Django community: RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
Built with Django Newsletter - 2025 Week 34
Hey, Happy Friday! Why are you getting this: *You signed up to receive this newsletter on Built with Django. I promised to send you the latest projects and jobs on the site as well as any other interesting Django content I encountered during the month. If you don't want to receive this newsletter, feel free to unsubscribe anytime. News and Updates Apologies for not sending updates in a while. I'm working on partially automatic this process so that I'm more reliable. Because I left the newsletter hanging, something weird happened. We got 5k+ subscribers in just couple of months. Needless to say, 99% of them are fake. I'm going to send this issue to all and see who opens it. For the people who don't open for 3 issues I will just unsub manually. I decided to remove the Django updated part. Too much extra work for now. Hopefully you are ok with that. If not, let me know. Sponsors This issue is sponsored by CodeRabbit an AI Code Reviewer that provides context-aware feedback, refactoring suggestions and highlights code security issues. In plain terms, you finally get a senior level developer reviewing your code! The best news is that it … -
Menu improvements in django-prose-editor
Menu improvements in django-prose-editor I have repeatedly mentioned the django-prose-editor project in my weeknotes but I haven’t written a proper post about it since rebuilding it on top of Tiptap at the end of 2024. Much has happened in the meantime. A lot of work went into the menu system (as alluded to in the title of this post), but by no means does that cover all the work. As always, the CHANGELOG is the authoritative source. 0.11 introduced HTML sanitization which only allows HTML tags and attributes which can be added through the editor interface. Previously, we used nh3 to clean up HTML and protect against XSS, but now we can be much more strict and use a restrictive allowlist. We also switched to using ES modules and importmaps in the browser. Last but not least 0.11 also introduced end-to-end testing using Playwright. The main feature in 0.12 was the switch to Tiptap 3.0 which fixed problems with shared extension storage when using several prose editors on the same page. In 0.13 we switched from esbuild to rslib. Esbuild’s configuration is nicer to look at, but rslib is built on the very powerful rspack which I’m using everywhere. In … -
Django News - State of Python 2025 Results - Aug 22nd 2025
News State of Python 2025 Is Out! Explore the key trends and actionable ideas from the latest Python Developers Survey, which was conducted jointly by the Python Software Foundation and JetBrains PyCharm and includes insights from over 30,000 developers. jetbrains.com PyPI now serves project status markers in API responses PyPI now exposes standardized project status markers through its HTML and JSON index APIs, enabling package installers to programmatically signal dependency status and manage installations. pypi.org Preventing Domain Resurrection Attacks PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take an account through password resets. pypi.org Updates to Django Today "Updates to Django" is presented by Velda Kiara from Django Events Foundation North America (DEFNA)! 🚀 Last week we had 15 pull requests merged into Django by 10 different contributors - including a first-time contributor! Congratulations to Rohit for having their first commits merged into Django - welcome on board! Django Core Updates ✨ Fix to Subquery.resolve_expression() output field handling which corrects how Django determines the output_field in subqueries. This adjustment restores consistent and predictable query behavior. Template partials arrive in DTL adds two … -
Configurable UI in Software
Another short one today, that is a pattern I have noticed in a couple pieces of software I use, notably Todoist, Slack & Vivaldi. All three of these allow a user to configure the menu options to some degree. Slack has the option to customise the navigation options shown within a particular workspace to optimise the experience for a user. Todoist takes this a step further in the mobile app to allow a user to sort the menu items. Browsers have always had a great experience of customisation, but Vivaldi takes this to an awesome extreme by allowing a user to customise each and every possible context menu, giving true flexability to their users. Personally I have never considered the power of this and wonder if there are any efficient implementation of this for Django without creating a huge amount of complexity. The naive default solution would likely involve a model and a context processor and/or a middleware, it might be something I add in my next project, if we feel it would be beneficial to our users. -
Django News - A New Django Fellow - Aug 15th 2025
