archive

• Security advisory: simple_tag does not do auto-escaping

  Posted by Luke Plant on June 29, 2015

  The simple_tag decorator used for creating custom template tags does not run auto-escaping on its contents (up to and including Django 1.8). Users should check they are implementing appropriate escaping on their own to avoid XSS vulnerabilities.

  Read more

• Django's Roadmap

  Posted by Tim Graham on June 25, 2015 The Django team has adopted a more formalized release schedule. Read more

• Django core team adds two members

  Posted by Carl Meyer on June 19, 2015

  Welcome Tomek Paczkowski and Preston Timmons to the Django team!

  Read more

• Django Software Foundation announces Diversity Statement

  Posted by Russell Keith-Magee on June 16, 2015

  The DSF is proud to announce a Diversity Statement for the community.

  Read more

Back to Top