Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

February 01 2018

Django security releases issued: 2.0.2 and 1.11.10

In accordance with our security release policy, the Django team is issuing Django 1.11.10 and Django 2.0.2. These release addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.

CVE-2018-6188: Information leakage in AuthenticationForm

A regression in Django 1.11.8 made django.contrib.auth.forms.AuthenticationForm run its confirm_login_allowed() method even if an incorrect password is entered. This can leak information about a user, depending on what messages confirm_login_allowed() raises. If confirm_login_allowed() isn't overridden, an attacker enter an arbitrary username and see if that user has been set to is_active=False. If confirm_login_allowed() is overridden, more sensitive details could be leaked.

Thanks Jack Cushman for reporting this issue.

Affected supported versions

  • Django master branch
  • Django 2.0 and 2.0.1
  • Django 1.11.8 and 1.11.9

Per our supported versions policy, Django 1.10 and 1.9 are no longer supported (but aren't affected). Django 1.8 LTS (for which security support ends on April 1) is unaffected.

Resolution

Patches to resolve the issue have been applied to Django's master branch and the 2.0 and 1.11 release branches. The patches may be obtained from the following changesets:

The following releases have been issued:

The PGP key ID used for these releases is Tim Graham: 1E8ABDC773EDE252.

General notes regarding security reporting

As always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance or the django-developers list. Please see our security policies for further information.

January 22 2018

2017 Malcolm Tredinnick Memorial Prize awarded to Claude Paroz

The Board of the Django Software Foundation is pleased to announce that the 2017 Malcolm Tredinnick Memorial Prize has been awarded to Claude Paroz.

Claude has been a contributor to Django since 2012. He was selected for the prize by the board from amongst the nominees on the basis of his long-term, consistent contribution. Claude has given service to Django though code and also by enabling others to contribute effectively.

His work represents a less-visible but essential aspect of contribution to Django. It's not the kind of work that will be publicly applauded at a conference, or stand out as news, but it's of enormous importance to the project. Claude is owed a debt of thanks for it.

Tim Graham wrote in his nomination:

I nominate Claude Paroz for five years of tireless and unheralded contributions to Django, including shepherding the GeoDjango project and serving as the Django translations manager. He's the primary answering authority on the geodjango and django-i18n mailing lists.

While his contributing began in 2012, Claude is the most active volunteer contributor based on number of commits since 2008. He regularly offers his expertise by triaging tickets and reviewing pull requests. If I ask Claude for some advice in an area of Django in which I'm less versed, his responses are quick, respectful, and helpful.

Several other people were also nominated for this prize. The Malcom Tredinnick prize could once again have deservedly been awarded several times over. It is an enduring pleasure to observe that there is no shortage of members of our community who, like Claude, exemplify the spirit of generosity and support that the prize celebrates.

The other nominees were:

  • Ifunanya Ikemma, for her work teaching and encouraging women in to programming, through PyLadies and Django Girls in Nigeria
  • Katie McLaughlin, for her work in open source projects as a contributor and mentor
  • Melanie Crutchfield, for her work with PyLadies and Django Girls
  • Jeff Triplett, for his huge contribution to the running of DjangoCon US, and the consistently warm, supportive attitude he brings to this and to his other work in the world of Django
  • Veronica Munro, for her work organising Django Girls events in Australia
  • Lacey Williams Henschel, for her work in DjangoCon US (including her magnificent work as the 2017 conference chair), and helping to build the Django community in the US
  • Tim Graham, for being an ever-responsive and valuable point of technical contact for Django.

Many congratulations to Claude, and our sincere thanks to all the nominees for their continued work in Django. Thanks are also due to all who took the trouble to nominate someone.

January 12 2018

The DSF Welcomes Carlton Gibson as its Newest Fellow

On November 16, 2017, the DSF made a call for Django Fellow applicants. On behalf of the Django Software Foundation, the DSF Fellowship Committee is pleased to announce Carlton Gibson as the newest Django Fellow. Carlton is joining Tim Graham who recently announced his scale back of hours. Tim will be transitioning to part-time but remaining as a Fellow.

Carlton has been involved in the Django community since 2009. He has been a core team member of the Django REST Framework for several years. He's a major contributor to Django Filter, Django Crispy Forms and Django AppConf as well as Django Compressor and many others. He is also an instructor for Django Girls in Barcelona.