News Jacob Tyler Walls is Our New Fellow Jacob Tyler Walls joins the Django Fellowship, bringing Django contributions, Triage and Review experience, ORM expertise, and GIS and open source maintenance skills. djangoproject.com Python 3.14.0rc2 and 3.13.7 are go! Python 3.14 release candidates provide performance enhancements, new language features, and ABI stability, urging Django maintainers to prepare for compatibility testing. blogspot.com Announcing the PSF Board Candidates for 2025! There are four board seats open for this year's PSF election. The timeline, voting details, and candidates are included in the post. blogspot.com Announcing Python Software Foundation Fellow Members for Q2 2025! 🎉 PSF announces Q2 2025 Fellows, recognizing new contributors who lead projects, maintain libraries, organize events, and mentor to grow the Python community globally. blogspot.com Django Software Foundation DSF member of the month - Jake Howard Jake Howard, DSF member and Django contributor, leads DEP 14 and develops Django tasks, advancing native background workers and task infrastructure for Django. djangoproject.com Building better APIs: from Django to client libraries with OpenAPI Combine Django REST Framework with drf-spectacular to generate OpenAPI specs and use openapi-generator plus CI to produce and maintain automated client libraries. djangoproject.com Django’s accessibility contributing guide The Django accessibility team … -
Standards for third-party packages
I am starting to feel like I have written about this too much as this point, but anyway, third-party packages again! Recently I have been wondering about why third-party packages exist within the Django ecosystem. Broadly there is a few categories Establishing some new functionality that doesn't exist in core (APIs, Feature flags, Payments, etc) Extending an existing API with a new backend (databases, caches etc) Utilities to help with development (perhaps this is a subset of the first point) Packages demonstrating functionality that would be desirable with in Django core. Now one huge benefit to third-party packages is that it allows for choice, be it in the tools and dependencies used, the design and scope of the code. This is both for the package creator/maintainer and the user of said package. However I want to focus in on the last usage above and question whether choice is a good thing for this type of package. If we were to build a package with the goal of it perhaps one day being merged into Django, would it not benefit our future selves and others if the overall design of the package matched Django conventions and standards whereever possible? For example, … -
Why Open Source Makes Sense For Your Business Web Projects
What Is Open Source? Open source software is publicly available code that anyone can use, modify, and improve. It’s the foundation of much of the modern internet and it’s trusted by global enterprises, startups, nonprofits, and government agencies alike. -
Happy 20th Birthday Django!
This Tuesday (tomorrow!), August 12th, we’re teaming up with TriPython to host an informal Django Birthday event at Boxyard RTP in Durham. -
Combining Django signals with in-memory LRU cache
It's easy to combine functools.lru_cache with Django signals to get a good memoization pattern on Django ORM queries. -
Django News - Django 5.2.5 Released - Aug 8th 2025
News Django bugfix release issued: 5.2.5 Django 5.2.5 provides essential bug fixes to boost application stability and performance, ensuring smooth deployments and improved developer experience. djangoproject.com django-rest-framework release v3.16.1 DRF v3.16.1 fixes unique_together and source field bugs, removes legacy Python support, and enhances translations, documentation, and internal testing with Django 5.2 compatibility. github.com Python Insider: Python 3.13.6 is now available Python 3.13.6 incorporates extensive bug fixes, build improvements, and documentation updates that enhance overall performance and reliability essential for Django applications. blogspot.com Join the Mission: Session 5 Applications Open! 🎉 Djangonaut Space opens applications for Session 5, an eight-week group mentorship guiding contributors to make sustained contributions to Django core and related projects. Applications open August 10th, 2025. djangonaut.space Preventing ZIP parser confusion attacks on Python package installers PyPI will reject malformed or ambiguous wheel ZIPs and begin enforcing RECORD consistency to prevent ZIP parser confusion attacks across Python installers. pypi.org Django Software Foundation DSF member of the month - Jake Howard Jake Howard, DSF member and Django contributor, details his DEP 14 background workers, community involvement, and focus on enhancing Django security and performance. djangoproject.com Updates to Django Today 'Updates to Django' is presented by Velda Kiara from Django … -
Documentation that is never wrong
The iommi docs are more correct than most projects because we take a different approach to documentation: part of the test suite is the documentation. Let’s look at an example: def test_grouped_fields(): # language=rst """ .. _group-fields: How do I group fields? ~~~~~~~~~~~~~~~~~~~~~~ .. uses Field.group Use the `group` field: """ form = Form( auto__model=Album, fields__year__group='metadata', fields__artist__group='metadata', ) # @test show_output(form) # @end This ends up as this documentation: This is a normal test that runs with the normal test suite, with some additional markup: The triple quoted strings that are declared with # language=rst are included in the docs. Code is by default included in the documentation You can exclude code with # @test/# @end for checks you don’t want to include in the docs show_output renders some HTML output into a file that is then shown inline in the finished docs The .. uses command is used to mark what features this test uses so the examples are automatically linked from the reference API docs With this infrastructure in place, some fixes or features can be implemented with all the required tests written as the documentation with no additional tests. This radically incentivises writing docs compared to duplicating … -
