Django community: RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
Django News - Django's Ecosystem - Jul 11th 2025
News Django’s Ecosystem The official Django website has added a new page called “Django’s Ecosystem” with a list of resources and 3rd party packages. djangoproject.com Python Release Python 3.14.0b4 It's the final 3.14 beta! Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to support the new feature release. python.org Updates to Django Today 'Updates to Django' is presented by Pradhvan from the Djangonaut Space!🚀 Last week we had 5 pull requests merged into Django by 5 different contributors - including 2 first-time contributors! Congratulations to Roelzkie and matthews-noriker for having their first commits merged into Django - welcome on board! 🎉 This week's Django highlights 🌟 Improved staticfiles manifest reproducibility, fixing nondeterministic file ordering for consistent deployments. Enhanced composite primary key infrastructure, fixing __in tuple lookups on database backends lacking native tuple comparison support. That's all for this week in Django development! 🐍 🦄 Django Newsletter Wagtail CMS 10 Underrated Django Packages 10 underrated Django packages according to the annual Django Developers Survey. wagtail.org Sponsored Link 1 Scout Monitoring: Logs, Traces, Error (coming soon). Made for devs who own products, not just tickets. scoutapm.com … -
What if Django was written in a new language..
So this is a bit of a follow on from Day 277 and taking the premise of the idea presented with it and pushing it further. What if we, as a community decided to (re-)write Django in another language? It's not as wild as you might think, Lily Foote is currently tackling an implementation of the Django template language in Rust and someone else suggested that URL resolving might benefit from a similar treatment. However that is not the goal of this push forward, but it is again Django as design pattern or set of API's. If we wanted to allow someone to migrate Django (or even part of it) to a new language, some comphrensive API documentation outside the codebase and inside the codebase would be a good start. And as I write this I realise that we do have this, it's the amazing test suite that helps to make Django stable (that's all 17898 tests and counting), but even then a test suite is never the whole story. Today was more of a pondering thought and not a complete one at that, but more of a thought experiment and a consideration (to myself more than anyone) of what … -
Python Leiden meetup: Handling crash reports with Bugsink - Klaas van Schelven
(One of my summaries of the fourth Python meetup in Leiden, NL). Bugsink is a tool/website for collecting error messages from (for instance) your websites. You get an email or other notification and you can visit the error page. You'll see the exact error and a traceback and the environment variables and the library versions. But... isn't that just like sentry? Yes. Mostly. But... why bugsink? It is self-hostable. Originally, 20 years ago, sentry was also self-hostable, but it isn't anymore. There's a bit of workflow, too. You can mark issues as "fixed in the next release". Bugsink will then ignore new occurrences of the error until it notices you made a release. It is not just in the same market as sentry, it is even sentry-compatible. If you already have sentry set up, moving to bugsink only means changing the SENTRY_DSN setting. The API is the same. Self-hosting? You can run a docker. He showed that pip install bugsink also works. It is just a plain regular django site with migrate and runserver. A single instance can easily handle 1.5 million errors per day. Some generic tricks (whether sentry or bugsink): Just use your error tracker in development, too! … -
Python Leiden meetup: Deploying python apps with django-simple-deploy - Michiel Beijen
(One of my summaries of the fourth Python meetup in Leiden, NL). Michiel discovered django simple deploy via the django podcast. Deploying? Previously, heroku was often used as an example in books, but they ditched their free tier and are pretty expensive now. So most examples nowadays just show you how to run django locally. Deploying is harder. There are several hosting parties that provide relatively easy django hosting like heroku. https://fly.io, https://platform.sh and https://heroku.com . "Easy" is relative, as he ran into some problems with platform.sh and he didn't have an ssh connection to fix it. And yesterday they nuked his account so he couldn't re-try it for today's demo. Since recently there is also a generic "vps" plugin: just running on some random virtual server with ssh access that you can rent virtually anywhere. https://github.com/django-simple-deploy/dsd-vps . "Random" should be debian-like, btw. He demoed it on a digitalocean VM (="droplet"). With some environment variables he got it working within 15 minutes and some manual fixes. The longest wait was the "apt-get upgrade" call. The VPS version of simple deploy has its drawbacks. It needs a root password, for instance, and at the moment it doesn't accept ssh key authentication. … -