The DSF received 15 applicants, all of which were reviewed by the Fellowship Committee before coming to a consensus decision on Carlton. The level of talent and professionalism in the applicant pool made the decision process a difficult one. We are grateful for all who applied and their desire to participate in this important initiative.

The Fellowship program has been a great success for the past three years and is only possible through generous support of the Django Software Foundation. If you or your organization benefit from Django and the work of the Fellowship program, please consider a donation. Every dollar amount, large or small, makes an impact.

January 06 2018

Results of the DSF Board election

The DSF membership elected a new board last month. The six elected directors of the DSF for 2018 are (in alphabetical order):

  • James Bennett
  • Rebecca Conley
  • Anna Makarudze
  • Katie McLaughlin
  • Daniele Procida
  • Frank Wiles

There were 39 candidates this year. Last year, there were just six.

We had multiple candidates from each of: North and South America, Europe, Australia, India and Africa.

This year, half of the board is from outside of the USA; previously the USA has been heavily over-represented.

53 people voted, compared with 12 last year.

Half of our board members are women, and we have our first African director of the DSF (Anna Makarudze).

Many thanks to all who participated - both those who voted, and especially those who put themselves forward to serve on the board. Thanks are also due to the outgoing Board.

January 02 2018

Django bugfix releases: 2.0.1 and 1.11.9

Today we've issued the 2.0.1 and 1.11.9 bugfix releases.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

December 18 2017

DjangoCon Europe 2018 Update: Early Bird Tickets, CFP, and Opportunity grants are open!

In case you missed the news, DjangoCon Europe 2018 will take place in beautiful Heidelberg, Germany, from May 23-27, 2018! We've started selling early bird tickets, and opened the Call for Participation and Opportunity Grant applications. We are also looking for sponsors.

Early Bird Tickets

Early Bird Tickets are now available for a reduced price. Early Bird tickets are currently planned to be available until end of January, so be sure to get yours soon!

Buying an Early Bird Ticket isn’t just great for you, it also helps us estimate the amount of attendees we will have, and to give us more time to handle any special requirements you may have.

You will notice that our ticket pricing allows you to input a ticket price of your choice. With the additional money, we are able to make it a more inclusive conference by investing in accessibility improvements as well as our opportunity grant program, helping people with little resources, and/or a lack of representation in our community to participate in DjangoCon Europe 2018. Please choose to give more if you can – you’ll have a very direct impact on how wonderful our conference and our community will be.

Call for Participation (CFP)

Our CFP for talks and tutorials is now open! The deadline for submissions is February 1, 2018. We’re looking for speakers of all experience levels and backgrounds, and are currently working on our (opt-in) speaker mentoring program. Talk and tutorial presenters receive free admission to DjangoCon Europe. You can edit your submission until the deadline, so there's no need to wait. If you need additional financial support, please apply to the Opportunity Grant program, where speakers are given special consideration.

Opportunity Grant Application

We are very proud of our opportunity grant program – this is what you may know from other or previous conferences as the financial aid program. If (either as an attendee or a speaker) paying acommodations and travelling expenses would be difficult for you, especially if you belong to a marginalized or underrepresented group in tech, please check it out.

You have until February 1st to submit your request, to give us sufficient time to go through requests, which in turn gives you sufficient time to plan your journey, handle visa applications, and answer all questions you may have.

Sponsor opportunities

We are only able to run this conference with the support of sponsors that share our goal to create a wonderful, diverse and insightful event. If you are interested in sponsoring DjangoCon Europe 2018, please see our sponsorship page and brochure.

Sponsoring is a great opportunity to market developer-focused products, recruit developers, and to give back to the community if you use Django to build your products. DjangoCon Europe has a great track record in supporting diversity in tech. We are committed to continue this tradition and we need strong partners to make this possible.

Your own employees can profit a lot from attending DjangoCon Europe. Not only does the conference provide valuable education in form of talks and workshops that improve their professional and technical skills, it is also the single best place to start building a network within a community of potential future partners. Many sponsorship packages include a number of tickets.

December 12 2017

DSF travel grants available for PyCon Namibia 2018

About PyCon Namibia

PyCon Namibia held its first edition in 2015.

The conference has been held annually since then, and has been at the heart of a new open-source software movement in Namibia. In particular, through PyNam, the Namibian Python Society, Python has become the focus of self-organised community volunteering activity in schools and universities.

