Django 6.2 release notes - UNDER DEVELOPMENT

Expected April 2027

Welcome to Django 6.2!

These release notes cover the new features, as well as some backwards incompatible changes you should be aware of when upgrading from Django 6.1 or earlier. We’ve begun the deprecation process for some features.

See the How to upgrade Django to a newer version guide if you’re updating an existing project.

Django 6.2 is designated as a long-term support release. It will receive security updates for at least three years after its release. Support for the previous LTS, Django 5.2, will end in April 2028.

Python compatibility

Django 6.2 supports Python 3.12, 3.13 and 3.14. We highly recommend and only officially support the latest release of each series.

What’s new in Django 6.2

Minor features

django.contrib.admin

django.contrib.admindocs

django.contrib.auth

  • The default iteration count for the PBKDF2 password hasher is increased from 1,500,000 to 1,800,000.

django.contrib.contenttypes

django.contrib.gis

django.contrib.messages

django.contrib.postgres

django.contrib.redirects

django.contrib.sessions

django.contrib.sitemaps

django.contrib.sites

django.contrib.staticfiles

django.contrib.syndication

Asynchronous views

Cache

  • Subclasses of BaseDatabaseCache now support :ref:` culling <_database-caching>` on a percentage of writes as an optimization. The default is 10%, and may be configured using the CULL_PROBABILITY option.

CSP

CSRF

Database backends

Decorators

Email

Error Reporting

File Storage

File Uploads

Forms

Generic Views

Internationalization

Logging

Management Commands

  • The new listurls command lists the URLs from the project’s root URLconf, including the view class or function (and name, if present).

Migrations

Models

Requests and Responses

Security

Serialization

Signals

Tasks

Templates

Tests

URLs

Utilities

  • The new django.utils.warnings module provides django_file_prefixes(), which returns the file path prefix of the Django package for use as the skip_file_prefixes argument of warnings.warn().

Validators

Backwards incompatible changes in 6.2

Database backend API

This section describes changes that may be needed in third-party database backends.

Miscellaneous

  • To facilitate the deprecation of the safe parameter of JsonResponse, it now defaults to False, because the pollution vulnerability in the Array prototype was fixed in ES5.

  • DjangoJSONEncoder now omits the millisecond component of serialized datetime.datetime and datetime.time objects if they have zero milliseconds. For example, datetime.datetime(2000, 1, 1, 0, 0, 0, 1) now serializes to "2000-01-01T00:00:00" rather than "2000-01-01T00:00:00.000".

Features deprecated in 6.2

Miscellaneous

  • The safe parameter is deprecated from JsonResponse. Omitting the argument is equivalent to the prior safe=False usage.