Category: tech

In accordance with our security release policy, the Django team
is issuing
Django 5.0.2,
Django 4.2.10, and
Django 3.2.24.
These releases address the security issue detailed below. We encourage all
users of Django to upgrade as soon as possible.

After five years as part of the Django Fellowship program, Mariusz Felisiak has let us know that he will be stepping down as a Django Fellow in March 2024 to explore other things. Mariusz has made an extraordinary impact as a Django Fellow and has been a critical part of the Django community.

The Django Software Foundation and the wider Django community are grateful for his service and assistance.

The Fellowship program was started in 2014 as a way to dedicate high-quality and consistent resources to the maintenance of Django. As Django has matured, the DSF has been able to fundraise and earmark funds for this vital role. As a result, the DSF currently supports two Fellows – Mariusz Felisiak and Natalia Bidart. With the departure of Mariusz, the Django Software Foundation is announcing a call for Django Fellow applications. The new Fellow will work alongside Natalia.

The position of Fellow is focused on maintenance and community support – the work that benefits most from constant, guaranteed attention rather than volunteer-only efforts. In particular, the duties include:

Answering contributor questions on Forum and the django-developers mailing list
Helping new Django contributors land patches and learn our philosophy
Monitoring the [email protected] email alias and ensuring security issues are acknowledged and responded to promptly
Fixing release blockers and helping to ensure timely releases
Fixing severe bugs and helping to backport fixes to these and security issues
Reviewing and merging pull requests
Triaging tickets on Trac

Being a Django contributor isn’t a prerequisite for this position — we can help get you up to speed. We’ll consider applications from anyone with a proven history of working with either the Django community or another similar open-source community. Geographical location isn’t important either – we have several methods of remote communication and coordination that we can use depending on the timezone difference to the supervising members of Django.

If you’re interested in applying for the position, please email us at [email protected] describing why you would be a good fit along with details of your relevant experience and community involvement. Also, please include your preferred hourly rate and when you’d like to start working. Lastly, please include at least one recommendation.

Applicants will be evaluated based on the following criteria:

Details of Django and/or other open-source contributions
Details of community support in general
Understanding of the position
Clarity, formality, and precision of communications
Strength of recommendation(s)

Applications will be open until 1200 AoE, February 16, 2024, with the expectation that the successful candidate will be notified no later than March 1, 2024.

DjangoCon Europe 2024 will be held June 5th-9th in Vigo, Spain but we’re already looking ahead to the 2025 conference. Could your town – or your football stadium, circus tent, private island or city hall – host this wonderful community event?

Hosting a DjangoCon is an ambitious undertaking. It’s hard work, but each year it has been successfully run by a team of community volunteers, not all of whom have had previous experience – more important is enthusiasm, organizational skills, the ability to plan and manage budgets, time and people – and plenty of time to invest in the project.

How to apply

We’ve set up a working group of previous DjangoCon Europe organizers that you can reach out to with questions about organizing and running a DjangoCon Europe. [email protected]. There will also be an informational session set up towards the end of January or early February for interested organizers. Please email the working group to express interest in participating.

In order to give people the chance to go to many different conferences DjangoCon Europe should be held between January 5 and April 15 2025. Please read the licensing agreement the selected organizers will need to sign for the specific requirements around hosting a DjangoCon Europe

If you’re interested, we’d love to hear from you. This year we are going to do rolling reviews of applications, in order to hopefully give more time and certainty to the selected proposal to start planning. The board will begin evaluating proposals on February 20th. The selection will be made at any time between February 20th and May 31st. The DSF Board will communicate when a selection has been made and the application process is complete. IF you are interested in organizing it is in your best interest to get a good proposal in early.

Following the established tradition, the selected hosts will be publicly announced at this year’s DjangoCon Europe by the current organizers.

The more detailed and complete your proposal, the better. Things you should consider, and that we’d like to know about, are:

dates Ideally between early January and mid April 2025
numbers of attendees
venue(s)
accommodation
transport links
budgets and ticket prices
committee members

We’d like to see:

timelines
pictures
prices
draft agreements with providers
alternatives you have considered

Email your proposals to [email protected]. We look forward to reviewing great proposals that continue the excellence the whole community associates with DjangoCon Europe.

