Django community: RSS
This page, updated regularly, aggregates Django Software Foundation from the Django community.
-
Nominate a Djangonaut for the 2025 Malcolm Tredinnick Memorial Prize
Hello Everyone 👋 It is that time of year again when we recognize someone from our community in memory of our friend Malcolm. Malcolm was an early core contributor to Django and had a huge influence on Django as we know it today. Besides being knowledgeable he was also especially friendly to new users and contributors. He exemplified what it means to be an amazing Open Source contributor. We still miss him to this day. The prize Our prizes page summarizes it nicely: The Malcolm Tredinnick Memorial Prize is a monetary prize, awarded annually, to the person who best exemplifies the spirit of Malcolm’s work - someone who welcomes, supports, and nurtures newcomers; freely gives feedback and assistance to others, and helps to grow the community. The hope is that the recipient of the award will use the award stipend as a contribution to travel to a community event -- a DjangoCon, a PyCon, a sprint -- and continue in Malcolm’s footsteps. Please make your nominations using our form: 2025 Malcolm Tredinnick Memorial Prize nominations. Nominations are welcome from everyone. Submit a nomination We will take nominations until Saturday, September 27th, 2025, 23:59 Anywhere on Earth, and will announce the … -
Getting Started With Open Source Through Community Events
In July, I joined Raffaella Suardini and Sage Abdullah for the Djangonaut Space Space Reviewers Episode 6, where we reviewed a Django PR during a live stream. This was a fun event. I won’t get into the technical aspects of the review, and I won’t point out the many mistakes I made. Instead, I want to revisit several “getting started with open source” community events and reflect on my personal growth since I first got involved with open source. I hope this encourages others to attend those events and similarly get involved! Tutorial office hours 🕐 My first open source contribution happened accidentally during DjangoCon US 2023. I volunteered to host office hours to help tutorial attendees set up their development environments. I went through the tutorial projects, found a missing dependency in one of them, and reported it on the conference chat. A conference organizer, Tim Schilling, responded and suggested that I open a pull request (PR) to the project. I remember thinking to myself, “Really? I can do that?”. Sprints 🏃 During the Sprint Days of the conference, I participated and opened two PRs to address accessibility issues. I didn’t know much about accessibility at that point, and … -
DSF at EuroPython 2025: Celebrating 20 years of Django
This year, the Django Software Foundation (DSF) was invited by EuroPython to come to the event, showcase the framework and the vibrant community around it. The DSF had a booth in the community area where attendees could learn more about Django and meet maintainers. This year was extra special: Django’s 20th birthday was right at the beginning of the conference! The milestone was marked in style, starting on Wednesday evening at Pyvo, the local Python community meetup in Prague, where we celebrated with a cake. On Friday, the celebration continued with an open-space gathering at the conference — and, of course, another cake 🎂. For people who missed this, there are other local Django birthday events running through the rest of 2025! View all local 20th birthday events Adding to the festive atmosphere, the DSF shared stickers co-branded with their unofficial pony mascot and the EuroPython and EuroPython Society logos. These became an instant hit with attendees, combining Django’s playful mascot with EuroPython Society’s identity. The Django community was also active during the sprint weekend. Over two days, 21 participants worked on Django, tackling 12 issues and merging 4 pull requests. For newcomers, it was a welcoming way to start … -
Last call for DjangoCon US 2025 tickets!
