Subscribe: The Django weblog
http://www.djangoproject.com/rss/weblog/
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
abdc ede  community  django developers  django software  django  dsf  graham abdc  page  pgp key  release  security  tim graham  time 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Django weblog

The Django weblog



Latest news about Django, the Python Web framework.



Last Build Date: Thu, 16 Nov 2017 08:18:07 -0600

 



DSF calls for applicants for a Django Fellow

Thu, 16 Nov 2017 08:18:07 -0600

After three years of full-time work as the Django Fellow, I'd like to scale back my involvement to part-time. That means it's time to hire another Fellow who would like to work on Django 20-40 hours per week. The position is ongoing - the successful applicant will have the position until they choose to step down.

The position of Fellow is primarily focused on housekeeping and community support - you'll be expected to do the work that would benefit from constant, guaranteed attention rather than volunteer-only efforts. In particular, your duties will include:

  • monitoring the security@djangoproject.com email alias and ensuring security issues are acknowledged and responded to promptly
  • fixing release blockers and helping to ensure timely releases
  • fixing severe bugs and helping to backport fixes to these and security issues
  • reviewing and merging pull requests
  • triaging tickets on Trac
  • answering user questions on IRC and the django-developers mailing list
  • helping new Django contributors land patches and learn our philosophy

Being a committer isn't a prerequisite for this position; we'll consider applications from anyone with a proven history of working with either the Django community or another similar open-source community.

Your geographical location isn't important either - we have several methods of remote communication and coordination that we can use depending on the timezone difference to the supervising members of Django.

You'll be expected to post a weekly report of your work to the django-developers mailing list.

If you don't perform the duties to a satisfactory level, we may end your contract. We may also terminate the contract if we're unable to raise sufficient funds to support the Fellowship on an ongoing basis (unlikely, given the current fundraising levels).

Compensation isn't competitive with full-time salaries in big cities like San Francisco or London. The Fellow will be selected to make best use of available funds.

If you're interested in applying for the position, please email us with details of your experience with Django and open-source contribution and community support in general, the amount of time each week you'd like to dedicate to the position (a minimum of 20 hours a week), your hourly rate, and when you'd like to start working. The start date is flexible and will be on or after January 1, 2018.

Applications will be open until 1200 UTC, December 18, 2017, with the expectation that the successful candidate will be announced around December 22.

Successful applicants will not be an employee of the Django Project or the Django Software Foundation. Fellows will be contractors and expected to ensure that they meet all of their resident country's criteria for self-employment or having a shell consulting company, invoicing the DSF on a monthly basis and ensuring they pay all relevant taxes.

If you or your company is interested in helping fund this program and future DSF activities, please consider becoming a corporate member to learn about corporate membership, or you can make a donation to the Django Software Foundation.




Django 2.0 release candidate 1 released

Wed, 15 Nov 2017 17:54:38 -0600

Django 2.0 release candidate 1 is the final opportunity for you to try out the assortment of new features before Django 2.0 is released.

The release candidate stage marks the string freeze and the call for translators to submit translations. Provided no major bugs are discovered that can't be solved in the next two weeks, Django 2.0 will be released on or around December 1. Any delays will be communicated on the django-developers mailing list thread.

Please use this opportunity to help find and fix bugs (which should be reported to the issue tracker). You can grab a copy of the package from our downloads page or on PyPI.

The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.




Nominations for the Malcolm Tredinnick Memorial Prize 2017

Fri, 10 Nov 2017 10:12:46 -0600

Malcolm Tredinnick was an early member of Django's core team. He contributed a great deal of code to the Django Project, and a vast amount of his time helping and encouraging others.

Malcolm died young, in March 2013. In his memory, the Malcolm Tredinnick Memorial Prize is awarded annually. It is intended to recognise someone who participates in the Django community in the same spirit as Malcolm: welcoming, nurturing and suppporting newcomers and helping other people.

You can read more about Malcolm and his contribution to Django, and about the prize.

We invite your nominations for this year's prize. Please drop us a line at foundation@djangoproject.com, telling us whom you'd like to nominate and why you think their contribution is a worthy continuation of Malcolm's work for the Django community.

Anyone is welcome to nominate a candidate.

Nominations will remain open for two weeks (until Friday 24th November 2017).




2018 DSF Board Election Application

Tue, 07 Nov 2017 21:33:49 -0600

It is that time of year again to think about next year’s Django Software Foundation’s Board of Directors!

As you know, the Board guides the direction of the marketing, governance and outreach activities of the Django community. We provide funding, resources, and guidance to Django events on a global level. Further we provide support to the Django community with an established Code of Conduct and make decisions and enforcement recommendations for violations. We work closely with our corporate and individual members to raise funds to help support our great community.

