============================================ Django 1.8 release notes - UNDER DEVELOPMENT ============================================ Welcome to Django 1.8! These release notes cover the `new features`_, as well as some `backwards incompatible changes`_ you'll want to be aware of when upgrading from Django 1.6 or older versions. We've also `begun the deprecation process for some features`_, and some features have reached the end of their deprecation process and `have been removed`_. Django 1.8 has been designated as Django's second :ref:`"Long-Term Support" (LTS) ` release. It will receive security updates for at least three years after its release. Support for the previous LTS, Django 1.4, will end 6 months from the release date of Django 1.8. .. _`new features`: `What's new in Django 1.8`_ .. _`backwards incompatible changes`: `Backwards incompatible changes in 1.8`_ .. _`begun the deprecation process for some features`: `Features deprecated in 1.8`_ .. _`have been removed`: `Features removed in 1.8`_ Python compatibility ==================== Like Django 1.7, Django 1.8 requires Python 2.7 or above, though we **highly recommend** the latest minor release. What's new in Django 1.8 ======================== Security enhancements ~~~~~~~~~~~~~~~~~~~~~ Several features of the django-secure_ third-party library have been integrated into Django. :class:`django.middleware.security.SecurityMiddleware` provides several security enhancements to the request/response cycle. The new :djadminopt:`--deploy` option of the :djadmin:`check` command allows you to check your production settings file for ways to increase the security of your site. .. _django-secure: https://pypi.python.org/pypi/django-secure New PostgreSQL specific functionality ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Django now has a module with extensions for PostgreSQL specific features, such as :class:`~django.contrib.postgres.fields.ArrayField`, :class:`~django.contrib.postgres.fields.HStoreField`, and :lookup:`unaccent` lookup. A full breakdown of the features is available :doc:`in the documentation `. New data types ~~~~~~~~~~~~~~ * Django now has a :class:`~django.db.models.UUIDField` for storing universally unique identifiers. There is a corresponding :class:`form field `. It is stored as the native ``uuid`` data type on PostgreSQL and as a fixed length character field on other backends. Query Expressions ~~~~~~~~~~~~~~~~~ :doc:`Query Expressions ` allow users to create, customize, and compose complex SQL expressions. This has enabled annotate to accept expressions other than aggregates. Aggregates are now able to reference multiple fields, as well as perform arithmetic, similar to ``F()`` objects. Minor features ~~~~~~~~~~~~~~ :mod:`django.contrib.admin` ^^^^^^^^^^^^^^^^^^^^^^^^^^^ * :class:`~django.contrib.admin.ModelAdmin` now has a :meth:`~django.contrib.admin.ModelAdmin.has_module_permission` method to allow limiting access to the module on the admin index page. * :class:`~django.contrib.admin.InlineModelAdmin` now has an attribute :attr:`~django.contrib.admin.InlineModelAdmin.show_change_link` that supports showing a link to an inline object's change form. * Use the new ``django.contrib.admin.RelatedOnlyFieldListFilter`` in :attr:`ModelAdmin.list_filter ` to limit the ``list_filter`` choices to foreign objects which are attached to those from the ``ModelAdmin``. * The :meth:`ModelAdmin.delete_view() ` displays a summary of objects to be deleted on the deletion confirmation page. * The jQuery library embedded in the admin has been upgraded to version 1.11.1. * You can now specify :attr:`AdminSite.site_url ` in order to display a link to the front-end site. * You can now specify :attr:`ModelAdmin.show_full_result_count ` to control whether or not the full count of objects should be displayed on a filtered admin page. :mod:`django.contrib.admindocs` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * reStructuredText is now parsed in model docstrings. :mod:`django.contrib.auth` ^^^^^^^^^^^^^^^^^^^^^^^^^^ * Authorization backends can now raise :class:`~django.core.exceptions.PermissionDenied` in :meth:`~django.contrib.auth.models.User.has_perm` and :meth:`~django.contrib.auth.models.User.has_module_perms` to short-circuit permission checking. * :class:`~django.contrib.auth.forms.PasswordResetForm` now has a method :meth:`~django.contrib.auth.forms.PasswordResetForm.send_email` that can be overridden to customize the mail to be sent. * The ``max_length`` of :attr:`Permission.name ` has been increased from 50 to 255 characters. Please run the database migration. * :attr:`~django.contrib.auth.models.CustomUser.USERNAME_FIELD` and :attr:`~django.contrib.auth.models.CustomUser.REQUIRED_FIELDS` now supports :class:`~django.db.models.ForeignKey`\s. :mod:`django.contrib.gis` ^^^^^^^^^^^^^^^^^^^^^^^^^^ * A new :doc:`GeoJSON serializer ` is now available. * The Spatialite backend now supports ``Collect`` and ``Extent`` aggregates when the database version is 3.0 or later. * Compatibility shims for ``SpatialRefSys`` and ``GeometryColumns`` changed in Django 1.2 have been removed. :mod:`django.contrib.messages` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * ... :mod:`django.contrib.redirects` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * ... :mod:`django.contrib.sessions` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * Session cookie is now deleted after :meth:`~django.contrib.sessions.backends.base.SessionBase.flush()` is called. :mod:`django.contrib.sitemaps` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * The new :attr:`Sitemap.i18n ` attribute allows you to generate a sitemap based on the :setting:`LANGUAGES` setting. :mod:`django.contrib.sites` ^^^^^^^^^^^^^^^^^^^^^^^^^^^ * :func:`~django.contrib.sites.shortcuts.get_current_site` will now lookup the current site based on :meth:`request.get_host() ` if the :setting:`SITE_ID` setting is not defined. :mod:`django.contrib.staticfiles` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * ... :mod:`django.contrib.syndication` ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * ... Cache ^^^^^ * The ``incr()`` method of the ``django.core.cache.backends.locmem.LocMemCache`` backend is now thread-safe. Cryptography ^^^^^^^^^^^^ * The ``max_age`` parameter of the :meth:`django.core.signing.TimestampSigner.unsign` method now also accept a :py:class:`datetime.timedelta` object. Database backends ^^^^^^^^^^^^^^^^^ * The MySQL backend no longer strips microseconds from ``datetime`` values as MySQL 5.6.4 and up supports fractional seconds depending on the declaration of the datetime field (when ``DATETIME`` includes fractional precision greater than 0). New datetime database columns created with Django 1.8 and MySQL 5.6.4 and up will support microseconds. See the :ref:`MySQL database notes ` for more details. Email ^^^^^ * :ref:`Email backends ` now support the context manager protocol for opening and closing connections. * The SMTP email backend now supports ``keyfile`` and ``certfile`` authentication with the :setting:`EMAIL_SSL_CERTFILE` and :setting:`EMAIL_SSL_KEYFILE` settings. * The SMTP :class:`~django.core.mail.backends.smtp.EmailBackend` now supports setting the ``timeout`` parameter with the :setting:`EMAIL_TIMEOUT` setting. * :class:`~django.core.mail.EmailMessage` and ``EmailMultiAlternatives`` now support the ``reply_to`` parameter. File Storage ^^^^^^^^^^^^ * ... File Uploads ^^^^^^^^^^^^ * ... Forms ^^^^^ * Form widgets now render attributes with a value of ``True`` or ``False`` as HTML5 boolean attributes. * The new :meth:`~django.forms.Form.has_error()` method allows checking if a specific error has happened. * If :attr:`~django.forms.Form.required_css_class` is defined on a form, then the ``