Django Deprecation Timeline¶
This document outlines when various pieces of Django will be removed or altered in a backward incompatible way, following their deprecation, as per the deprecation policy. More details about each item can often be found in the release notes of two versions prior.
1.4¶
See the Django 1.2 release notes for more details on these changes.
CsrfResponseMiddleware
andCsrfMiddleware
will be removed. Use the{% csrf_token %}
template tag inside forms to enable CSRF protection.CsrfViewMiddleware
remains and is enabled by default.- The old imports for CSRF functionality (
django.contrib.csrf.*
), which moved to core in 1.2, will be removed. - The
django.contrib.gis.db.backend
module will be removed in favor of the specific backends. SMTPConnection
will be removed in favor of a generic Email backend API.- The many to many SQL generation functions on the database backends will be removed.
- The ability to use the
DATABASE_*
family of top-level settings to define database connections will be removed. - The ability to use shorthand notation to specify a database backend
(i.e.,
sqlite3
instead ofdjango.db.backends.sqlite3
) will be removed. - The
get_db_prep_save
,get_db_prep_value
andget_db_prep_lookup
methods will have to support multiple databases. - The
Message
model (indjango.contrib.auth
), its related manager in theUser
model (user.message_set
), and the associated methods (user.message_set.create()
anduser.get_and_delete_messages()
), will be removed. The messages framework should be used instead. The relatedmessages
variable returned by the auth context processor will also be removed. Note that this means that the admin application will depend on the messages context processor. - Authentication backends will need to support the
obj
parameter for permission checking. Thesupports_object_permissions
attribute will no longer be checked and can be removed from custom backends. - Authentication backends will need to support the
AnonymousUser
class being passed to all methods dealing with permissions. Thesupports_anonymous_user
variable will no longer be checked and can be removed from custom backends. - The ability to specify a callable template loader rather than a
Loader
class will be removed, as will theload_template_source
functions that are included with the built in template loaders for backwards compatibility. django.utils.translation.get_date_formats()
anddjango.utils.translation.get_partial_date_formats()
. These functions will be removed; use the locale-awaredjango.utils.formats.get_format()
to get the appropriate formats.- In
django.forms.fields
, the constants:DEFAULT_DATE_INPUT_FORMATS
,DEFAULT_TIME_INPUT_FORMATS
andDEFAULT_DATETIME_INPUT_FORMATS
will be removed. Usedjango.utils.formats.get_format()
to get the appropriate formats. - The ability to use a function-based test runners will be removed,
along with the
django.test.simple.run_tests()
test runner. - The
views.feed()
view andfeeds.Feed
class indjango.contrib.syndication
will be removed. The class-based viewviews.Feed
should be used instead. django.core.context_processors.auth
. This release will remove the old method in favor of the new method indjango.contrib.auth.context_processors.auth
.- The
postgresql
database backend will be removed, use thepostgresql_psycopg2
backend instead. - The
no
language code will be removed and has been replaced by thenb
language code. - Authentication backends will need to define the boolean attribute
supports_inactive_user
until version 1.5 when it will be assumed that all backends will handle inactive users. django.db.models.fields.XMLField
will be removed. This was deprecated as part of the 1.3 release. An accelerated deprecation schedule has been used because the field hasn’t performed any role beyond that of a simpleTextField
since the removal of oldforms. All uses ofXMLField
can be replaced withTextField
.- The undocumented
mixin
parameter to theopen()
method ofdjango.core.files.storage.Storage
(and subclasses) will be removed.
1.5¶
See the Django 1.3 release notes for more details on these changes.
- Starting Django without a
SECRET_KEY
will result in an exception rather than a DeprecationWarning. (This is accelerated from the usual deprecation path; see the Django 1.4 release notes.) - The
mod_python
request handler will be removed. Themod_wsgi
handler should be used instead. - The
template
attribute onResponse
objects returned by the test client will be removed. Thetemplates
attribute should be used instead. - The
django.test.simple.DjangoTestRunner
will be removed. Instead use a unittest-native class. The features of thedjango.test.simple.DjangoTestRunner
(including fail-fast and Ctrl-C test termination) can currently be provided by the unittest-nativeTextTestRunner
. - The undocumented function
django.contrib.formtools.utils.security_hash
will be removed, instead usedjango.contrib.formtools.utils.form_hmac
- The function-based generic view modules will be removed in favor of their class-based equivalents, outlined here.
- The
django.core.servers.basehttp.AdminMediaHandler
will be removed. In its place usedjango.contrib.staticfiles.handlers.StaticFilesHandler
. - The template tags library
adminmedia
and the template tag{% admin_media_prefix %}
will be removed in favor of the generic static files handling. (This is faster than the usual deprecation path; see the Django 1.4 release notes.) - The
url
andssi
template tags will be modified so that the first argument to each tag is a template variable, not an implied string. In 1.4, this behavior is provided by a version of the tag in thefuture
template tag library. - The
reset
andsqlreset
management commands will be removed. - Authentication backends will need to support an inactive user
being passed to all methods dealing with permissions.
The
supports_inactive_user
attribute will no longer be checked and can be removed from custom backends. transform()
will raise aGEOSException
when called on a geometry with no SRID value.django.http.CompatCookie
will be removed in favor ofdjango.http.SimpleCookie
.django.core.context_processors.PermWrapper
anddjango.core.context_processors.PermLookupDict
will be removed in favor of the correspondingdjango.contrib.auth.context_processors.PermWrapper
anddjango.contrib.auth.context_processors.PermLookupDict
, respectively.- The
MEDIA_URL
orSTATIC_URL
settings will be required to end with a trailing slash to ensure there is a consistent way to combine paths in templates. django.db.models.fields.URLField.verify_exists
will be removed. The feature was deprecated in 1.3.1 due to intractable security and performance issues and will follow a slightly accelerated deprecation timeframe.- Translations located under the so-called project path will be ignored during
the translation building process performed at runtime. The
LOCALE_PATHS
setting can be used for the same task by including the filesystem path to alocale
directory containing non-app-specific translations in its value. - The Markup contrib app will no longer support versions of Python-Markdown library earlier than 2.1. An accelerated timeline was used as this was a security related deprecation.
- The
CACHE_BACKEND
setting will be removed. The cache backend(s) should be specified in theCACHES
setting.
1.6¶
See the Django 1.4 release notes for more details on these changes.
django.contrib.databrowse
will be removed.django.contrib.localflavor
will be removed following an accelerated deprecation.django.contrib.markup
will be removed following an accelerated deprecation.- The compatibility modules
django.utils.copycompat
anddjango.utils.hashcompat
as well as the functionsdjango.utils.itercompat.all
anddjango.utils.itercompat.any
will be removed. The Python builtin versions should be used instead. - The
csrf_response_exempt
andcsrf_view_exempt
decorators will be removed. Since 1.4csrf_response_exempt
has been a no-op (it returns the same function), andcsrf_view_exempt
has been a synonym fordjango.views.decorators.csrf.csrf_exempt
, which should be used to replace it. - The
django.core.cache.backends.memcached.CacheClass
backend was split into two in Django 1.3 in order to introduce support for PyLibMC. The historicalCacheClass
will be removed in favor ofdjango.core.cache.backends.memcached.MemcachedCache
. - The UK-prefixed objects of
django.contrib.localflavor.uk
will only be accessible through their GB-prefixed names (GB is the correct ISO 3166 code for United Kingdom). - The
IGNORABLE_404_STARTS
andIGNORABLE_404_ENDS
settings have been superseded byIGNORABLE_404_URLS
in the 1.4 release. They will be removed. - The form wizard has been refactored to use class-based views with pluggable backends in 1.4. The previous implementation will be removed.
- Legacy ways of calling
cache_page()
will be removed. - The backward-compatibility shim to automatically add a debug-false
filter to the
'mail_admins'
logging handler will be removed. TheLOGGING
setting should include this filter explicitly if it is desired. - The builtin truncation functions
django.utils.text.truncate_words()
anddjango.utils.text.truncate_html_words()
will be removed in favor of thedjango.utils.text.Truncator
class. - The
GeoIP
class was moved todjango.contrib.gis.geoip
in 1.4 – the shortcut indjango.contrib.gis.utils
will be removed. django.conf.urls.defaults
will be removed. The functionsinclude()
,patterns()
andurl()
plushandler404
,handler500
, are now available throughdjango.conf.urls
.- The functions
setup_environ()
andexecute_manager()
will be removed fromdjango.core.management
. This also means that the old (pre-1.4) style ofmanage.py
file will no longer work. - Setting the
is_safe
andneeds_autoescape
flags as attributes of template filter functions will no longer be supported. - The attribute
HttpRequest.raw_post_data
was renamed toHttpRequest.body
in 1.4. The backward compatibility will be removed –HttpRequest.raw_post_data
will no longer work. - The value for the
post_url_continue
parameter inModelAdmin.response_add()
will have to be eitherNone
(to redirect to the newly created object’s edit page) or a pre-formatted url. String formats, such as the previous default'../%s/'
, will not be accepted any more.
1.7¶
See the Django 1.5 release notes for more details on these changes.
- The module
django.utils.simplejson
will be removed. The standard library providesjson
which should be used instead. - The function
django.utils.itercompat.product
will be removed. The Python builtin version should be used instead. - Auto-correction of INSTALLED_APPS and TEMPLATE_DIRS settings when they are specified as a plain string instead of a tuple will be removed and raise an exception.
- The
mimetype
argument to the__init__
methods ofHttpResponse
,SimpleTemplateResponse
, andTemplateResponse
, will be removed.content_type
should be used instead. This also applies to therender_to_response()
shortcut and the sitemamp views,index()
andsitemap()
. - When
HttpResponse
is instantiated with an iterator, or whencontent
is set to an iterator, that iterator will be immediately consumed. - The
AUTH_PROFILE_MODULE
setting, and theget_profile()
method on the User model, will be removed. - The
cleanup
management command will be removed. It’s replaced byclearsessions
. - The
daily_cleanup.py
script will be removed. - The
depth
keyword argument will be removed fromselect_related()
.
2.0¶
django.views.defaults.shortcut()
. This function has been moved todjango.contrib.contenttypes.views.shortcut()
as part of the goal of removing alldjango.contrib
references from the core Django codebase. The old shortcut will be removed in the 2.0 release.ssi
andurl
template tags will be removed from thefuture
template tag library (used during the 1.3/1.4 deprecation period).