Django-Tailwind Just Got Better with a Unified Dev Command and daisyUI
I created Django-Tailwind back in 2019, at a time when most Djangonauts hadn’t even heard of Tailwind CSS. Since then, the package has grown in popularity, and although I’ve taken some longer breaks from maintaining it, I’ve always returned with renewed energy. That’s happened again recently—after the grueling task of … Read now -
Handling static and media files in your Django app running on Coolify
In a previous article, I detailed my journey of hosting Django sites with Coolify, covering everything from the Dockerfile and database setup to environment variables and server configuration. It was a comprehensive guide to get a Django application up and running. However, I deliberately left out one tricky topic: handling static and media files. This aspect of deployment can be complex and certainly deserves its own article. If your application only serves static files - the CSS, JavaScript, and images that are part of your core application - the solution is thankfully really simple: use WhiteNoise. It is, by far, the easiest way to serve static files directly from your Django application in production without needing a separate web server just for them. However, if you’re also dealing with user-uploaded media files then you have to deal with two challenges: where to store the files and how to serve them. Let’s assume you have a standard configuration in your settings.py: STATIC_ROOT = BASE_DIR / "static_root" STATIC_URL = "/static/" MEDIA_ROOT = BASE_DIR / "media_root" MEDIA_URL = "/media/" The primary problem is that media files uploaded by users will be saved inside the Docker container. Because Coolify creates a fresh container from … -
Using Google Consent Mode v2 on a Django Website
A decade ago, adding website analytics was simple: you’d just paste a JavaScript snippet from Google Analytics, and that was it. But things changed. As people became more concerned about their privacy, countries introduced strict privacy laws—like GDPR in the European Union, PIPEDA in Canada, and APPI in Japan. These laws gave users more control over their data and placed new responsibilities on us developers. One of those responsibilities is showing Cookie Consent banners and respecting users’ choices before loading any tracking scripts. Today, if you want to add Google Analytics to your website, it’s not just about copying a script. You need to understand Google Tag Manager (GTM)—a tool that lets you manage what scripts run on your site and when, using a web-based dashboard. When you add Google Analytics as a Google tag through GTM, it doesn’t automatically start collecting data. It waits for a signal called Consent Mode, which tells Google whether the user has accepted or denied tracking. This signal must be sent from your website to GTM as an event. That’s where your Cookie Consent widget comes in. For Django websites, I created Django GDPR Cookie Consent, which lets you manage user consent and send … -
Weeknotes (2025 week 27)
Weeknotes (2025 week 27) I have again missed a few weeks, so the releases section will be longer than usual since it covers six weeks. django-prose-editor I have totally restructured the documentation to make it clearer. The configuration chapter is shorter and more focussed, and the custom extensions chapter actually shows all required parts now. The most visible change is probably the refactored menu system. Extensions now have an addMenuItems method where they can add their own buttons to the menu bar. I wanted to do this for a long time but have only just this week found a way to achieve this which I actually like. I’ve reported a bug to Tiptap where a .can() chain always succeeded even though the actual operation could fail (#6306). Finally, I have also switched from esbuild to rslib; I’m a heavy user of rspack anyway and am more at home with its configuration. django-content-editor The 7.4 release mostly contains minor changes, one new feature is the content_editor.admin.RefinedModelAdmin class. It includes tweaks to Django’s standard behavior such as supporting a Ctrl-S shortcut for the “Save and continue editing” functionality and an additional warning when people want to delete inlines and instead delete the … -
Django News - Django 2024 Annual Impact Report and Django 5.2.4 - Jul 4th 2025
