September 2, 2014
Welcome to Django 1.7!
These release notes cover the new features, as well as some backwards incompatible changes you’ll want to be aware of when upgrading from Django 1.6 or older versions. We’ve begun the deprecation process for some features, and some features have reached the end of their deprecation process and have been removed.
Django 1.7 requires Python 2.7, 3.2, 3.3, or 3.4. We highly recommend and only officially support the latest release of each series.
The Django 1.6 series is the last to support Python 2.6. Django 1.7 is the first release to support Python 3.4.
This change should affect only a small number of Django users, as most operating-system vendors today are shipping Python 2.7 or newer as their default version. If you’re still using Python 2.6, however, you’ll need to stick to Django 1.6 until you can upgrade your Python version. Per our support policy, Django 1.6 will continue to receive security support until the release of Django 1.8.
Django now has built-in support for schema migrations. It allows models to be updated, changed, and deleted by creating migration files that represent the model changes and which can be run on any development, staging or production database.
Migrations are covered in their own documentation, but a few of the key features are:
syncdb
has been deprecated and replaced by migrate
. Don’t worry -
calls to syncdb
will still work as before.
A new makemigrations
command provides an easy way to autodetect changes
to your models and make migrations for them.
django.db.models.signals.pre_syncdb
and
django.db.models.signals.post_syncdb
have been deprecated,
to be replaced by pre_migrate
and
post_migrate
respectively. These
new signals have slightly different arguments. Check the
documentation for details.
The allow_syncdb
method on database routers is now called allow_migrate
,
but still performs the same function. Routers with allow_syncdb
methods
will still work, but that method name is deprecated and you should change
it as soon as possible (nothing more than renaming is required).
initial_data
fixtures are no longer loaded for apps with migrations; if
you want to load initial data for an app, we suggest you create a migration for
your application and define a RunPython
or RunSQL
operation in the operations
section of the migration.
Test rollback behavior is different for apps with migrations; in particular,
Django will no longer emulate rollbacks on non-transactional databases or
inside TransactionTestCase
unless specifically requested.
It is not advised to have apps without migrations depend on (have a
ForeignKey
or
ManyToManyField
to) apps with migrations.
Historically, Django applications were tightly linked to models. A singleton known as the “app cache” dealt with both installed applications and models. The models module was used as an identifier for applications in many APIs.
As the concept of Django applications matured, this code showed some shortcomings. It has been refactored into an “app registry” where models modules no longer have a central role and where it’s possible to attach configuration data to applications.
Improvements thus far include:
ready()
method of their configuration.models.py
. You don’t have to set
app_label
explicitly any more.models.py
entirely if an application doesn’t
have any models.label
attribute of application configurations, to work around label conflicts.verbose_name
of application configurations.autodiscover()
when Django starts. You can consequently remove this line from your
URLconf.To help power both schema migrations and to enable easier addition of
composite keys in future releases of Django, the
Field
API now has a new required method:
deconstruct()
.
This method takes no arguments, and returns a tuple of four items:
name
: The field’s attribute name on its parent model, or None
if it
is not part of a modelpath
: A dotted, Python path to the class of this field, including the class name.args
: Positional arguments, as a listkwargs
: Keyword arguments, as a dictThese four values allow any field to be serialized into a file, as well as allowing the field to be copied safely, both essential parts of these new features.
This change should not affect you unless you write custom Field subclasses;
if you do, you may need to reimplement the deconstruct()
method if your
subclass changes the method signature of __init__
in any way. If your
field just inherits from a built-in Django field and doesn’t override __init__
,
no changes are necessary.
If you do need to override deconstruct()
, a good place to start is the
built-in Django fields (django/db/models/fields/__init__.py
) as several
fields, including DecimalField
and DateField
, override it and show how
to call the method on the superclass and simply add or remove extra arguments.
This also means that all arguments to fields must themselves be serializable; to see what we consider serializable, and to find out how to make your own classes serializable, read the migration serialization documentation.
QuerySet
methods from the Manager
¶Historically, the recommended way to make reusable model queries was to create
methods on a custom Manager
class. The problem with this approach was that
after the first method call, you’d get back a QuerySet
instance and
couldn’t call additional custom manager methods.
Though not documented, it was common to work around this issue by creating a
custom QuerySet
so that custom methods could be chained; but the solution
had a number of drawbacks:
QuerySet
and its custom methods were lost after the first
call to values()
or values_list()
.Manager
was still necessary to return the custom
QuerySet
class and all methods that were desired on the Manager
had to be proxied to the QuerySet
. The whole process went against
the DRY principle.The QuerySet.as_manager()
class method can now directly create Manager with QuerySet methods:
class FoodQuerySet(models.QuerySet):
def pizzas(self):
return self.filter(kind='pizza')
def vegetarian(self):
return self.filter(vegetarian=True)
class Food(models.Model):
kind = models.CharField(max_length=50)
vegetarian = models.BooleanField(default=False)
objects = FoodQuerySet.as_manager()
Food.objects.pizzas().vegetarian()
It is now possible to specify a custom manager when traversing a reverse relationship:
class Blog(models.Model):
pass
class Entry(models.Model):
blog = models.ForeignKey(Blog)
objects = models.Manager() # Default Manager
entries = EntryManager() # Custom Manager
b = Blog.objects.get(id=1)
b.entry_set(manager='entries').all()
We’ve added a new System check framework for detecting common problems (like invalid models) and providing hints for resolving those problems. The framework is extensible so you can add your own checks for your own apps and libraries.
To perform system checks, you use the check
management command.
This command replaces the older validate
management command.
The “today” and “now” shortcuts next to date and time input widgets in the admin are now operating in the current time zone. Previously, they used the browser time zone, which could result in saving the wrong value when it didn’t match the current time zone on the server.
In addition, the widgets now display a help message when the browser and server time zone are different, to clarify how the value inserted in the field will be interpreted.
Prior to Python 2.7, database cursors could be used as a context manager. The specific backend’s cursor defined the behavior of the context manager. The behavior of magic method lookups was changed with Python 2.7 and cursors were no longer usable as context managers.
