Django community: RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
Pycon NL: programming, past and future - Steven Pemberton
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). (Note: I've heard a keynote by Steven at pygrunn 2016.) Steven is in the python documentary, he co-designed the abc programming language that was the predecessor to python. ABC was a research project that was designed for the programmer's needs. He also was the first user of the open internet in Europe in November 1988, as the CWI at the university had the first 64kbps connection in Europe. Co-designer of html, css, xhtml, rdf, etc. 1988, that's 37 years ago. But only about 30 years earlier, the first municipality (Norwich, UK) got a computer. 21 huge crates. It ran continuously for 10 years. A modern Raspberry pi would take 5 minutes to do the same work! Those early computers were expensive: an hour of programming time was a year's salary for a programmer. So, early programming languages were designed to optimize for the computer. Nowadays, it is the other way around: computers are almost free and programmers are expensive. This hasn't really had an effect on the way we program. He's been working on declarative programming languages. One of the declarative systems is xforms, an xml-based declarative … -
Pycon NL: typing your python code like a ninja - Thiago Bellini Ribeiro
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). By now, the basics of python type hints are well known: def something(x: int) -> float: ... def get_person(name: str, age: int|None) -> Person: ... Note: I've tried typing (...) fast enough, but my examples will probably have errors in them, so check the typing documentation! His slides are here so do check those :-) Sometimes you can have multiple types for some input. Often the output also changes then. You can accept both import types and suggest both output types, but with @overload you can be more specific: from typing import overload @overload def something(x: str) -> str: ... def something(x: int) -> int: ... Tyou can do the same with a generic: from typing import TypeVar T = TypeVar("T") @overload def something(x: T) -> T: ... # New syntax def something[T](x: T) -> T: ... # Same, but restricted to two types def something[T: str|int](x: T) -> T: ... Generic classes can be handy for, for instance, django: class ModelManager[T: Model]: def __init__(self, model_class: type[T]) -> None: .... def get(self, pk: int) -> T: ... Type narrowing. Sometimes you accept a broad range of items, … -
Pycon NL: from flask to fastapi - William Lacerda
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). Full title: from flask to fastapi: why and how we made the switch. He works at "polarsteps", a travel app. Especially a travel app that will be used in areas with really bad internet connectivity. So performance is top of mind. They used flask for a long time. Flask 2 added async, but it was still WSGI-bound. They really needed the async scaling possibility for their 4 million monthly users. Type hinting was also a big wish item for improved reliability. They switched to fastapi: True async support. It is ASGI-native Typing and validation with pydantic. Pydantic validates requests and responses. Type hints help a lot. Native auto-generated docs (openapi). Built-in swagger helps for the frontend team. This meant they gave up some things that Flask provided: Flask has a mature ecosystem. So they left a big community + handy heap of stackoverflow answers + lots of ready-made plugins behind. Integrated command-line dev tools. Flask is handy there. Simplicity, especially for new devs. They did a gradual migration. So they needed to build a custom fastapi middleware that could support both worlds. And some api versioning to … -
Pycon NL: tooling with purpose - Aris Nivortis
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). Full title: tooling with purpose: making smart choices as you build. Aris uses python and data to answers research questions about everything under the ground (as geophysicist). As a programmer you have to make lots of choices. Python environment, core project tooling, project-specific tooling, etc. First: python environment management: pyenv/venv/pip, poetry, uv. And conda/pixi for the scientific python world. A show of hands showed uv to be real popular. Now core project tooling. Which project structure? Do you use a template/cookiecutter for it? Subdirectories? A testing framework? Pytest is the default, start with that. (He mentioned "doctests" becoming very popular: that surprised me, as they were popular before 2010 and started to be considered old and deprecated after 2010. I'll need to investigate a bit more). Linting and type checking? Start with ruff for formatting/checking. Mypy is the standard type checker, but pyright/vscode and pyre are options. And the new ty is alpha, but looks promising. Also, part of the core tooling: do you document your code? At least a README. For domain specific tooling there are so many choices. It is easy to get lost. What … -
