Django News - Django security releases issued: 5.2.2, 5.1.10, and 4.2.22 - Jun 6th 2025
| in blog | Django News |
|---|---|
| original entry | Django News - Django security releases issued: 5.2.2, 5.1.10, and 4.2.22 - Jun 6th 2025 |
News
Django security releases issued: 5.2.2, 5.1.10, and 4.2.22
Django issues security patches in 5.2.2, 5.1.10, and 4.2.22, resolving a moderate severity log injection vulnerability in internal logging via unescaped request.path.
Python 3.13.4, 3.12.11, 3.11.13, 3.10.18 and 3.9.23 are now available!
The Python 3.13.4 release includes over 300 bug fixes, and every version of Python has received three security updates.
django-unicorn - Request for maintainer(s)
Django-unicorn seeks new maintainers to help evolve its interactive component library, address complexity, improve features, and support continued development within Django projects.
Python Packaging Ecosystem Survey
Participate in Anaconda’s survey to share your Python packaging experiences and resource preferences, helping guide future improvements in the packaging ecosystem.
Updates to Django
Today 'Updates to Django' is presented by Pradhvan from the Djangonaut Space! 🚀 Last week we had 3 pull requests merged into Django by 3 different contributors - including 1 first-time contributor! Congratulations to Jason Judkins for having their first commit merged into Django - welcome on board! 🥳
This week’s Django highlight: 🦄
- Jason, updated the package name in Django's reusable apps tutorial to follow PEP 625 standards.
Django Newsletter
Wagtail CMS
Closing the gap: strict CSP in the Django world
Inching closer to strict CSP compatibility for the Django ecosystem.
Articles
Optimizing Django Docker Builds with Astral’s `uv`
Astral’s uv dramatically accelerates and secures Django Docker builds by leveraging multi-stage images, cache mounts, and strict lockfile verification for deterministic dependency management.
Give Your Django Admin X‑Ray Vision - Automatic Dead‑Link Detection
django-linkcheck is a Django app that automates dead link detection in URLFields and HTML content, schedules checks, and provides an admin interface.
Loopwerk: An easy way to use different serializers for different actions and request methods in Django REST Framework
ActionSerializerModelViewSet lets Django REST Framework developers assign specific read and write serializers per viewset action or method with fallback logic.
Django: Deferred constrain enforcement
PostgreSQL deferrable unique constraints in Django ORM allow postponing integrity checks until transaction commit to avoid transient conflicts when bulk updating related records.
Validating a new project
Leveraging PyCon open spaces and sprints delivers actionable early feedback and use cases for new Python tools like py-bugger and django-simple-deploy.
SQLite Virtual Tables from Django
Integrate custom Rust-based SQLite virtual tables into Django by loading extensions on connection creation and auto-defining virtual tables for models to query external data.
How to split up a Django monolith without using microservices
django-queuebie offers a synchronous command and event message queue to decouple, modularize and test complex Django business logic across internal apps without microservices.
Preserving referential integrity with JSON fields and Django
Use django-json-schema-editor’s JSONField with JSON schema definitions and register_data_reference to enforce on_delete=PROTECT referential integrity for model ids in JSON, illustrated with galleries
Django Fellow Report
Fellow Report - Natalia Bidart
Seven tickets triaged, six reviewed, three authored, and monthly Security Council call.
DjangoCon Videos
Keynote: Django needs you! (to do code review)
Django Fellow Sarah Boyce's keynote on how/why to contribute to Django.
Django + HTMX: Patterns to Success with Lucas Pires
A talk on tried and tested patterns for building applications using Django and HTMX.
End-to-end testing Django applications using Pytest with Playwright by Jacob Rief
How to evolve unit tests using Beautifulsoup into end-to-end tests using Playwright.
Sponsored Link 2
AI-Powered Django Development & Consulting
REVSYS specializes in seamlessly integrating powerful AI technologies, including GPT-4, into your existing Django applications. Your Django project deserves modern, intelligent features that enhance user engagement and streamline content workflows.
Podcasts
Django Chat #184: PHP Web Frameworks - Roman Pronskiy
Roman Pronskiy is the Executive Director of the PHP Foundation and a Developer Advocate at JetBrains. We discuss PHP’s evolution over the years, Laravel vs Symfony, and what Python can learn from the PHP ecosystem.
Django News Jobs
Senior Backend Engineer at Wasmer
Python / Django Software Developer - fulltime employee- No visa sponsorship at Off Duty Management
Django Newsletter
Django Forum
Proposal: Lazy loading for `django.contrib.gis.gdal`
Proposal to implement lazy loading in django.contrib.gis.gdal, matching GEOS behavior, so django.setup() won’t fail when GDAL isn’t installed unless needed.
Projects
AndrewIngram/django-extra-views
Django's class-based generic views are awesome, let's have more of them.
simonw/django-plugin-datasette
Django plugin to run Datasette inside of Django.
This RSS feed is published on https://django-news.com/. You can also subscribe via email.