A beginner check for makemigrations
Could our tools be smarter (even without AI) and helpful to prevent footgun usage? Today I'm taking aim at the Django makemigrations command. I feel fortunate to have been introduced to South and Django migrations at the beginning of my career so the logic of the migration files and the workflow makes sense in my head (or if I was confused I was corrected very early on by colleagues). However I wonder what other tech stack's do in regard to keeping keeping code and schema's in sync. I question this as every so often I run into newcomer's to Django not commiting migration files to source control and running makemigrations in every environment, which if you didn't know is a very bad idea that will lead to numerous issues as the project progresses. This led me to the following question: Could we prevent this happening in the first place, or place a burden on those knowing the risks when taking them? My immediate answer to this is spit out a warning if someone tries to run makemigrations when the DEBUG setting is False. To me this should be the minimum to add to the command. Using the DEBUG setting is … -
Litestar is worth a look
A few years ago at work, I had a project which offered an opportunity to look at the new generation of async-first, type-hint-driven Python web frameworks. For reasons which aren’t particularly relevant today, on that project I ended up choosing Litestar, which is the one that doesn’t have a ravenous all-consuming hype machine surrounding it. And I’m very glad I did, because today I’m more convinced than ever it was the right choice, and for the last 18 months or so every new project I’ve started at my day job has been built with Litestar. But even if you’re someone who does Python web apps for a living, and even if you’re someone who builds asynchronous type-hint-driven web apps, you might not be familiar with this absolute gem of the Python web ecosystem, and today I want to remedy that. A taste Here’s the traditional single-file-app demo: from litestar import Litestar, get @get("/greet") async def greet(name: str) -> str: return f"Hi, {name}!" app = Litestar([greet]) You save this as app.py, run with litestar run or hand it directly to the ASGI server of your choice, and it launches a web application. You go to /greet?name=Bob and it replies “Hi, Bob!”. Leave out the name parameter and it responds … -
Announcing django-generic-notifications 1.0.0
Back in 2011, I started a small Django package called django-generic-notifications. It was built for a project I was working on at the time, got seven releases over a few months… and then it more or less died. Once I moved on from that original project, there wasn’t much reason to keep maintaining the library. It never gained a big user base, no pull requests or issues came in, and eventually I archived the repository. Fast forward to a few weeks ago, and I found myself needing a good, flexible notification system for a new Django project. I checked out a few third-party options, but none of them quite fit what I had in mind. I wasn’t super eager to revive django-generic-notifications — it was very old, still using South for migrations (yes, that old) — but in the end, I decided to bring it back to life. Or rather, to start fresh. So here it is: version 1.0.0 of django-generic-notifications. A complete rewrite, with the same core architecture but a modern, cleaned-up implementation. It’s more flexible, more powerful, and a lot more useful. What is django-generic-notifications? At its core, this package helps you send notifications to your users through … -
Solving bots registration problem by “reinventing the wheel”
<![CDATA[ Solving bots registration problem by “reinventing the wheel” Ever since I launched ImpressKit in 2021 I had issues with spammy bot registrations. Usually at least a few times a month these would be like twenty new user accounts that were obviously bots. I figured that it just a cost of having product with registration but over the years I got more and more annoyed. It messed up my stats dashboard, I was sending emails to weird addresses and I think I even got complaint from someone saying the did not register after receiving a login confirmation email. Some months ago I finally had enough and decided to try to tackle this. I did not want to use 3rd party captcha because these are annoying and it is another part that I would need to monitor and possibly update… But what should I use? After some thinking I arrived at solution that seemed both simple and like it could work. I added required “questionnaire” to the register form asking the prospective user what the project is about. I made sure the correct answer wasn’t the first radio button. When incorrect option is selected, then the form just redirects to new … -
Django News - Django and AI - Aug 1st 2025
