=========================== Django Deprecation Timeline =========================== This document outlines when various pieces of Django will be removed or altered in a backward incompatible way, following their deprecation, as per the :ref:`deprecation policy `. More details about each item can often be found in the release notes of two versions prior. 1.3 --- See the :doc:`Django 1.1 release notes` for more details on these changes. * ``AdminSite.root()``. This method of hooking up the admin URLs will be removed in favor of including ``admin.site.urls``. * Authentication backends need to define the boolean attributes ``supports_object_permissions`` and ``supports_anonymous_user`` until version 1.4, at which point it will be assumed that all backends will support these options. 1.4 --- See the :doc:`Django 1.2 release notes` for more details on these changes. * ``CsrfResponseMiddleware`` and ``CsrfMiddleware`` will be removed. Use the {% csrf_token %} template tag inside forms to enable CSRF protection. ``CsrfViewMiddleware`` remains and is enabled by default. * The old imports for CSRF functionality (``django.contrib.csrf.*``), which moved to core in 1.2, will be removed. * The :mod:`django.contrib.gis.db.backend` module will be removed in favor of the specific backends. * ``SMTPConnection`` will be removed in favor of a generic E-mail backend API. * The many to many SQL generation functions on the database backends will be removed. * The ability to use the ``DATABASE_*`` family of top-level settings to define database connections will be removed. * The ability to use shorthand notation to specify a database backend (i.e., ``sqlite3`` instead of ``django.db.backends.sqlite3``) will be removed. * The ``get_db_prep_save``, ``get_db_prep_value`` and ``get_db_prep_lookup`` methods will have to support multiple databases. * The ``Message`` model (in ``django.contrib.auth``), its related manager in the ``User`` model (``user.message_set``), and the associated methods (``user.message_set.create()`` and ``user.get_and_delete_messages()``), will be removed. The :doc:`messages framework ` should be used instead. The related ``messages`` variable returned by the auth context processor will also be removed. Note that this means that the admin application will depend on the messages context processor. * Authentication backends will need to support the ``obj`` parameter for permission checking. The ``supports_object_permissions`` attribute will no longer be checked and can be removed from custom backends. * Authentication backends will need to support the ``AnonymousUser`` class being passed to all methods dealing with permissions. The ``supports_anonymous_user`` variable will no longer be checked and can be removed from custom backends. * The ability to specify a callable template loader rather than a ``Loader`` class will be removed, as will the ``load_template_source`` functions that are included with the built in template loaders for backwards compatibility. * ``django.utils.translation.get_date_formats()`` and ``django.utils.translation.get_partial_date_formats()``. These functions will be removed; use the locale-aware ``django.utils.formats.get_format()`` to get the appropriate formats. * In ``django.forms.fields``, the constants: ``DEFAULT_DATE_INPUT_FORMATS``, ``DEFAULT_TIME_INPUT_FORMATS`` and ``DEFAULT_DATETIME_INPUT_FORMATS`` will be removed. Use ``django.utils.formats.get_format()`` to get the appropriate formats. * The ability to use a function-based test runners will be removed, along with the ``django.test.simple.run_tests()`` test runner. * The ``views.feed()`` view and ``feeds.Feed`` class in ``django.contrib.syndication`` will be removed. The class-based view ``views.Feed`` should be used instead. * ``django.core.context_processors.auth``. This release will remove the old method in favor of the new method in ``django.contrib.auth.context_processors.auth``. * The ``postgresql`` database backend will be removed, use the ``postgresql_psycopg2`` backend instead. * The ``no`` language code will be removed and has been replaced by the ``nb`` language code. * Authentication backends will need to define the boolean attribute ``supports_inactive_user`` until version 1.5 when it will be assumed that all backends will handle inactive users. * ``django.db.models.fields.XMLField`` will be removed. This was deprecated as part of the 1.3 release. An accelerated deprecation schedule has been used because the field hasn't performed any role beyond that of a simple ``TextField`` since the removal of oldforms. All uses of ``XMLField`` can be replaced with ``TextField``. * The undocumented ``mixin`` parameter to the ``open()`` method of ``django.core.files.storage.Storage`` (and subclasses) will be removed. 1.5 --- See the :doc:`Django 1.3 release notes` for more details on these changes. * Starting Django without a :setting:`SECRET_KEY` will result in an exception rather than a `DeprecationWarning`. (This is accelerated from the usual deprecation path; see the :doc:`Django 1.4 release notes`.) * The ``mod_python`` request handler will be removed. The ``mod_wsgi`` handler should be used instead. * The ``template`` attribute on :class:`~django.test.client.Response` objects returned by the :ref:`test client ` will be removed. The :attr:`~django.test.client.Response.templates` attribute should be used instead. * The :class:`~django.test.simple.DjangoTestRunner` will be removed. Instead use a unittest-native class. The features of the :class:`django.test.simple.DjangoTestRunner` (including fail-fast and Ctrl-C test termination) can currently be provided by the unittest-native :class:`TextTestRunner`. * The undocumented function :func:`django.contrib.formtools.utils.security_hash` will be removed, instead use :func:`django.contrib.formtools.utils.form_hmac` * The function-based generic view modules will be removed in favor of their class-based equivalents, outlined :doc:`here `: * The :class:`~django.core.servers.basehttp.AdminMediaHandler` will be removed. In its place use :class:`~django.contrib.staticfiles.handlers.StaticFilesHandler`. * The :ttag:`url` and :ttag:`ssi` template tags will be modified so that the first argument to each tag is a template variable, not an implied string. Until then, the new-style behavior is provided in the ``future`` template tag library. * The :djadmin:`reset` and :djadmin:`sqlreset` management commands will be removed. * Authentication backends will need to support an inactive user being passed to all methods dealing with permissions. The ``supports_inactive_user`` attribute will no longer be checked and can be removed from custom backends. * :meth:`~django.contrib.gis.geos.GEOSGeometry.transform` will raise a :class:`~django.contrib.gis.geos.GEOSException` when called on a geometry with no SRID value. * :class:`~django.http.CompatCookie` will be removed in favor of :class:`~django.http.SimpleCookie`. * :class:`django.core.context_processors.PermWrapper` and :class:`django.core.context_processors.PermLookupDict` will be removed in favor of the corresponding :class:`django.contrib.auth.context_processors.PermWrapper` and :class:`django.contrib.auth.context_processors.PermLookupDict`, respectively. * The :setting:`MEDIA_URL` or :setting:`STATIC_URL` settings will be required to end with a trailing slash to ensure there is a consistent way to combine paths in templates. * ``django.db.models.fields.URLField.verify_exists`` will be removed. The feature was deprecated in 1.3.1 due to intractable security and performance issues and will follow a slightly accelerated deprecation timeframe. * Translations located under the so-called *project path* will be ignored during the translation building process performed at runtime. The :setting:`LOCALE_PATHS` setting can be used for the same task by including the filesystem path to a ``locale`` directory containing non-app-specific translations in its value. * The Markup contrib app will no longer support versions of Python-Markdown library earlier than 2.1. An accelerated timeline was used as this was a security related deprecation. 1.6 --- See the :doc:`Django 1.4 release notes` for more details on these changes. * The compatibility modules ``django.utils.copycompat`` and ``django.utils.hashcompat`` as well as the functions ``django.utils.itercompat.all`` and ``django.utils.itercompat.any`` will be removed. The Python builtin versions should be used instead. * The :func:`~django.views.decorators.csrf.csrf_response_exempt` and :func:`~django.views.decorators.csrf.csrf_view_exempt` decorators will be removed. Since 1.4 ``csrf_response_exempt`` has been a no-op (it returns the same function), and ``csrf_view_exempt`` has been a synonym for ``django.views.decorators.csrf.csrf_exempt``, which should be used to replace it. * The :class:`~django.core.cache.backends.memcached.CacheClass` backend was split into two in Django 1.3 in order to introduce support for PyLibMC. The historical :class:`~django.core.cache.backends.memcached.CacheClass` will be removed in favor of :class:`~django.core.cache.backends.memcached.MemcachedCache`. * The UK-prefixed objects of ``django.contrib.localflavor.uk`` will only be accessible through their GB-prefixed names (GB is the correct ISO 3166 code for United Kingdom). * The :setting:`IGNORABLE_404_STARTS` and :setting:`IGNORABLE_404_ENDS` settings have been superseded by :setting:`IGNORABLE_404_URLS` in the 1.4 release. They will be removed. * The :doc:`form wizard ` has been refactored to use class based views with pluggable backends in 1.4. The previous implementation will be removed. * Legacy ways of calling :func:`~django.views.decorators.cache.cache_page` will be removed. * The backward-compatibility shim to automatically add a debug-false filter to the ``'mail_admins'`` logging handler will be removed. The :setting:`LOGGING` setting should include this filter explicitly if it is desired. * The template tag :func:`django.contrib.admin.templatetags.adminmedia.admin_media_prefix` will be removed in favor of the generic static files handling. * The builtin truncation functions :func:`django.utils.text.truncate_words` and :func:`django.utils.text.truncate_html_words` will be removed in favor of the ``django.utils.text.Truncator`` class. * The :class:`~django.contrib.gis.geoip.GeoIP` class was moved to :mod:`django.contrib.gis.geoip` in 1.4 -- the shortcut in :mod:`django.contrib.gis.utils` will be removed. * ``django.conf.urls.defaults`` will be removed. The functions :func:`~django.conf.urls.include`, :func:`~django.conf.urls.patterns` and :func:`~django.conf.urls.url` plus :data:`~django.conf.urls.handler404`, :data:`~django.conf.urls.handler500`, are now available through :mod:`django.conf.urls` . * The Databrowse contrib module will be removed. * The functions :func:`~django.core.management.setup_environ` and :func:`~django.core.management.execute_manager` will be removed from :mod:`django.core.management`. This also means that the old (pre-1.4) style of :file:`manage.py` file will no longer work. * Setting the ``is_safe`` and ``needs_autoescape`` flags as attributes of template filter functions will no longer be supported. * The attribute ``HttpRequest.raw_post_data`` was renamed to ``HttpRequest.body`` in 1.4. The backward compatibility will be removed -- ``HttpRequest.raw_post_data`` will no longer work. 2.0 --- * ``django.views.defaults.shortcut()``. This function has been moved to ``django.contrib.contenttypes.views.shortcut()`` as part of the goal of removing all ``django.contrib`` references from the core Django codebase. The old shortcut will be removed in the 2.0 release.