News Django 5.2.4 bugfix release Django 5.2.4 fixes regressions in media type preference, JSON null serialization, and composite primary key lookups to improve framework robustness. djangoproject.com Django Joins curl in Pushing Back on AI Slop Security Report... Django updates its security guidelines to mandate verified AI-assisted vulnerability reports, reducing fabricated submissions and ensuring human oversight in vulnerability triage. socket.dev W2D Special Event Station announcement Amateur radio operators or those interested who also use Django - special event callsign W2D has been reserved to celebrate Django's 20th birthday. github.com Django Software Foundation Django's 2024 Annual Impact Report Django Software Foundation's annual impact report details community milestones, funding initiatives, and strategic support to drive continued growth and innovation in Django development. djangoproject.com Django's Ecosystem The Django project now has an ecosystem page featuring third-party apps and add-ons. djangoproject.com Updates to Django Today 'Updates to Django' is presented by Pradhvan from the Djangonaut Space!🚀 Last week we had 8 pull requests merged into Django by 7 different contributors. This week's Django highlights 🦄 Content Security Policy lands in Django core: built-in CSP middleware and nonce support finally arrives, closing the ticket #15727. Shoutout to Rob Hudson for finally bringing CSP to Django core. … -
Rate Limiting for Django Websites
Sometimes, certain pages of a Django website might receive unwanted traffic from crawlers or malicious bots. These traffic spikes consume server resources and can make the website unusable for legitimate users. In this article, I will explore Nginx’s rate-limiting capabilities to prevent such performance issues. What is rate limiting, and why use it? A typical Django website is deployed using a Gunicorn (or Uvicorn for ASGI) application server, with an Nginx web server in front of it. When a request comes to Nginx, it goes through various checks, gets filtered by domain, protocol, and path, and is finally passed to Gunicorn. Gunicorn then runs Django, which parses the URL and returns a response from the appropriate view. Nginx rate limiting allows you to limit how often certain pages (based on URL paths) or all Django endpoints can be accessed. It prevents quick reloading or scripted attacks that flood your site with requests. This is especially useful for pages with forms, faceted list views, REST APIs, or GraphQL endpoints. A typical rate-limiting configuration in Nginx defines a zone with a specific memory size (in megabytes), a rate (requests per second or per minute), and one or more locations that apply that … -
Hosting your Django sites with Coolify
I currently run four Django apps in production, with staging and production environments for each. For years, I’ve managed this on a single server with a stack that has served me well, but has grown increasingly complex: A Hetzner VPS running Debian 12 Nginx as a reverse proxy Gunicorn processes managed by systemd More systemd services for background task runners A custom deploy service that listens for GitHub webhooks to pull and restart the right app A custom backup script that archives configs and databases and ships them offsite to rsync.net. I’ve written about this setup in detail, both in “Setting up a Debian 11 server for SvelteKit and Django” and more recently in “Automatically deploy your site when you push the main branch”. While not rocket science, it’s a non-trivial setup. Each new app requires a checklist of configuration steps, and it’s easy to miss one. Worse, my deploy script involves a brief moment of downtime as Gunicorn restarts. It’s only a second or two, but it’s not ideal. I’m more of a developer than an operations person, and building a zero-downtime, rolling deploy script myself feels like a step too far. On the other end of the spectrum, … -
I am back
Well it's been more than a few weeks since I last managed to get some words out the door or even have the headspace for writing. This was mostly down to the new startup picking up steam and client work taking up time, but also a wedding, holiday's and other priorities coming in for me to deal with! All that to say, I'm back for a little while at least, summer is fast approaching which means holiday's again. I'll keep today short as I don't have a particular topic fully developed in mind, but few things I have in my head recently are: AI has finally clicked in my head especially with Agentic stuff coming through. This is what I expected a few years back when ChatGPT was released. The true skill these days seems to be ticket writing (although AI developing PRD documents is something I need to try out). Also using git worktrees to allow multiple agents working on my projects at the same time and creating my own custom AI agents.. I have been enjoying, with the help of AI, the python attrs and cattrs library to validate data going to and from Stripe. I'm excited by … -
Django News - Fellow Deadline, Native Pooling, and Debugging in Production - Jun 27th 2025