Django 1.7 allows a cursor to be used as a context manager. That is, the following can be used:
with connection.cursor() as c:
c.execute(...)
instead of:
c = connection.cursor()
try:
c.execute(...)
finally:
c.close()
It is now possible to write custom lookups and transforms for the ORM.
Custom lookups work just like Django’s built-in lookups (e.g. lte
,
icontains
) while transforms are a new concept.
The django.db.models.Lookup
class provides a way to add lookup
operators for model fields. As an example it is possible to add day_lte
operator for DateFields
.
The django.db.models.Transform
class allows transformations of
database values prior to the final lookup. For example it is possible to
write a year
transform that extracts year from the field’s value.
Transforms allow for chaining. After the year
transform has been added
to DateField
it is possible to filter on the transformed value, for
example qs.filter(author__birthdate__year__lte=1981)
.
For more information about both custom lookups and transforms refer to the custom lookups documentation.
Form
error handling¶Form.add_error()
¶Previously there were two main patterns for handling errors in forms:
ValidationError
from within certain
functions (e.g. Field.clean()
, Form.clean_<fieldname>()
, or
Form.clean()
for non-field errors.)Form._errors
when targeting a specific field in
Form.clean()
or adding errors from outside of a “clean” method
(e.g. directly from a view).Using the former pattern was straightforward since the form can guess from the context (i.e. which method raised the exception) where the errors belong and automatically process them. This remains the canonical way of adding errors when possible. However the latter was fiddly and error-prone, since the burden of handling edge cases fell on the user.
The new add_error()
method allows adding errors
to specific form fields from anywhere without having to worry about the details
such as creating instances of django.forms.utils.ErrorList
or dealing with
Form.cleaned_data
. This new API replaces manipulating Form._errors
which now becomes a private API.
See Cleaning and validating fields that depend on each other for an example using
Form.add_error()
.
The ValidationError
constructor accepts metadata
such as error code
or params
which are then available for interpolating
into the error message (see Raising ValidationError for more details);
however, before Django 1.7 those metadata were discarded as soon as the errors
were added to Form.errors
.
Form.errors
and
django.forms.utils.ErrorList
now store the ValidationError
instances
so these metadata can be retrieved at any time through the new
Form.errors.as_data
method.
The retrieved ValidationError
instances can then be identified thanks to
their error code
which enables things like rewriting the error’s message
or writing custom logic in a view when a given error is present. It can also
be used to serialize the errors in a custom format such as XML.
The new Form.errors.as_json()
method is a convenience method which returns error messages along with error
codes serialized as JSON. as_json()
uses as_data()
and gives an idea
of how the new system could be extended.
Heavy changes to the various error containers were necessary in order
to support the features above, specifically
Form.errors
,
django.forms.utils.ErrorList
, and the internal storages of
ValidationError
. These containers which used
to store error strings now store ValidationError
instances and public APIs
have been adapted to make this as transparent as possible, but if you’ve been
using private APIs, some of the changes are backwards incompatible; see
ValidationError constructor and internal storage for more details.
django.contrib.admin
¶site_header
,
site_title
, and
index_title
attributes on a custom
AdminSite
in order to easily change the admin
site’s page title and header text. No more needing to override templates!django.contrib.admin
now use the border-radius
CSS
property for rounded corners rather than GIF background images.app-<app_name>
and model-<model_name>
classes in their <body>
tag to allow customizing the CSS per app or per
model.field-<field_name>
class in the
HTML to enable style customizations.django.contrib.admin.ModelAdmin.get_search_fields()
method.ModelAdmin.get_fields()
method may be overridden to
customize the value of ModelAdmin.fields
.admin.site.register
syntax, you can use the
new register()
decorator to register a
ModelAdmin
.ModelAdmin.list_display_links
= None
to disable
links on the change list page grid.ModelAdmin.view_on_site
to control whether or not to
display the “View on site” link.ModelAdmin.list_display
value by prefixing the
admin_order_field
value with a hyphen.ModelAdmin.get_changeform_initial_data()
method may be
overridden to define custom behavior for setting initial change form data.django.contrib.auth
¶**kwargs
passed to
email_user()
are passed to the
underlying send_mail()
call.permission_required()
decorator can
take a list of permissions as well as a single permission.AuthenticationForm.confirm_login_allowed()
method
to more easily customize the login policy.django.contrib.auth.views.password_reset()
takes an optional
html_email_template_name
parameter used to send a multipart HTML email
for password resets.AbstractBaseUser.get_session_auth_hash()
method was added and if your AUTH_USER_MODEL
inherits from
AbstractBaseUser
, changing a user’s
password now invalidates old sessions if the
django.contrib.auth.middleware.SessionAuthenticationMiddleware
is
enabled. See Session invalidation on password change for more details.django.contrib.formtools
¶WizardView.done()
now include a form_dict
to allow easier
access to forms by their step name.django.contrib.gis
¶crosses
, disjoint
,
overlaps
, touches
and within
predicates, if GEOS 3.3 or later is
installed.django.contrib.messages
¶django.contrib.messages
that use cookies, will now
follow the SESSION_COOKIE_SECURE
and
SESSION_COOKIE_HTTPONLY
settings.DEFAULT_MESSAGE_LEVELS
.Message
objects now have a
level_tag
attribute that contains the string representation of the
message level.django.contrib.redirects
¶RedirectFallbackMiddleware
has two new attributes
(response_gone_class
and
response_redirect_class
)
that specify the types of HttpResponse
instances the
middleware returns.django.contrib.sessions
¶"django.contrib.sessions.backends.cached_db"
session backend now
respects SESSION_CACHE_ALIAS
. In previous versions, it always used
the default
cache.django.contrib.sitemaps
¶sitemap framework
now makes use of
lastmod
to set a Last-Modified
header in the response. This makes it possible for the
ConditionalGetMiddleware
to handle
conditional GET
requests for sitemaps which set lastmod
.django.contrib.sites
¶django.contrib.sites.middleware.CurrentSiteMiddleware
allows
setting the current site on each request.django.contrib.staticfiles
¶The static files storage classes may be
subclassed to override the permissions that collected static files and
directories receive by setting the
file_permissions_mode
and directory_permissions_mode
parameters. See collectstatic
for example usage.