In the last two years, assisted greatly by Helen Sherwood-Taylor, Django Girls has become an important part of the event too.

PyCons in Africa

The conference has also been the direct prompt for further new PyCons across Africa; Zimbabwe in 2016, Nigeria in 2017 and a planned PyCon Ghana next year. In each case, PyCon attendees from another country have returned home to set up their own events.

An important aspect of these events is the opportunity to establish relationships with the international community. Numerous people have travelled from other corners of the world to meet African programmers in their own countries, and many have returned multiple times.

Be a Pythonista, not a tourist

There is enormous value in this exchange, which gives Python/Django programmers from beyond Africa a unique opportunity to encounter African programmers in their own country, and to visit not as passing tourists but as Pythonistas and Djangonauts who will form long-term relationships with their African counterparts. This helps ensure that the international Python community meaningfully includes its members, wherever in the world they may be, and represents a chance like no other to understand them and what Python might mean in Africa.

There is probably no better way to understand what Python might mean in Namibia, for example, than having lunch with a group of Namibian high-school pupils and hearing about their ideas and plans for programming.

This exchange enriches not only the PyCon itself, but also the lives of the Pythonistas that it embraces, from both countries, and the communities they are a part of.

About the travel fund

In order to help maintain this valuable exchange between international Python communities, the Django Software Foundation has set aside a total of US$1500 to help enable travellers from abroad to visit Namibia for next year's PyCon, 20th-22nd February.

The DSF seeks expressions of interest from members of the international Django community who'd like to take advantage of these funds.

Please get in touch with us by email. We'd like to know:

  • who you are
  • why you'd like to participate
  • where you are travelling from and how much you estimate you will need

PyCon Namibia will benefit most from attendees who are interested in developing long-term relationships with its community and attendees.

See the conference website for information about travel and more.

December 07 2017

What it's like to serve on the DSF Board

I am currently the Vice-President of the Django Software Foundation, and have served as a member of the DSF Board for two years. This article is intended to help give a clearer picture of what's involved in being on the DSF Board, and might help some people decide whether they wish to stand for election.

What we do

Each month we - the six directors - have a board meeting, via Hangout. This lasts about an hour. We follow an agenda, and discuss questions that have arisen, have report on the state of our finances, and vote on any questions that have come up.

Each month a number of the questions we vote on are about grant applications for events (conferences, Django Girls and so on) and nominations for new members.

Mostly it's fairly routine business, and doesn't require much deliberation.

Occasionally there are trickier questions, for example that might concern:

  • matters where we are not sure what the best way forward is
  • legal questions about what the DSF is and isn't allowed to do
  • disagreements or contentious questions within the DSF or Django community

On the whole we find that when it's a matter of judgement about something, that we come to agreement pretty quickly.

At each meeting we'll each agree to take on certain administrative tasks that follow on from the discussion.

During the month a number of email messages come in that need to be answered - mostly enquiries about support for events, use of the Django logo, and so on, and also several for technical help with Django that we refer elsewhere.

Any one of us will answer those, if we can.

Some members of the board have special duties or interests - for example the Treasurer and Secretary have official duties, while I often take up enquiries about events.

Overall, it's a few hours' work each month.

What you need to be a board member

The board members are officially "Directors of the Django Software Foundation", which might make it sound more glamorous and/or difficult than it really is. It's neither...

If you can:

  • spare a few hours each month
  • spare some personal energy for the job
  • take part in meetings and help make decisions
  • answer email
  • read proposals, requests, applications and other documents carefully
  • help write documents (whether it's composing or proof-reading)
  • listen to people and voices in the Django community

then you probably have everything that's required to make a genuine, valuable contribution to Django by serving on the board.

Obviously, to serve as the Treasurer or Secretary requires some basic suitable skills for those roles - but you don't need to be a qualified accountant or have formal training.

In any case, no-one is born a DSF board member, and it's perfectly reasonable that in such a role you will learn to do new things if you don't know them already.

What it's like

I can only speak for myself - but I enjoy the work very much. Everyone on the board has a common aim of serving Django and its community, and the way the board works is friendly, collaborative and supportive. There's room for a variety of skills, special knowledge and experience. Different perspectives are welcomed.