News ⭐ DSF calls for applicants for a Django Fellow [last call] Applications for the new Django Fellow position are open until midnight AOE on July 1st. djangoproject.com Updates to Django Today 'Updates to Django' is presented by Pradhvan from the Djangonaut Space!🚀 Last week we had 14 pull requests merged into Django by 8 different contributors – including 1 first-time contributor! Congratulations to lukas-komischke-ameos for having their first commit merged into Django – welcome on board! 🎉 This week's Django highlights 🌟 PostgreSQL safety check: Added a helpful system check to catch when you forget django.contrib.postgres in INSTALLED_APPS, saving developers from confusing database errors. Cleaner column aliases: Use of % in column aliases is now deprecated. Better content negotiation: Media type selection now properly considers quality values when choosing the preferred type for more reliable API responses. Special shoutout to Clifford Gama who brought closure to ticket #32770 after 4 years. 🦄💜 Django Newsletter Wagtail CMS htmx accessibility gaps: data and recommendations Analysis of htmx accessibility in Django sites reveals mixed Lighthouse scores, with specific ARIA gaps, and recommends using UI components, testing tools, and implementing carefully. wagtail.org Sponsored Link 1 Scout Monitoring: Logs, Traces, Error (coming soon). Made … -
Django: hide the development server warning
From Django 5.2 (April 2025), the runserver management command outputs a warning: $ ./manage.py runserver ... Starting development server at http://127.0.0.1:8000/ Quit the server with CONTROL-C. WARNING: This is a development server. Do not use it in a production setting. Use a production WSGI or ASGI server instead. For more information on production servers see: https://docs.djangoproject.com/en/5.2/howto/deployment/ The warning uses bold, yellow text for emphasis. Here’s the relevant release note: A new warning is displayed when running runserver, indicating that it is unsuitable for production. This warning can be suppressed by setting the DJANGO_RUNSERVER_HIDE_WARNING environment variable to "true". I think the warning is somewhat useful for new users, who do sometimes skip the deployment checklist that states that runserver is not designed for production use. That said, the warning is rather annoying for the majority of users who have correctly set up a production server. I also fear it will lead to warning fatigue, normalizing that runserver outputs lots of warning text, making it easier to skip over other, more pressing messages that may be logged. If you’ve set up your production environment to use a secure server, like gunicorn, then you probably want to hide this warning. As the release … -
Production-ready cache-busting for Django and Tailwind CSS
I’m a big fan of the django-tailwind-cli package. It makes integrating Tailwind CSS into a Django project incredibly simple. By managing the Tailwind watcher process for you, it streamlines development, especially when paired with django-browser-reload for live updates. It’s a fantastic developer experience. However, when I first deployed a project using this setup, I ran into a classic problem: caching. You see, django-tailwind-cli creates a single tailwind.css file that you load in your base template. In production, browsers and CDNs will aggressively cache this file to improve performance. This is normally a good thing! But when you deploy an update, like adding a new Tailwind class to a template, your users might not see the changes. Their browser will continue to serve the old, cached tailwind.css file, leading to broken or outdated styling. Luckily, Django has a built-in cache-busting mechanism in the form of ManifestStaticFilesStorage. But, there’s one important caveat: you can’t use this class directly. The Tailwind build process relies on a source file (typically css/source.css) that contains this line: @import "tailwindcss"; When collectstatic runs, ManifestStaticFilesStorage tries to be helpful and process this file, too. It attempts to find and hash source.css, and it also attempts to hash the … -
Building a Multi-tenant App with Django
This tutorial looks at how to implement multi-tenancy in Django. -
Native connection pooling in Django 5 with PostgreSQL
Enabling native connection pooling in Django 5 gives me a 5.4x speedup. -
Django: Introducing inline-snapshot-django
I recently released a new package called inline-snapshot-django. It’s a tool for snapshot testing SQL queries in Django projects, described shortly. Snapshot testing and inline-snapshot inline-snapshot-django builds on top of the excellent inline-snapshot, a nifty snapshot testing library. Snapshot testing is a type of testing that compares a result against a previously captured “snapshot” value. It can enable you to write tests quickly and assert on many details that you'd otherwise miss. Snapshot testing is quite popular in other languages, such as JavaScript, but it has been underused in Python. This may be due to a lack of good tools to help automate snapshot management. inline-snapshot provides nice workflows tied into pytest, so I hope it will popularize the technique among Python and Django developers. The inline-snapshot developer, Frank Hoffmann, is working intensely on it, and he provides some extra tools and features for his GitHub sponsors. inline-snapshot-django I created inline-snapshot-django to provide an advanced yet easier-to-use alternative to Django’s assertNumQueries(). While assertNumQueries() is handy, it is a rather blunt tool that leaves you in the dark when debugging failures. For example, say you encountered this test: from django.test import TestCase class IndexTests(TestCase): def test_success(self): with self.assertNumQueries(1): response = self.client.get("/") … -
