• dev
  • Documentation version: 1.11

Django 1.11 release notes

April 4, 2017

Welcome to Django 1.11!

These release notes cover the new features, as well as some backwards incompatible changes you’ll want to be aware of when upgrading from Django 1.10 or older versions. We’ve begun the deprecation process for some features.

Lihat panduan Meningkatkan Django ke versi terbaru jika anda sedang memperbaharui proyek yang ada.

Django 1.11 is designated as a long-term support release. It will receive security updates for at least three years after its release. Support for the previous LTS, Django 1.8, will end in April 2018.

Kesesuaian Python

Django 1.11 requires Python 2.7, 3.4, 3.5, or 3.6. Django 1.11 is the first release to support Python 3.6. We highly recommend and only officially support the latest release of each series.

The Django 1.11.x series is the last to support Python 2. The next major release, Django 2.0, will only support Python 3.5+.

Deprecating warnings are no longer loud by default

Unlike older versions of Django, Django’s own deprecation warnings are no longer displayed by default. This is consistent with Python’s default behavior.

This change allows third-party apps to support both Django 1.11 LTS and Django 1.8 LTS without having to add code to avoid deprecation warnings.

Following the release of Django 2.0, we suggest that third-party app authors drop support for all versions of Django prior to 1.11. At that time, you should be able run your package’s tests using python -Wd so that deprecation warnings do appear. After making the deprecation warning fixes, your app should be compatible with Django 2.0.

What’s new in Django 1.11

Class-based model indexes

The new django.db.models.indexes module contains classes which ease creating database indexes. Indexes are added to models using the Meta.indexes option.

The Index class creates a b-tree index, as if you used db_index on the model field or index_together on the model Meta class. It can be subclassed to support different index types, such as GinIndex. It also allows defining the order (ASC/DESC) for the columns of the index.

Template-based widget rendering

To ease customizing widgets, form widget rendering is now done using the template system rather than in Python. See The form rendering API.

You may need to adjust any custom widgets that you’ve written for a few backwards incompatible changes.

Subquery expressions

The new Subquery and Exists database expressions allow creating explicit subqueries. Subqueries may refer to fields from the outer queryset using the OuterRef class.

Fitur kecil



  • The default iteration count for the PBKDF2 password hasher is increased by 20%.
  • The LoginView and LogoutView class-based views supersede the deprecated login() and logout() function-based views.
  • The PasswordChangeView, PasswordChangeDoneView, PasswordResetView, PasswordResetDoneView, PasswordResetConfirmView, and PasswordResetCompleteView class-based views supersede the deprecated password_change(), password_change_done(), password_reset(), password_reset_done(), password_reset_confirm(), and password_reset_complete() function-based views.
  • The new post_reset_login attribute for PasswordResetConfirmView allows automatically logging in a user after a successful password reset. If you have multiple AUTHENTICATION_BACKENDS configured, use the post_reset_login_backend attribute to choose which one to use.
  • To avoid the possibility of leaking a password reset token via the HTTP Referer header (for example, if the reset page includes a reference to CSS or JavaScript hosted on another domain), the PasswordResetConfirmView (but not the deprecated password_reset_confirm() function-based view) stores the token in a session and redirects to itself to present the password change form to the user without the token in the URL.
  • update_session_auth_hash() now rotates the session key to allow a password change to invalidate stolen session cookies.
  • The new success_url_allowed_hosts attribute for LoginView and LogoutView allows specifying a set of hosts that are safe for redirecting after login and logout.
  • Added password validators help_text to UserCreationForm.
  • The HttpRequest is now passed to authenticate() which in turn passes it to the authentication backend if it accepts a request argument.
  • The user_login_failed() signal now receives a request argument.
  • PasswordResetForm supports custom user models that use an email field named something other than 'email'. Set CustomUser.EMAIL_FIELD to the name of the field.
  • get_user_model() can now be called at import time, even in modules that define models.


  • When stale content types are detected in the remove_stale_contenttypes command, there’s now a list of related objects such as auth.Permissions that will also be deleted. Previously, only the content types were listed (and this prompt was after migrate rather than in a separate command).


  • Metode GEOSGeometry.from_gml() dan OGRGeometry.from_gml() baru mengizinkan membuat geometri dari GML.