In order to for our community to continue to grow and advance the Django Web framework, we need your help. The Board of Directors consists of volunteers who are elected to one year terms. This is an excellent opportunity to help advance Django. We can’t do it without volunteers, such as yourself. For the most part, the time commitment is a few of hours per month. There has been some confusion on this in the past, but anyone including current Board members, DSF Members, or the public at large can apply to the Board. It is open to all.

If you are interested in helping to support the development of Django we’d enjoy receiving your application for the Board of Directors. Please fill out the application form by 9 December 2017 to be considered. If it is still 9 December somewhere in the world, applications will remain open.

If you have any questions about applying, the work, or the process in general please don’t hesitate to reach out via email to foundation@djangoproject.com and one of us will get back with you shortly.

Thank you for your time and we look forward to working with you in 2018.

The 2017 DSF Board of Directors




Django bugfix release: 1.11.7

Wed, 01 Nov 2017 20:39:45 -0500

Today we've issued the 1.11.7 bugfix release.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.




Django 2.0 beta 1 released

Mon, 16 Oct 2017 21:09:10 -0500

Django 2.0 beta 1 is an opportunity for you to try out the assortment of new features in Django 2.0.

Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 2.0 final (also, translations will be updated following the "string freeze" when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around December 1. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list.

As with all alpha and beta packages, this is not for production use. But if you'd like to take some of the new features for a spin, or to help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the beta package from our downloads page or on PyPI.

The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.




Django bugfix release: 1.11.6

Thu, 05 Oct 2017 15:01:58 -0500

Today we've issued the 1.11.6 bugfix release.

The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.




Django 2.0 alpha 1 released

Fri, 22 Sep 2017 13:32:42 -0500

Django 2.0 alpha 1 is now available. It represents the first stage in the 2.0 release cycle and is an opportunity for you to try out the changes coming in Django 2.0.

Django 2.0 has an assortment of new features which you can read about in the in-development 2.0 release notes.

This alpha milestone marks a complete feature freeze. The current release schedule calls for a beta release in about a month and a release candidate about a month from then. We'll only be able to keep this schedule if we get early and often testing from the community. Updates on the release schedule schedule are available on the django-developers mailing list.

As with all alpha and beta packages, this is not for production use. But if you'd like to take some of the new features for a spin, or to help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the alpha package from our downloads page or on PyPI.

The PGP key ID used for this release is Tim Graham: 1E8ABDC773EDE252.




Django security releases issued: 1.11.5 and 1.10.8

Tue, 05 Sep 2017 11:25:21 -0500

In accordance with our security release policy, the Django team is issuing Django 1.11.5 and Django 1.10.8. These release addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.

CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page

In older versions, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you shouldn't run with DEBUG = True (which makes this page accessible) in your production settings.

Thanks Charles Bideau for reporting this issue.

Affected supported versions

  • Django master development branch
  • Django 1.11
  • Django 1.10

Per our supported versions policy, Django 1.9 is no longer supported. Django 1.8 is unaffected.

Resolution

Patches to resolve the issues have been applied to Django's master development branch and the 1.11 and 1.10 release branches. The patches may be obtained from the following changesets:

The following releases have been issued:

The PGP key ID used for these releases is Tim Graham: 1E8ABDC773EDE252.

General notes regarding security reporting

As always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance or the django-developers list. Please see our security policies for further information.




Support a Great Partnership: PyCharm and Django Team up Again

Tue, 15 Aug 2017 09:38:34 -0500

Last June (2016) JetBrains PyCharm partnered with the Django Software Foundation to generate a big boost to Django fundraising. The campaign was a huge success. Together we raised a total of $50,000 for the Django Software Foundation!

This year we hope to repeat that success. During the two-week campaign, buy a new PyCharm Professional Edition individual license with a 30% discount code, and all the money raised will go to the DSF’s general fundraising and the Django Fellowship program.

Promotion details

Up until Aug 28th, you can effectively donate to Django by purchasing a New Individual PyCharm Professional annual subscription at 30% off. It’s very simple:

  1. When buying a new annual PyCharm subscription in our e-store, on the checkout page, сlick “Have a discount code?”.
  2. Enter the following 30% discount promo code:
    IDONATETODJANGO

Alternatively, just click this shortcut link to go to the e-store with the code automatically applied

Fill in the other required fields on the page and click the “Place order” button.

All of the income from this promotion code will go to the DSF fundraising campaign 2017 – not just the profits, but actually the entire sales amount including taxes, transaction fees – everything. The campaign will help the DSF to maintain the healthy state of the Django project and help them continue contributing to their different outreach and diversity programs.

Read more details on the special promotion page.

“Django has grown to be a world-class web framework, and coupled with PyCharm’s Django support, we can give tremendous developer productivity,” says Frank Wiles, DSF President. “Last year JetBrains was a great partner for us in support of raising money for the Django Software Foundation, on behalf of the community, I would like to extend our deepest thanks for their generous help. Together we hope to make this a yearly event!”

If you have any questions, get in touch with Django at fundraising@djangoproject.com or JetBrains at sales@jetbrains.com.