The CachedStaticFilesStorage
backend gets a sibling class called
ManifestStaticFilesStorage
that doesn’t use the cache system at all but instead a JSON file called
staticfiles.json
for storing the mapping between the original file name
(e.g. css/styles.css
) and the hashed file name (e.g.
css/styles.55e7cbb9ba48.css
). The staticfiles.json
file is created
when running the collectstatic
management command and should
be a less expensive alternative for remote storages such as Amazon S3.
See the ManifestStaticFilesStorage
docs for more information.
findstatic
now accepts verbosity flag level 2, meaning it will
show the relative paths of the directories it searched. See
findstatic
for example output.
django.contrib.syndication
¶Atom1Feed
syndication feed’s
updated
element now utilizes updateddate
instead of pubdate
,
allowing the published
element to be included in the feed (which
relies on pubdate
).CACHES
is now available via
django.core.cache.caches
. This dict-like object provides a different
instance per thread. It supersedes django.core.cache.get_cache()
which
is now deprecated.django.core.cache.caches
now yields
different instances per thread.TIMEOUT
argument of the
CACHES
setting as None
will set the cache keys as
“non-expiring” by default. Previously, it was only possible to pass
timeout=None
to the cache backend’s set()
method.CSRF_COOKIE_AGE
setting facilitates the use of session-based
CSRF cookies.send_mail()
now accepts an html_message
parameter for sending a multipart text/plain and
text/html email.EmailBackend
now accepts a
timeout
parameter.UploadedFile.content_type_extra
attribute
contains extra parameters passed to the content-type
header on a file
upload.FILE_UPLOAD_DIRECTORY_PERMISSIONS
setting controls
the file system permissions of directories created during file upload, like
FILE_UPLOAD_PERMISSIONS
does for the files themselves.FileField.upload_to
attribute is now optional. If it is omitted or given None
or an empty
string, a subdirectory won’t be used for storing the uploaded files.file
in the upload handler.Storage.get_available_name()
now appends an
underscore plus a random 7 character alphanumeric string (e.g.
"_x3a1gho"
), rather than iterating through an underscore followed by a
number (e.g. "_1"
, "_2"
, etc.) to prevent a denial-of-service attack.
This change was also made in the 1.6.6, 1.5.9, and 1.4.14 security releases.<label>
and <input>
tags rendered by
RadioSelect
and
CheckboxSelectMultiple
when looping over the radio
buttons or checkboxes now include for
and id
attributes, respectively.
Each radio button or checkbox includes an id_for_label
attribute to
output the element’s ID.<textarea>
tags rendered by Textarea
now
include a maxlength
attribute if the TextField
model field has a max_length
.Field.choices
now allows you to
customize the “empty choice” label by including a tuple with an empty string
or None
for the key and the custom label as the value. The default blank
option "----------"
will be omitted in this case.MultiValueField
allows optional subfields by setting
the require_all_fields
argument to False
. The required
attribute
for each individual field will be respected, and a new incomplete
validation error will be raised when any required fields are empty.clean()
method on a form no longer needs to
return self.cleaned_data
. If it does return a changed dictionary then
that will still be used.TypedChoiceField
coerce
method return an arbitrary
value.SelectDateWidget.months
can be used to
customize the wording of the months displayed in the select widget.min_num
and validate_min
parameters were added to
formset_factory()
to allow validating
a minimum number of submitted forms.Form
and ModelForm
have been reworked to
support more inheritance scenarios. The previous limitation that prevented
inheriting from both Form
and ModelForm
simultaneously have been
removed as long as ModelForm
appears first in the MRO.Form
when subclassing by
setting the name to None
.ModelForm
’s
unique
, unique_for_date
, and unique_together
constraints.
In order to support unique_together
or any other NON_FIELD_ERROR
,
ModelForm
now looks for the NON_FIELD_ERROR
key in the
error_messages
dictionary of the ModelForm
’s inner Meta
class.
See considerations regarding model’s error_messages for more details.django.middleware.locale.LocaleMiddleware.response_redirect_class
attribute allows you to customize the redirects issued by the middleware.LocaleMiddleware
now stores the user’s
selected language with the session key _language
. This should only be
accessed using the LANGUAGE_SESSION_KEY
constant. Previously it was stored with the key django_language
and the
LANGUAGE_SESSION_KEY
constant did not exist, but keys reserved for Django
should start with an underscore. For backwards compatibility django_language
is still read from in 1.7. Sessions will be migrated to the new key
as they are written.blocktrans
tag now supports a trimmed
option. This
option will remove newline characters from the beginning and the end of the
content of the {% blocktrans %}
tag, replace any whitespace at the
beginning and end of a line and merge all lines into one using a space
character to separate them. This is quite useful for indenting the content of
a {% blocktrans %}
tag without having the indentation characters end up
in the corresponding entry in the PO file, which makes the translation
process easier.makemessages
from the root directory of your project,
any extracted strings will now be automatically distributed to the proper
app or project message file. See Localization: how to create language files for
details.makemessages
command now always adds the --previous
command line flag to the msgmerge
command, keeping previously translated
strings in po files for fuzzy strings.LANGUAGE_COOKIE_AGE
, LANGUAGE_COOKIE_DOMAIN
and LANGUAGE_COOKIE_PATH
.The new --no-color
option for django-admin
disables the
colorization of management command output.
The new dumpdata --natural-foreign
and dumpdata
--natural-primary
options, and the new use_natural_foreign_keys
and
use_natural_primary_keys
arguments for serializers.serialize()
, allow
the use of natural primary keys when serializing.
It is no longer necessary to provide the cache table name or the
--database
option for the createcachetable
command.
Django takes this information from your settings file. If you have configured
multiple caches or multiple databases, all cache tables are created.
The runserver
command received several improvements:
compilemessages
.favicon.ico
that used to be filtered out.Management commands can now produce syntax colored output under Windows if the ANSICON third-party tool is installed and active.
collectstatic
command with symlink option is now supported on
Windows NT 6 (Windows Vista and newer).
Initial SQL data now works better if the sqlparse Python library is installed.
Note that it’s deprecated in favor of the
RunSQL
operation of migrations,
which benefits from the improved behavior.
