Django community: RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
Django: Detect the global privacy control signal
Global Privacy Control (GPC) is a specification for web browsers to signal website operators not to share or sell the user’s data. This signal is intended to exercise legal data privacy rights such as those provided by the California Consumer Privacy Act (CCPA) or the EU’s General Data Protection Regulation (GDPR). While GPC is a proposal, support has been implemented in Firefox and several other privacy-focused browsers and extensions. The GPC C specification is deliberately simple to implement with only a few moving pieces. Everything is covered in the implementation guide and demo site. In this post, we’ll look at implementing GPC within a Django project with code samples you can adapt. Because GPC is simple but requires very situation-dependent actions, it would be hard to build any specific support into Django or a third-party package. The GPC signal (sec-gpc header) When enabled, the browser sends a sec-gpc header with a value of 1, known as the GPC signal. It’s up to your site to save that the signal was seen for the user and act accordingly, depending on applicable regulations. You can check the header in a Django view like so: def index(request): ... gpc_enabled = request.headers.get("sec-gpc", "") == … -
Django News - Understand Django - Dec 22nd 2023
News Python Developers Survey 2023 If you haven't already done so, we encourage you to complete the Python Developers Survey 2023 to share your thoughts. alchemer.com Tailwind CSS v3.4: Dynamic viewport units, :has() support, balanced headlines, subgrid, and more Tailwind CSS v3.4 was just released. This announcement highlights new features like dynamic viewport height units, parent-child styling with the :has() pseudo-class and * variant, text wrapping utilities, subgrid support, and extensions to existing utility scales. tailwindcss.com Django Software Foundation DSF Board monthly meeting, December 14, 2023 DSF Board monthly meeting minutes from the December 14, 2023 meeting. djangoproject.com Updates to Django Last week we had 19 pull requests merged into Django by 11 different contributors - including 5 first time contributors! Congratulations to Viicos, Nanami, Emanuel Andrecut, Christian Clauss, and erosselli for having their first commits merged into Django - welcome on board! Here are the key updates from last week: From 5.1, QuerySet.order_by will support ordering by annotation transforms such as JSONObject keys and ArrayAgg indices (#34013). From 5.1, accessible names for screen readers have been added to the "Add" / "Change" buttons in the Django Admin (#34909). The accessibility team are now publishing their meeting notes on the … -
Don’t Start Pull Requests from Your Main Branch
When contributing to other users’ repositories, always start a new branch in your repository. -
Sign Up - Building SaaS #178
In this episode, we did some work on the sign up template. In the process, we added some base template styling, talked about branding, and considered the other elements that are required before we can turn on sign up for others. I also cover waffle as a feature flag tool. -
Sign Up - Building SaaS with Python and Django #178
In this episode, we did some work on the sign up template. In the process, we added some base template styling, talked about branding, and considered the other elements that are required before we can turn on sign up for others. I also cover waffle as a feature flag tool. -
Understand Django - Matt Layman
MattLayman.comIncluded Health Software Estimation: Demystifying the Dark Art Understand Django Book@MattLayman on YouTubeDjango Riffs podcast Django Chat #82: Telemedicine with Matt Layman Support the ShowLearnDjango.comButtonDjango News newsletter -
Managing Technical Debt
My playbook for managing technical debt. -
Weeknotes (2023 week 50)
Weeknotes (2023 week 50)django-imagefield The path building scheme used by django-imagefield has proven problematic: It’s too likely that processed images will have the same path. I have changed the strategy used for generating paths to use more data from the source; it’s now possible (and recommended!) to set IMAGEFIELD_BIN_DEPTH to a value greater than 1; 2 or 3 should be sufficient. The default value is 1 which corresponds to the old default so that the change won’t be backwards incompatible. However, you’ll always get a deprecation warning if you don’t set a bigger value yourself. The default will probably change in the future. Advent of Code I have always felt a bit as an imposter because I do not have any formal CS education; not so much in the last few years but certainly earlier in my career. I have enjoyed participating in the Advent of Code 2022 a lot and I have definitely learned to know when to use and how to use a few algorithms I didn’t even know before. I’m again working through the puzzles in my own pace and have managed to solve almost all of them up to today this year. There still are some … -
Django News - 2023 Malcolm Tredinnick Memorial Prize Winner - Dec 15th 2023