Recently, the DSF made some changes to our bylaws to change the definition of DSF Membership. You can read the legalese of the new language in the meeting minutes for the October 12 board meeting, but here’s the short version: previously, individual membership required contribution of intellectual property (e.g. code or documentation) we’ve changed it so that individual membership now recognizes broader contributions to the DSF’s mission. That still includes code and docs, but now also includes many more activities: organizing a Django event, serving on a Working Group, maintaining a third-party app, moderating Django community spaces, and much more. (Corporate membership hasn’t changed; this just applies to individual membership.)

The DSF’s mission, as described in our bylaws, is: 

The Foundation’s purposes shall include, but not be limited to, developing and promoting the Django framework for free and open public use among the worldwide web development community, protecting the framework’s long-term viability, and advancing the state of the art in web development.

Membership, then, recognizes material contributions to that mission. This is deliberately broad and inclusive: we want to allow as broad a definition of “contribution” as possible – including, critically, contributions to the community as well as code contributions. But we do want those contributions to be “material”: we want to recognize substantial or sustained contributions, not one-offs or “drive-by” contributions.

Because this definition of “material” is somewhat deliberately vague, we’ve prepared an FAQ that outlines several examples of things we believe do and do not qualify someone for membership. Ultimately, though, if you’re not sure: please apply anyway! We generally try to err on the side of saying “yes”.

To join the DSF under these new, more inclusive rules, fill out the application form here. The Board approves new members at its monthly meeting, so you can expect to hear back within about a month.

Following our
2024 DSF Board Election Results, here are quick introductions from our two new board members, Sarah
Abderemane and Thibaud Colas, elected for a two-year term for 2024-2025.

Collage: Sarah on the left, smiling, in the Versailles Hall of Mirrors. Thibaud on the right, in a field, looking in the distance with a boy on his shoulders.

Sarah Abderemane

Sarah Abderemane, also known as sabderemane, is a software developer in
France. She currently works at Kraken Tech, part of the Octopus Energy group,
contributing to solutions to climate change. She works mainly on the backend,
but also likes to work on the frontend in her spare time.

She organizes the
Django Paris
meetup and is an active member of the Django community: she is one of the
organizers of the
Djangonaut Space
program, a member of the

Django Accessibility team
and maintainer of
djangoproject.com.

Outside of open source and work, she is passionate about dance, likes
customizing things like mechanical keyboards, and loves to travel to discover
new cultures.

Social media and blog:

Blog:
sarahabd.com

Mastodon:
@[email protected]

Twitter:
@sabderemane_

LinkedIn:
@sarahabd

Thibaud Colas

Thibaud Colas (pronounced /tee-bo/) is a developer based in the UK, working for Torchbox on the
Wagtail
open source CMS as part of the core team. For Wagtail, Thibaud also
contributes to efforts around accessibility, developer relations, as well as
participation to programs like Outreachy and Google Summer of Code.

For Django, Thibaud has been involved with organizing and volunteering at
events like
Django Girls
and
DjangoCon Europe. More recently, he helped start the accessibility team, and has joined the
Djangonaut Space program as a navigator.

Outside of work, Thibaud spends most of his time with two little tornadoes
that are 5 and 2 years old. He also enjoys watching sumo and baking macarons.
To learn more about Thibaud, check out his personal website
thib.me
,
@thibaud_colas
on Twitter/X,
@[email protected]
on Mastodon.

Meeting our new board members

Both Sarah and Thibaud are active on the Django Forum, come say hi in their introduction thread!

They will also be taking part in a mini Django contributions sprint and lead discussions on the “Future of Django” as part of Django Cologne’s 50th Meetup.

You can take advantage of our Early Bird ticket sale for DjangoCon Europe 2024. By purchasing your tickets early, you not only guarantee your attendance at one of the most exciting Django events but also enjoy significant savings.

Buy tickets on the conference website

Why Go Early?

You can secure your tickets at a special Early Bird rate, providing exceptional value for your conference experience.

Also, your early commitment goes a long way in supporting the success of DjangoCon Europe 2024. It helps us plan better and ensure a seamless event.

Act now and secure your Early Bird tickets before the sale closes on April 31st. Don’t miss out on the chance to save and be a part of this exciting event.

We can’t wait to welcome you to DjangoCon Europe 2024!

Today we’ve issued
5.0.1 and
4.2.9 bugfix releases.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.