Django News - Python 3.14.0 beta 3 - Jun 20th 2025
News DSF member of the month - Elena Williams Elena Williams, Django community stalwart and DSF Code of Conduct WG member, reflects on her contributions, favorite Django features, and community leadership. djangoproject.com International Travel to DjangoCon US 2025 Are you attending DjangoCon US 2025 in Chicago, Illinois, but you are not from US and need some travel information? Here are some things to consider when planning your trip. djangocon.us Python 3.14.0 beta 3 is released! Python 3.14.0 beta 3 adds deferred annotation evaluation, template string literals, multiple interpreters, zstd compression module, free-threaded support and other core improvements, ready for testing. blogspot.com 2025 PSF Board Election Schedule PSF defines 2025 board election schedule with nomination, voter affirmation, voting dates, membership eligibility, and candidate resources for the Python community. blogspot.com Updates to Django Today 'Updates to Django' is presented by Abigail Afi Gbadago from the DSF Board and Djangonaut Space!🚀 Last week we had 18 pull requests merged into Django by 15 different contributors - including 6 first-time contributors! Congratulations to Viliam Mihálik, Sulove Bista, ruvilonix, Jericho Serrano, nakanoh and Jeff Cho for having their first commits merged into Django - welcome on board!🎊 This week’s Django highlights 💫 A follow-up to … -
Avoiding Timezone Traps: Correctly Extracting Date/Time Subfields in Django with PostgreSQL
Working with timezones can sometimes lead to confusing results, especially when combining Django's ORM, raw SQL for performance (like in PostgreSQL materialized views), and specific timezone requirements. I recently had an issue while aggregating traffic stop data by year, where all yearly calculations needed to reflect the 'America/New_York' (EST/EDT) timezone, even though our original data contained timestamp with time zone fields. We were using django-pgviews-redux to manage materialized views, and I mistakenly attempted to apply timezone logic to a date field that had no time or timezone information. The core issue stemmed from a misunderstanding of how PostgreSQL handles EXTRACT operations on date types when combined with AT TIME ZONE, especially within a Django environment that defaults database connections to UTC. PostgreSQL's Handling of Timestamps and Timezones PostgreSQL's timestamp with time zone (often abbreviated as timestamptz) type is a common database type for storing date and time information. As per the PostgreSQL documentation: For timestamp with time zone values, an input string that includes an explicit time zone will be converted to UTC (Universal Coordinated Time) using the appropriate offset for that time zone. When you query a timestamptz column, PostgreSQL converts the stored UTC value back to the current … -
Django News - New Django Fellow Position! - Jun 13th 2025
News DSF calls for applicants for a Django Fellow DSF invites experienced Django developers to apply for a new Django Fellow position focused on framework maintenance, mentoring, and security oversight. djangoproject.com Django bugfix releases issued: 5.2.3, 5.1.11, and 4.2.23 Django issues bugfix releases for 5.2.3, 5.1.11, and 4.2.23 to finalize mitigation for potential log injection using safer logging practices. djangoproject.com Python Release Python 3.13.5 Python 3.13.5 resolves critical bugs in extension building and generator expressions, complementing Python 3.13's experimental free-threaded mode and JIT for improved performance. python.org Updates to Django Hello there 👋 Today 'Updates to Django' is presented by Raffaella from Djangonaut Space! 🚀 Last week we had 11 pull requests merged into Django by 10 different contributors - including 2 first-time contributors! Congratulations to myoungjinGo and Blayze for having their first commits merged into Django - welcome on board! Fixes from last week include: A log injection possibility: the remaining response logging is migrated to django.utils.log.log_response(), which safely escapes arguments such as the request path to prevent unsafe log output (CVE-2025-48432). This is released within 5.2.3, 5.1.11, and 4.2.23. An issue where bulk_create() would raise an IntegrityError due to null values in the _order column when used with … -
iSAQB meetup: software architecture decision making in practice