Pycon NL: don't panic, a developer's guide to security - Sebastiaan Zeeff
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). He showed a drawing of Cornelis "wooden leg" Jol, a pirate from the 17th century from Sebastiaan's hometown. Why is he a pirate? He dresses like one, has a wooden leg, murders people like pirate and even has a parrot, so he's probably a pirate. For python programmers used to duck typing, this is familiar. The 17th century, the Netherlands were economically wealthy. And had a big sea-faring empire. But they wanted a way to expand their might without paying for it. So... privatization to the rescue. You give pirates a vrijbrief, a government letter saying they've got some kind of "permission" from the Dutch government to rob and pillage and kill everybody as long it aren't Dutch people and ships. A privateer.So it looks like a pirate and behaves like a pirate, but it isn't technically a real pirate. Now on to today. There are a lot of cyber threats. Often state-sponsored. You might have a false sense of security in working for a relatively small company instead of for a juicy government target. But... privateers are back! Lots of hacking companies have coverage of governments … -
Pycon NL: kedro, lessons from maintaining an open source framework - Merel Theisen
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). Full title: leading kedro: lessons from maintaining an open source python framework. Merel is the tech lead of the python open source framework kedro. What is open source? Ok, the source code is publicly available for anyone to use, modify and share. But it is also a concept of sharing. Developing together. "Peer production". It also means sharing of technical information and documentation. In the 1990s the actual term "open source" was coined. Also, an important milestone: Github was launched in 2008, greatly easing open source development. Kedro is a python toolbox that applies software engineering principles to data science code, making it easier to go from prototype to production. Started in 2017, it was open sourced in 2019. (Note: Kedro has now been donated to the Linux foundation). This made it much easier to collaborate with others outside the original company (Quantumblack). Open source also means maintenance challenges. It is not just code. Code is the simple part. How to attract contributors? How to get good quality contributions? What to accept/reject? How to balance quick wins with the long term vision of the project? How to … -
Pycon NL: workshop: measuring and elevating quality in engineering practice - Daniele Procida
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). Daniele works as director of engineering at Canonical (the company behind Ubuntu). What he wants to talk about today is how to define, measure and elevate engineering quality at scale. That's his job. He needs to influence/change that in an organization with a thousand technical people in dozens of teams with 100+ projects. They ideally must converge on the standards of quality he has defined and there's only one of me. Engineering people are opinionated people :-) Your personal charm and charisma wears thin after a while: there needs to be a different way. So: how can you get 1000+ to do what you want, the way you want. Ideally somewhat willingly? You cannot make people do it. You'll have to be really enthousiastic about it. He suggests three things: Principle. Description of quality as objective conditions, allowing it to be defined and measured. Tool. A simple dashboard, that reinforces your vision of quality and reflects it back to your teams. Daniele focuses on documentation, and showed a dashboard/spreadsheet that showed the documentation status/progress of various projects. You can do the same for "security" for instance. Method. … -
Pycon NL: keynote: how not to get fooled by your data while AI engineering - Sofie van Landeghem
(One of my summaries of the Pycon NL one-day conference in Utrecht, NL). (Sofie helps maintain FastAPI, Typer and spaCy; this talk is all about AI). Sofie started with an example of a chatbot getting confused about the actual winner of an F1 race after disqualification of the winner. So you need to have a domain expert on board who can double-check the data and the results. Let's say you want your chatbot output to link to Wikipedia for important terms. That's actually a hard task, as it has to do normalization of terms, differentiating between Hamilton-the-driver, Hamilton-the-town, Hamilton-the-founding-father and more. There's a measure for quality of output that's called an "F-score". She used some AI model to find the correct page and got a 79.2% F-score. How good or bad is it? For this, you can try to determine a reasonable bottom line. "Guessing already means 50%" is what you might think. No, there are 7 million Wikipedia pages, so random guessing gives 0% F-score. Let's pick all the pages which actually mention the word "Hamilton". If we then look at more words like "Alexander Hamilton" or "Lewis Hamilton", we can reason that a basic non-AI regular approach should … -
