, … -
How to use UUIDv7 in Python, Django and PostgreSQL
Learn how to use UUIDv7 today with stable releases of Python 3.14, Django 5.2 and PostgreSQL 18. A step by step guide showing how to generate UUIDv7 in Python, store them in Django models, use PostgreSQL native functions and build time ordered primary keys without writing SQL. -
django-deadcode: idea to release in under 2 hours
A few weeks ago I noticed a toot from Jeff Triplett about Anthrophic releasing Claude Code for the Web. This was the final spark that coalesced a few different thoughts that had been lingering in the back of my head, some of I have written a bit about before. The first thought was the speed of prototyping that agentic AI enables. Essentially ideas or tasks can simply be executed rather than being written down and the time allocated to develop these ideas go from weeks to days or even hours. The second thought is related to the first in that tools like Agent OS allows for AI to build out products in a more reliable way for the most part. I have also been pondering how I can use my mobile more as an engineer, the Github app is ok for PR reviews, but to date building anything needs a larger screen. The final thought goes back to the toot from Jeff and Claude Code on the being possibly the cloest thing so far to my post from day 282 about how our tooling doesn't yet fully leverage what AI can do for us. Well this led to me creating … -
Python Leiden (NL) meetup summaries
My summaries from the sixth Python meetup in Leiden (NL). Python and MongoDB, a perfect marriage - Mathijs Gaastra His first experience with Mongodb was when he had to build a patient data warehouse based on literature. He started with postgres, but the fixed table structure was very limiting. Mongodb was much more flexible. Postgres is a relational database, Mongodb is a document database. Relational: tables, clearly defined relationships and a pre-defined structure. Document/nosql: documents, flexible relationships and a flexible structure. Nosql/document databases can scale horizontally. Multiple servers, connected. Relational databases have different scaling mechanisms. Why is mongo such a nice combination with python? The PyMongo package is great and has a simple syntax. It is easily scalable Documents are in BSON format ("binary json") which is simple to use and pretty efficient. He showed example python code, comparing a mysql example with a Mongodb version. The Mongodb version did indeed look simpler. The advantage of Mongodb (the freedom) also is its drawback: you need to do your own validation and your own housekeeping, otherwise your data slowly becomes unusable. Mathijs is now only using Mongodb, mostly because of the speed of development he enjoys with it. Identifying “blast beats” … -
Django 20 Years Later - Adrian Holovaty
🔗 LinksAdrian’s personal websiteSoundsliceDjango BookMusicXMLMNX specification🎥 YouTubeYouTube Channel: @djangochatSponsorThis episode was brought to you by HackSoft, your development partner beyond code. From custom software development to consulting, team augmentation, or opening an office in Bulgaria, they’re ready to take your Django project to the next level!https://www.hacksoft.io/solutions/django -
Behind the Curtain as a Conference Chair
This post is the first in a three-part series reflecting on DjangoCon US 2025 — In this post, I’m taking you behind the scenes of DjangoCon US 2025 to share what it taught me about leadership, community, and the power of holding space for others. -
Django-Tailwind v4.4: Now with Zero Node.js Setup via Standalone Tailwind CLI
I've just released version 4.4 of Django-Tailwind, and it comes with a major new feature: you can now use Tailwind CSS without needing Node.js. This is made possible by another one of my packages — Pytailwindcss — which brings support for Tailwind's Standalone CLI into the Python ecosystem. … Read now
