===========================
Django Deprecation Timeline
===========================
This document outlines when various pieces of Django will be removed or altered
in a backward incompatible way, following their deprecation, as per the
:ref:`deprecation policy <internal-release-deprecation-policy>`. More details
about each item can often be found in the release notes of two versions prior.
1.3
---
See the :doc:`Django 1.1 release notes</releases/1.1>` for more details on
these changes.
* ``AdminSite.root()``. This method of hooking up the admin URLs will be
removed in favor of including ``admin.site.urls``.
* Authentication backends need to define the boolean attributes
``supports_object_permissions`` and ``supports_anonymous_user`` until
version 1.4, at which point it will be assumed that all backends will
support these options.
1.4
---
See the :doc:`Django 1.2 release notes</releases/1.2>` for more details on
these changes.
* ``CsrfResponseMiddleware`` and ``CsrfMiddleware`` will be removed. Use
the {% csrf_token %} template tag inside forms to enable CSRF
protection. ``CsrfViewMiddleware`` remains and is enabled by default.
* The old imports for CSRF functionality (``django.contrib.csrf.*``),
which moved to core in 1.2, will be removed.
* The :mod:`django.contrib.gis.db.backend` module will be removed in favor
of the specific backends.
* ``SMTPConnection`` will be removed in favor of a generic E-mail backend API.
* The many to many SQL generation functions on the database backends
will be removed.
* The ability to use the ``DATABASE_*`` family of top-level settings to
define database connections will be removed.
* The ability to use shorthand notation to specify a database backend
(i.e., ``sqlite3`` instead of ``django.db.backends.sqlite3``) will be
removed.
* The ``get_db_prep_save``, ``get_db_prep_value`` and
``get_db_prep_lookup`` methods will have to support multiple databases.
* The ``Message`` model (in ``django.contrib.auth``), its related
manager in the ``User`` model (``user.message_set``), and the
associated methods (``user.message_set.create()`` and
``user.get_and_delete_messages()``), will be removed. The
:doc:`messages framework </ref/contrib/messages>` should be used
instead. The related ``messages`` variable returned by the
auth context processor will also be removed. Note that this
means that the admin application will depend on the messages
context processor.
* Authentication backends will need to support the ``obj`` parameter for
permission checking. The ``supports_object_permissions`` attribute
will no longer be checked and can be removed from custom backends.
* Authentication backends will need to support the ``AnonymousUser`` class
being passed to all methods dealing with permissions. The
``supports_anonymous_user`` variable will no longer be checked and can be
removed from custom backends.
* The ability to specify a callable template loader rather than a
``Loader`` class will be removed, as will the ``load_template_source``
functions that are included with the built in template loaders for
backwards compatibility.
* ``django.utils.translation.get_date_formats()`` and
``django.utils.translation.get_partial_date_formats()``. These functions
will be removed; use the locale-aware
``django.utils.formats.get_format()`` to get the appropriate formats.
* In ``django.forms.fields``, the constants: ``DEFAULT_DATE_INPUT_FORMATS``,
``DEFAULT_TIME_INPUT_FORMATS`` and
``DEFAULT_DATETIME_INPUT_FORMATS`` will be removed. Use
``django.utils.formats.get_format()`` to get the appropriate
formats.
* The ability to use a function-based test runners will be removed,
along with the ``django.test.simple.run_tests()`` test runner.
* The ``views.feed()`` view and ``feeds.Feed`` class in
``django.contrib.syndication`` will be removed. The class-based view
``views.Feed`` should be used instead.
* ``django.core.context_processors.auth``. This release will
remove the old method in favor of the new method in
``django.contrib.auth.context_processors.auth``.
* The ``postgresql`` database backend will be removed, use the
``postgresql_psycopg2`` backend instead.
* The ``no`` language code will be removed and has been replaced by the
``nb`` language code.
* Authentication backends will need to define the boolean attribute
``supports_inactive_user`` until version 1.5 when it will be assumed that
all backends will handle inactive users.
* ``django.db.models.fields.XMLField`` will be removed. This was
deprecated as part of the 1.3 release. An accelerated deprecation
schedule has been used because the field hasn't performed any role
beyond that of a simple ``TextField`` since the removal of oldforms.
All uses of ``XMLField`` can be replaced with ``TextField``.
* The undocumented ``mixin`` parameter to the ``open()`` method of
``django.core.files.storage.Storage`` (and subclasses) will be removed.
1.5
---
See the :doc:`Django 1.3 release notes</releases/1.3>` for more details on
these changes.
* Starting Django without a :setting:`SECRET_KEY` will result in an exception
rather than a `DeprecationWarning`. (This is accelerated from the usual
deprecation path; see the :doc:`Django 1.4 release notes</releases/1.4>`.)
* The ``mod_python`` request handler will be removed. The ``mod_wsgi``
handler should be used instead.
* The ``template`` attribute on :class:`~django.test.client.Response`
objects returned by the :ref:`test client <test-client>` will be removed.
The :attr:`~django.test.client.Response.templates` attribute should be
used instead.
* The :class:`~django.test.simple.DjangoTestRunner` will be removed.
Instead use a unittest-native class. The features of the
:class:`django.test.simple.DjangoTestRunner` (including fail-fast and
Ctrl-C test termination) can currently be provided by the unittest-native
:class:`TextTestRunner`.
* The undocumented function
:func:`django.contrib.formtools.utils.security_hash` will be removed,
instead use :func:`django.contrib.formtools.utils.form_hmac`
* The function-based generic view modules will be removed in favor of their
class-based equivalents, outlined :doc:`here
</topics/generic-views-migration>`:
* The :class:`~django.core.servers.basehttp.AdminMediaHandler` will be
removed. In its place use
:class:`~django.contrib.staticfiles.handlers.StaticFilesHandler`.