DjangoCon US starts next week in Chicago, IL on September 8-12th, 2025! With three amazing keynotes and over fifty presentations over three days, join us in person or online where you can watch presentations on your own schedule or stream live with us during the live event. Can't make it to Chicago? Our online tickets give you the best of both worlds. Watch live as it happens or catch up on your own schedule – all talks will be available to stream throughout the conference and beyond. You'll get the same great content, participate in online discussions, and join our vibrant community from wherever you are. Plus, with two days of virtual sprints alongside our in-person sprints, online attendees can contribute to Django projects and collaborate with the community just like everyone else. Get your ticket today before it's too late! Check out the full schedule, visit 2025.djangocon.us for more details, or contact us at hello@djangocon.us with any questions. -
Keyboard shorcuts in Django via GSoC 2025
This summer I participated in the Google Summer of Code program with Django. My work focused on introducing keyboard shortcuts to the Django admin interface which led to a new package: django-admin-keyshortcuts. Proposal and Community Discussions My original GSoC proposal was to improve the existing django-admin-keyboard-shortcuts package maintained by one of my mentors, Tom. The plan was to fix bugs, add new keyboard shortcuts, build a command palette, and eventually merge these features into Django's core admin. I initially thought getting my GSoC proposal accepted meant I could dive straight into coding. But Tom explained that Django has its own process for new features, which starts off with community discussions. After posting on the forum and gathering feedback, we decided to focus on keyboard shortcuts only, and continue exploring that in packages rather than target Django core immediately. This way the feature can be tested and improved more quickly without waiting on Django's long release cycle. The accessibility team helped drafting keyboard shortcuts outlining key requirements and expected outcomes, in particular making sure shortcuts would be widely compatible with browsers and assistive technologies. That document served as the base for developing django-admin-keyshortcuts. django-admin-keyshortcuts This package adds useful keyboard shortcuts to … -
Django security releases issued: 5.2.6, 5.1.12, and 4.2.24
In accordance with our security release policy, the Django team is issuing releases for Django 5.2.6, Django 5.1.12, and Django 4.2.24. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases FilteredRelation was subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias(). Thanks to Eyal Gabay (EyalSec) for the report. This issue has severity "high" according to the Django security policy. Affected supported versions Django main Django 5.2 Django 5.1 Django 4.2 Resolution Patches to resolve the issue have been applied to Django's main, 5.2, 5.1, and 4.2 branches. The patches may be obtained from the following changesets. CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases On the main branch On the 5.2 branch On the 5.1 branch On the 4.2 branch The following releases have been issued Django 5.2.6 (download Django 5.2.6 | 5.2.6 checksums) Django 5.1.12 (download Django 5.1.12 | 5.1.12 checksums) Django 4.2.24 (download Django 4.2.24 | 4.2.24 checksums) The PGP key ID used for this release is : 3955B19851EA96EF General notes regarding security reporting As … -
DSF member of the month - Lilian
For August 2025, we welcome Lilian as our DSF member of the month! ⭐ Lilian contributes to the community by writing blog posts, being active in the Django forum and participating in code reviews with the Space Reviewers. Starting as a participant in the first Djangonaut Space session, she progressed to become both a Captain and Session organizer. She has been a DSF member since March 2024. Lilian is looking for new opportunities! You can learn more about Lilian by visiting Lilian's website and her GitHub Profile. Let’s spend some time getting to know Lilian better! Can you tell us a little about yourself (hobbies, education, etc)? My name is Lilian and I started contributing to Django during the sprint days of DjangoCon US 2023. I continued contributing through the Djangonaut Space program, where I've been involved as a mentee, a mentor, and a session organizer. I love the impact the program brings to Django and how it has helped so many individuals in various ways. My hobbies include cooking and sharing meals with my friends and volunteering at local events. I'm curious, where does your GitHub nickname come from? Haha, towhee is a bird and I just prefixed it … -
Building better APIs: from Django to client libraries with OpenAPI