  • Added support for the dwithin lookup on SpatiaLite.
  • The Area function, Distance function, and distance lookups now work with geodetic coordinates on SpatiaLite.
  • The OpenLayers-based form widgets now use OpenLayers.js from https://cdnjs.cloudflare.com which is more suitable for production use than the the old http://openlayers.org source. They are also updated to use OpenLayers 3.
  • PostGIS migrations can now change field dimensions.
  • Added the ability to pass the size, shape, and offset parameter when creating GDALRaster objects.
  • Added SpatiaLite support for the IsValid function, MakeValid function, and isvalid lookup.
  • Added Oracle support for the AsGML function, BoundingCircle function, IsValid function, and isvalid lookup.


  • The new distinct argument for StringAgg determines if concatenated values will be distinct.
  • The new GinIndex and BrinIndex classes allow creating GIN and BRIN indexes in the database.
  • JSONField accepts a new encoder parameter to specify a custom class to encode data types not supported by the standard encoder.
  • The new CIText mixin and CITextExtension migration operation allow using PostgreSQL’s citext extension for case-insensitive lookups. Three fields are provided: CICharField, CIEmailField, and CITextField.
  • JSONBAgg baru mengizinkan menggabungkan nilai-nilai sebagai larik JSON.

  • The HStoreField (model field) and HStoreField (form field) allow storing null values.


  • Memcached backends now pass the contents of OPTIONS as keyword arguments to the client constructors, allowing for more advanced control of client behavior. See the cache arguments documentation for examples.
  • Memcached backends now allow defining multiple servers as a comma-delimited string in LOCATION, for convenience with third-party services that use such strings in environment variables.


  • Ditambahkan pengaturan CSRF_USE_SESSIONS untuk mengizinkan menyimpan token CSRF dalam sesi pengguna daripada dalam sebuah kue.

Backend basisdata

  • Ditambahkan argumen skip_locked pada QuerySet.select_for_update() pada PostgreSQL 9.5+ dan Oracle untuk menjalankan permintaan dengan FOR UPDATE SKIP LOCKED.

  • Ditambahkan pengaturan TEST['TEMPLATE'] untuk membuat pengguna PostgreSQL menentukan sebuah cetakan untuk membuat basisdata percobaan.

  • QuerySet.iterator() sekarang menggunakan server-side cursors pada PostgreSQL. Fitur ini mengirimkan beberapa dari pekerja memori muatan (digunakan untuk menampung hasil permintaan) ke basisdata dan mungkin meningkatkan penggunaan memori basisdata.

  • Ditambahkan dukungan MySQL untuk pilihan 'isolation_level' dalam OPTIONS untuk mengizinkan menentukan transaction isolation level. Untuk menghindari kemungkinan data hilang, itu dianjurkan untuk mengganti dari tingkat awalan MySQL, pembacaan berulang, untuk membaca diperbaiki.

  • Ditambahkan dukungan untuk cx_Oracle 5.3.


  • Ditambahkan pengaturan EMAIL_USE_LOCALTIME untuk mengizinkan mengirimkan kepala tanggal SMTP dalam zona waktu lokal daripada dalam UTC.

  • EmailMessage.attach() dan attach_file() kembali ke jenis MIME application/octet-stream` ketika isi biner yang tidak dapat disandikan sebagai UTF-8 ditentukan untuk lampiran text/*.

Penyimpanan Berkas

  • Untuk membuatnya dapat dibungkus oleh io.TextIOWrapper, File sekarang mempunyai metode readable(), writable(), dan seekable().



  • Number formatting and the NUMBER_GROUPING setting support non-uniform digit grouping.

Pengelolaan perintah


  • Added support for serialization of uuid.UUID objects.


Permintaan dan Tanggapan


  • The new django.core.serializers.base.Serializer.stream_class attribute allows subclasses to customize the default stream.
  • The encoder used by the JSON serializer can now be customized by passing a cls keyword argument to the serializers.serialize() function.
  • DjangoJSONEncoder now serializes timedelta objects (used by DurationField).


  • mark_safe() can now be used as a decorator.
  • The Jinja2 template backend now supports context processors by setting the 'context_processors' option in OPTIONS.
  • The regroup tag now returns namedtuples instead of dictionaries so you can unpack the group object directly in a loop, e.g. {% for grouper, list in regrouped %}.
  • Added a resetcycle template tag to allow resetting the sequence of the cycle template tag.
  • You can now specify specific directories for a particular filesystem.Loader.