QuerySet.update_or_create()
method was added.default_permissions
model
Meta
option allows you to customize (or disable) creation of the default
add, change, and delete permissions.OneToOneField
for
Multi-table inheritance are now discovered in abstract classes.OneToOneField
by setting its
related_name
to
'+'
or ending it with '+'
.F expressions
support the power operator
(**
).remove()
and clear()
methods of the related managers created by
ForeignKey
and GenericForeignKey
now accept the bulk
keyword
argument to control whether or not to perform operations in bulk
(i.e. using QuerySet.update()
). Defaults to True
.None
as a query value for the iexact
lookup.limit_choices_to
when defining a
ForeignKey
or ManyToManyField
.only()
and
defer()
on the result of
QuerySet.values()
now raises
an error (before that, it would either result in a database error or
incorrect data).index_together
(rather than a list of lists) when specifying a single set of fields.ManyToManyField.through_fields
argument.internal_type
.
Previously model field validation didn’t prevent values out of their associated
column data type range from being saved resulting in an integrity error.order_by()
a relation _id
field by using its attribute name.enter
argument was added to the
setting_changed
signal.str
of the
'app_label.ModelName'
form – just like related fields – to lazily
reference their senders.Context.push()
method now returns
a context manager which automatically calls pop()
upon exiting the with
statement.
Additionally, push()
now accepts
parameters that are passed to the dict
constructor used to build the new
context level.Context.flatten()
method
returns a Context
’s stack as one flat dictionary.Context
objects can now be compared for equality (internally, this
uses Context.flatten()
so the
internal structure of each Context
’s stack doesn’t matter as long as their
flattened version is identical).widthratio
template tag now accepts an "as"
parameter to
capture the result in a variable.include
template tag will now also accept anything with a
render()
method (such as a Template
) as an argument. String
arguments will be looked up using
get_template()
as always.include
templates recursively.TEMPLATE_DEBUG
is True
. This allows template origins to be
inspected and logged outside of the django.template
infrastructure.TypeError
exceptions are no longer silenced when raised during the
rendering of a template.dirs
parameter which is a list or
tuple to override TEMPLATE_DIRS
:django.template.loader.get_template()
django.template.loader.select_template()
django.shortcuts.render()
django.shortcuts.render_to_response()
time
filter now accepts timezone-related format
specifiers 'e'
, 'O'
, 'T'
and 'Z'
and is able to digest time-zone-aware datetime
instances performing the expected
rendering.cache
tag will now try to use the cache called
“template_fragments” if it exists and fall back to using the default cache
otherwise. It also now accepts an optional using
keyword argument to
control which cache it uses.truncatechars_html
filter truncates a string to be no
longer than the specified number of characters, taking HTML into account.HttpRequest.scheme
attribute
specifies the scheme of the request (http
or https
normally).redirect()
now supports
relative URLs.JsonResponse
subclass of
HttpResponse
helps easily create JSON-encoded responses.DiscoverRunner
has two new attributes,
test_suite
and
test_runner
, which facilitate
overriding the way tests are collected and run.fetch_redirect_response
argument was added to
assertRedirects()
. Since the test
client can’t fetch externals URLs, this allows you to use assertRedirects
with redirects that aren’t part of your Django app.assertRedirects()
.secure
argument was added to all the request methods of
Client
. If True
, the request will be made
through HTTPS.assertNumQueries()
now prints
out the list of executed queries if the assertion fails.WSGIRequest
instance generated by the test handler is now attached to
the django.test.Response.wsgi_request
attribute.TEST
.strip_tags()
accuracy (but it still cannot
guarantee an HTML-safe result, as stated in the documentation).RegexValidator
now accepts the optional
flags
and
Boolean inverse_match
arguments.
The inverse_match
attribute
determines if the ValidationError
should
be raised when the regular expression pattern matches (True
) or does not
match (False
, by default) the provided value
. The
flags
attribute sets the flags
used when compiling a regular expression string.URLValidator
now accepts an optional
schemes
argument which allows customization of the accepted URI schemes
(instead of the defaults http(s)
and ftp(s)
).validate_email()
now accepts addresses with
IPv6 literals, like example@[2001:db8::1]
, as specified in RFC 5321.Warning
In addition to the changes outlined in this section, be sure to review the deprecation plan for any features that have been removed. If you haven’t updated your code within the deprecation timeline for a given feature, its removal may appear as a backwards incompatible change.
allow_syncdb
/ allow_migrate
¶While Django will still look at allow_syncdb
methods even though they
should be renamed to allow_migrate
, there is a subtle difference in which
models get passed to these methods.
For apps with migrations, allow_migrate
will now get passed
historical models, which are special versioned models
without custom attributes, methods or managers. Make sure your allow_migrate
methods are only referring to fields or other items in model._meta
.
Apps with migrations will not load initial_data
fixtures when they have
finished migrating. Apps without migrations will continue to load these fixtures
during the phase of migrate
which emulates the old syncdb
behavior,
but any new apps will not have this support.
Instead, you are encouraged to load initial data in migrations if you need it
(using the RunPython
operation and your model classes);
this has the added advantage that your initial data will not need updating
every time you change the schema.
Additionally, like the rest of Django’s old syncdb
code, initial_data
has been started down the deprecation path and will be removed in Django 1.9.
Django now requires all Field classes and all of their constructor arguments to be serializable. If you modify the constructor signature in your custom Field in any way, you’ll need to implement a deconstruct() method; we’ve expanded the custom field documentation with instructions on implementing this method.
The requirement for all field arguments to be serializable means that any custom class instances being passed into Field constructors - things like custom Storage subclasses, for instance - need to have a deconstruct method defined on them as well, though Django provides a handy class decorator that will work for most applications.
Django 1.7 loads application configurations and models as soon as it starts. While this behavior is more straightforward and is believed to be more robust, regressions cannot be ruled out. See Troubleshooting for solutions to some problems you may encounter.
If you’re using Django in a plain Python script — rather than a management
command — and you rely on the DJANGO_SETTINGS_MODULE
environment
variable, you must now explicitly initialize Django at the beginning of your
script with:
>>> import django
>>> django.setup()
Otherwise, you will hit an AppRegistryNotReady
exception.