News 2023 Malcolm Tredinnick Memorial Prize awarded to Djangonaut Space Djangonaut Space, run by organizers Dawn Wages, Rachell Calhoun, Sarah Abderemane, Sarah Boyce, and Tim Schilling, is a mentoring initiative dedicated to expanding contributions and diversifying contributors within the Django community. djangoproject.com Python Release Python 3.12.1 Python 3.12 is the newest major release of the Python programming language, and it contains many new features and optimizations. 3.12.1 is the latest maintenance release, containing more than 400 bugfixes, build improvements and documentation changes since 3.12.0. python.org Python Insider: Python 3.11.7 is now available Python 3.11.7 is the newest major release of the Python programming language, and it contains many new features and optimizations. blogspot.com The State of Developer Ecosystem in 2023 Infographic This report is the culmination of insights gathered from 26,348 developers from all around the globe. jetbrains.com Python Software Foundation: "🐍📣 We have extended the Python…" - Fosstodon The Python Developers Survey for 2023 has been extended. Please help the PSF accurately represent the Python community by taking the survey, sharing this post, and sending to your local networks #python https://survey.alchemer.com/s3/7554174/python-developers-survey-2023 fosstodon.org 2FA Requirement for PyPI begins 2024-01-01 PyPI will require 2FA for all users on Jan 1, 2024. … -
django-json-schema-editor
django-json-schema-editorI have extracted a JSON editing component based on @json-editor/json-editor from a client’s project and released it as open source. It isn’t the first JSON editing component by far but I like it a lot for the following reasons: It works really well. It supports editing arrays of objects using a tabular presentation. Tabular isn’t always better, but stacked definitely isn’t always better as well. The data structure is defined as JSON schema,the data which is being entered is validated on the server using the fastjsonschema library. Having a schema and schema-based validation fixes most problems I have with less structured data than when using only Django model fields (without JSON). Here’s a screenshot of the editing component used as a django-content-editor plugin: Within the first few days of having released the package it has already proven useful in several other projects. A pleasant (but not totally unexpected) surprise. Links: PyPI GitHub -
Django: Sanitize incoming HTML fragments with nh3
A fairly common situation in a Django project is where you need to store and serve arbitrary HTML fragments. These often come from forms with rich text editors (using HTML’s contenteditable). It’s insecure to trust user-generated HTML fragments since they can contain naughty content like: <script src=https://example.com/evil.js></script> A page containing this content would execute the arbitrary code in evil.js, possibly stealing user details. This technique is a Cross-Site Scripting (XSS) attack. Whilst a strong Content Security Policy can reduce the possible effects of arbitrary content, it’s still best to “sanitize” incoming HTML fragments, allowing only safe content into your database. This way, there’s no chance of future changes allowing XSS attacks through. For years, the Django community has relied on the Bleach package for HTML sanitization, either directly or via django-bleach. But in January this year, Will Kahn-Greene, the Bleach maintainer, announced it was deprecated. This move is due to the underlying HTML parser package, html5lib, going unmaintained. Since 2021, there has been a new package for the task, nh3, created and maintained by Messense Lv. Playing off of “bleach”, it is named after the chemical formula for Ammonia, which is also the name for its underlying HTML parser package. … -
Django Quiz 2023
This evening I held a quiz at the December London Django Meetup Group. The quiz is a regular tradition: this was the fifth quiz that I’ve presented, and the sixth overall. Here it is so you can try it at home - answers are at the bottom. Dates refer to today, the 11th December 2023, so if you’re looking in the future, take that into consideration. Enjoy! The quiz 1. What is the latest released version of Django? 5.0 4.2.8 5 LTS 2023.12 2. Who is the framework named after? Django Freeman, protagonist of the Quentin Tarantino movie Django Unchained The Djanju, or Django, Aboriginal Australian people Django Reinhardt, jazz guitarist Django Tango, inspiration for Tango soda 3. Which transport protocol does HTTP/3 use? QUIC QWIKER TCP/IP Cloudflare Pro 4. What is the outer HTML element for a collapsible section? <collapse> <summary> <details> <revelation> 5. What is the name of the new database-computed field class? VirtualColumn DBComputedField GeneratedField JustComputeItField 6. How many years since Django’s first “Preparing for launch” blog post? 7 16 18 Innumerable 7. What is the management command to create migrations files? createmigrations gen_migrations makemigrations make-database-up-to-date --please 8. Which name did PostgreSQL have before 1996? Postgres GreSQL … -
Tailwind CSS on Python and Heroku - Building SaaS
Tailwind CSS is a fantastic tool for making CSS easy to use on your webapps. On the video, I added Tailwind CSS to my Django app and showed how to use it and deploy it to Heroku (which required some extra configuration for JavaScript support). -
Django: Defer a model field by default
Some models have one or a few large fields that dominate their per-instance size. For example, take a minimal blog post model: from django.db import models class Post(models.Model): blog = models.ForeignKey("Blog", on_delete=models.CASCADE) title = models.TextField() body = models.TextField() body is typically many times larger than the rest of the Post. It can be a good optimization to defer() such fields when not required: def index(request): posts = Post.objects.defer("body") ... Deferred fields are not fetched in the main query, but will be lazily loaded upon access. Deferring large fields can noticeably reduce data transfer, and thus query time, memory usage, and total page load time. When most usage of a model does not require the field, you might want to defer a field by default. Then you don’t need to sprinkle .defer(...) calls everywhere, and can instead use .defer(None) in the few sites where the field is used. Defer by default with a custom base manager To defer fields by default, follow these steps: Create a manager class that makes the appropriate defer() call in its get_queryset() method. Attach the manager to the model, ideally as objects. Make the manager the Model’s base manager by naming it in Meta.base_manager_name. (This manager … -