Perubahan ketidaksesuaian kebelakang dalam 1.11


  • To simplify the codebase and because it’s easier to install than when contrib.gis was first released, GDAL is now a required dependency for GeoDjango. In older versions, it’s only required for SQLite.
  • contrib.gis.maps is removed as it interfaces with a retired version of the Google Maps API and seems to be unmaintained. If you’re using it, let us know.
  • The GEOSGeometry equality operator now also compares SRID.
  • The OpenLayers-based form widgets now use OpenLayers 3, and the gis/openlayers.html and gis/openlayers-osm.html templates have been updated. Check your project if you subclass these widgets or extend the templates. Also, the new widgets work a bit differently than the old ones. Instead of using a toolbar in the widget, you click to draw, click and drag to move the map, and click and drag a point/vertex/corner to move it.
  • Dukungan untuk SpatiaLite < 4.0 telah dibuang.

  • Dukungan untuk GDAL 1.7 dan 1.8 telah dibuang.

  • The widgets in contrib.gis.forms.widgets and the admin’s OpenLayersWidget use the form rendering API rather than loader.render_to_string(). If you’re using a custom widget template, you’ll need to be sure your form renderer can locate it. For example, you could use the TemplatesSetting renderer.


  • collectstatic may now fail during post-processing when using a hashed static files storage if a reference loop exists (e.g. 'foo.css' references 'bar.css' which itself references 'foo.css') or if the chain of files referencing other files is too deep to resolve in several passes. In the latter case, increase the number of passes using ManifestStaticFilesStorage.max_post_process_passes.
  • When using ManifestStaticFilesStorage, static files not found in the manifest at runtime now raise a ValueError instead of returning an unchanged path. You can revert to the old behavior by setting ManifestStaticFilesStorage.manifest_strict to False.

API backend basisdata

  • Metode DatabaseOperations.time_trunc_sql() ditambahkan untuk mendukung pemotongan TimeField. Itu menerima argumen lookup_type dan field_name dan mengembalikan SQL sesuai untuk memotong bidang waktu yang diberikan pada sebuah obyek waktu dengan hanya diberikan kekhususan. Argumen lookup_type dapat salsah satu 'hour', 'minute', atau 'second'.

  • Metode DatabaseOperations.datetime_cast_time_sql() ditambahkan untuk mendukung pencarian time. Itu menerima argumen field_name dan tzname dan mengembalikan SQL yang dibutuhkan untuk membuang nilai datetime menjadi nilai waktu.

  • To enable FOR UPDATE SKIP LOCKED support, set DatabaseFeatures.has_select_for_update_skip_locked = True.
  • Atribut DatabaseFeatures.supports_index_column_ordering baru menentukan jika sebuah basisdata mengizinkan menentukan urutan untuk kolom-kolom dalam indeks. Nilai awalan adalah True dan metode DatabaseIntrospection.get_constraints() harus menyertakan kunci 'orders' dalam setiap dari kamus-kamus yang dikembalikan dengan daftar dari nilai-nilai 'ASC' dan/atau 'DESC' berhubungan ke urutan dari setiap kolom dalam indeks.

  • inspectdb no longer calls DatabaseIntrospection.get_indexes() which is deprecated. Custom database backends should ensure all types of indexes are returned by DatabaseIntrospection.get_constraints().
  • Renamed the ignores_quoted_identifier_case feature to ignores_table_name_case to more accurately reflect how it is used.
  • Argumen kata kunci name ditambahkan ke metode DatabaseWrapper.create_cursor(self, name=None) untuk mengizinkan penggunaan dari kursor sisi-peladen pada backend yang mendukung itu.

Dibuang dukungan untuk PostgreSQL 9.2 dan PostGIS 2.0

Upstream support for PostgreSQL 9.2 ends in September 2017. As a consequence, Django 1.11 sets PostgreSQL 9.3 as the minimum version it officially supports.

Support for PostGIS 2.0 is also removed as PostgreSQL 9.2 is the last version to support it.

Also, the minimum supported version of psycopg2 is increased from 2.4.5 to 2.5.4.

LiveServerTestCase binds to port zero

Rather than taking a port range and iterating to find a free port, LiveServerTestCase binds to port zero and relies on the operating system to assign a free port. The DJANGO_LIVE_TEST_SERVER_ADDRESS environment variable is no longer used, and as it’s also no longer used, the manage.py test --liveserver option is removed.

Protection against insecure redirects in django.contrib.auth and i18n views

LoginView, LogoutView (and the deprecated function-based equivalents), and set_language() protect users from being redirected to non-HTTPS next URLs when the app is running over HTTPS.

