April 22, 2024 » The Django weblog » [Archived Version]
As many of you are not doubt aware there have recently been some community conversation regarding a license agreement that was published as part of the DjangoCon Europe Call for Proposals for organizers. I believe it is fair to characterize the reaction as negative, with expressions of anger, frustration, and confusion towards the DSF for placing burdensome and one sided requirements for hosting a DjangoCon Europe. I want to state first and foremost that I added the licensing agreement to t…
Read MoreApril 3, 2024 » The Django weblog » [Archived Version]
Today we've issued the 5.0.4 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E. Django 3.2 has reached the end of extended support Note that with this release, Django 3.2 has reached the end of extended support. All Django 3.2 users are encouraged to upgrade to Django 4.2 or later to continue receiving fixes for security issues. See the downl…
Read MoreMarch 22, 2024 » The Django weblog » [Archived Version]
The DSF Board and Fellows Committee are pleased to introduce Sarah Boyce as our new Django Fellow. Sarah will be joining Natalia Bidart who is continuing her excellent tenure as a Fellow. Sarah is a senior developer and developer advocate with 5 years of experience developing with Django under her belt. She graduated with a first class honours degree in Mathematics from the University of Bath, and transitioned in software development in her first job out of school. Sarah first worked as a cl…
Read MoreMarch 4, 2024 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 5.0.3, Django 4.2.11, and Django 3.2.25. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression de…
Read MoreFeb. 11, 2024 » The Django weblog » [Archived Version]
Happy birthday, Django accessibility team! 🌈 The team has been up and running for three years, and is now looking for new members. With a lot happening in this space, we thought we were overdue for an update on what we’re up to. Django accessibility in 2023 We’re very happy with the work done to date. There have been a lot of efforts to improve the accessibility of core Django features such as forms, and of the administrative interface. Beyond Django core, there has also been progress on d…
Read MoreFeb. 6, 2024 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 5.0.2, Django 4.2.10, and Django 3.2.24. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2024-24680: Potential denial-of-service in intcomma template filter The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. Thanks Seokchan Yoon for the report. This issue has severity &quo…
Read MoreJan. 19, 2024 » The Django weblog » [Archived Version]
After five years as part of the Django Fellowship program, Mariusz Felisiak has let us know that he will be stepping down as a Django Fellow in March 2024 to explore other things. Mariusz has made an extraordinary impact as a Django Fellow and has been a critical part of the Django community. The Django Software Foundation and the wider Django community are grateful for his service and assistance. The Fellowship program was started in 2014 as a way to dedicate high-quality and consistent resour…
Read MoreJan. 15, 2024 » The Django weblog » [Archived Version]
DjangoCon Europe 2024 will be held June 5th-9th in Vigo, Spain but we're already looking ahead to the 2025 conference. Could your town - or your football stadium, circus tent, private island or city hall - host this wonderful community event? Hosting a DjangoCon is an ambitious undertaking. It's hard work, but each year it has been successfully run by a team of community volunteers, not all of whom have had previous experience - more important is enthusiasm, organizational skills, the ability …
Read MoreJan. 10, 2024 » The Django weblog » [Archived Version]
Recently, the DSF made some changes to our bylaws to change the definition of DSF Membership. You can read the legalese of the new language in the meeting minutes for the October 12 board meeting, but here’s the short version: previously, individual membership required contribution of intellectual property (e.g. code or documentation) we’ve changed it so that individual membership now recognizes broader contributions to the DSF’s mission. That still includes code and docs, but now also includes…
Read MoreJan. 8, 2024 » The Django weblog » [Archived Version]
Following our 2024 DSF Board Election Results, here are quick introductions from our two new board members, Sarah Abderemane and Thibaud Colas, elected for a two-year term for 2024-2025. Collage: Sarah on the left, smiling, in the Versailles Hall of Mirrors. Thibaud on the right, in a field, looking in the distance with a boy on his shoulders. Sarah Abderemane Sarah Abderemane, also known as sabderemane, is a software developer in France. She currently works at Kraken Tech…
Read More