Developing and building with AI
Earlier this year, how to use Agentic AI/LLM 'clicked' in my head, mainly when I tried out Zed's agentic mode and it could take a codebase as context and do simple tasks for me to review. This was great for adding admin classes to my existing project or creating __str__ methods for my models. But I often found myself going in circles when building out a larger feature. Over the summer Brian Casel launched Agent OS and along with it came another term - spec-driven development. It took me some time to get my head around the concept, but I really have gotten in to the flow over the last month. Using Agent OS has allowed me to build out features with remarkable speed. Features that probably would have taken weeks were compressed into days or even hours. The key with this process is getting the AI to have layers of context (standards, product, specs) and it starts way before code, most of my time is spent reviewing markdown files, then it's prompting the AI of choice to execute a task one at a time (or a few in a row) with me reviewing the output and making manual adjustments … -
My Django On The Med 2025 🏖️
A summary of my experience at Django On The Med 2025 told through the posts I published on Mastodon during the conference. -
Django News - 🥧 Python 3.14 is released! - Oct 10th 2025
News Python 3.14.0 (final) is here! Python 3.14.0 release offers new free-threaded support, deferred annotations, template string literals, multiple interpreters, and performance optimizations beneficial to Django backends. blogspot.com Python Insider: Python 3.13.8 is now available Python 3.13.8 releases approximately 200 bug fixes, build improvements, and documentation updates for enhanced stability and performance, benefiting Django projects and upgrades. blogspot.com Python 3.x security release This week we saw security releases for every active Python version: Python 3.9.24, Python 3.10.19, Python 3.11.14, and Python 3.12.12. Django Newsletter Updates to Django Today 'Updates to Django' is presented by Pradhvan from Djangonaut Space!🚀 Last week we had 13 pull requests merged into Django by 7 different contributors - including a first-time contributor! Congratulations to Chaitanya Keyal for having their first commits merged into Django - welcome on board! 🎉 This week's Django highlights 🌟 Django dropped support for PostgreSQL 14 and PostGIS 3.1, completing the transition to newer database versions as these older releases reach end-of-life. QuerySet.values_list(flat=True) without a field is now deprecated, clarifying the API by requiring explicit field specification rather than relying on implicit primary key selection. Documented unique constraint requirement when migrating ManyToManyField to use a through model, helping developers avoid subtle … -
Django: Introducing django-http-compression
HTTP supports response compression, which can significantly reduce the size of responses, thereby decreasing bandwidth usage and load times for users. It’s a cheap and valuable technique for improving website performance. Lighthouse, Google’s web performance auditing tool, recommends enabling compression where it is not enabled, presenting estimated bandwidth savings. For example, on one client site, it estimated a 64KiB (65%) saving on a dashboard page: For Django projects, many deployment situations will let you enable response compression at the web server or CDN level. But there are still cases where you may not have that option or it’s inconvenient, such as with some PaaS providers. In such situations, you can use Django’s built-in GZipMiddleware to use Gzip compression—pop it in MIDDLEWARE, above any middleware that modifies the response content: MIDDLEWARE = [ ..., "django.middleware.gzip.GZipMiddleware", ..., ] …and hey presto, instant site-wide compression! Browsers and HTTP clients have supported Gzip for decades, so practically all visitors will benefit. Django’s Gzip support dates back to 2005, before its 1.0 release. Since then, two newer compression algorithms have been developed and achieved wide support: Brotli and Zstandard. Both offer better compression ratios than Gzip, with Zstandard even matching Gzip on speed. Python 3.14, … -
Django & REST & APIs
While lamenting that I'm not in Spain for Django on the Med (but do have other events to go to), I have been reading the recent forum thread about Django & REST and it has provoked some thoughts, some of which I shared directly in the thread, but I hope to expand on them here and likely in another post as I'm not quite done prototyping my ideas. First there is some obvious core work that needs to be done: Document the current options as a how-to/guide for building with Django and some measure of guidance for how to choose perhaps. Personally I would be happy with getting an AI agent to do a first pass of a page like this. Get the in progress tickets finished. That mostly being modernising content negotiation in the request object. Once we have those in place we are a starting point to focus the main components that make up an API in Django. Primarily it's as follows: URLs or groups of URLs Views or groups of URLs Serializing data & deserializing data. Most of the focus has mostly been on the serialization component, in terms of which option to pick to include or … -
