DjangoCon Europe Next Week!

        April 10, 2026

DjangoCon Europe Next Week!
Security releases, triaging Django Issues with Claude Code, Django Day Copenhagen, and more.

        Introduction
Hi everyone, sorry for the late send of Issue #331.
Last week, our provider, Curated, which is owned by Buttondown, went down and wasn’t able to send our newsletter for six days. You might have received it yesterday, but not everyone did. It’s the first time in several years we haven’t been able to land in your inbox.
We’ve been in touch with their support all week and appreciate your patience while this gets sorted out.
In the meantime, Will and I are looking at other provider options. If this shows up next week looking a little different, that’s probably why.
If you missed it, please check out last week’s Issue 331: https://django-news.com/issues/331#start
News
Django security releases issued: 6.0.4, 5.2.13, and 4.2.30
Django 4.2 has reached the end of extended support. Five CVEs (security vulnerabilities) fixed in this latest update.
DjangoCon Europe is next week!
April 15-19 in Athens, Greece. There is a Django.Social event the night before, April 14th, 6-10pm, at Ipitou The Bar, organized by Jon Gould of Foxley Talent and Andrew Miller.
Updates to Django
Today, "Updates to Django" is presented by Pradhvan from Djangonaut Space! 🚀
Last week we had 14 pull requests merged into Django by 9 different contributors - including 2 first-time contributors! Congratulations to Eddy ADEGNANDJOU and Rodrigo Vieira 🚀 for having their first commits merged into Django - welcome on board! 🥳
This week's Django highlights: 🦄

BaseModelFormSet.get_queryset() now uses totally_ordered to ensure stable ordering by appending "pk" as a tie-breaker when the queryset lacks deterministic ordering. (#37004)
Fixed handling of __in lookups with None in exclude() queries, ensuring correct SQL semantics by using OR and IS NULL instead of AND and IS NOT NULL. (#20024)
Fixed setting or clearing of request.user after alogin() or alogout() when sync middleware has already populated the user. (#37017)

Django Fellow Reports
Fellow Report - Jacob
In addition to advancing work on pending security issues, reviewed some improvements around accessibility and performance. 3 tickets triaged, 16 reviewed, 12 authored, and more.
Fellow Report - Natalia
I was traveling this week so I was less available than usual. My main priority was to support Jacob with anything needed for the upcoming security release, helping keep things on track during a critical phase. I also made an effort to stay on top of inbox and notifications, though seeing my current unread count I can confirm I have failed miserably.
Sponsored Link 1
The deployment service for developers and teams.
Articles
Contributing to the Django community
There are a lot of ways to get involved in the Django community; this post goes in-depth to highlight all the various opportunities.
Switching all of my Python packages to PyPI trusted publishing
How and why the maintainer of django-debug-toolbar and other tools is switching due to recent malicious uploads.
A Claude Code Plugin for Triaging Django Issues
django-triage is a Claude Code plugin that searches CVEs, Trac tickets, and Django forum discussions, then scaffolds a structured triage workspace with its findings.
Events
Django Day Copenhagen - Call for Proposals
The third edition will be held on Friday, October 2nd 2026, a full day of talks, followed by an evening of social events.
PyOhio 2026 CFP
PyOhio will take place on Saturday & Sunday July 25-26, 2026, at the Cleveland State University Student Center in Cleveland, OH.
Design Articles
Why frontends fail when you approach them like a backend
A thoughtful exploration of why frontend development is harder than most backend work, covering UX context, accessibility pitfalls, and why "just hacking together HTML and CSS" kills quality.
Sponsored Link 2
You know @login_required. Now meet @app.reasoner(). AgentField turns Python functions into production AI agents, structured output, async execution, agent discovery. Every decorator becomes a REST endpoint. Open source, Apache 2.0. Python, Go & TypeScript SDKs.
Django Job Board
Python Developer at Open Data Services 
Projects
efe/django-root-secret
Django package for managing one root encryption key and decrypting encrypted secrets at runtime.
danjac/django-studio
Django project generator for rapid, opinionated full stack development.

Django News is not associated with the Django Software Foundation.
Django is a registered trademark of the Django Software Foundation.

                                Don't miss what's next. Subscribe to Django News Newsletter:

            Email address (required)