* The :ttag:`url` and :ttag:`ssi` template tags will be
modified so that the first argument to each tag is a
template variable, not an implied string. Until then, the new-style
behavior is provided in the ``future`` template tag library.
* The :djadmin:`reset` and :djadmin:`sqlreset` management commands
will be removed.
* Authentication backends will need to support an inactive user
being passed to all methods dealing with permissions.
The ``supports_inactive_user`` attribute will no longer be checked
and can be removed from custom backends.
* :meth:`~django.contrib.gis.geos.GEOSGeometry.transform` will raise
a :class:`~django.contrib.gis.geos.GEOSException` when called
on a geometry with no SRID value.
* :class:`~django.http.CompatCookie` will be removed in favor of
:class:`~django.http.SimpleCookie`.
* :class:`django.core.context_processors.PermWrapper` and
:class:`django.core.context_processors.PermLookupDict` will be removed in
favor of the corresponding
:class:`django.contrib.auth.context_processors.PermWrapper` and
:class:`django.contrib.auth.context_processors.PermLookupDict`,
respectively.
* The :setting:`MEDIA_URL` or :setting:`STATIC_URL` settings will be
required to end with a trailing slash to ensure there is a consistent
way to combine paths in templates.
* ``django.db.models.fields.URLField.verify_exists`` will be removed. The
feature was deprecated in 1.3.1 due to intractable security and
performance issues and will follow a slightly accelerated deprecation
timeframe.
* Translations located under the so-called *project path* will be ignored during
the translation building process performed at runtime. The
:setting:`LOCALE_PATHS` setting can be used for the same task by including the
filesystem path to a ``locale`` directory containing non-app-specific
translations in its value.
* The Markup contrib app will no longer support versions of Python-Markdown
library earlier than 2.1. An accelerated timeline was used as this was
a security related deprecation.
1.6
---
See the :doc:`Django 1.4 release notes</releases/1.4>` for more details on
these changes.
* The compatibility modules ``django.utils.copycompat`` and
``django.utils.hashcompat`` as well as the functions
``django.utils.itercompat.all`` and ``django.utils.itercompat.any`` will
be removed. The Python builtin versions should be used instead.
* The :func:`~django.views.decorators.csrf.csrf_response_exempt` and
:func:`~django.views.decorators.csrf.csrf_view_exempt` decorators will
be removed. Since 1.4 ``csrf_response_exempt`` has been a no-op (it
returns the same function), and ``csrf_view_exempt`` has been a
synonym for ``django.views.decorators.csrf.csrf_exempt``, which should
be used to replace it.
* The :class:`~django.core.cache.backends.memcached.CacheClass` backend
was split into two in Django 1.3 in order to introduce support for
PyLibMC. The historical :class:`~django.core.cache.backends.memcached.CacheClass`
will be removed in favor of :class:`~django.core.cache.backends.memcached.MemcachedCache`.
* The UK-prefixed objects of ``django.contrib.localflavor.uk`` will only
be accessible through their GB-prefixed names (GB is the correct
ISO 3166 code for United Kingdom).
* The :setting:`IGNORABLE_404_STARTS` and :setting:`IGNORABLE_404_ENDS`
settings have been superseded by :setting:`IGNORABLE_404_URLS` in
the 1.4 release. They will be removed.
* The :doc:`form wizard </ref/contrib/formtools/form-wizard>` has been
refactored to use class based views with pluggable backends in 1.4.
The previous implementation will be removed.
* Legacy ways of calling
:func:`~django.views.decorators.cache.cache_page` will be removed.
* The backward-compatibility shim to automatically add a debug-false
filter to the ``'mail_admins'`` logging handler will be removed. The
:setting:`LOGGING` setting should include this filter explicitly if
it is desired.
* The template tag
:func:`django.contrib.admin.templatetags.adminmedia.admin_media_prefix`
will be removed in favor of the generic static files handling.
* The builtin truncation functions :func:`django.utils.text.truncate_words`
and :func:`django.utils.text.truncate_html_words` will be removed in
favor of the ``django.utils.text.Truncator`` class.
* The :class:`~django.contrib.gis.geoip.GeoIP` class was moved to
:mod:`django.contrib.gis.geoip` in 1.4 -- the shortcut in
:mod:`django.contrib.gis.utils` will be removed.
* ``django.conf.urls.defaults`` will be removed. The functions
:func:`~django.conf.urls.include`, :func:`~django.conf.urls.patterns` and
:func:`~django.conf.urls.url` plus :data:`~django.conf.urls.handler404`,
:data:`~django.conf.urls.handler500`, are now available through
:mod:`django.conf.urls` .
* The Databrowse contrib module will be removed.
* The functions :func:`~django.core.management.setup_environ` and
:func:`~django.core.management.execute_manager` will be removed from
:mod:`django.core.management`. This also means that the old (pre-1.4)
style of :file:`manage.py` file will no longer work.
* Setting the ``is_safe`` and ``needs_autoescape`` flags as attributes of
template filter functions will no longer be supported.
* The attribute ``HttpRequest.raw_post_data`` was renamed to ``HttpRequest.body``
in 1.4. The backward compatibility will be removed --
``HttpRequest.raw_post_data`` will no longer work.
2.0
---
* ``django.views.defaults.shortcut()``. This function has been moved
to ``django.contrib.contenttypes.views.shortcut()`` as part of the
goal of removing all ``django.contrib`` references from the core
Django codebase. The old shortcut will be removed in the 2.0
release.
