[Technical Board?] Project Ideas, and beginning GSoC 2023.

681 views
Skip to first unread message

Carlton Gibson

unread,
Nov 15, 2022, 4:11:45 AM11/15/22
to Django developers (Contributions to Django itself)
Hi all.

Google Summer of Code (GSoC) for 2023 has just been announced.
https://opensource.googleblog.com/2022/11/get-ready-for-google-summer-of-code-2023.html

Django has participated many times, and it's been a real boon. Recent successes include:

* The django-stubs mypy plugin.
* The cross-db JSON field.
* The Redis cache backend.
* Per model-class (field instance) custom lookups
* Setup of the django-asv benchmarking project.
* ...

Application deadline for Orgs is February 7. I'll begin working on it after the New Year.

Main bit is an ideas list for projects. The GSoC guide has a Writing a Good Ideas List
section.

> Projects should take ~175 hours or ~350 hours for GSoC contributors to complete.

i.e. "short" or "long" projects.
https://google.github.io/gsocguides/mentor/defining-a-project-ideas-list

I'm writing here to solicit input on project ideas.

I put "Technical Board?" in the subject because we're short a list of project
ideas for the technical direction of Django going forward, and maybe thinking
in terms of GSoC could be a way of bootstrapping that. The "?" is because that's not
meant to exclude other input.

Here's last year's list for reference:
https://code.djangoproject.com/wiki/SummerOfCode2022

- Some of those were done: benchmarking (but that could be built on) and per-instance
  field lookups.

- Rate-limiting is a no-go I think: we couldn't come to any decent agreement on scope,
  so it's better to live as a third-party package.

- I've tried to include folks from the wider ecosystem in previous years. Two years ago
  we had both Wagtail and django-stubs projects. Wagtail then (last year)
  applied in their own right, to great success. I'd like to offer that help
  again to e.g. Jazzband or other established projects, assuming maintainers
  feel they have the capacity to mentor. (It's a minor increment to my effort
  for a good return I think.)


No urgency but, can I ask you to put your grey cells into action? 🙂


Thanks.

Kind Regards,

Carlton

Florian Apolloner

unread,
Nov 16, 2022, 1:52:01 PM11/16/22
to Django developers (Contributions to Django itself)
I do have ideas but no idea about how viable they are in a GSoC context. Nevertheless I will put write them down here, maybe we can find smaller scopes if needed and if not, it still serves as a list of things that I'd think to be interesting:

 * Probably my number one since it kinda is a blocker for me: We need a connection pool in Django for async to work. That said connection pools are hard to get right ( https://github.com/brettwooldridge/HikariCP/blob/dev/documents/Welcome-To-The-Jungle.md and https://www.psycopg.org/articles/2021/01/17/pool-design/ ).
 * Production ready webserver (https://groups.google.com/g/django-developers/c/q20_Cxske88). Maybe only focus on a smaller part first, like reading env variables / config files.
 * Depending on how far we get with `request.data` in the meantime, maybe put the second steps (adjustable parsers etc) in as GSoC project?
 * I haven't talked with anyone about this one yet, so it might be completely bonkers: I think openid connect is here to stay for a while and I'd love to see first class support in core for it. I am looking at this from an enterprise perspective though; I do not expect a user to choose where to login out of many options but rather provide a replacement for the default username/password login in an enterprise environment. Most solutions there support openid connect. Please note that I am not suggesting to support generic OAuth2/SAML and whatnot -- there are great 3rd party packages for that already (which also include support for openid connect). I'd just love to be able to install arbitrary Django projects and point them to the central authentication server.

I hope this provides some ideas to get more ideas rolling :)

Cheers,
Florian

Carlton Gibson

unread,
Nov 16, 2022, 1:58:05 PM11/16/22
to django-d...@googlegroups.com
Thanks Florian

To you and all :) — casting the net wide right now is a good way forward I think. 
We can scope down for GSoC with some ideas on the table.

(Don't be shy folks. :) 

Kind Regards,

Carlton

--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/2b3650c6-d340-4464-96f2-e6722a8e415an%40googlegroups.com.

Matthew Pava

unread,
Nov 16, 2022, 2:13:28 PM11/16/22
to django-d...@googlegroups.com

I’m not on the technical board or of any important part of the Django ecosystem at all, but I do have an idea. It would be nice to revamp the “name” field in the default user model, perhaps to have one field for the name as suggested here from the W3C:

https://www.w3.org/International/questions/qa-personal-names

 

I remember reading elsewhere that there were various important reasons that prevented Django from making such a change. Perhaps it would be a good time to review that? If there is too much controversy for having a name field at all, perhaps eliminating it is the way to go and just have a username field?

 

Of course, this may go hand-in-hand with Florian’s suggestion of using OpenID Connect.

Adam Johnson

unread,
Nov 25, 2022, 5:32:32 PM11/25/22
to django-d...@googlegroups.com
Four ideas from myself:

1. CORS in core

django-cors-headers’ implementation is a bit janky, for example it uses a regex to filter paths. It also lacks the key ability to set up different CORS policies per path. Both of these could be done with a decorator.

I’d like to see a form of CORS support in Django that more closely follows the design of the CSRF/clickjacking protection.

2. django-stubs strict mode.

The stubs do not currently pass Mypy’s strict mode. Doing so would enable users to always use strict mode with them, improving type safety. I think the other maintainers of django-stubs are also interested in this.