Until Django 1.3, the recommended way to create a WSGI application was:
import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()
In Django 1.4, support for WSGI was improved and the API changed to:
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()
If you’re still using the former style in your WSGI script, you need to
upgrade to the latter, or you will hit an AppRegistryNotReady
exception.
It is no longer possible to have multiple installed applications with the same label. In previous versions of Django, this didn’t always work correctly, but didn’t crash outright either.
If you have two apps with the same label, you should create an
AppConfig
for one of them and override its
label
there. You should then adjust your code
wherever it references this application or its models with the old label.
It isn’t possible to import the same model twice through different paths any
more. As of Django 1.6, this may happen only if you’re manually putting a
directory and a subdirectory on PYTHONPATH
. Refer to the section on
the new project layout in the 1.4 release notes for
migration instructions.
You should make sure that:
INSTALLED_APPS
or have an explicit
app_label
.Django will enforce these requirements as of version 1.9, after a deprecation period.
Subclasses of AppCommand
must now implement a
handle_app_config()
method instead of
handle_app()
. This method receives an AppConfig
instance instead of a models module.
Since INSTALLED_APPS
now supports application configuration classes
in addition to application modules, you should review code that accesses this
setting directly and use the app registry (django.apps.apps
) instead.
The app registry has preserved some features of the old app cache. Even though the app cache was a private API, obsolete methods and arguments will be removed through a standard deprecation path, with the exception of the following changes that take effect immediately:
get_model
raises LookupError
instead of returning None
when no
model is found.only_installed
argument of get_model
and get_models
no
longer exists, nor does the seed_cache
argument of get_model
.INSTALLED_APPS
¶When several applications provide management commands with the same name,
Django loads the command from the application that comes first in
INSTALLED_APPS
. Previous versions loaded the command from the
application that came last.
This brings discovery of management commands in line with other parts of
Django that rely on the order of INSTALLED_APPS
, such as static
files, templates, and translations.
ValidationError
constructor and internal storage¶The behavior of the ValidationError
constructor has changed when it
receives a container of errors as an argument (e.g. a list
or an
ErrorList
):
ValidationError
before adding them to its internal storage.ValidationError
instance and used as internal storage.This means that if you access the ValidationError
internal storages, such
as error_list
; error_dict
; or the return value of
update_error_dict()
you may find instances of ValidationError
where you
would have previously found strings.
Also if you directly assigned the return value of update_error_dict()
to Form._errors
you may inadvertently add list
instances where
ErrorList
instances are expected. This is a problem because unlike a
simple list
, an ErrorList
knows how to handle instances of
ValidationError
.
Most use-cases that warranted using these private APIs are now covered by
the newly introduced Form.add_error()
method:
# Old pattern:
try:
# ...
except ValidationError as e:
self._errors = e.update_error_dict(self._errors)
# New pattern:
try:
# ...
except ValidationError as e:
self.add_error(None, e)
If you need both Django <= 1.6 and 1.7 compatibility you can’t use
Form.add_error()
since it
wasn’t available before Django 1.7, but you can use the following
workaround to convert any list
into ErrorList
:
try:
# ...
except ValidationError as e:
self._errors = e.update_error_dict(self._errors)
# Additional code to ensure ``ErrorDict`` is exclusively
# composed of ``ErrorList`` instances.
for field, error_list in self._errors.items():
if not isinstance(error_list, self.error_class):
self._errors[field] = self.error_class(error_list)
LocMemCache
regarding pickle errors¶An inconsistency existed in previous versions of Django regarding how pickle
errors are handled by different cache backends.
django.core.cache.backends.locmem.LocMemCache
used to fail silently when
such an error occurs, which is inconsistent with other backends and leads to
cache-specific errors. This has been fixed in Django 1.7, see
#21200 for more details.
Previous versions of Django generated cache keys using a request’s path and
query string but not the scheme or host. If a Django application was serving
multiple subdomains or domains, cache keys could collide. In Django 1.7, cache
keys vary by the absolute URL of the request including scheme, host, path, and
query string. For example, the URL portion of a cache key is now generated from
https://www.example.com/path/to/?key=val
rather than /path/to/?key=val
.
The cache keys generated by Django 1.7 will be different from the keys
generated by older versions of Django. After upgrading to Django 1.7, the first
request to any previously cached URL will be a cache miss.
None
to Manager.db_manager()
¶In previous versions of Django, it was possible to use
db_manager(using=None)
on a model manager instance to obtain a manager
instance using default routing behavior, overriding any manually specified
database routing. In Django 1.7, a value of None
passed to db_manager will
produce a router that retains any manually assigned database routing – the
manager will not be reset. This was necessary to resolve an inconsistency in
the way routing information cascaded over joins. See #13724 for more
details.
If your project handles datetimes before 1970 or after 2037 and Django raises
a ValueError
when encountering them, you will have to install pytz. You
may be affected by this problem if you use Django’s time zone-related date
formats or django.contrib.syndication
.
Historically, the Django admin site passed the request from an unauthorized or
unauthenticated user directly to the login view, without HTTP redirection. In
Django 1.7, this behavior changed to conform to a more traditional workflow
where any unauthorized request to an admin page will be redirected (by HTTP
status code 302) to the login page, with the next
parameter set to the
referring path. The user will be redirected there after a successful login.
Note also that the admin login form has been updated to not contain the
this_is_the_login_form
field (now unused) and the ValidationError
code
has been set to the more regular invalid_login
key.
select_for_update()
requires a transaction¶Historically, queries that use
select_for_update()
could be
executed in autocommit mode, outside of a transaction. Before Django
1.6, Django’s automatic transactions mode allowed this to be used to
lock records until the next write operation. Django 1.6 introduced
database-level autocommit; since then, execution in such a context
voids the effect of select_for_update()
. It is, therefore, assumed
now to be an error and raises an exception.
This change was made because such errors can be caused by including an
app which expects global transactions (e.g. ATOMIC_REQUESTS
set to True
), or Django’s old autocommit
behavior, in a project which runs without them; and further, such
errors may manifest as data-corruption bugs. It was also made in
Django 1.6.3.
This change may cause test failures if you use select_for_update()
in a test class which is a subclass of
TransactionTestCase
rather than
TestCase
.