Run Django tests using PostgreSQL in GitHub Actions
Did you know that you can run unit tests for your Django app, in GitHub Actions, using PostgreSQL? I’m a little bit ashamed to admit that I had absolutely no idea until today. I really thought that I was forced to run my unit tests using Sqlite. And while most of the time that works perfectly fine, there are times when your Django app is using PostgreSQL-exclusive features and having to work around that in CI becomes a real pain. It’s also just a good idea to stay as close to the production setup as possible when running your tests. Turns out that it’s actually really simple to use a real PostgreSQL database in GitHub Actions! Here’s a minimal example workflow that installs your dependencies, starts a PostgreSQL 15 service, and runs your Django tests, all inside CI: .github/workflows/tests.yml name: Unit tests on: push: branches: ["develop"] pull_request: branches: ["develop"] env: DEBUG: "True" DATABASE_URL: "postgres://postgres:postgres@postgres:5432/test_soundradix" SECRET_KEY: "unit-tests" jobs: build: runs-on: ubuntu-latest services: postgres: image: postgres:15 env: POSTGRES_PASSWORD: postgres POSTGRES_DB: test_soundradix options: >- --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 strategy: max-parallel: 4 steps: - uses: actions/checkout@v3 - uses: astral-sh/setup-uv@v3 - run: uv python install - run: uv sync --group dev … -
DjangoCon US 2025: A Celebration of Community, Code and 20 Years of Django
Celebrating 20 years of Django DjangoCon US 2025 was a milestone year for the community, as we gathered in Chicago to celebrate 20 years of Django. Attendees from around the world came together to learn about the latest developments, share their work, and strengthen the bonds that make DjangoCon such a special event. Caktus was well-represented once again, with our team contributing as organizers, speakers, and active participants throughout the week. -
Django: one ORM to rule all databases 💍
Comparing the Django ORM support across official database backends, so you don’t have to learn it the hard way. -
My DjangoCon US 2025
A summary of my experience at DjangoCon US 2025 told through the posts I published on Mastodon during the conference. -
Resurrecting the Original Django Book
The original DjangoBook is now online again at DjangoBook.com -
Django News - Wagtail Space 2025 - Oct 3rd 2025
News Django security releases issued: 5.2.7, 5.1.13, and 4.2.25 Django patches high-severity SQL injection and low-severity directory traversal vulnerabilities across QuerySet methods and archive extraction in security updates for Django 5.2, 5.1, and 4.2. djangoproject.com Keyboard shortcuts in Django via GSoC 2025 Somehow we missed including this earlier in September, but it's a lovely writeup of a Google Summer of Code project to add keyboard shortcuts to the admin interface. djangoproject.com Phishing attacks with new domains likely to continue A new phishing campaign targeting PyPI users using similar tactics to previous campaigns. pypi.org Welcome to Session 5 Teams Session 5 launches with six teams of contributors advancing projects across the Django ecosystem, including Django, djangoCMS, Wagtail, Django Debug Toolbar, and Django Packages. djangonaut.space Updates to Django Today 'Updates to Django' is presented by Pradhvan from Djangonaut Space!🚀 Last week we had 20 pull requests merged into Django by 13 different contributors - including 3 first-time contributors! Congratulations to prepa24, Samriddh Tripathi, and Ruhm for having their first commits merged into Django - welcome on board! 🎉 This week's Django highlights 🌟 QuerySet.in_bulk() now works after .values() or .values_list(), making it easier to fetch dictionary mappings from filtered querysets without needing … -
Django Fellow - Jacob Walls
🔗 LinksJacob’s websiteDjango 6.0 Release NotesWhat skills does SWE-bench Verified evaluate?Django on the Me📦 Projectsdjango-watchfilesdjango-admin-keyshortcutsdjango-sql-migrate-deux📚 BooksSoftware Design by Example - Greg WilsonAmerica Day by Day - Simone de BeauvoirThe Hunting Gun - Yashushi Inoue🎥 YouTubeYouTube Channel: @djangochatSponsorThis episode was brought to you by HackSoft, your development partner beyond code. From custom software development to consulting, team augmentation, or opening an office in Bulgaria, they’re ready to take your Django project to the next level! -
I Miss Tabs vs Spaces... And Other AI Musings
A written guide to my DjangoCon US talk on deploying machine learning models with Django. -
Doing community for the long haul