Argumen pengecekan QuerySet.get_or_create() dan update_or_create()

To prevent typos from passing silently, get_or_create() and update_or_create() check that their arguments are model fields. This should be backwards-incompatible only in the fact that it might expose a bug in your project.

pytz is a required dependency and support for settings.TIME_ZONE = None is removed

To simplify Django’s timezone handling, pytz is now a required dependency. It’s automatically installed along with Django.

Support for settings.TIME_ZONE = None is removed as the behavior isn’t commonly used and is questionably useful. If you want to automatically detect the timezone based on the system timezone, you can use tzlocal:

from tzlocal import get_localzone

TIME_ZONE = get_localzone().zone

This works similar to settings.TIME_ZONE = None except that it also sets os.environ['TZ']. Let us know if there’s a use case where you find you can’t adapt your code to set a TIME_ZONE.

Perubahan HTML dalam cetakan admin

<p class="help"> diganti dengan etiket <div> untuk mengizinkan daftar di dalam teks bantuan.

Read-only fields are wrapped in <div class="readonly">...</div> instead of <p>...</p> to allow any kind of HTML as the field’s content.

Changes due to the introduction of template-based widget rendering

Some undocumented classes in django.forms.widgets are removed:

  • SubWidget
  • RendererMixin, ChoiceFieldRenderer, RadioFieldRenderer, CheckboxFieldRenderer
  • ChoiceInput, RadioChoiceInput, CheckboxChoiceInput

Metode Widget.format_output() dipindahkan. Gunakan cetakan widget penyesuaian sebagai gantinya.

Some widget values, such as <select> options, are now localized if settings.USE_L10N=True. You could revert to the old behavior with custom widget templates that uses the localize template tag to turn off localization.

django.template.backends.django.Template.render() prohibits non-dict context

For compatibility with multiple template engines, django.template.backends.django.Template.render() (returned from high-level template loader APIs such as loader.get_template()) must receive a dictionary of context rather than Context or RequestContext. If you were passing either of the two classes, pass a dictionary instead – doing so is backwards-compatible with older versions of Django.

Model state changes in migration operations

To improve the speed of applying migrations, rendering of related models is delayed until an operation that needs them (e.g. RunPython). If you have a custom operation that works with model classes or model instances from the from_state argument in database_forwards() or database_backwards(), you must render model states using the clear_delayed_apps_cache() method as described in writing your own migration operation.


  • If no items in the feed have a pubdate or updateddate attribute, SyndicationFeed.latest_post_date() now returns the current UTC date/time, instead of a datetime without any timezone information.
  • CSRF failures are logged to the django.security.csrf logger instead of django.request.
  • ALLOWED_HOSTS validation is no longer disabled when running tests. If your application includes tests with custom host names, you must include those host names in ALLOWED_HOSTS. See Tests and multiple host names.
  • Using a foreign key’s id (e.g. 'field_id') in ModelAdmin.list_display displays the related object’s ID. Remove the _id suffix if you want the old behavior of the string representation of the object.
  • In model forms, CharField with null=True now saves NULL for blank values instead of empty strings.
  • On Oracle, Model.validate_unique() no longer checks empty strings for uniqueness as the database interprets the value as NULL.
  • Jika anda mensubkelaskan AbstractUser dan menimpa clean(), pastikan itu memanggil super(). BaseUserManager.normalize_email() dipanggil dalam sebuah metode AbstractUser.clean() baru sehingga nomarlisasi diberlakukan dalam kasus-kasus seperti pengesahan formulir model.

  • EmailField and URLField no longer accept the strip keyword argument. Remove it because it doesn’t have an effect in older versions of Django as these fields always strip whitespace.
  • The checked and selected attribute rendered by form widgets now uses HTML5 boolean syntax rather than XHTML’s checked='checked' and selected='selected'.
  • RelatedManager.add(), remove(), clear(), dan set() sekarang membersihkan cache prefetch_related().

