DEV Community

loading...
Django News

Django News #13 - Django 1.11 LTS's final release, security updates, native Django websockets, LiveViews, and more!

jefftriplett profile image Jeff Triplett (he/him) Originally published at django-news.com on ・3 min read

News

Django security releases issued for 3.0.4, 2.2.11, and 1.11.29

A new security and bug fix release. As ever, updating to the latest version is always recommended.

PSA: This is very likely to be the last release of Django 1.11. Time to move on if you're still there. (via Carlton Gibson)

Django 1.11 LTS reaches the end of extended support in April 2020.


30% off PyCharm with all proceeds towards Django

Receive 30% off the powerful PyCharm editor. All proceeds benefit the Django Software Foundation.


Articles

The Django Speed Handbook: Making a Django app faster

This comprehensive handbook has something for everyone from the backend to even some helpful frontend tricks.


How to Disallow Auto-named Django Migrations

Adam Johnson walks us through three methods for disallowing Django's auto-named Migrations, which includes Django's check system and pre-commit hooks, which may be new to you.


Views on Views

Matt Layman explains one of Django's core building blocks, Django Views.


Mental Models for Class Based Views

This article is a deep dive into how Django's class-based views work behind the scenes.


Sponsored Link

Django Crash Course: Covers Python 3.8 and Django 3.x - Alpha Version

The authors of Two Scoops of Django have released their latest book, the Django Crash Course. Based on their corporate training, they are offering the book for under US$20, which is a steal considering they normally charge $3000/person for in-person training. This book, currently 50 chapters long, is intended for passionate learners willing to get the latest, most cutting-edge written materials. Now in beta, the book is being updated several days a week!.

Available in E-Book format, the paperback, coil-bound, and hardcover versions are available for pre-order.


Podcasts

Test & Code: Django with Lacey Herschel Williams

Lacey discusses the Django community, learning Django, and testing.


Django Chat - Resources & Mentorship

An overview the best current Django resources and how to find a Django mentor.


Tutorials

Django Markdown Tutorial

Learn how to add Markdown to any Django website.


How to Add Websockets to a Django App without Extra Dependencies

Django 3.0 ships with out of the box, dependency-free Websocket support and Jayden Windle walks us through the process of setting everything up.


Projects

edelvalle/reactor: Phoenix LiveView but for Django

GitHub logo edelvalle / reactor

Phoenix LiveView but for Django

Reactor, a LiveView library for Django

Reactor enables you to do something similar to Phoenix framework LiveView using Django Channels.

TODO MVC demo app

What's in the box?

This is no replacement for VueJS or ReactJS, or any JavaScript but it will allow you use all the potential of Django to create interactive front-ends. This method has its drawbacks because if connection is lost to the server the components in the front-end go busted until connection is re-established. But also has some advantages, as everything is server side rendered the interface comes already with meaningful information in the first request response, you can use all the power of Django template without limitations, if connection is lost or a component crashes, the front-end will have enough information to rebuild their state in the last good known state.

Installation and setup

Reactor requires Python >=3.6.

Install reactor:

pip install django-reactor

Reacto makes use of django-channels

Keep an eye on this project. Reactor turns Django into a full-stack framework and manages re-rendering parts of your HTML template, pushes it to your web browser, and then updates automatically.


django-bleach

GitHub logo marksweb / django-bleach

Bleach is a Python module that takes any HTML input, and returns valid, sanitised HTML that contains only an allowed subset of HTML tags, attributes and styles. django-bleach is a Django app that makes using bleach extremely easy.

django-bleach - Bleach and sanitise user HTML

https://travis-ci.org/marksweb/django-bleach.svg?branch=master Latest Version Codacy Badge Downloads License

Bleach is a Python module that takes any HTML input, and returns valid, sanitised HTML that contains only an allowed subset of HTML tags attributes and styles. django-bleach is a Django app that makes using bleach extremely easy.

Setup

  1. Install django-bleach via pip:

    pip install django-bleach
    
  2. Add django-bleach to your INSTALLED_APPS:

    INSTALLED_APPS = [
        #
        'django_bleach'
        # ...
    ]
    
  3. Select some sensible defaults for the allowed tags, attributes and styles and the behaviour when unknown tags are encountered. Each of these are optional, and default to using the bleach defaults. See the bleach documentation:

    # Which HTML tags are allowed
    BLEACH_ALLOWED_TAGS = ['p', 'b', 'i', 'u', 'em', 'strong', 'a']
    
    # Which HTML attributes are allowed
    BLEACH_ALLOWED_ATTRIBUTES = ['href', 'title', 'style']
    
    # Which CSS properties are allowed in 'style' attributes (assuming
    # style is an allowed attribute)
    BLEACH_ALLOWED_STYLES = [

A Django app for using bleach to properly sanitize HTML inputs.


Events

PyCon US Update on COVID-19

PyCon US is still going forward and the PSF is giving weekly updates to keep everyone updated on where we are at.

Discussion (1)

pic
Editor guide
Collapse
nemecek_f profile image
Filip Němeček

The Django Speed Handbook is super nice tip thanks! I am already subscribed but it is nice to get second chance to read through the newsletter