News Djangonaut Session 5 - Officer and Organizer Interest A form to gauge returning officer and session organizer interest for the next session! google.com PyPI Users Email Phishing Attack - The Python Package Index Blog Phishing emails exploit PyPI package metadata by directing users to fake login pages that mimic PyPI, prompting developers to verify URLs and update passwords. pypi.org Djangonaut Space is looking for contributors to be mentors Posted by Djangonaut Space session organizers on July 31, 2025 djangoproject.com Updates to Django Today 'Updates to Django' is presented by Pradhvan from the Djangonaut Space! 🚀 Last week we had 16 pull requests merged into Django by 11 different contributors including 3 first-time contributors! Congratulations to Anthony Sottile, Mohamed Amine Mahmoud and Take Weiland for having their first commits merged into Django, welcome on board! 🎉 This week's Django highlights 🌟 Migrated django.core.mail to Python's current email API, replacing legacy email handling with modern implementation. Added hints support for PostgreSQL contrib operations, enabling database routers to make informed decisions in multi-database migration scenarios. Introduced accessibility guidelines and established accessibility standards that conform with the Web Content Accessibility Guidelines (WCAG) standards and along with best practices from Authoring Tool Accessibility Guidelines … -
Python and AI workflow with LangGraph
In this stream, I worked on a personal AI workflow that I’m building using LangGraph. I discussed human-in-the-loop and how to bring a person into the workflow process. -
Django: write a custom URL path converter to match given strings
Here’s a little tip based on some work that I did recently. The project has a URL pattern where the first part of the URL matches the current role the user is viewing the site as. Let’s say the roles are “chef”, “gourmand”, and “foodie”—example URLs might look like this: /chef/dashboard/ /gourmand/dashboard/ /foodie/dashboard/ /chef/dish/1/ /gourmand/dish/1/ /foodie/dish/1/ Most views can be accessed under all roles, with restrictions applied within the view code where appropriate. To match the role parts of the URL, you could define each URL pattern individually: from django.urls import path from example import views urlpatterns = [ path("chef/dashboard/", views.dashboard), path("gourmand/dashboard/", views.dashboard), path("foodie/dashboard/", views.dashboard), path("chef/dish/<int:id>/", views.dish), # ... ] However, that gets tiresome quickly and doesn’t really scale to larger numbers of roles or views. Also, it slows down URL resolution, as Django has to check each pattern in turn. Some scalable alternatives would be: Using Django’s str path converter, as in: path("<str:role>/dashboard/", views.dashboard) However, this matches arbitrary strings, requiring extra validation in the view and care to avoid capturing other URLs. Reaching for re_path() to define the URL as a regular expression, like: re_path(r"^(chef|gourmand|foodie)/dashboard/$", views.dashboard) But regular expression syntax is more complicated, especially for matching parameters. Rather than … -
Django: split ModelAdmin.get_queryset() by view
Within Django’s popular admin site, you can override ModelAdmin.get_queryset() to customize the queryset used by the admin views. It’s often used for performance optimizations, such as adding a select_related() call to batch-fetch related objects: from django.contrib import admin from example.models import Book @admin.register(Book) class BookAdmin(admin.ModelAdmin): def get_queryset(self, request): return super().get_queryset(request).select_related("author") However, one thing this approach lacks is granularity—the queryset returned by get_queryset() is used for all admin views, such as the change list, change form, and any custom views that you might add. That can mean that adding an optimization in get_queryset() for one view can impose a performance cost on other views that don’t need it. For example, the above select_related() call might optimize showing author details shown on the change list view, but other pages that don’t show the author will still incur the cost of the join. There isn’t an easy way to customize the queryset for individual views without overriding a lot of their code. However, the queryset() method is passed the current request object as context, which allows you to differentiate between views based on request.resolver_match. I think the most robust way to check the current admin view from there is with the __name__ attribute … -
Our tools are still not designed for the AI future
First a disclaimer on this one: I am making the assumption that the AI trend is here to stay in some form and an economic crash/bubble doesn't make the usage of them untenable, also I have yet experiment with every tool out there! With that said, a brief personal history of my usage of LLM's and the current wave of AI. I tried out ChatGPT when it was first released and was fairly impressed by the results, but the cruical missing step for me was the lack of browser integration, searching Google was still much quicker from a new tab page and the results from ChatGPT felt isolated, there was too much friction in my workflow for it be usable. I tried out a different product (I forget the name), which allowed me to search from a new tab page and I got AI results and normal search results in one go. This was better, but it still didn't stick, and so I kept experimenting with the tools on an ad-hoc basis, solving small challenges, but it not being a daily driver. In this I experimented with local LLMs and Zed's AI integration. This changed earlier this year where I … -
User Timezones in Django
When you create a local website, the local time usually matches your country’s timezone, and all visitors see times in that timezone. That’s not a big issue if your country has only one timezone and your audience is local. But when building a social platform like pybazaar.com, users are international and need to see times in their timezones. In this article, I’ll show you how to handle that in Django. Time Zone Database Since version 4.0, Django has used the zoneinfo library for managing timezones, and it used pytz up to version 3.2. Both rely on the IANA Time Zone Database (tzdata). IANA is the same organization that manages the DNS root zone, IP addresses, and other global internet resources. Install tzdata in your virtual environment as usual: (venv)$ pip install --upgrade tzdata Timezone Changes Timezone information changes several times a year due to: Daylight Saving Time (DST) adjustments Political and border changes Shifts in standard time offset Daylight Saving Time (DST) was first introduced in 1914 in Canada and later standardized in the U.S. in 1966. When dealing with historic dates before 1966—or future dates with uncertain timezone rules—precise time calculations can be unreliable. # Before U.S. DST standardization: … -
Django News - DjangoCon US 2025 Talks Announced - Jul 25th 2025
News Announcing our DjangoCon US 2025 Talks! The official DjangoCon US 2025 talk lineup has been unveiled, featuring expert sessions on Django deployments, ORM alternatives, search, AI integration, CMS, migrations, performance, and community practices. djangocon.us Python 3.14 release candidate 1 is go! This is the first release candidate of Python 3.14. blogspot.com PSF Board Election Nominations Opening July 29th PSF opens 2025 Board Election nominations from July 29 to August 12 UTC, providing a timeline, resources, and guidance for prospective candidates. blogspot.com Updates to Django Today 'Updates to Django' is presented by Pradhvan from the Djangonaut Space! 🚀 Last week we had 14 pull requests merged into Django by 8 different contributors including 2 first-time contributors! Congratulations to LauHerregodts and Ishita Jain for having their first commits merged into Django, welcome on board! 🎉 This week's Django highlights 🌟 Deprecated most positional args to django.core.mail, adding deprecation warnings for non-keyword arguments in email functions, with removal planned for Django 7.0. Added support for GeometryType database function, bringing new GIS functionality for spatial queries with cross-database compatibility including Oracle. Updated migration command to record applied/unapplied migration statuses recursively, fixing how Django handles double-squashed migrations to ensure proper status tracking. That's all … -
Deploying a Django App to Sevalla
This tutorial looks at how to deploy a Django application to Sevalla. -
Latest feature of Comfort Monitor Live released!
Yesterday I finally finished and released the latest feature of Comfort Monitor Live, which allows users to design custom layouts for the comfort monitor. This has been build has been a long slog of over 6 months slowly working on it every Wednesday evening for a couple of hours. AI has helped to an extent in building this feature, but mostly it was still me slowly building and debugging issues as they came up. Being a chrome extension, means a lot of Javascript and I the UI has been NextJS. Both of these have made me realise the beauty and speed Django brings to a project for CRUD operations against a datastore and a structure for quickly creating a UI that can store that data. This was also one of those features which resulted in a rebuild of the core logic to be better and scalable for future use, especially the next feature which will allow the user to implement some rules around how the comfort monitor runs during an event. It's going to be another big lift when I do build it, but for now, with this shipped it's going to allow me to focus more on some Django … -
Django: iterate through all registered URL patterns
I’ve found it useful, on occasion, to iterate through all registered URL patterns in a Django project. Sometimes this has been for checking URL layouts or auditing which views are registered. In this post, we’ll look at a pattern for doing that, along with an example use case. Get all URL patterns with a recursive generator The below snippet contains a generator function that traverses Django’s URLResolver structure, which is the parsed representation of your URLconf. It extracts all URLPattern objects, which represent individual URL patterns from path() or re_path() calls, and returns them along with their containing namespace. It handles nested URL resolvers from include() calls by calling itself recursively. from typing import Iterator, Optional from django.urls import URLPattern, URLResolver, get_resolver def all_url_patterns( url_patterns: Optional[list] = None, namespace: str = "" ) -> Iterator[tuple[URLPattern, str]]: """ Yield tuples of (URLPattern, namespace) for all URLPattern objects in the given Django URLconf, or the default one if none is provided. """ if url_patterns is None: url_patterns = get_resolver().url_patterns for pattern in url_patterns: if isinstance(pattern, URLPattern): yield pattern, namespace elif isinstance(pattern, URLResolver): if pattern.namespace: if namespace: namespace = f"{namespace}:{pattern.namespace}" else: namespace = pattern.namespace yield from all_url_patterns(pattern.url_patterns, namespace) else: raise TypeError(f"Unexpected pattern type: …
