Django community: RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
django-json-schema-editor
django-json-schema-editorI have extracted a JSON editing component based on @json-editor/json-editor from a client’s project and released it as open source. It isn’t the first JSON editing component by far but I like it a lot for the following reasons: It works really well. It supports editing arrays of objects using a tabular presentation. Tabular isn’t always better, but stacked definitely isn’t always better as well. The data structure is defined as JSON schema,the data which is being entered is validated on the server using the fastjsonschema library. Having a schema and schema-based validation fixes most problems I have with less structured data than when using only Django model fields (without JSON). Here’s a screenshot of the editing component used as a django-content-editor plugin: Within the first few days of having released the package it has already proven useful in several other projects. A pleasant (but not totally unexpected) surprise. Links: PyPI GitHub -
Django's three types of model inheritance
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Inheritance and its discontents People can, and do, debate whether inheritance in object-oriented programming languages is a thing that ought to exist. There are even debates about what “inheritance” ought to mean … Read full entry -
Django: Sanitize incoming HTML fragments with nh3
A fairly common situation in a Django project is where you need to store and serve arbitrary HTML fragments. These often come from forms with rich text editors (using HTML’s contenteditable). It’s insecure to trust user-generated HTML fragments since they can contain naughty content like: <script src=https://example.com/evil.js></script> A page containing this content would execute the arbitrary code in evil.js, possibly stealing user details. This technique is a Cross-Site Scripting (XSS) attack. Whilst a strong Content Security Policy can reduce the possible effects of arbitrary content, it’s still best to “sanitize” incoming HTML fragments, allowing only safe content into your database. This way, there’s no chance of future changes allowing XSS attacks through. For years, the Django community has relied on the Bleach package for HTML sanitization, either directly or via django-bleach. But in January this year, Will Kahn-Greene, the Bleach maintainer, announced it was deprecated. This move is due to the underlying HTML parser package, html5lib, going unmaintained. Since 2021, there has been a new package for the task, nh3, created and maintained by Messense Lv. Playing off of “bleach”, it is named after the chemical formula for Ammonia, which is also the name for its underlying HTML parser package. … -
Raise the right exceptions
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Let’s have an argument Suppose you write a function like this: def divide(dividend, divisor): """ Divide ``dividend`` by ``divisor`` and return the result. """ return dividend … Read full entry -
Django Quiz 2023
This evening I held a quiz at the December London Django Meetup Group. The quiz is a regular tradition: this was the fifth quiz that I’ve presented, and the sixth overall. Here it is so you can try it at home - answers are at the bottom. Dates refer to today, the 11th December 2023, so if you’re looking in the future, take that into consideration. Enjoy! The quiz 1. What is the latest released version of Django? 5.0 4.2.8 5 LTS 2023.12 2. Who is the framework named after? Django Freeman, protagonist of the Quentin Tarantino movie Django Unchained The Djanju, or Django, Aboriginal Australian people Django Reinhardt, jazz guitarist Django Tango, inspiration for Tango soda 3. Which transport protocol does HTTP/3 use? QUIC QWIKER TCP/IP Cloudflare Pro 4. What is the outer HTML element for a collapsible section? <collapse> <summary> <details> <revelation> 5. What is the name of the new database-computed field class? VirtualColumn DBComputedField GeneratedField JustComputeItField 6. How many years since Django’s first “Preparing for launch” blog post? 7 16 18 Innumerable 7. What is the management command to create migrations files? createmigrations gen_migrations makemigrations make-database-up-to-date --please 8. Which name did PostgreSQL have before 1996? Postgres GreSQL … -
Tailwind CSS on Python and Heroku - Building SaaS
Tailwind CSS is a fantastic tool for making CSS easy to use on your webapps. On the video, I added Tailwind CSS to my Django app and showed how to use it and deploy it to Heroku (which required some extra configuration for JavaScript support). -
Django: Defer a model field by default
Some models have one or a few large fields that dominate their per-instance size. For example, take a minimal blog post model: from django.db import models class Post(models.Model): blog = models.ForeignKey("Blog", on_delete=models.CASCADE) title = models.TextField() body = models.TextField() body is typically many times larger than the rest of the Post. It can be a good optimization to defer() such fields when not required: def index(request): posts = Post.objects.defer("body") ... Deferred fields are not fetched in the main query, but will be lazily loaded upon access. Deferring large fields can noticeably reduce data transfer, and thus query time, memory usage, and total page load time. When most usage of a model does not require the field, you might want to defer a field by default. Then you don’t need to sprinkle .defer(...) calls everywhere, and can instead use .defer(None) in the few sites where the field is used. Defer by default with a custom base manager To defer fields by default, follow these steps: Create a manager class that makes the appropriate defer() call in its get_queryset() method. Attach the manager to the model, ideally as objects. Make the manager the Model’s base manager by naming it in Meta.base_manager_name. (This manager … -
Tailwind CSS on Python and Heroku - Building SaaS
Tailwind CSS is a fantastic tool for making CSS easy to use on your webapps. On the video, I added Tailwind CSS to my Django app and showed how to use it and deploy it to Heroku (which required some extra configuration for JavaScript support). -
Database generated columns⁽³⁾: GeoDjango & PostGIS
An introduction to database generated columns, using PostgGIS, GeoDjango and the new GeneratedField added in Django 5.0. -
Test your documentation
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Consider a docstring Suppose you’re writing a Python function and, as you’re supposed to do, you give it a docstring, and you even provide some examples of how the function is supposed … Read full entry -
Use unittest's subtest helper