I attended a meetup of the Dutch iSAQB community in Utrecht (NL). The location was in the old industrial buildings of the former werkspoor train manufacturer, something I personally like :-) (At least three people asked me during dinner whether there were any Dutch python meetups, so I'll post the three active ones that I know of here for ease of finding them: Utrecht, Leiden and Amsterdam. And don't forget the two one-day conferences, PyGrunn (Groningen) and pycon NL (Utrecht).) Making significant software architecture decisions - Bert Jan Schrijver Software architecture. What is software? Algorithms, code-that-works, the-part-you-cannot-kick. And what is software architecture? The part that is expensive to change, the structure of the system, best practices. The decisions that are important and hard and expensive to change. Software architecture is about making decisions. Decisions that hurt when you get them wrong. There are bad reasons for architecture decisions: We've always done it like this. We don't want to depend on XYZ. We need to be future-proof. (You often get elaborate complex systems with this reasoning. Isn't a simple solution more changeable and future-proof?) Because the product owner wants it. Because the architect wants it. (If the architect wants something without … -
Make Django show dates and times in the visitor’s local timezone
When you’re building a web app with Django, handling timezones is a common hurdle. You’re likely storing timestamps in your database in UTC—which is best practice—but your users are scattered across the globe. Showing them a UTC timestamp for when they left a comment isn’t very friendly. They want to see it in their own, local time. Let’s start with a typical scenario. You have a Comment model that stores when a comment was added: models.py class Comment(models.Model): post = models.ForeignKey(Post, on_delete=models.CASCADE) user = models.ForeignKey(User, on_delete=models.CASCADE) comment = models.TextField() added = models.DateTimeField(auto_now_add=True) In your Django settings, you’ve correctly set TIME_ZONE = "UTC". When you render these comments in a template, you’ll find the problem right away: post.html {% for comment in post.comment_set.all %} <div> <h3>From {{ comment.user.name }} on {{ comment.added }}</h3> <p>{{ comment.comment }}</p> </div> {% endfor %} The output for {{ comment.added }} will be in UTC, not the visitor’s local time. Let’s fix that. The Server-Side Fix: A Timezone Middleware The most robust way to solve this is on the server. If Django knows the user’s timezone, it can automatically convert all datetime objects during rendering. The plan is simple: Use JavaScript to get the visitor’s timezone … -
Beyond htmx: building modern Django apps with Alpine AJAX
I’ve recently been rethinking how I build web applications. For the past few years my default has been a Django backend serving a JSON API to a frontend built with SvelteKit. And I am not alone; many (if not most) sites now use a complex JavaScript frontend and a JSON API. This pattern, the Single-Page Application (SPA), brought us amazing user experiences, but it also brought a mountain of complexity: state management, API versioning, client-side routing, duplicate form validation, build tools, and the endless churn of the JavaScript ecosystem. And then I came across htmx, which promises to enhance HTML to the point where your old-fashioned Multi-Page Application (MPA) feels modern, without having to write a single line of JavaScript. We can have the smooth, modern UX of a SPA but with the simplicity and robustness of traditional, server-rendered Django applications. This article is about why I believe this “Hypermedia-Driven Application” approach is a better fit for many Django projects than a full-blown SPA, and why I ultimately chose Alpine AJAX over the more popular htmx. Returning to true REST and hypermedia To understand why this “new” approach feels so simple, we need to look back at the original principles … -
Migrating Python & Django Projects to uv
I recently migrated a legacy project that used requirements files to uv. I undertook the project in hopes of streamlining the setup process and to help to ensure that the versions of packages installed locally, in CI/CD, and in production are all consistent. uv manages everything about your Python environment, so I found it's best to start with uv's approach and integrate other tools as needed. Local development To migrate a legacy project to uv, I followed these steps. First, I added a project definition to our project's pyproject.toml: [project] name = "my-product" version = "1.2.3" description = "Our amazing product." readme = "README.md" requires-python = "~=3.12" dependencies = [] Then, I moved the requirements from our pre-existing requirements files to the project dependencies and removed the old files: uv add -r requirements/base.txt uv add -r requirements/dev.txt --group dev uv add -r requirements/deploy.txt --group deploy git rm requirements/*.txt This adds the base requirements to the dependencies list in pyproject.toml, and the dev and deploy requirements to the dev and deploy groups, respectively. Next, I installed and pinned a Python version, and synced the dependencies: uv python install 3.12 uv python pin 3.12 uv sync This installs a Python 3.12 interpreter, …
