Toggle navigation

Django 2.1 release notes - UNDER DEVELOPMENT

Django 2.1 release notes - UNDER DEVELOPMENT

Welcome to Django 2.1!

These release notes cover the new features, as well as some backwards incompatible changes you’ll want to be aware of when upgrading from Django 2.0 or earlier. We’ve dropped some features that have reached the end of their deprecation cycle, and we’ve begun the deprecation process for some features.

See the Upgrading Django to a newer version guide if you’re updating an existing project.

Python compatibility

Django 2.1 supports Python 3.5, 3.6, and 3.7. Django 2.0 is the last version to support Python 3.4. We highly recommend and only officially support the latest release of each series.

What’s new in Django 2.1

Minor features

django.contrib.admin

django.contrib.auth

django.contrib.gis

Cache

CSRF

Database backends

Email

File Storage

File Uploads

Forms

Generic Views

Internationalization

  • Added the get_supported_language_variant() function.
  • Untranslated strings for territorial language variants now use the translations of the generic language. For example, untranslated pt_BR strings use pt translations.

Management Commands

Migrations

  • Added support for serialization of functools.partialmethod objects.
  • To support frozen environments, migrations may be loaded from .pyc files.

Models

Requests and Responses

Serialization

Signals

Templates

  • The new json_script filter safely outputs a Python object as JSON, wrapped in a <script> tag, ready for use with JavaScript.

Tests

  • Added test Client support for 307 and 308 redirects.
  • The test Client now serializes a request data dictionary as JSON if content_type='application/json'. You can customize the JSON encoder with test client’s json_encoder parameter.

URLs

Validators

Backwards incompatible changes in 2.1

Database backend API

  • To adhere to PEP 249, exceptions where a database doesn’t support a feature are changed from NotImplementedError to django.db.NotSupportedError.
  • Renamed the allow_sliced_subqueries database feature flag to allow_sliced_subqueries_with_in.
  • DatabaseOperations.distinct_sql() now requires an additional params argument and returns a tuple of SQL and parameters instead of a SQL string.
  • DatabaseFeatures.introspected_boolean_field_type is changed from a method to a property.

django.contrib.gis

  • Support for SpatiaLite 4.0 is removed.

Dropped support for MySQL 5.5

The end of upstream support for MySQL 5.5 is December 2018. Django 2.1 supports MySQL 5.6 and higher.

Dropped support for PostgreSQL 9.3

The end of upstream support for PostgreSQL 9.3 is September 2018. Django 2.1 supports PostgreSQL 9.4 and higher.

Removed BCryptPasswordHasher from the default PASSWORD_HASHERS setting

If you used bcrypt with Django 1.4 or 1.5 (before BCryptSHA256PasswordHasher was added in Django 1.6), you might have some passwords that use the BCryptPasswordHasher hasher.

You can check if that’s the case like this:

from django.contrib.auth import get_user_model
User = get_user_model()
User.objects.filter(password__startswith='bcrypt$$')

If you want to continue to allow those passwords to be used, you’ll have to define the PASSWORD_HASHERS setting (if you don’t already) and include 'django.contrib.auth.hashers.BCryptPasswordHasher'.

Moved wrap_label widget template context variable

To fix the lack of <label> when using RadioSelect and CheckboxSelectMultiple with MultiWidget, the wrap_label context variable now appears as an attribute of each option. For example, in a custom input_option.html template, change {% if wrap_label %} to {% if widget.wrap_label %}.

Miscellaneous

  • The minimum supported version of mysqlclient is increased from 1.3.3 to 1.3.7.
  • The date format of Set-Cookie’s Expires directive is changed to follow RFC 7231#section-7.1.1.1 instead of Netscape’s cookie standard. Hyphens present in dates like Tue, 25-Dec-2018 22:26:13 GMT are removed. This change should be merely cosmetic except perhaps for antiquated browsers that don’t parse the new format.
  • allowed_hosts is now a required argument of private API django.utils.http.is_safe_url().
  • The multiple attribute rendered by the SelectMultiple widget now uses HTML5 boolean syntax rather than XHTML’s multiple="multiple".
  • HTML rendered by form widgets no longer includes a closing slash on void elements, e.g. <br>. This is incompatible within XHTML, although some widgets already used aspects of HTML5 such as boolean attributes.
  • The value of SelectDateWidget’s empty options is changed from 0 to an empty string, which mainly may require some adjustments in tests that compare HTML.
  • User.has_usable_password() and the is_password_usable() function no longer return False if the password is None or an empty string, or if the password uses a hasher that’s not in the PASSWORD_HASHERS setting. This undocumented behavior was a regression in Django 1.6 and prevented users with such passwords from requesting a password reset. Audit your code to confirm that your usage of these APIs don’t rely on the old behavior.
  • Since migrations are now loaded from .pyc files, you might need to delete them if you’re working in a mixed Python 2 and Python 3 environment.

Features deprecated in 2.1

Miscellaneous

  • The ForceRHR GIS function is deprecated in favor of the new ForcePolygonCW function.
  • django.utils.http.cookie_date() is deprecated in favor of http_date(), which follows the format of the latest RFC.
  • {% load staticfiles %} and {% load admin_static %} are deprecated in favor of {% load static %}, which works the same.
  • django.contrib.staticfiles.templatetags.static() is deprecated in favor of django.templatetags.static.static().

Features removed in 2.1

These features have reached the end of their deprecation cycle and are removed in Django 2.1. See Features deprecated in 1.11 for details, including how to remove usage of these features. in Django 2.1. See Features deprecated in 1.11 and for details, including how to remove usage of these features.

  • contrib.auth.views.login(), logout(), password_change(), password_change_done(), password_reset(), password_reset_done(), password_reset_confirm(), and password_reset_complete() are removed.
  • The extra_context parameter of contrib.auth.views.logout_then_login() is removed.
  • django.test.runner.setup_databases() is removed.
  • django.utils.translation.string_concat() is removed.
  • django.core.cache.backends.memcached.PyLibMCCache no longer supports passing pylibmc behavior settings as top-level attributes of OPTIONS.
  • The host parameter of django.utils.http.is_safe_url() is removed.
  • Silencing of exceptions raised while rendering the {% include %} template tag is removed.
  • DatabaseIntrospection.get_indexes() is removed.
  • The authenticate() method of authentication backends requires request as the first positional argument.
  • The django.db.models.permalink() decorator is removed.
  • The USE_ETAGS setting is removed. CommonMiddleware and django.utils.cache.patch_response_headers() no longer set ETags.
  • The Model._meta.has_auto_field attribute is removed.
  • Support for regular expression groups with iLmsu# in url() is removed.
  • Support for Widget.render() methods without the renderer argument is removed.