Tailwind CSS on Python and Heroku - Building SaaS
Tailwind CSS is a fantastic tool for making CSS easy to use on your webapps. On the video, I added Tailwind CSS to my Django app and showed how to use it and deploy it to Heroku (which required some extra configuration for JavaScript support). -
Database generated columns⁽³⁾: GeoDjango & PostGIS
An introduction to database generated columns, using PostgGIS, GeoDjango and the new GeneratedField added in Django 5.0. -
WhiteNoise For Static Files - Building SaaS
This video is all about adding the popular WhiteNoise package into my Django app to serve static files (e.g., CSS, JavaScript, and images) directly from the app. I walk through the process from start to finish and deploy it live to show how things work. -
WhiteNoise For Static Files - Building SaaS
This video is all about adding the popular WhiteNoise package into my Django app to serve static files (e.g., CSS, JavaScript, and images) directly from the app. I walk through the process from start to finish and deploy it live to show how things work. -
Django News - Django 5.0 Released! - Dec 8th 2023
News Django 5.0 released The Django team is happy to announce the release of Django 5.0. The release notes cover a deluge of exciting new features in detail. djangoproject.com Django bugfix release: 4.2.8 Django 4.2.8 fixes several bugs in 4.2.7 and adds compatibility with Python 3.12. djangoproject.com Updates to Django Last week we had 23 pull requests merged into Django by 12 different contributors - including 5 first time contributors! Congratulations to Peter Thomassen, Mark Walker, KimSia Sim, Nathaniel Conroy, and Adrien for having their first commits merged into Django - welcome on board! The main update is 🥁🥁🥁 Django 5.0 is out!!! Huge congratulations to everyone who made this happen and special thank you to the Django Fellows (we couldn't do this without them). Help needed 📢 Are you a selenium expert? Introduce yourself in #contributor-discussions, we have lots of things we'd love to discuss with you! Our Croatian translation coordinator is stepping down, can you step up? Django Newsletter Wagtail CMS Wagtail 5.2.2 release notes Wagtail 5.2.2 adds support for Django 5.0 and includes a half dozen bug fixes. wagtail.org Sponsored Ad Sick of performance issues? Enter Scout's APM tool for Python apps. Easily pinpoint and fix slowdowns … -
Operations, WhiteNoise, and Tailwind - Building SaaS #177
In this episode, I worked through a couple of issues discovered after having the site be operational for real use. From there, we moved onto some fundamental technology and integrated WhiteNoise to handle static files for the application. After adding WhiteNoise, we hooked up Tailwind CSS. -
Django: Fix version 5.0’s URLField.assume_scheme warnings
Since Django’s inception, the web has gradually moved from HTTP to HTTPS, a welcome move for security. But the history has meant older parts of Django have had a lingering HTTP bias. Many of these have been migrated to default to HTTPS instead in previous versions. Django 5.0 starts the migration of another HTTP bias in forms.URLField. The old behaviour: when URLField is provided a URL without a scheme, it assumes it to be “http”: In [1]: from django import forms In [2]: forms.URLField().to_python('example.com') Out[2]: 'http://example.com' Django 5.0 has started a deprecation process to change this default to “https” (Ticket #34380). This version shows a PendingDeprecationWarning when instantiating a URLField: In [1]: from django import forms In [2]: forms.URLField().to_python('example.com') <ipython-...>:1: RemovedInDjango60Warning: The default scheme will be changed from 'http' to 'https' in Django 6.0. Pass the forms.URLField.assume_scheme argument to silence this warning. forms.URLField().to_python('example.com') Out[2]: 'http://example.com' Here’s that warning message in a more readable format: RemovedInDjango60Warning: The default scheme will be changed from 'http' to 'https' in Django 6.0. Pass the forms.URLField.assume_scheme argument to silence this warning. Django 5.1 will turn that into a DeprecationWarning and Django 6.0 will change the default and remove the warning. Here’s the related release note: … -
Operations, WhiteNoise, and Tailwind - Building SaaS with Python and Django #177
In this episode, I worked through a couple of issues discovered after having the site be operational for real use. From there, we moved onto some fundamental technology and integrated WhiteNoise to handle static files for the application. After adding WhiteNoise, we hooked up Tailwind CSS. -
Kolo for Django - Lily Foote
Kolo for Django Lily on GitHub Add Field.db_default for defining database defaults ticket and in the 5.0 release notes Add the ability to use database-level CHECK CONSTRAINTSKivy Support the ShowLearnDjango.comButtonDjango News newsletter -
How to Increase Swap File Size on a Linux Server
Note: This tip should work on most Linux-based servers, such as Ubuntu, Debian, OpenSUSE, Fedora, and CoreOS. A swap space is very handy when our server is running at the limits of its memory. Often, especially on VPS, the swap space file size is very small. You can check the … Read now -
Mercurial Mirror For Django 5.0 Branch
The mirror is up and running since the first beta or so, but I forgot to mention it on the blog. Now that 5.0 is officially released, it seems a perfect timing to fix that. For the record, those mirrors are read-only, and aimed at production (aka “I want an easy way to update Django […]