MIDDLEWARE_CLASSES
¶The app-loading refactor
deprecated using models from apps which are not part of the
INSTALLED_APPS
setting. This exposed an incompatibility between
the default INSTALLED_APPS
and MIDDLEWARE_CLASSES
in the
global defaults (django.conf.global_settings
). To bring these settings in
sync and prevent deprecation warnings when doing things like testing reusable
apps with minimal settings,
SessionMiddleware
,
AuthenticationMiddleware
, and
MessageMiddleware
were removed
from the defaults. These classes will still be included in the default settings
generated by startproject
. Most projects will not be affected by
this change but if you were not previously declaring the
MIDDLEWARE_CLASSES
in your project settings and relying on the
global default you should ensure that the new defaults are in line with your
project’s needs. You should also check for any code that accesses
django.conf.global_settings.MIDDLEWARE_CLASSES
directly.
The django.core.files.uploadhandler.FileUploadHandler.new_file()
method is now passed an additional content_type_extra
parameter. If you
have a custom FileUploadHandler
that implements new_file()
, be sure it accepts this new parameter.
ModelFormSet
s no longer
delete instances when save(commit=False)
is called. See
can_delete
for instructions on how
to manually delete objects from deleted forms.
Loading empty fixtures emits a RuntimeWarning
rather than raising
CommandError
.
django.contrib.staticfiles.views.serve()
will now raise an
Http404
exception instead of
ImproperlyConfigured
when DEBUG
is False
. This change removes the need to conditionally add the view to
your root URLconf, which in turn makes it safe to reverse by name. It also
removes the ability for visitors to generate spurious HTTP 500 errors by
requesting static files that don’t exist or haven’t been collected yet.
The django.db.models.Model.__eq__()
method is now defined in a
way where instances of a proxy model and its base model are considered
equal when primary keys match. Previously only instances of exact same
class were considered equal on primary key match.
The django.db.models.Model.__eq__()
method has changed such that
two Model
instances without primary key values won’t be considered
equal (unless they are the same instance).
The django.db.models.Model.__hash__()
method will now raise TypeError
when called on an instance without a primary key value. This is done to
avoid mutable __hash__
values in containers.
AutoField
columns in SQLite databases will now be
created using the AUTOINCREMENT
option, which guarantees monotonic
increments. This will cause primary key numbering behavior to change on
SQLite, becoming consistent with most other SQL databases. This will only
apply to newly created tables. If you have a database created with an older
version of Django, you will need to migrate it to take advantage of this
feature. For example, you could do the following:
django.contrib.auth.models.AbstractUser
no longer defines a
get_absolute_url()
method. The old definition
returned "/users/%s/" % urlquote(self.username)
which was arbitrary
since applications may or may not define such a url in urlpatterns
.
Define a get_absolute_url()
method on your own custom user object or use
ABSOLUTE_URL_OVERRIDES
if you want a URL for your user.
The static asset-serving functionality of the
django.test.LiveServerTestCase
class has been simplified: Now it’s
only able to serve content already present in STATIC_ROOT
when
tests are run. The ability to transparently serve all the static assets
(similarly to what one gets with DEBUG = True
at
development-time) has been moved to a new class that lives in the
staticfiles
application (the one actually in charge of such feature):
django.contrib.staticfiles.testing.StaticLiveServerTestCase
. In other
words, LiveServerTestCase
itself is less powerful but at the same time
has less magic.
Rationale behind this is removal of dependency of non-contrib code on contrib applications.
The old cache URI syntax (e.g. "locmem://"
) is no longer supported. It
still worked, even though it was not documented or officially supported. If
you’re still using it, please update to the current CACHES
syntax.
The default ordering of Form
fields in case of inheritance has changed to
follow normal Python MRO. Fields are now discovered by iterating through the
MRO in reverse with the topmost class coming last. This only affects you if
you relied on the default field ordering while having fields defined on both
the current class and on a parent Form
.
The required
argument of
SelectDateWidget
has been removed.
This widget now respects the form field’s is_required
attribute like
other widgets.
Widget.is_hidden
is now a read-only property, getting its value by
introspecting the presence of input_type == 'hidden'
.
select_related()
now chains in the
same way as other similar calls like prefetch_related
. That is,
select_related('foo', 'bar')
is equivalent to
select_related('foo').select_related('bar')
. Previously the latter would
have been equivalent to select_related('bar')
.
GeoDjango dropped support for GEOS < 3.1.
The init_connection_state
method of database backends now executes in
autocommit mode (unless you set AUTOCOMMIT
to False
). If you maintain a custom database backend, you should check
that method.
The django.db.backends.BaseDatabaseFeatures.allows_primary_key_0
attribute has been renamed to allows_auto_pk_0
to better describe it.
It’s True
for all database backends included with Django except MySQL
which does allow primary keys with value 0. It only forbids autoincrement
primary keys with value 0.
Shadowing model fields defined in a parent model has been forbidden as this
creates ambiguity in the expected model behavior. In addition, clashing
fields in the model inheritance hierarchy result in a system check error.
For example, if you use multi-inheritance, you need to define custom primary
key fields on parent models, otherwise the default id
fields will clash.
See Multiple inheritance for details.
django.utils.translation.parse_accept_lang_header()
now returns
lowercase locales, instead of the case as it was provided. As locales should
be treated case-insensitive this allows us to speed up locale detection.
django.utils.translation.get_language_from_path()
and
django.utils.translation.trans_real.get_supported_language_variant()
now no longer have a supported
argument.
The shortcut
view in django.contrib.contenttypes.views
now supports
protocol-relative URLs (e.g. //example.com
).
GenericRelation
now supports an
optional related_query_name
argument. Setting related_query_name
adds
a relation from the related object back to the content type for filtering,
ordering and other query operations.
When running tests on PostgreSQL, the USER
will need read access
to the built-in postgres
database. This is in lieu of the previous
behavior of connecting to the actual non-test database.
As part of the System check framework, fields,
models, and model managers all implement a check()
method that is registered with the check framework. If you have an existing
method called check()
on one of these objects, you will need to rename it.
