alyssais
commented
1 year ago I did some testing of Mailman with Django 4 last week, and it seems fine, but I want to do a little more testing.
Open mweinelt opened 1 year ago
alyssais
commented
1 year ago I did some testing of Mailman with Django 4 last week, and it seems fine, but I want to do a little more testing.
mweinelt
commented
7 months ago End of life has been pushed back to the end of April 2024. My plan for 24.05 is to keep django_3 around, but mark it with
meta.knownVulnerabilities = [ "Django 3 has reached its end of life on 2024-04-30. And here some URL for context." ]Also we seem to have two new consumers, since this issue was opened.
greizgh
commented
7 months ago Also we seem to have two new consumers, since this issue was opened.
* [ ] seahub (@greizgh, @schmittlauch)Thanks for the heads up. Upstream has updated to django4 but also dropped support for postgresql, which is the only db supported by the module :upside_down_face:. I don't have much bandwidth and am not sure about the future course of action for seafile module.
mweinelt
commented
7 months ago 
siraben
commented
7 months ago Should I wait for it to hit PyPi or change the source to the GitHub?
mweinelt
commented
7 months ago If you think it is too early we might have to live with transitive knownVulnerabilities. No strong opinion either way.
siraben
commented
7 months ago Upstream says those CVEs aren't in their code path, and the package is unlikely security critical enough for us to chase pre releases, so I'll just leave it as is until pypi is updated.
mweinelt
commented
5 months ago Will be marked vulnerable as of https://github.com/NixOS/nixpkgs/pull/313501, which will land in NixOS 24.05.
pyrox0
commented
5 months ago For Baserow, it uses Django 4 in releases 1.22.2 and later, 4.1 in 1.22.3 and later. There's a lot of breaking changes between the currently packaged release(1.12.1) and these versions, so if upgraded, it should be mentioned in the release notes.
For Etebase, there was an issue opened at https://github.com/etesync/server/issues/173, but there's been no comments or seemingly any movement on it since March.
siraben
commented
5 months ago archivebox has updated to Django 4 https://github.com/ArchiveBox/ArchiveBox/blob/99b19e19173296058bbc0d00cbcdc9f9632c7953/pyproject.toml
tasn
commented
5 months ago For Etebase, there was an issue opened at https://github.com/etesync/server/issues/173, but there's been no comments or seemingly any movement on it since March.
@pyrox0: Done. Apologies for the delay!
pyrox0
commented
5 months ago For Etebase, there was an issue opened at https://github.com/etesync/server/issues/173, but there's been no comments or seemingly any movement on it since March.
@pyrox0: Done. Apologies for the delay!
Thank you very much, appreciate the quick response on this! I'll see about getting the package bumped ASAP.
Edit: See #316984.
melvyn2
commented
1 month ago Seahub can be checked off the list: #318727
Hi everyone, Django package maintainer here :wave:
With Django 3.2.x running out of support after 2024/04/01 we have to make a decision how to handle it in NixOS 23.11.
https://endoflife.date/django
My preference would be to remove it before branch-off, but I fully expect you have packages that still require it. For now, I want you to check with your upstreams if and how their Django 4 migration is going, so we can make an informed decision.