tl;dr A summary of resources and learnings related to building REST API I put together over the last couple of years. Complete API development workflow from Django backend to frontend clients using Django REST Framework, drf-spectacular for OpenAPI spec generation, and automated client generation with openapi-generator. Big productivity boost! There is a lot of discussion about frameworks for building REST APIs, some of them being even able to generate OpenAPI specs directly for you. Django is not quite known for that, but there are ways of doing this by automating most of the process while being very productive and offering your team a clean developer experience. Overview The stack I prefer makes use of several additional modules you will require: django-rest-framework and drf-spectacular alongside Django. REST Framework helps you extend your application in order to have a REST API, while drf-spectacular will help you the ability to generate the OpenAPI spec (standalone post: Create OpenAPI spec for Django REST Framework APIs. After having the OpenAPI spec, you can generate clients with openapi-generator. Here is an example I mapped out of generating an Angular client: Step-by-step process There is also a recording from my GLT 2025 talk where I summarize most … -
Welcome Our New Fellow - Jacob Tyler Walls
We are pleased to welcome Jacob Tyler Walls as the newest member of the Django Fellowship team. Jacob joins Natalia Bidart and Sarah Boyce, who continue in their roles as Django Fellows. Jacob is a full-stack developer and open-source maintainer with five years of experience using and contributing to Django. He got involved in open source thanks to music technology. After majoring in music and philosophy at Williams College, Jacob earned a Ph.D. in music composition from the University of Pennsylvania. Programming coursework both fed into his creative output and also led to roles as a Python generalist working on music information retrieval and as a developer for an interactive music theory instruction site using Django. As a member of Django’s Triage & Review Team, Jacob is passionate about software testing and eager to pay forward the mentorship he received as a contributor. Jacob also co-maintains the Python projects music21 and pylint. Most recently, as part of his work as a core developer of Arches, an open-source Django/Vue framework for managing cultural heritage data, Jacob had the opportunity to explore the expressive potential of Django’s ORM. He gave a DjangoCon talk on his experience adapting QuerySets to work with highly … -
Django’s accessibility contributing guide
The Django accessibility team is excited to announce that our accessibility contribution guidelines are now live in the documentation 🎉 These new guidelines are designed to support contributors in making Django more accessible to all users — including those who navigate the web using screen readers, keyboard-only inputs, and other assistive technologies. They outline practical steps for designing and testing accessible user interfaces, how to contribute, follow up on ongoing accessibility issues, and contact the team. For beginners, we also recommend resources like The A11Y Project to get started. We welcome your feedback and contributions as we continue to improve accessibility across the Django ecosystem! Come say hi on the Django Forum: Accessibility contributing guide. -
Django bugfix release issued: 5.2.5
Today we've issued the 5.2.5 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is : 3955B19851EA96EF -
DSF member of the month - Jake Howard
For July 2025, we welcome Jake Howard as our DSF member of the month! ⭐ Jake actively shares his knowledge through blog posts and community talks. He is part of the Security Team Working Group and he created the DEP 14. He has been a DSF member since June 2024. You can learn more about Jake by visiting Jake's website and his GitHub Profile. Let’s spend some time getting to know Jake better! Can you tell us a little about yourself (hobbies, education, etc) I’m Jake. I’m a Senior Systems Engineer at Torchbox, where I’ve been for a little over 4 years. “Systems Engineer” is a fairly loaded title, and means different things to different people. I like to describe it as doing everything technical to do with Software Engineering which isn’t Programming (Sysadmin, Devops, IT support, Security, Networking), but also doing a fair bit of Programming. Most of my hobbies revolve around technology. I’m an avid self-hoster, running applications on servers both in “the cloud” and in my house. There’s been a server of some kind in my house for the last 10 years. I’m generally quite a private person, so I like to know what’s happening to my … -
Djangonaut Space is looking for contributors to be mentors
Hello Django 🌌 Universe! 🛰️ This is Djangonaut Space phoning home about Session 5! We're recruiting technical mentors (Navigators) to join our next 🌟stellar🌟 mission. 👩🚀 We are looking for people who regularly contribute to Django or a Django related package, that want to mentor others. Our next session will be Oct-Nov. 🚀 Come join us and be a cosmic contributor! Express your interest to be a mentor here. 📚 Want to learn more about what it means to be a Navigator: Here's a high-level overview of the role Here's the workbook each Navigator is provided 🤝 Interested people will have to complete a 30 minute meet & greet type interview with organizers. ✋ If you're interested in applying to be a Djangonaut, applications will open and close in September (dates to be determined). The latest information will be posted on our site, djangonaut.space. Please follow our social media accounts or subscribe to our newsletter for announcements. ☄️ We'll see you around the cosmos! Djangonaut Space session organizers -