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Python testing frameworks The Python standard library ships with the unittest module for writing tests. The first thing I want to mention about it is that it gets a lot of … Read full entry -
Don't mock Python's HTTPX
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Moving on from requests For quite a long time, the standard recommendation for making HTTP requests in Python was the aptly-named requests package. And you can still use requests if you … Read full entry -
WhiteNoise For Static Files - Building SaaS
This video is all about adding the popular WhiteNoise package into my Django app to serve static files (e.g., CSS, JavaScript, and images) directly from the app. I walk through the process from start to finish and deploy it live to show how things work. -
WhiteNoise For Static Files - Building SaaS
This video is all about adding the popular WhiteNoise package into my Django app to serve static files (e.g., CSS, JavaScript, and images) directly from the app. I walk through the process from start to finish and deploy it live to show how things work. -
Django News - Django 5.0 Released! - Dec 8th 2023
News Django 5.0 released The Django team is happy to announce the release of Django 5.0. The release notes cover a deluge of exciting new features in detail. djangoproject.com Django bugfix release: 4.2.8 Django 4.2.8 fixes several bugs in 4.2.7 and adds compatibility with Python 3.12. djangoproject.com Updates to Django Last week we had 23 pull requests merged into Django by 12 different contributors - including 5 first time contributors! Congratulations to Peter Thomassen, Mark Walker, KimSia Sim, Nathaniel Conroy, and Adrien for having their first commits merged into Django - welcome on board! The main update is 🥁🥁🥁 Django 5.0 is out!!! Huge congratulations to everyone who made this happen and special thank you to the Django Fellows (we couldn't do this without them). Help needed 📢 Are you a selenium expert? Introduce yourself in #contributor-discussions, we have lots of things we'd love to discuss with you! Our Croatian translation coordinator is stepping down, can you step up? Django Newsletter Wagtail CMS Wagtail 5.2.2 release notes Wagtail 5.2.2 adds support for Django 5.0 and includes a half dozen bug fixes. wagtail.org Sponsored Ad Sick of performance issues? Enter Scout's APM tool for Python apps. Easily pinpoint and fix slowdowns … -
Use "pip install" safely
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Managing dependencies should be boring Last year I wrote a post about “boring” dependency management in Python, where I advocated a setup based entirely around standard Python packaging tools, in that … Read full entry -
Compile your Python
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. You can compile Python? Yes. And in a lot of ways! For example, you can use tools like Cython or mypyc to write Python, or Python-like code, and turn that Python-like code automatically … Read full entry -
Operations, WhiteNoise, and Tailwind - Building SaaS #177
In this episode, I worked through a couple of issues discovered after having the site be operational for real use. From there, we moved onto some fundamental technology and integrated WhiteNoise to handle static files for the application. After adding WhiteNoise, we hooked up Tailwind CSS. -
Django: Fix version 5.0’s URLField.assume_scheme warnings
Since Django’s inception, the web has gradually moved from HTTP to HTTPS, a welcome move for security. But the history has meant older parts of Django have had a lingering HTTP bias. Many of these have been migrated to default to HTTPS instead in previous versions. Django 5.0 starts the migration of another HTTP bias in forms.URLField. The old behaviour: when URLField is provided a URL without a scheme, it assumes it to be “http”: In [1]: from django import forms In [2]: forms.URLField().to_python('example.com') Out[2]: 'http://example.com' Django 5.0 has started a deprecation process to change this default to “https” (Ticket #34380). This version shows a PendingDeprecationWarning when instantiating a URLField: In [1]: from django import forms In [2]: forms.URLField().to_python('example.com') <ipython-...>:1: RemovedInDjango60Warning: The default scheme will be changed from 'http' to 'https' in Django 6.0. Pass the forms.URLField.assume_scheme argument to silence this warning. forms.URLField().to_python('example.com') Out[2]: 'http://example.com' Here’s that warning message in a more readable format: RemovedInDjango60Warning: The default scheme will be changed from 'http' to 'https' in Django 6.0. Pass the forms.URLField.assume_scheme argument to silence this warning. Django 5.1 will turn that into a DeprecationWarning and Django 6.0 will change the default and remove the warning. Here’s the related release note: … -
Operations, WhiteNoise, and Tailwind - Building SaaS with Python and Django #177
In this episode, I worked through a couple of issues discovered after having the site be operational for real use. From there, we moved onto some fundamental technology and integrated WhiteNoise to handle static files for the application. After adding WhiteNoise, we hooked up Tailwind CSS. -
Kolo for Django - Lily Foote
Kolo for Django Lily on GitHub Add Field.db_default for defining database defaults ticket and in the 5.0 release notes Add the ability to use database-level CHECK CONSTRAINTSKivy Support the ShowLearnDjango.comButtonDjango News newsletter -
How to Increase Swap File Size on a Linux Server
Note: This tip should work on most Linux-based servers, such as Ubuntu, Debian, OpenSUSE, Fedora, and CoreOS. A swap space is very handy when our server is running at the limits of its memory. Often, especially on VPS, the swap space file size is very small. You can check the … Read now -
Understanding virtual environments in Python
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post for an introduction. Linking up I want to talk today about Python virtual environments (or “venvs”), but first I need to cover a bit of background. Suppose you write a program, and it needs access … Read full entry -
Mercurial Mirror For Django 5.0 Branch
The mirror is up and running since the first beta or so, but I forgot to mention it on the blog. Now that 5.0 is officially released, it seems a perfect timing to fix that. For the record, those mirrors are read-only, and aimed at production (aka “I want an easy way to update Django […] -
Easy HTTP status codes in Python
This is part of a series of posts I’m doing as a sort of Python/Django Advent calendar for Advent 2023, offering a small tip or piece of information each day from the first Sunday of Advent through Christmas Eve. See the first post in the series for an introduction. The most useful test I could be misremembering, but I think Frank Wiles was the first person I ever heard explain that, for a web application, … Read full entry
