Balancing the AI Flood in Django

raw

        March 27, 2026

Balancing the AI Flood in Django
From LLM integration to database indexing and supply chain security, explore the latest ideas, tools, and debates in the Django world

        News
Calling for research participants from Django, Laravel, Ruby on Rails, Next.js and Spring Boot communities
Former DSF President and researcher Anna Makarudze is seeking Django developers to share insights on dependency vulnerabilities and supply chain risks in open source.
Djangonaut Space News
Djangonaut Space Financial Report 2025
Djangonaut Space’s 2025 report highlights a community-powered year of $2.2k in donations funding tools and conference access, while setting sights on sending contributors to even more events in 2026.
Djangonaut diaries, week 3 - Working on an ORM issue
A deep dive into Django’s ManyToMany indexes reveals an unnecessary extra index, showing how databases already optimize with composite indexes and setting the stage for a cleaner ORM fix.
Wagtail CMS News
Wagtail Routable Pages and Layout Configuration
Build flexible Wagtail routable pages that use StreamField layouts to dynamically control how Django model data renders on detail views.
Updates to Django
Today, "Updates to Django" is presented by Raffaella from Djangonaut Space! 🚀 
Last week we had 18 pull requests merged into Django by 15 different contributors - including 4 first-time contributors! Congratulations to Juho Hautala, Huwaiza, (James) Kanin Kearpimy 🚀 and Praful Gulani for having their first commits merged into Django - welcome on board!  
News in Django 6.1:

Providing fail_silently=True, auth_user, or auth_password to mail sending functions (such as send_mail()) while also providing a connection now raises a TypeError.
assertContains() and assertNotContains() can now be called multiple times on the same StreamingHttpResponse. Previously, they would consume the streaming response’s content, causing subsequent calls to fail.
Because quoted aliases are case-sensitive, raw SQL references to aliases mixing case, such as when using RawSQL, might have to be adjusted to also make use of quoting.

Django Fellow Reports
Fellow Report - Natalia
A significant portion of this week was dedicated to security work (yes, again). As usual, details here are intentionally kept at a high level, but the time went into triaging new reports, progressing in-flight likely confirmed issues, validating proposed fixes, and coordinating next steps with the team. 
One additional challenge worth noting is the volume of near-duplicate reports; beyond triage, this often requires careful comparison across long submissions to identify what is actually new or meaningfully different.
Fellow Report - Jacob
Easy to miss in the release notes (as we only described the user-facing changes for edge cases), but last week we landed (with great joy) @charettes’ defense-in-depth measure for the ORM that ensures user-provided aliases are always quoted.
In addition to the below, another steady week advancing pending security reports.
Sponsored Link 1
The deployment service for developers and teams.
Articles
Learning LLM Integration
A practical, from-scratch look at integrating LLMs into a Django app, highlighting why isolating the AI layer and writing precise prompts makes all the difference.
Give Django your time and money, not your tokens
The Django community wants to collaborate with you, not a facade of you.
Open Source Has a Bot Problem
The maintainer of awesome-mcp-servers came up with a solution, of sorts, to curating AI-generated PRs.
Why pylock.toml includes digital attestations
A Python project got hacked where malicious releases were directly uploaded to PyPI. I said on Mastodon that had the project used trusted publishing with digital attestations, then people using a pylock.toml file would have noticed something odd was going on thanks to the lock file including attestation data.
Rewriting a 20-year-old Python library
A thoughtful deep dive into rewriting a 20-year-old Python library, covering async design, API ergonomics, and how to modernize without breaking users.
Playground embedding, packages and more
The nanodjango playground has several new exciting features which transform what you can achieve with it - you can now manage packages and secrets, share scripts from the command line, and embed live Django code in your own site.
Human.json
A quick look at human.json, a lightweight protocol for sharing human-readable metadata, with a simple Django implementation and a healthy dose of skepticism about its long-term adoption.
Videos
PyCon US 2026 - Elaine Wong & Jon Banafato
A behind-the-scenes look at PyCon US 2026 with chair Elaine Wong and co-chair Jon Banafato, covering what’s new, how to prepare, and tips to make the most of the biggest Python conference in North America.
Django Job Board
Solutions Architect - Python (Client-facing) at JetBrains 
Django Forum
Discouraging "the voice from nowhere" (~LLMs) in documentation 
Forum discussion on maintaining a human (not LLM) voice in Django's documentation. 
Projects
kujov/django-tw
Zero-config Tailwind CSS v4 for Django.
VojtechPetru/django-live-translations
In-browser translation editing for Django superusers. 

Django News is not associated with the Django Software Foundation.
Django is a registered trademark of the Django Software Foundation.

                                Don't miss what's next. Subscribe to Django News Newsletter:

            Email address (required)