DjangoCon Africa 2025 Heads to Arusha 🇹🇿
We’re excited to share that DjangoCon Africa is returning this year — and this time we’re heading to Arusha, Tanzania from August 11–15, 2025! 🎉 Arusha city view with Mount Meru in the background, credits Halidtz - CC BY-SA 4.0 This second edition builds on the incredible success of the inaugural DjangoCon Africa held in Zanzibar in 2023. That event welcomed over 200 attendees from 22+ countries, with more than half of the participants being women — a powerful statement about the growing diversity and strength of the African tech ecosystem. What to expect at DjangoCon Africa 2025 Five action-packed days of: 💬 Talks Three full days of diverse talks spanning programming, technology, society, career development, business, education, and more — all with voices from across Africa and around the globe. 🖥️ Workshops Hands-on training led by Django and Python experts — perfect for deepening your skills and learning new ones. 🤝 Sprints Join code sprints and contribute to open source projects, including Django itself. 👩💻 Django Girls workshop A special pre-conference workshop for women interested in web development — part of a global initiative that has introduced thousands of women to Django. 🔍 Discovery & connections Meet developers, designers, … -
Happy 20th birthday Django!
On July 13th 2005, Jacob Kaplan-Moss made the first commit to the public repository that would become Django. Twenty years and 400+ releases later, here we are – Happy 20th birthday Django! 🎉 Join the celebrations We want to share this special occasion with you all! Our new 20-years of Django website showcases all online and local events happening around the world, through all of 2025. As well as other opportunities to celebrate! Expect birthday cake 🎂 and singing Happy Birthday A special quiz or two? see who knows all about Django trivia Showcase of great community achievements View our 20th birthday website Support Django As a birthday gift of sorts, consider whether you or your employer can support the project via donations to our non-profit Django Software Foundation. For this special event, we want to set a special goal! Over the next 20 days, we want to see 200 new donors, supporting Django with $20 or more, with at least 20 monthly donors. Help us making this happen: Donate on the Django website Donate on GitHub sponsors Or check out how to become a Corporate Member Once you’ve done it, post with #DjangoBirthday and tag us on Mastodon / … -
Django bugfix release issued: 5.2.4
Today we've issued the 5.2.4 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E -
Our 2024 Annual Impact Report
Django has always been more than just a web framework; it’s a testament to what a dedicated community can build together. Behind every Django release, bug fix, or DjangoCon is a diverse network of people working steadily to strengthen our open-source ecosystem. To celebrate our collective effort, the Django Software Foundation (DSF) is excited to share our 2024 Annual Impact Report 🎉 In this report, you’ll discover key milestones, narratives of community folks, the impact of the events running throughout the year, and much more, ramping up to how we’re laying the groundwork for an even more resilient and inclusive Django community. 2024 Annual Impact Report Why we publish this report Transparency is essential for our community-driven organization. Everyone deserves to know how our work and investments translate into real impact. It’s more than just statistics. It’s our way to: Show how your contributions make a difference, with vibrant highlights from the past year. Reflect on community progress, recognizing the people and ideas that keep Django thriving. Invite more individuals and organizations to get involved. Looking ahead: call to action As we make progress through 2025, the Django Software Foundation remains dedicated to strengthening the ecosystem that supports developers, contributors, … -
Watch the DjangoCon Europe 2025 talks
They’re now all available to watch on YouTube, with a dedicated playlist ⭐️ DjangoCon Europe 2025 Dublin. For more quality Django talks in 2025, check out our next upcoming events! DjangoCon Africa 2025 Aug. 11, 2025 | Arusha, Tanzania 🇹🇿 DjangoCon US 2025 Sept. 8, 2025 | Chicago, Illinois, USA 🇺🇸 DjangoDay India Nov. 2, 2025 (tentative) | Bangalore, India 🇮🇳 All the DjangoCon Europe talks Welcome Session Keynote: Django needs you! (to do code review) End-to-end testing Django applications using Pytest with Playwright Turn back time: Converting integer fields to bigint using Django migrations at scale Data-Oriented Django Drei The fine print in Django release notes Django + HTMX: Patterns to Success How to solve a Python mystery Bulletproof Data Pipelines: Django, Celery, and the Power of Idempotency Logs, shells, caches and other strange words we use daily Day 1 Lightning Talks How to Enjoy Debugging in Production KEYNOTE: The Most Bizarre Software Bugs in History Passkeys in Django: the best of all possible worlds How we make decisions in Django 100 Million Parking Transactions Per Year with Django One more time about µDjango Steering Council introduction Supporting Adult Career Switchers: The Unbootcamp Method How to get Foreign Keys … -
DSF member of the month - Elena Williams
For June 2025, we welcome Elena Williams as our DSF member of the month! ⭐ Elena is a dedicated member of the Django community. She is part of the Code of Conduct Working Group and she is a Django Girls organizer in Australia. She has been a DSF member since July 2014. You can learn more about Elena by visiting Elena's website and her GitHub Profile. Let’s spend some time getting to know Elena better! Can you tell us a little about yourself (hobbies, education, etc) My background is that I was always interested in computers, though my parents were more creative types, my Dad was an Architect (of built structures). When I was a kid we had computers for CAD around the house before it was common. I was always into STEM subjects, but unfortunately in that era for girls to do engineering it was a bit too hostile for me, so I trained in finance instead and worked in that industry (finance and banking, MNE orgs) for nearly a decade. I kept coming back to coding and was always building computers, and was obsessed with the internet as a technology from pretty early on. Just after I discovered … -
Django bugfix releases issued: 5.2.3, 5.1.11, and 4.2.23
Following the June 4, 2025 security release, the Django team is issuing releases for Django 5.2.3, Django 5.1.11, and Django 4.2.23 to complete mitigation for CVE-2025-48432: Potential log injection via unescaped request path (full description). These follow-up releases migrate remaining response logging paths to a safer logging implementation, ensuring that all untrusted input is properly escaped before being written to logs. This update does not introduce a new CVE but strengthens the original fix. We encourage all users of Django to upgrade as soon as possible. Affected supported versions Django main Django 5.2 Django 5.1 Django 4.2 Resolution Patches to resolve the issue have been applied to Django's main, 5.2, 5.1, and 4.2 branches. The patches may be obtained from the following changesets. CVE-2025-48432: Potential log injection via unescaped request path On the main branch On the 5.2 branch On the 5.1 branch On the 4.2 branch The following releases have been issued Django 5.2.3 (download Django 5.2.3 | 5.2.3 checksums) Django 5.1.11 (download Django 5.1.11 | 5.1.11 checksums) Django 4.2.23 (download Django 4.2.23 | 4.2.23 checksums) The PGP key ID used for this release is : 3955B19851EA96EF -
DSF calls for applicants for a Django Fellow
The Django Software Foundation is announcing a call for Django Fellow applications. A Django Fellow is a contractor, paid by the Django Software Foundation, who dedicates time to maintain the Django framework. The Fellowship program was started in 2014 as a way to dedicate high-quality and consistent resources to the maintenance of Django. The Django Software Foundation currently supports two Fellows –Natalia Bidart and Sarah Boyce– and has approved funding for a new full-time Fellow. This position will be initially for a period of one year, but may be extended depending on fundraising levels. Beyond keeping Django running, a fellow is a representative of Django itself. They embody the welcoming culture of Django and aid the community to progress the framework. Fellows are often called upon to speak at Django conferences and events. They are also usually leading Django Sprints occurring in conferences or other setups. Hence a Django Fellow often engages in both informal and formal mentorship. Responsibilities Fellow duties include (but are not limited to): Monitoring security reports and ensuring security issues are acknowledged and responded to promptly Fixing release blockers and helping to backport fixes to these and security issues Ensure timely releases including being a release … -
Django security releases issued: 5.2.2, 5.1.10, and 4.2.22
In accordance with our security release policy, the Django team is issuing releases for Django 5.2.2, Django 5.1.10, and Django 4.2.22. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2025-48432: Potential log injection via unescaped request path Internal HTTP response logging used request.path directly, allowing control characters (e.g. newlines or ANSI escape sequences) to be written unescaped into logs. This could enable log injection or forgery, letting attackers manipulate log appearance or structure, especially in logs processed by external systems or viewed in terminals. Although this does not directly impact Django's security model, it poses risks when logs are consumed or interpreted by other tools. To fix this, the internal django.utils.log.log_response() function now escapes all positional formatting arguments using a safe encoding. Thanks to Seokchan Yoon (https://ch4n3.kr/) for the report. This issue has severity "moderate" according to the Django security policy. Affected supported versions Django main Django 5.2 Django 5.1 Django 4.2 Resolution Patches to resolve the issue have been applied to Django's main, 5.2, 5.1, and 4.2 branches. The patches may be obtained from the following changesets. CVE-2025-48432: Potential log injection via unescaped request path On the … -
Why, in 2025, do we still need a 3rd party app to write a REST API with Django?