There's also a very clear Django ethos and direction, that aims at inclusivity and generosity. The sustainability of the project and the well-being of people involved in it are always concerns that are visibly and explicitly on the table in board discussions.

It's a very good feeling each month to have our board meeting and be reminded how true the "boring means stable" equation is. Django is a big ship, and it sails on month after month, steadily. It requires some steering, and a shared vision of the way ahead, but progresses without big dramas. As a member of the board, this makes me feel that I am involved in something safe and sustainable.

I've been on the DSF board for nearly two years. Serving on the board does require some extra energy and time in my life, but it very rarely, if ever, feels like wasted or useless expenditure of energy. What we do makes sense, and has actual, tangible, useful results.

If you have some energy that you would like to do something useful with to help Django and all the individuals and organisations involved in it, I think that serving as DSF board member is an excellent way to use it, because the DSF is a machine that works well and your time and energy won't be wasted.

All of this discussion has been wholly from my own perspective, and even then it's quite incomplete. I'm just one board member of six, and other board members might have things they feel are important to add that I have not mentioned. Even so, I hope this account reassures anyone who had any doubts that:

  • they don't need special skills or credentials to be a board member
  • being a board member is a rewarding way to spend their time and energy
  • serving on the board makes a genuine contribution to Django

Daniele Procida

December 06 2017

Results of the Django/PyCharm Promotion 2017

We’re happy to report that our second iteration of the Django/PyСharm fundraising campaign - which we ran this summer - was a huge success. This year we helped raise a total of $66,094 USD for the Django Software Foundation! Last year (2016) we ran a similar campaign which resulted in a collective contribution of $50,000 USD to the cause. We’re happy we could raise even more money this year for the Django community!

If you missed the campaign here’s the essence of the past promotion: For 3 weeks this summer, Django developers could effectively donate to Django Software Foundation by purchasing a new individual PyCharm Professional annual subscription at 30% off, with all proceeds from the sales going to the Django Software Foundation. Read more details here.

All the money raised goes toward Django outreach and diversity programs: supporting DSF, the Django Fellowship program, Django Girls workshops, sponsoring official Django conferences, and other equally incredible projects.

We want to say huge thanks to the DSF for their active collaboration and making this fundraiser happen. We hope that in 2018 we’ll be able to make this yearly event even more successful!

The DSF general fundraising campaign is still on-going, and we encourage everyone to contribute to the success of Django by donating to DSF directly.

If you have any questions, get in touch with us at fundraising@djangoproject.com or JetBrains at pycharm-support@jetbrains.com.

December 02 2017

Django 2.0 released

The Django team is happy to announce the release of Django 2.0.

This release starts Django’s use of a loose form of semantic versioning, but there aren’t any major backwards incompatible changes (except that support for Python 2.7 is removed) that might be expected of a 2.0 release. Upgrading should be a similar amount of effort as past feature releases.

The release notes cover the assortment of new features in detail, but a few highlights are:

You can get Django 2.0 from our downloads page or from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

With the release of Django 2.0, Django 1.11 has reached the end of mainstream support. The final minor bug fix release, 1.11.8, was issued today. As a long-term support release, Django 1.11 will receive security and data loss fixes until April 2020.

Django 1.10 has reached the end of extended support. All Django 1.10 users are encouraged to upgrade to Django 1.11 or later to continue receiving fixes for security issues.

See the downloads page for a table of supported versions and the future release schedule.

November 16 2017

DSF calls for applicants for a Django Fellow

After three years of full-time work as the Django Fellow, I'd like to scale back my involvement to part-time. That means it's time to hire another Fellow who would like to work on Django 20-40 hours per week. The position is ongoing - the successful applicant will have the position until they choose to step down.

The position of Fellow is primarily focused on housekeeping and community support - you'll be expected to do the work that would benefit from constant, guaranteed attention rather than volunteer-only efforts. In particular, your duties will include:

  • monitoring the security@djangoproject.com email alias and ensuring security issues are acknowledged and responded to promptly
  • fixing release blockers and helping to ensure timely releases
  • fixing severe bugs and helping to backport fixes to these and security issues
  • reviewing and merging pull requests
  • triaging tickets on Trac
  • answering user questions on IRC and the django-developers mailing list
  • helping new Django contributors land patches and learn our philosophy

Being a committer isn't a prerequisite for this position; we'll consider applications from anyone with a proven history of working with either the Django community or another similar open-source community.

