The Django weblog
735 FOLLOWERS
The Django blog will help to guide and update you with all the new releases of Django software also the news related to Django software. Django is a web development framework that encourages rapid development of web-based applications.
The Django weblog
5d ago
The DSF Board and Fellows Committee are pleased to introduce Sarah Boyce as our new Django Fellow. Sarah will be joining Natalia Bidart who is continuing her excellent tenure as a Fellow.
Sarah is a senior developer and developer advocate with 5 years of experience developing with Django under her belt. She graduated with a first class honours degree in Mathematics from the University of Bath, and transitioned in software development in her first job out of school.
Sarah first worked as a client project focused developer, where she gained experience directly dealing with requests from clients ..read more
The Django weblog
3w ago
In accordance with our security release policy, the Django team is issuing Django 5.0.3, Django 4.2.11, and Django 3.2.25. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.
CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()
django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a suitably crafted string (follow up to CVE-2019-14232 and CVE-2023-43665 ..read more
The Django weblog
1M ago
Happy birthday, Django accessibility team! ?
The team has been up and running for three years, and is now looking for new members. With a lot happening in this space, we thought we were overdue for an update on what we’re up to.
Django accessibility in 2023
We’re very happy with the work done to date. There have been a lot of efforts to improve the accessibility of core Django features such as forms, and of the administrative interface. Beyond Django core, there has also been progress on djangoproject.com, Django packages, and community awareness via talks and events.
Django core
We made a lot ..read more
The Django weblog
1M ago
In accordance with our security release policy, the Django team is issuing Django 5.0.2, Django 4.2.10, and Django 3.2.24. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.
CVE-2024-24680: Potential denial-of-service in intcomma template filter
The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
Affected supported versions
Django main branch
Django 5.0
Django 4.2
Django 3.2
Resolution
Patches to resolve the issue have been applied to Django's main branch a ..read more
The Django weblog
2M ago
After five years as part of the Django Fellowship program, Mariusz Felisiak has let us know that he will be stepping down as a Django Fellow in March 2024 to explore other things. Mariusz has made an extraordinary impact as a Django Fellow and has been a critical part of the Django community.
The Django Software Foundation and the wider Django community are grateful for his service and assistance.
The Fellowship program was started in 2014 as a way to dedicate high-quality and consistent resources to the maintenance of Django. As Django has matured, the DSF has been able to fundraise and earma ..read more
The Django weblog
2M ago
DjangoCon Europe 2024 will be held June 5th-9th in Vigo, Spain but we're already looking ahead to the 2025 conference. Could your town - or your football stadium, circus tent, private island or city hall - host this wonderful community event?
Hosting a DjangoCon is an ambitious undertaking. It's hard work, but each year it has been successfully run by a team of community volunteers, not all of whom have had previous experience - more important is enthusiasm, organizational skills, the ability to plan and manage budgets, time and people - and plenty of time to invest in the project.
How to appl ..read more
The Django weblog
2M ago
Recently, the DSF made some changes to our bylaws to change the definition of DSF Membership. You can read the legalese of the new language in the meeting minutes for the October 12 board meeting, but here’s the short version: previously, individual membership required contribution of intellectual property (e.g. code or documentation) we’ve changed it so that individual membership now recognizes broader contributions to the DSF’s mission. That still includes code and docs, but now also includes many more activities: organizing a Django event, serving on a Working Group, maintaining a third-par ..read more
The Django weblog
3M ago
You can take advantage of our Early Bird ticket sale for DjangoCon Europe 2024. By purchasing your tickets early, you not only guarantee your attendance at one of the most exciting Django events but also enjoy significant savings.
Buy tickets on the conference website
Why Go Early?
You can secure your tickets at a special Early Bird rate, providing exceptional value for your conference experience.
Also, your early commitment goes a long way in supporting the success of DjangoCon Europe 2024. It helps us plan better and ensure a seamless event.
Act now and secure your Early Bird tickets before ..read more
The Django weblog
3M ago
Today we've issued 5.0.1 and 4.2.9 bugfix releases.
The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B ..read more
The Django weblog
3M ago
It's a new year. What better way to start it than submitting your talk or workshop for DjangoCon Europe 2024, in beautiful Vigo, Spain?
The Call for Proposals (CFP) is open now, and will be until midnight on February 29th. That's two whole months, but you don't have to leave it to the last minute:
DjangoCon Europe 2024, Vigo CFP
We're looking for a range of talks on technical and non-technical topics. We're looking for talks accessible to skill all levels, and we're looking for submissions from new and seasoned speakers.
If you're asking, can I do this? The answer is yes. If you've got a topic ..read more