Week ending 2025-11-02 (Week 44)

A very security-heavy week . Most of my energy went into preparing and testing patches for the upcoming security release, including a tough vulnerability that I spent quite some time wrestling with. It was demanding and a bit exhausting, but everything is now on track for next week’s release .

Triaged

• https://code.djangoproject.com/ticket/36689 - Top-level __in lookup on JSONField fails on MySQL, Oracle (accepted)
• https://code.djangoproject.com/ticket/36691 - Spanish translation missing for some error messages in Django 5.2.7 (worksforme)
• https://code.djangoproject.com/ticket/36697 - black need to be installed to launch the full test suite and it’s not in the requirements (fixed)
• https://code.djangoproject.com/ticket/36699 - Clarify behavior and documentation for login (404) and logout (405) routes (duplicate)

Reviewed

• https://github.com/django/django/pull/19991 - Fixed #36680 – Parametrized formatter discovery in AdminScriptTestCase.
• https://github.com/django/django/pull/19983 - Fixed #36678 – Propagated errors from _init_worker in ParallelTestRunner.
• https://github.com/django/django/pull/20023 - Refs #36680 – Fixed admin_scripts tests crash when black is not installed.

Authored

• https://github.com/django/django/pull/20007 - Refs #36596 – Skipped SchemaIndexesNotPostgreSQLTests on Postgres.

Other/Misc

• Jenkins main node had again “no free space issues”, fixed that.
• Django Software Foundation was confirmed and announced as CNA!
  • https://www.djangoproject.com/weblog/2025/oct/30/django-is-now-a-cve-numbering-authority-cna/
• Very intense week security-wise:
  • Jacob and I were frustratingly fighting around a confirmed vulnerability trying to improve test quality.
  • Sent pre-notification email for scheduled security release for Nov 5th.
  • Finalized patches for announced security release.