Your geographical location isn't important either - we have several methods of remote communication and coordination that we can use depending on the timezone difference to the supervising members of Django.

You'll be expected to post a weekly report of your work to the django-developers mailing list.

If you don't perform the duties to a satisfactory level, we may end your contract. We may also terminate the contract if we're unable to raise sufficient funds to support the Fellowship on an ongoing basis (unlikely, given the current fundraising levels).

Compensation isn't competitive with full-time salaries in big cities like San Francisco or London. The Fellow will be selected to make best use of available funds.

If you're interested in applying for the position, please email us with details of your experience with Django and open-source contribution and community support in general, the amount of time each week you'd like to dedicate to the position (a minimum of 20 hours a week), your hourly rate, and when you'd like to start working. The start date is flexible and will be on or after January 1, 2018.

Applications will be open until 1200 UTC, December 18, 2017, with the expectation that the successful candidate will be announced around December 22.

Successful applicants will not be an employee of the Django Project or the Django Software Foundation. Fellows will be contractors and expected to ensure that they meet all of their resident country's criteria for self-employment or having a shell consulting company, invoicing the DSF on a monthly basis and ensuring they pay all relevant taxes.

If you or your company is interested in helping fund this program and future DSF activities, please consider becoming a corporate member to learn about corporate membership, or you can make a donation to the Django Software Foundation.

June 01 2017

Django bugfix release: 1.11.2

Today we've issued the 1.11.2 bugfix release.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

May 06 2017

Django bugfix release: 1.11.1

Today we've issued the 1.11.1 bugfix release.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

April 25 2017

DjangoCon Europe 2017 in retrospect

DjangoCon Europe 2017 upheld all the traditions established by previous editions: a volunteer-run event, speakers from all sections of the community and a commitment to stage a memorable, enjoyable conference for all attendees.

Held in a stunning Art Deco cinema in the centre of the city, this year's edition was host to over 350 Djangonauts.

The team of always-smiling and willing volunteers, led by Emanuela Dal Mas and Iacopo Spalletti under the auspices of the Fuzzy Brains association, created a stellar success on behalf of all the community.

Of note in this year's conference was an emphasis on inclusion, as expressed in the conference's manifesto. The organisers' efforts to expand the notion of inclusion was visible in the number of attendees from Africa and south Asia, nearly all of whom were also given a platform at the event. This was made possible not only by the financial assistance programme but also through the considerable logistical help the organisers were able to offer.

The conference's opening keynote talk by Anna Makarudze and Humphrey Butau on the growing Python community in Zimbabwe, and an all-woman panel discussing their journeys in technology, were just two examples of a commitment to making more space for voices and stories that are less often heard.

DjangoCon Europe continues to thrive and sparkle in the hands of the people who care about it most, and who step forward each year as volunteers who commit hundreds of hours of their time to make the best possible success of it. Once again, this care has shone through.

On behalf of the whole Django community, the Django Software Foundation would like to thank the entire organising team and all the other volunteers of this year's DjangoCon Europe, for putting on a superb and memorable production.

The next DjangoCons in Europe

The DSF Board is considering bids for DjangoCon Europe 2018-2020. If you're interested in hosting the event in one of these years, we'd like to hear from you as soon as possible.

April 04 2017

Django 1.11 released

The Django team is happy to announce the release of Django 1.11.

This version has been designated as a long-term support (LTS) release, which means that security and data loss fixes will be applied for at least the next three years. It will also receive fixes for crashing bugs, major functionality bugs in newly-introduced features, and regressions from older versions of Django for the next eight months until December 2017.

As always, the release notes cover the medley of new features in detail, but a few highlights are:

You can get Django 1.11 from our downloads page or from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

With the release of Django 1.11, Django 1.10 has reached the end of mainstream support. The final minor bugfix release (1.10.7) was issued today. Django 1.10 will receive security and data loss fixes for another eight months until December 2017.

Django 1.9 has reached the end of extended support. The final security release (1.9.13) was issued today. All Django 1.9 users are encouraged to upgrade to Django 1.10 or later.

See the downloads page for a table of supported versions and the future release schedule.

Django security releases issued: 1.10.7, 1.9.13, and 1.8.18

In accordance with our security release policy, the Django team is issuing Django 1.10.7, Django 1.9.13 and 1.8.18. These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible. The Django master and stable/1.11.x branches are also updated. The Django 1.11 release is forthcoming shortly in a separate blog post.

CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs

Django relies on user input in some cases (e.g. django.contrib.auth.views.login() and i18n) to redirect the user to an "on success" URL. The security check for these redirects (namely django.utils.http.is_safe_url()) considered some numeric URLs (e.g. http:999999999) "safe" when they shouldn't be.

Also, if a developer relies on is_safe_url() to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

CVE-2017-7234: Open redirect vulnerability in django.views.static.serve()

A maliciously crafted URL to a Django site using the django.views.static.serve() view could redirect to any other domain. The view no longer does any redirects as they don't provide any known, useful functionality.

Note, however, that this view has always carried a warning that it is not hardened for production use and should be used only as a development aid.

Thanks Phithon Gong for reporting this issue.

Affected supported versions

  • Django master development branch
  • Django 1.11 (at release candidate status, final release forthcoming)
  • Django 1.10
  • Django 1.9
  • Django 1.8

Per our supported versions policy, Django 1.7 and older are no longer receiving security updates. Also, Django 1.9.x has reached end-of-life -- this is the final release of that series.

Resolution

Patches to resolve the issues have been applied to Django's master development branch and the 1.11, 1.10, 1.9, and 1.8 release branches. The patches may be obtained from the following changesets:

On the development master branch:

On the 1.11 release branch:

On the 1.10 release branch:

On the 1.9 release branch:

On the 1.8 release branch:

The following releases have been issued:

The PGP key ID used for these releases is Tim Graham: 1E8ABDC773EDE252.

General notes regarding security reporting

As always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance or the django-developers list. Please see our security policies for further information.

March 30 2017

DjangoCon US 2017 Update

Tickets are on sale for DjangoCon US 2017 in Spokane, WA! We’re also looking for reviewers for our talk and tutorial proposals, and our CFP and financial aid application are closing soon.

Tickets Are on Sale

Tickets are now on sale! DjangoCon US has tiered pricing, and we put together a blog post with more details. We hope to see you in Spokane August 13-18.

Call for Reviewers

We’re looking for volunteers to help review talk and tutorial proposals. This will require a few hours of time from now until April 24. Reviewing talks only takes a couple of minutes per talk. Reviewers don’t need to review all talks and tutorials and don’t need to review them all in one day. Most people find that reviewing talks for 30 minutes at a time, once or twice a week, gets them through the talks pretty quickly. If you’re interested, please email hello@djangocon.us. Thank you to all of the awesome volunteers who have already signed up!

Call for Proposals Deadline

Our Call for Proposals (CFP) deadline is quickly approaching! April 10 at midnight Anywhere on Earth is the deadline to submit a talk or tutorial proposal. We would love to see a few more tutorial proposals (tutorials are compensated!). Please get in touch with us or our wonderful speaker mentors if you need help refining or expanding on an idea.

Financial Aid Deadline

The DjangoCon US financial aid application also closes on April 10. We have more information and FAQs about financial aid on our website. The application is short and sweet, so please apply today!

March 21 2017

Django 1.11 release candidate 1 released

Django 1.11 release candidate 1 is the final opportunity for you to try out the medley of new features before Django 1.11 is released.

The release candidate stage marks the string freeze and the call for translators to submit translations. Provided no major bugs are discovered that can't be solved in the next two weeks, 1.11 final will be issued on or around April 4. Any delays will be communicated on the django-developers mailing list thread.

Please use this opportunity to help find and fix bugs (which should be reported to the issue tracker). You can grab a copy of the package from our downloads page or on PyPI.

The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

March 01 2017

Django bugfix release: 1.10.6

Today we've issued the 1.10.6 bugfix release.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

February 20 2017

Django 1.11 beta 1 released

Django 1.11 beta 1 is an opportunity for you to try out the medley of new features in Django 1.11.

Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 1.11 final (also, translations will be updated following the "string freeze" when the release candidate is issued). The current release schedule calls for a release candidate about a month from now with the final release to follow about two weeks after that around April 1. We'll only be able to keep this schedule if we get early and often testing from the community. Updates on the release schedule schedule are available on the django-developers mailing list.

As with all alpha and beta packages, this is not for production use. But if you'd like to take some of the new features for a spin, or to help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the beta package from our downloads page or on PyPI.

The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl