BlueSoybean.com - Free RSS-Based News Reader

close
  • rss_feed Follow any RSS- or Atom Feed tell me more...
  • language Use in your Browser on any Computer, Laptop or Phone tell me more...
  • money_off Free tell me more...
  • mouse Scroll and skim through a lot of Articles super fast tell me more...
  • keyboard Keyboard Shortcuts help you be more efficient yet. tell me more...
  • label Organise and easily find again interesting articles using Tags. tell me more...
  • share Share your Tags and Recommendations tell me more...

The Django weblog

Latest news about Django, the Python Web framework.


Source: https://www.djangoproject.com/rss/weblog/

Articles

Technical Board Candidate Registration

Technical Board Candidate Registration As part of our change in governance with DEP-10 it is now time to collect candidates for the Django Technical Board. According to DEP-10, "Any qualified person may register as a candidate; the candidate registration form and roster of candidates SHALL be maintained by the DSF Board, and candidates MUST provide evidence of their qualifications as part of registration. The DSF Board MAY challenge and reject the registration of candidates it believes do not meet the qualifications of members of the Technical Board, or who it believes are registering in bad faith." To make this process as simple, but useful as possible, we are only requiring you to enter your name, email, and a bio/evidence of qualifications. There are optional fields for your Github, Twitter, and website which can be useful for evaluating your qualifications. Your email address will only be used by the DSF to contact you related to the election and process and will not be shared publicly. We had a mistake in the process and neglected to announce this phase properly so we have extended the process by a week to make things entirely fair and in the spirit of DEP-10. Registration for Candidates will end on September 11th, 2020 AoE. Please register using this form. If you have questions about the election please contact foundation@djangoproject.com.

via The Django weblog
Share  
Tags  

Django security releases issued: 3.1.1, 3.0.10 and 2.2.16

Django security releases issued: 3.1.1, 3.0.10 and 2.2.16 In accordance with our security release policy, the Django team is issuing Django 3.1.1, Django 3.0.10 and Django 2.2.16. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ On Python 3.7 and above, FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files and to intermediate-level collected static directories when using the collectstatic management command. You should review and manually fix permissions on existing intermediate-level directories. CVE-2020-24584: Permission escalation in intermediate-level directories of the file system cache on Python 3.7+ On Python 3.7 and above, the intermediate-level directories of the file system cache had the system's standard umask rather than 0o077 (no group or others permissions). Affected supported versions Django master branch Django 3.1 Django 3.0 Django 2.2 Resolution Patches to resolve the issue have been applied to Django's master branch and the 3.1, 3.0, and 2.2 release branches. The patches may be obtained from the following changesets: CVE-2020-24583: On the master branch On the 3.1 release branch On the 3.0 release branch On the 2.2 release branch CVE-2020-24584: On the master branch On the 3.1 release branch On the 3.0 release branch On the 2.2 release branch The following releases have been issued: Django 3.1.1 (download Django 3.1.1 | 3.1.1 checksums) Django 3.0.10 (download Django 3.0.10 | 3.0.10 checksums) Django 2.2.16 (download Django 2.2.16 | 2.2.16 checksums) The PGP key ID used for these releases is Carlton Gibson: E17DF5C82B4F9D00. General notes regarding security reporting As always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance or the django-developers list. Please see our security policies for further information.

via The Django weblog
Share  
Tags  

Announcement of Technical Board Election Registration

Announcement of Technical Board Election Registration As part of the changes to how Django is governed, it is time to have an election of the Technical Board. All current DSF Members are automatically registered for this election. If you are not a DSF Member and would like to vote in this election you need to register here. The process of electing a new Technical Board will be: Registration is open for one week and ending Friday August 28th, 2020 AoE Registration of candidates will then be open for one week ending September 11th, 2020 AoE. Those registered will receive an email to the email address they are registered with along with a unique code to be used when voting Voting will be open for one week The results of the election will be announced when voting is finished. More information on the election of the technical board can be found in DEP-10. If you have questions about the election please contact foundation@djangoproject.com. UPDATED: We had a mistake and did not open the Registration of candidates on time. We are doing that now and have adjusted the date here to match.

via The Django weblog
Share  
Tags  

DjangoCon Australia 2020: Schedule live and tickets on sale 🎟️

DjangoCon Australia 2020: Schedule live and tickets on sale 🎟️ The 8th DjangoCon AU was scheduled to be run in Adelaide, South Australia this year. It's been moved to an online event and will take place on September 4th. DjangoCon AU is organized as a specialist track as part of PyConline AU. The schedule — though shorter than in previous years — is packed with talks about best practices, communities, contributions, and the present and future of Django. Since the event was due to run in Adelaide, the event is running in Australian Central Standard Time, UTC+9:30, and DjangoCon AU will start at 3:45pm ACST. This link shows when the DjangoCon AU Opening address starts for all the DjangoCon timezones.. Tickets are now available. The prices are AU$29 for enthusiasts and AU$79 for professionals. All tickets grant access to all of PyConline AU 2020. We also have a discount for student attendees at AU$10. And for those who want to help financially support the conference, contributor tickets start at AU$300. More details are available on the PyConline AU website. We hope to see you online in 3 weeks! Katie McLaughlin, Markus Holtermann, DjangoCon AU organizers 2020.djangocon.com.au

via The Django weblog
Share  
Tags  

Django 3.1 Released

Django 3.1 Released The Django team is happy to announce the release of Django 3.1. The release notes cover the potpourri of new features in detail, but a few highlights are: Asynchronous views and middleware support. JSONField for all supported database backends. Tokens, cookies, sessions, and signatures now use SHA-256 hashing algorithm. You can get Django 3.1 from our downloads page or from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B. With the release of Django 3.1, Django 3.0 has reached the end of mainstream support. The final minor bug fix release, 3.0.9, was issued yesterday. Django 3.0 will receive security and data loss fixes until April 2021. All users are encouraged to upgrade before then to continue receiving fixes for security issues. See the downloads page for a table of supported versions and the future release schedule.

via The Django weblog
Share  
Tags