Simon Willison’s Weblog

Items tagged django in Aug

Filters: Month: Aug × django ×

Pysa: An open source static analysis tool to detect and prevent security issues in Python code (via) Interesting new static analysis tool for auditing Python for security vulnerabilities—things like SQL injection and os.execute() calls. Built by Facebook and tested extensively on Instagram, a multi-million line Django application. # 7th August 2020, 8:50 pm

James Bennett on why Django should not support JWT in core (via) The topic of adding JWT support to Django core comes up occasionally—here’s James Bennett’s detailed argument for not doing that. The short version is that the JWT specification isn’t just difficult to implement securely: it’s fundamentally flawed, which results in things like five implementations in three different languages all manifesting the same vulnerability. Third party modules exist that add JWT support to Django, but baking it into core would act as a form of endorsement and Django’s philosophy has always been to encourage people towards best practices. # 1st August 2020, 12:28 am

How scalable is Django?

Django scales in exactly the same way as PHP or Rails or any other stateless shared-nothing web technology: you ensure that the web nodes (running your Django code) are independent from your persistence layer (database, caching, session storage etc) and scale then independently.

[... 191 words]

Django (web framework): Why did stop using Drupal?

They wrote about their reasons in detail in a post to the Django sub-reddit a while ago:

[... 165 words]

Which Solr app for Django is better: Haystack or django-solr-search (solango)?

I’d go with Haystack—while it supports multiple backends, I get the feeling Solr is the principle backend it was developed for. It’s extremely well documented in my opinion, and the SearchQuerySet API it gives you makes running low-level queries really easy if the higher level class-based view it provides don’t do quite what you want.

[... 109 words]

What is the highest traffic website built on top of Django?

My best guess would be Disqus. Instagram are pretty enormous these days as well.

[... 31 words]

What is the history of the Django web framework? Why has it been described as “developed in a newsroom”?

I was there!

[... 670 words]

What is the history of Django? I’ve been playing with Quora—it’s a really neat twist on the question-and-answer format, which makes great use of friends, followers and topics and has some very neat live update stuff going on (using Comet on top of Tornado). I just posted quite a long answer to a question about the history of Django. # 24th August 2010, 5:31 pm

Kung Fu People (via) The first site to launch based on the open source Django code from! # 19th August 2009, 11:37 am

Capital Radio (the new site). Launched today, this is the Django-powered project I’ve been working on with the fantastic team at GCap. # 28th August 2008, 2:47 pm

Using Akismet with Django’s new comments framework. A nice example that demonstrates two features that were recently rolled in to the Django 1.0 betas: the new signals library and the new comments framework. # 28th August 2008, 10:12 am

Django snippets: Sign a string using SHA1, then shrink it using url-safe base65. I needed a way to create tamper-proof URLs and cookies by signing them, but didn’t want the overhead of a full 40 character SHA1 hash. After some experimentation, it turns out you can knock a 40 char hash down to 27 characters by encoding it using a custom base65 encoding which only uses URL-safe characters. # 27th August 2008, 10:18 pm

Django 1.0 beta 2 released! 1.0 draws ever closer. Important new features include major documentation and comment system refactorings, plus the removal of a bunch of deprecated code (including oldforms). Feature and string freezes are now in place, so it’s just bugs and documentation improvements between now and the final release. # 27th August 2008, 2:41 pm

Django 1.0 release party. The big ass-party will be at the Tied House in Mountain View on Saturday the 6th from 7pm. RSVP on the linked announcement. # 27th August 2008, 12:07 pm

Django documentation (for 1.0). The documentation refactor is in: the docs for the upcoming 1.0 release have been tidied up, rearranged and ported to a new documentation system based on Sphinx (the Python documentation toolkit, NOT the full-text search engine). The URL has also changed to # 24th August 2008, 10:49 am

The Python Property Builtin. The always-educational Adam Gomaa explains the Python property built-in and shows how it can be used to improve Django’s model-based URL generation. # 23rd August 2008, 1:08 pm

django-timezones. Models, form fields and a template filter for dealing with timezones in Django. # 21st August 2008, 11:18 pm

Persistent Django on Amazon EC2 and EBS—the easy way. Useful tutorial on getting Django up and running on EC2 with EBS for a persistent PostgreSQL database. # 21st August 2008, 9:32 pm

Cyberstar. Adrian made the front cover of the Chicago Tribune magazine! # 18th August 2008, 11:56 pm

minidetector. Neat piece of Django middleware that adds a “mobile = True” attribute to the request object if the request’s user-agent matches a list of strings of known low-power browsers in mobiles, PDAs or game consoles. # 15th August 2008, 8:21 am

This Week in Django. After 33 episodes Django’s usually-weekly podcast finally has its own website. # 14th August 2008, 2:57 pm

Django snippets: RequestFactory. I’ve been wanting this for ages; when I finally got around to writing it it turned out to only be a dozen or so lines of code. Makes it easy to create mock request objects in Django, which you can then use for testing view functions directly (bypassing the current test client mechanism which requires views to be assigned to a URLconf before they can be tested). # 12th August 2008, 12:40 pm

Changeset 8266—Added ModelAdmin.save_model() and ModelAdmin.save_formset() methods. One of those small changes that opens up enormous possibilities—it’s now incredibly easy to customise exactly how a model is saved in the Django admin interface by over-riding the save_model method. # 10th August 2008, 1:17 pm

Django 1.0 alpha 2 release notes (via) The last preview release before the 1.0 beta. Big new features are GeoDjango, pluggable file storage (which went in earlier today) and Jython compatibility. The beta is scheduled for August 14th. # 8th August 2008, 11:57 pm

South. A brand new light-weight Django migrations tool from Andrew Godwin. On first glance, this is spookily similar to the system we’ve been putting together at GCap. # 8th August 2008, 11:42 am

GeoDjango Documentation. Merged to Django trunk a few hours ago. The tutorial isn’t there yet, but the rest of the docs are worth exploring. # 5th August 2008, 11:06 pm

A Django Cache Status. Django view to display stats pulled from your memcached server. # 25th August 2007, 2:08 pm

Satchmo 0.5 Release. Django powered e-commerce application, “the webshop for perfectionists with deadlines”. # 22nd August 2007, 10:36 pm

Django and the iPhone tutorial. How to install SSH, Python and Django on your iPhone and get Django running against the call database. Less complicated than I expected. # 21st August 2007, 11:34 am

BabelDjango. Tools for integrating Christopher Lenz’s Babel i18n framework with Django. # 20th August 2007, 2:59 pm