For some reason I have been putting off writing this one, perhaps because it feels vunerable to me in this (public) context of my life. That said I am pushing through as I think there is some interesting content and idea's to be had below. The content below started to form in my head from some questions posed by Tim Schilling in the Djangonaut Space Discord space. Session 5 has just started which is great, but his question was what to do around those that don't get selected? My initial response to this was maybe something along the lines of mastermind groups that are fairly common in other communities, for me I have seen it within founder circles where those at a similar level come together to help each other out. What's key for both Djangonaut Space and mastermind's is that they are small groups. Carlton highlighted small groups in his DjangoCon Europe talk this year, especially in regards to trusting others. I have seen this with Moderators and Helpers in the Discord server, the smaller space allows for increased trust, which in turn allows for other conversations to happen that are not purely about Django, they are about our … -
Per-object Permissions for Elasticsearch Lists in Django Websites
The Challenge Elasticsearch improves the performance of filterable and searchable list views, reducing load times from several seconds to about half a second. It stores list view details from various relations denormalized in a JSON-like structure. In the Django-based system I’ve been working on, we use django-guardian to set per-object permissions for users or roles managing various items. This means you not only need to check whether a user has general permission to view, change, or delete a type of object, but also whether they have permission to access specific objects. A major challenge arises when using Elasticsearch for authorized views based on user permissions – how can we check permissions without slowing down the listing too much? Things We Considered Here are a few options I compared: Check all object UUIDs the user can access via django-guardian, then pass those UUIDs to the Elasticsearch search query. This might work with fewer than 100 items, but it doesn’t scale. Filter the Elasticsearch list first, and then check each item’s UUID against user permissions. With thousands of search results, permission checks become too slow. If I check permissions only for the first page, pagination data becomes inaccurate. Create a user-permission Elasticsearch … -
Django News - django.tasks exists - Sep 26th 2025
News Django Fellow Sarah Boyce - Maternity leave announcement At the end of this month, Sarah will be stepping away from her role as Django Fellow for some time while out on maternity leave. djangoproject.com PostgreSQL 18 Released! PostgreSQL 18 delivers major performance and usability improvements, including a new asynchronous I/O system with up to 3× faster reads, less disruptive major version upgrades, and smarter indexing and query optimizations. postgresql.org Nanodjango.dev is live! A dedicated website for the nanodjango project that puts full Django in a single file. Automatically convert it to a full project. nanodjango.dev Updates to Django Today, "Updates to Django" is presented by Raffaella from Djangonaut Space ! 🚀 Last week we had 28 pull requests merged into Django by 19 different contributors - including 5 first-time contributors! Congratulations to jrsenthil-kumar2312, Saksham Jain, Caitlin B, 윤수진, and DaniF for having their first commits merged into Django - welcome on board! News for 6.0: Django now includes a built-in Tasks framework for running code outside the HTTP request–response cycle. (ticket: 35859 ) The new Lexeme <django.contrib.postgres.search.Lexeme> expression for full text search provides fine-grained control over search terms. News for 6.1: The class django.contrib.contenttypes.fields.GenericForeignKey now uses a separate descriptor … -
Django: Introducing django-watchfiles, for more efficient runserver autoreloading
Django’s runserver automatically reloads when you change Python files. Without this autoreloading feature, you’d need to manually restart the server every time you made a code change. However, the default autoreloading implementation is inefficient, as it constantly polls the filesystem for changes. The alternative to polling is to use your operating system’s file watching APIs, which can efficiently notify the server when files change. Using this technique saves CPU and power, while making reloads faster and more reliable—all in all, a big win! But since these APIs are OS-specific, it’s best for Django to use a cross-platform library that wraps them. Django provides an integration with Facebook’s Watchman, which works as a file watching server. While I appreciate this integration, it does require installing, running, and maintaining an extra tool (Watchman itself). Additionally, the Python client library for Watchman, pywatchman, seems to be rather unmaintained. Most notably, it was broken on Python 3.10, and the fix was not released for 2.5 years, after Python 3.12 was released. I promoted the Watchman integration on this blog and in the first version of Boost Your Django DX, which came out just after Python 3.10 was released. But since pywatchman was broken, my …