As noted above in the “Cache” section of “Minor Features”, defining the
TIMEOUT
argument of the
CACHES
setting as None
will set the cache keys as
“non-expiring”. Previously, with the memcache backend, a
TIMEOUT
of 0
would set non-expiring keys,
but this was inconsistent with the set-and-expire (i.e. no caching) behavior
of set("key", "value", timeout=0)
. If you want non-expiring keys,
please update your settings to use None
instead of 0
as the latter
now designates set-and-expire in the settings as well.
The sql*
management commands now respect the allow_migrate()
method
of DATABASE_ROUTERS
. If you have models synced to non-default
databases, use the --database
flag to get SQL for those models
(previously they would always be included in the output).
Decoding the query string from URLs now falls back to the ISO-8859-1 encoding when the input is not valid UTF-8.
With the addition of the
django.contrib.auth.middleware.SessionAuthenticationMiddleware
to
the default project template (pre-1.7.2 only), a database must be created
before accessing a page using runserver
.
The addition of the schemes
argument to URLValidator
will appear
as a backwards-incompatible change if you were previously using a custom
regular expression to validate schemes. Any scheme not listed in schemes
will fail validation, even if the regular expression matches the given URL.
django.core.cache.get_cache
¶django.core.cache.get_cache
has been supplanted by
django.core.cache.caches
.
django.utils.dictconfig
/django.utils.importlib
¶django.utils.dictconfig
and django.utils.importlib
were copies of
respectively logging.config
and importlib
provided for Python
versions prior to 2.7. They have been deprecated.
django.utils.module_loading.import_by_path
¶The current django.utils.module_loading.import_by_path
function
catches AttributeError
, ImportError
, and ValueError
exceptions,
and re-raises ImproperlyConfigured
. Such
exception masking makes it needlessly hard to diagnose circular import
problems, because it makes it look like the problem comes from inside Django.
It has been deprecated in favor of
import_string()
.
django.utils.tzinfo
¶django.utils.tzinfo
provided two tzinfo
subclasses,
LocalTimezone
and FixedOffset
. They’ve been deprecated in favor of
more correct alternatives provided by django.utils.timezone
,
django.utils.timezone.get_default_timezone()
and
django.utils.timezone.get_fixed_timezone()
.
django.utils.unittest
¶django.utils.unittest
provided uniform access to the unittest2
library
on all Python versions. Since unittest2
became the standard library’s
unittest
module in Python 2.7, and Django 1.7 drops support for older
Python versions, this module isn’t useful anymore. It has been deprecated. Use
unittest
instead.
django.utils.datastructures.SortedDict
¶As OrderedDict
was added to the standard library in
Python 2.7, SortedDict
is no longer needed and has been deprecated.
The two additional, deprecated methods provided by SortedDict
(insert()
and value_for_index()
) have been removed. If you relied on these methods to
alter structures like form fields, you should now treat these OrderedDict
s
as immutable objects and override them to change their content.
For example, you might want to override MyFormClass.base_fields
(although
this attribute isn’t considered a public API) to change the ordering of fields
for all MyFormClass
instances; or similarly, you could override
self.fields
from inside MyFormClass.__init__()
, to change the fields
for a particular form instance. For example (from Django itself):
PasswordChangeForm.base_fields = OrderedDict(
(k, PasswordChangeForm.base_fields[k])
for k in ['old_password', 'new_password1', 'new_password2']
)
Previously, if models were organized in a package (myapp/models/
) rather
than simply myapp/models.py
, Django would look for initial SQL data in
myapp/models/sql/
. This bug has been fixed so that Django
will search myapp/sql/
as documented. After this issue was fixed, migrations
were added which deprecates initial SQL data. Thus, while this change still
exists, the deprecation is irrelevant as the entire feature will be removed in
Django 1.9.
django.contrib.sites
¶django.contrib.sites
provides reduced functionality when it isn’t in
INSTALLED_APPS
. The app-loading refactor adds some constraints in
that situation. As a consequence, two objects were moved, and the old
locations are deprecated:
RequestSite
now lives in
django.contrib.sites.requests
.get_current_site()
now lives in
django.contrib.sites.shortcuts
.declared_fieldsets
attribute on ModelAdmin
¶ModelAdmin.declared_fieldsets
has been deprecated. Despite being a private
API, it will go through a regular deprecation path. This attribute was mostly
used by methods that bypassed ModelAdmin.get_fieldsets()
but this was
considered a bug and has been addressed.
django.contrib.contenttypes
¶Since django.contrib.contenttypes.generic
defined both admin and model
related objects, an import of this module could trigger unexpected side effects.
As a consequence, its contents were split into contenttypes
submodules and the django.contrib.contenttypes.generic
module is deprecated:
GenericForeignKey
and
GenericRelation
now live in
fields
.BaseGenericInlineFormSet
and
generic_inlineformset_factory()
now
live in forms
.GenericInlineModelAdmin
,
GenericStackedInline
and
GenericTabularInline
now live in
admin
.syncdb
¶The syncdb
command has been deprecated in favor of the new migrate
command. migrate
takes the same arguments as syncdb
used to plus a few
more, so it’s safe to just change the name you’re calling and nothing else.
util
modules renamed to utils
¶The following instances of util.py
in the Django codebase have been renamed
to utils.py
in an effort to unify all util and utils references:
django.contrib.admin.util
django.contrib.gis.db.backends.util
django.db.backends.util
django.forms.util
get_formsets
method on ModelAdmin
¶ModelAdmin.get_formsets
has been deprecated in favor of the new
get_formsets_with_inlines()
, in order to
better handle the case of selectively showing inlines on a ModelAdmin
.
IPAddressField
¶The django.db.models.IPAddressField
and django.forms.IPAddressField
fields have been deprecated in favor of
django.db.models.GenericIPAddressField
and
django.forms.GenericIPAddressField
.
BaseMemcachedCache._get_memcache_timeout
method¶The BaseMemcachedCache._get_memcache_timeout()
method has been renamed to
get_backend_timeout()
. Despite being a private API, it will go through the
normal deprecation.
The --natural
and -n
options for dumpdata
have been
deprecated. Use dumpdata --natural-foreign
instead.
Similarly, the use_natural_keys
argument for serializers.serialize()
has been deprecated. Use use_natural_foreign_keys
instead.
