Expected December 2023
Welcome to Django 5.0!
These release notes cover the new features, as well as some backwards incompatible changes you’ll want to be aware of when upgrading from Django 4.2 or earlier. We’ve begun the deprecation process for some features.
See the How to upgrade Django to a newer version guide if you’re updating an existing project.
Django 5.0 supports Python 3.10, 3.11, and 3.12. We highly recommend and only officially support the latest release of each series.
The Django 4.2.x series is the last to support Python 3.8 and 3.9.
Following the release of Django 5.0, we suggest that third-party app authors
drop support for all versions of Django prior to 4.2. At that time, you should
be able to run your package’s tests using python -Wd
so that deprecation
warnings appear. After making the deprecation warning fixes, your app should be
compatible with Django 5.0.
Facet counts are now shown for applied filters in the admin changelist when
toggled on via the UI. This behavior can be changed via the new
ModelAdmin.show_facets
attribute. For more information see
Facets.
django.contrib.admin
¶The new AdminSite.get_log_entries()
method allows customizing the
queryset for the site’s listed log entries.
The django.contrib.admin.AllValuesFieldListFilter
,
ChoicesFieldListFilter
, RelatedFieldListFilter
, and
RelatedOnlyFieldListFilter
admin filters now handle multi-valued query
parameters.
django.contrib.admindocs
¶…
django.contrib.auth
¶The default iteration count for the PBKDF2 password hasher is increased from 600,000 to 720,000.
AuthenticationMiddleware
now adds an HttpRequest.auser()
asynchronous method that returns the currently logged-in user.
django.contrib.contenttypes
¶…
django.contrib.gis
¶The new
ClosestPoint()
function returns a 2-dimensional point on the geometry that is closest to
another geometry.
django.contrib.messages
¶…
django.contrib.postgres
¶The new violation_error_code
attribute of
ExclusionConstraint
allows
customizing the code
of ValidationError
raised during
model validation.
django.contrib.redirects
¶…
django.contrib.sessions
¶…
django.contrib.sitemaps
¶…
django.contrib.sites
¶…
django.contrib.staticfiles
¶…
…
…
…
…
sensitive_variables()
and
sensitive_post_parameters()
can now be
used with asynchronous functions.
…
…
ChoiceField.choices
now accepts
Choices classes directly instead of
requiring expansion with the choices
attribute.
…
…
…
…
…
The new create_defaults
argument of QuerySet.update_or_create()
and QuerySet.aupdate_or_create()
methods allows specifying a different
field values for the create operation.
The new violation_error_code
attribute of
BaseConstraint
,
CheckConstraint
, and
UniqueConstraint
allows customizing the code
of ValidationError
raised during
model validation.
Field.choices
now accepts
Choices classes directly instead of
requiring expansion with the choices
attribute.
…
…
…
The new Signal.asend()
and Signal.asend_robust()
methods allow
asynchronous signal dispatch. Signal receivers may be synchronous or
asynchronous, and will be automatically adapted to the correct calling style.
…
…
…
…
…
This section describes changes that may be needed in third-party database backends.
…
create_defaults__exact
may now be required with QuerySet.update_or_create()
¶QuerySet.update_or_create()
now supports the parameter
create_defaults
. As a consequence, any models that have a field named
create_defaults
that are used with an update_or_create()
should specify
the field in the lookup with create_defaults__exact
.
The instance
argument of the undocumented
BaseModelFormSet.save_existing()
method is renamed to obj
.
The undocumented django.contrib.admin.helpers.checkbox
is removed.
Integer fields are now validated as 64-bit integers on SQLite to match the
behavior of sqlite3
.
The DjangoDivFormRenderer
and Jinja2DivFormRenderer
transitional form
renderers are deprecated.
Passing positional arguments name
and violation_error_message
to
BaseConstraint
is deprecated in favor of
keyword-only arguments.
These features have reached the end of their deprecation cycle and are removed in Django 5.0.
See Features deprecated in 4.0 for details on these changes, including how to remove usage of these features.
The SERIALIZE
test setting is removed.
The undocumented django.utils.baseconv
module is removed.
The undocumented django.utils.datetime_safe
module is removed.
The default value of the USE_TZ
setting is changed from False
to
True
.
The default sitemap protocol for sitemaps built outside the context of a
request is changed from 'http'
to 'https'
.
The extra_tests
argument for DiscoverRunner.build_suite()
and
DiscoverRunner.run_tests()
is removed.
The django.contrib.postgres.aggregates.ArrayAgg
, JSONBAgg
, and
StringAgg
aggregates no longer return []
, []
, and ''
,
respectively, when there are no rows.
The USE_L10N
setting is removed.
The USE_DEPRECATED_PYTZ
transitional setting is removed.
Support for pytz
timezones is removed.
The is_dst
argument is removed from:
QuerySet.datetimes()
django.utils.timezone.make_aware()
django.db.models.functions.Trunc()
django.db.models.functions.TruncSecond()
django.db.models.functions.TruncMinute()
django.db.models.functions.TruncHour()
django.db.models.functions.TruncDay()
django.db.models.functions.TruncWeek()
django.db.models.functions.TruncMonth()
django.db.models.functions.TruncQuarter()
django.db.models.functions.TruncYear()
The django.contrib.gis.admin.GeoModelAdmin
and OSMGeoAdmin
classes
are removed.
The undocumented BaseForm._html_output()
method is removed.
The ability to return a str
, rather than a SafeString
, when rendering
an ErrorDict
and ErrorList
is removed.
See Features deprecated in 4.1 for details on these changes, including how to remove usage of these features.
The SitemapIndexItem.__str__()
method is removed.
The CSRF_COOKIE_MASKED
transitional setting is removed.
The name
argument of django.utils.functional.cached_property()
is
removed.
The opclasses
argument of
django.contrib.postgres.constraints.ExclusionConstraint
is removed.
The undocumented ability to pass errors=None
to
SimpleTestCase.assertFormError()
and assertFormsetError()
is removed.
django.contrib.sessions.serializers.PickleSerializer
is removed.
The usage of QuerySet.iterator()
on a queryset that prefetches related
objects without providing the chunk_size
argument is no longer allowed.
Passing unsaved model instances to related filters is no longer allowed.
created=True
is required in the signature of
RemoteUserBackend.configure_user()
subclasses.
Support for logging out via GET
requests in the
django.contrib.auth.views.LogoutView
and
django.contrib.auth.views.logout_then_login()
is removed.
The django.utils.timezone.utc
alias to datetime.timezone.utc
is
removed.
Passing a response object and a form/formset name to
SimpleTestCase.assertFormError()
and assertFormSetError()
is no
longer allowed.
The django.contrib.gis.admin.OpenLayersWidget
is removed.
The django.contrib.auth.hashers.CryptPasswordHasher
is removed.
The "django/forms/default.html"
and
"django/forms/formsets/default.html"
templates are removed.
The default form and formset rendering style is changed to the div-based.
Passing nulls_first=False
or nulls_last=False
to Expression.asc()
and Expression.desc()
methods, and the OrderBy
expression is no
longer allowed.
Mar 22, 2023