The question was asked to the president of the DSF this year at FOSDEM, after his talk. And it is clearly a legitimate one! But… is it True? Do we actually need a 3rd party app to write an API with Django? In a lot of cases, when you require a complex and full-featured API, I would recommend you do use one. Django REST Framework and Django Ninja being very sound choices with a bunch of nifty things you might need in a bigger project. But… what if what you need is a simple REST API that does CRUD? Do you really need a 3rd party app to do that? Let's try not to! Let's first ask what is a REST API in the context of this article. Let's limit ourselves to building this: a URL that answers to GET requests with a list of records of a single model type POST-ing to that same URL should create a new record a second URL with the primary key of a record tagged to the end. When GET-ing that URL, one should receive only that single record, in a similar format as in the list PUT-ing data to that URL should … -
Our Google Summer of Code 2025 contributors
We’re excited to introduce our Google Summer of Code 2025 contributors! These amazing folks will be working on impactful projects that will shape Django’s future.\ Meet the contributors 👇 A. Rafey Khan Project: Django Admin – Add Keyboard Shortcuts & Command Palette. Mentors: Tom Carrick, Apoorv Garg Rafey will work on making Django Admin faster and more accessible through keyboard-driven workflows. Excited to see this land! Farhan Ali Raza Project: Bring django-template-partials into core. Mentor: Carlton Gibson Farhan will be enhancing Django’s template system by adding first-class support for partials—making componentized templates easier than ever.\ Saurabh K Project: Automate processes within Django’s contribution workflow. Mentor: Lily Foote Saurabh will work on streamlining how contributors interact with Django repo—automating repetitive tasks and improving dev experience for all. \ A huge shoutout to our mentors (and Org Admin Bhuvnesh Sharma) and the broader Django community for supporting these contributors! 💚\ \ Let’s make this a summer of learning, building, and collaboration. -
Our new accessibility statement
Happy Global Accessibility Awareness Day! We thought this would be a fitting occasion to announce our brand new Django accessibility statement 🎉 Did you know that according to the WebAIM Million survey, 94.6% of sites have easily-detectable accessibility issues? We all need to work together to build a more inclusive web (also check out our diversity statement if you haven’t already!). There are accessibility gaps in Django itself too. This statement improves transparency, and clearly states our intentions. And we hope it encourages our community and the industry at large to more widely consider accessibility. How to use this statement Read it, share it with your friends, or in a procurement context! Use it to understand where there are gaps in Django that need to be addressed on projects. And opportunities to contribute to Django and related projects ❤️ Factor it into legal compliance. For example with the European Accessibility Act. Starting June 2025, accessibility becomes a legal requirement for large swaths of the private sector in the European Union. Share it with venues for Django events to demonstrate the importance of accessibility for their competitiveness. How you can help Take a moment to provide any feedback you might have …