POST
and GET
arguments into WSGIRequest.REQUEST
¶It was already strongly suggested that you use GET
and POST
instead of
REQUEST
, because the former are more explicit. The property REQUEST
is
deprecated and will be removed in Django 1.9.
django.utils.datastructures.MergeDict
class¶MergeDict
exists primarily to support merging POST
and GET
arguments into a REQUEST
property on WSGIRequest
. To merge
dictionaries, use dict.update()
instead. The class MergeDict
is
deprecated and will be removed in Django 1.9.
zh-cn
, zh-tw
and fy-nl
¶The currently used language codes for Simplified Chinese zh-cn
,
Traditional Chinese zh-tw
and (Western) Frysian fy-nl
are deprecated
and should be replaced by the language codes zh-hans
, zh-hant
and
fy
respectively. If you use these language codes, you should rename the
locale directories and update your settings to reflect these changes. The
deprecated language codes will be removed in Django 1.9.
django.utils.functional.memoize
function¶The function memoize
is deprecated and should be replaced by the
functools.lru_cache
decorator (available from Python 3.2 onwards).
Django ships a backport of this decorator for older Python versions and it’s
available at django.utils.lru_cache.lru_cache
. The deprecated function will
be removed in Django 1.9.
Google has retired support for the Geo Sitemaps format. Hence Django support for Geo Sitemaps is deprecated and will be removed in Django 1.8.
Callable arguments for querysets were an undocumented feature that was unreliable. It’s been deprecated and will be removed in Django 1.9.
Callable arguments were evaluated when a queryset was constructed rather than when it was evaluated, thus this feature didn’t offer any benefit compared to evaluating arguments before passing them to queryset and created confusion that the arguments may have been evaluated at query time.
ADMIN_FOR
setting¶The ADMIN_FOR
feature, part of the admindocs, has been removed. You can
remove the setting from your configuration at your convenience.
SplitDateTimeWidget
with DateTimeField
¶SplitDateTimeWidget
support in DateTimeField
is
deprecated, use SplitDateTimeWidget
with
SplitDateTimeField
instead.
django.core.management.BaseCommand
¶requires_model_validation
is deprecated in favor of a new
requires_system_checks
flag. If the latter flag is missing, then the
value of the former flag is used. Defining both requires_system_checks
and
requires_model_validation
results in an error.
The check()
method has replaced the old validate()
method.
ModelAdmin
validators¶The ModelAdmin.validator_class
and default_validator_class
attributes
are deprecated in favor of the new checks_class
attribute.
The ModelAdmin.validate()
method is deprecated in favor of
ModelAdmin.check()
.
The django.contrib.admin.validation
module is deprecated.
django.db.backends.DatabaseValidation.validate_field
¶This method is deprecated in favor of a new check_field
method.
The functionality required by check_field()
is the same as that provided
by validate_field()
, but the output format is different. Third-party database
backends needing this functionality should provide an implementation of
check_field()
.
ssi
and url
template tags from future
library¶Django 1.3 introduced {% load ssi from future %}
and
{% load url from future %}
syntax for forward compatibility of the
ssi
and url
template tags. This syntax is now deprecated and
will be removed in Django 1.9. You can simply remove the
{% load ... from future %}
tags.
django.utils.text.javascript_quote
¶javascript_quote()
was an undocumented function present in django.utils.text
.
It was used internally in the javascript_catalog()
view
whose implementation was changed to make use of json.dumps()
instead.
If you were relying on this function to provide safe output from untrusted
strings, you should use django.utils.html.escapejs
or the
escapejs
template filter.
If all you need is to generate valid JavaScript strings, you can simply use
json.dumps()
.
fix_ampersands
utils method and template filter¶The django.utils.html.fix_ampersands
method and the fix_ampersands
template filter are deprecated, as the escaping of ampersands is already taken care
of by Django’s standard HTML escaping features. Combining this with fix_ampersands
would either result in double escaping, or, if the output is assumed to be safe,
a risk of introducing XSS vulnerabilities. Along with fix_ampersands
,
django.utils.html.clean_html
is deprecated, an undocumented function that calls
fix_ampersands
.
As this is an accelerated deprecation, fix_ampersands
and clean_html
will be removed in Django 1.8.
All database settings with a TEST_
prefix have been deprecated in favor of
entries in a TEST
dictionary in the database
settings. The old settings will be supported until Django 1.9. For backwards
compatibility with older versions of Django, you can define both versions of
the settings as long as they match.
FastCGI support via the runfcgi
management command will be removed in
Django 1.9. Please deploy your project using WSGI.
contrib.sites
¶Following the app-loading refactor, two objects in
django.contrib.sites.models
needed to be moved because they must be
available without importing django.contrib.sites.models
when
django.contrib.sites
isn’t installed. Import RequestSite
from
django.contrib.sites.requests
and get_current_site()
from
django.contrib.sites.shortcuts
. The old import locations will work until
Django 1.9.
django.forms.forms.get_declared_fields()
¶Django no longer uses this functional internally. Even though it’s a private API, it’ll go through the normal deprecation cycle.
Private APIs django.db.models.sql.where.WhereNode.make_atom()
and
django.db.models.sql.where.Constraint
are deprecated in favor of the new
custom lookups API.
These features have reached the end of their deprecation cycle and are removed in Django 1.7. See Features deprecated in 1.5 for details, including how to remove usage of these features.
django.utils.simplejson
is removed.django.utils.itercompat.product
is removed.HttpResponse
,
SimpleTemplateResponse
,
TemplateResponse
,
render_to_response()
, index()
, and
sitemap()
no longer take a mimetype
argumentHttpResponse
immediately consumes its content if it’s
an iterator.AUTH_PROFILE_MODULE
setting, and the get_profile()
method on
the User model are removed.cleanup
management command is removed.daily_cleanup.py
script is removed.select_related()
no longer has a
depth
keyword argument.get_warnings_state()
/restore_warnings_state()
functions from django.test.utils
and the save_warnings_state()
/
restore_warnings_state()
django.test.*TestCase are removed.check_for_test_cookie
method in
AuthenticationForm
is removed.django.contrib.auth.views.password_reset_confirm()
that
supports base36 encoded user IDs
(django.contrib.auth.views.password_reset_confirm_uidb36
) is removed.django.utils.encoding.StrAndUnicode
mix-in is removed.May 26, 2021