  • To prevent possible loss of saved settings, setup_test_environment() now raises an exception if called a second time before calling teardown_test_environment().
  • The undocumented DateTimeAwareJSONEncoder alias for DjangoJSONEncoder (renamed in Django 1.0) is removed.
  • The cached template loader is now enabled if DEBUG is False and OPTIONS['loaders'] isn’t specified. This could be backwards-incompatible if you have some template tags that aren’t thread safe.
  • The prompt for stale content type deletion no longer occurs after running the migrate command. Use the new remove_stale_contenttypes command instead.
  • The admin’s widget for IntegerField uses type="number" rather than type="text".
  • Conditional HTTP headers are now parsed and compared according to the RFC 7232 Conditional Requests specification rather than the older RFC 2616.
  • patch_response_headers() no longer adds a Last-Modified header. According to the RFC 7234#section-4.2.2, this header is useless alongside other caching headers that provide an explicit expiration time, e.g. Expires or Cache-Control. UpdateCacheMiddleware and add_never_cache_headers() call patch_response_headers() and therefore are also affected by this change.
  • In the admin templates, <p class="help"> is replaced with a <div> tag to allow including lists inside help text.
  • ConditionalGetMiddleware no longer sets the Date header as Web servers set that header. It also no longer sets the Content-Length header as this is now done by CommonMiddleware.
  • get_model() and get_models() now raise AppRegistryNotReady if they’re called before models of all applications have been loaded. Previously they only required the target application’s models to be loaded and thus could return models without all their relations set up. If you need the old behavior of get_model(), set the require_ready argument to False.
  • The unused BaseCommand.can_import_settings attribute is removed.
  • The undocumented django.utils.functional.lazy_property is removed.
  • For consistency with non-multipart requests, MultiPartParser.parse() now leaves request.POST immutable. If you’re modifying that QueryDict, you must now first copy it, e.g. request.POST.copy().
  • Dukungan untuk cx_Oracle < 5.2 telah dipindahkan.

  • Dukungan untuk IPython < 1.0 telah dipindahkan dari perintah shell.

  • The signature of private API Widget.build_attrs() changed from extra_attrs=None, **kwargs to base_attrs, extra_attrs=None.
  • File-like objects (e.g., StringIO and BytesIO) uploaded to an ImageField using the test client now require a name attribute with a value that passes the validate_image_file_extension validator. See the note in Client.post().

Fitur-fitur diusangkan dalam 1.11


  • contrib.auth’s login() and logout() function-based views are deprecated in favor of new class-based views LoginView and LogoutView.
  • The unused extra_context parameter of contrib.auth.views.logout_then_login() is deprecated.
  • contrib.auth’s password_change(), password_change_done(), password_reset(), password_reset_done(), password_reset_confirm(), and password_reset_complete() function-based views are deprecated in favor of new class-based views PasswordChangeView, PasswordChangeDoneView, PasswordResetView, PasswordResetDoneView, PasswordResetConfirmView, and PasswordResetCompleteView.
  • django.test.runner.setup_databases() is moved to django.test.utils.setup_databases(). The old location is deprecated.
  • django.utils.translation.string_concat() is deprecated in favor of django.utils.text.format_lazy(). string_concat(*strings) can be replaced by format_lazy('{}' * len(strings), *strings).
  • For the PyLibMCCache cache backend, passing pylibmc behavior settings as top-level attributes of OPTIONS is deprecated. Set them under a behaviors key within OPTIONS instead.
  • The host parameter of django.utils.http.is_safe_url() is deprecated in favor of the new allowed_hosts parameter.
  • Silencing exceptions raised while rendering the {% include %} template tag is deprecated as the behavior is often more confusing than helpful. In Django 2.1, the exception will be raised.
  • DatabaseIntrospection.get_indexes() is deprecated in favor of DatabaseIntrospection.get_constraints().
  • authenticate() sekarang melewatkan sebuah argumen request pada metode authenticate() dari backend autentifikasi. Dukungan untuk metode-metode yang tidak menerima request sebagai argumen penempatan pertama akan dipindahkan dalam Django 2.1.

  • The USE_ETAGS setting is deprecated in favor of ConditionalGetMiddleware which now adds the ETag header to responses regardless of the setting. CommonMiddleware and django.utils.cache.patch_response_headers() will no longer set ETags when the deprecation ends.
  • Model._meta.has_auto_field is deprecated in favor of checking if Model._meta.auto_field is not None.
  • Using regular expression groups with iLmsu# in url() is deprecated. The only group that’s useful is (?i) for case-insensitive URLs, however, case-insensitive URLs aren’t a good practice because they create multiple entries for search engines, for example. An alternative solution could be to create a handler404 that looks for uppercase characters in the URL and redirects to a lowercase equivalent.
  • Argumen renderer ditambahkan pada metode Widget.render(). Metode-metode yang tidak menerima bahwa argumen akan bekerja melalui masa pengusangan.

Back to Top