3. Better DatabaseCache

Setting up a shared cache backend is nearly always required, as many third party packages assume the cache works like this (unlike the default locmemcache which is per process). DatabaseCache is the easiest such cache backend, not requiring any extra infra and working on shared hosts without a filesystem. But it could be better.

Django-Mysql has had a much better DB cache backend implementation since 2015: https://adamj.eu/tech/2015/05/17/building-a-better-databasecache-for-django-on-mysql/ . I’ve never got around to adapting this for postgres/sqlite but it should be fairly straightforward, mostly some translation of SQL to different dialects.

It would also be nice to hook the database cache tables into migrations somehow rather than the current hacky duck typing approach ( https://github.com/django/django/blob/64b3c413da011f55469165256261f406a277e822/django/core/cache/backends/db.py#L12-L28 ).

4. Auto-importing shell

One of the most popular features of django-extensions is shell_plus, which is like 'shell' but auto-imports your models for you. This behaviour would be great to have in core, with a way to define extra things to import (perhaps a documented path of subclassing the management command and overriding a method).

James Bennett

unread,
Nov 25, 2022, 6:56:38 PM11/25/22
to django-d...@googlegroups.com
On Fri, Nov 25, 2022 at 2:32 PM 'Adam Johnson' via Django developers 1. CORS in core

django-cors-headers’ implementation is a bit janky, for example it uses a regex to filter paths. It also lacks the key ability to set up different CORS policies per path. Both of these could be done with a decorator.

I’d like to see a form of CORS support in Django that more closely follows the design of the CSRF/clickjacking protection.

Another option: Content Security Policy support in core. The current django-csp third-party app isn't necessarily bad, but I'd love to see more good security tools in Django by default.

(some of this gets back to an old proposal for a consolidated top-level SECURITY setting that could expand to cover all the tools, but that's likely out of scope for a GSoC project)

Shai Berger

unread,
Nov 26, 2022, 11:02:56 AM11/26/22
to django-d...@googlegroups.com
Hi,

Adding to the above, I have two migration-related ideas.

The first is quite down-to-earth: Support for moving models between
apps. This is a long-standing problem, esp. in enterprise-y or just
long-running projects. I have expressed my dissatisfaction with the
current state of things a couple of years ago[1], and maybe it's time
to change that.

The second is a bit of a pie-in-the-sky: Allow auto-detection of custom
migration operations. The auto-detector has its change-detection mostly
hard-coded into it[2], and it doesn't seem easy or even possible to
allow third-party code to intervene. But I dream...

Note: These two are quite independent. Auto-detection of the fact that
a model has moved between apps is not required, supporting such moves
with flags to makemigrations or even a dedicated management-command
would be completely satisfactory as far as I'm concerned.

Thanks,
Shai.


[1] https://forum.djangoproject.com/t/why-do-we-need-apps/827/20
[2] https://github.com/django/django/blob/main/django/db/migrations/autodetector.py#L104

Tom Carrick

unread,
Nov 28, 2022, 7:28:31 AM11/28/22
to django-d...@googlegroups.com
Just a small spinoff idea from Adam's suggestion on django-stubs. There is another package, django-types that started as a fork of django-stubs and was originally intended to be merged back into it. It removes the need to use any mypy plugins, making it possible to use type checkers other than mypy, such as Pyrite, Pyre, etc.  However, django-types isn't nearly as actively maintained and having competing type stubs libraries is quite annoying as they each get fixes for different issues, leaving neither in especially good shape, IMO. Although the work has previously been done I think there is enough work there detangling it and getting a PR to a mergeable state for a short project.

Tom


--
You received this message because you are subscribed to the Google Groups "Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.

John Whitlock

unread,
Nov 28, 2022, 11:59:48 AM11/28/22
to django-d...@googlegroups.com
I'd like to see database-level defaults supported in models and migrations:

https://code.djangoproject.com/ticket/470

There's currently a PR open, which replaces an earlier 2020 PR

https://github.com/django/django/pull/16092

It would be a large benefit to those of us practicing continuous deployment. It is also tricky enough that it would benefit from a full-time effort to implement and refactor.

- John

--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.

st...@jigsawtech.co.uk

unread,
Nov 28, 2022, 12:10:33 PM11/28/22
to Django developers (Contributions to Django itself)
+1 from me on DB defaults (constraints too). I've worked on many systems where Django isn't the only place putting records into DBs and having DB level defaults and constraints fixes a lot of common issues with that. Currently I create an empty migrations to then add them in manually when required


+1 from me on moving models between apps, though I know it can be a pain. Contacting and freelancing means you come across a lot of projects where models are seeming in the wrong app or where you want to consolidate apps and being able to move them cleaning would be a wonderful addition

Carlton Gibson

unread,
Nov 28, 2022, 12:56:57 PM11/28/22
to django-d...@googlegroups.com
On this vein I'd also like to see DB Cascades implemented


On Mon, 28 Nov 2022 at 18:10, 'st...@jigsawtech.co.uk' via Django developers (Contributions to Django itself) <django-d...@googlegroups.com> wrote:
+1 from me on DB defaults (constraints too). I've worked on many systems where Django isn't the only place putting records into DBs and having DB level defaults and constraints fixes a lot of common issues with that. Currently I create an empty migrations to then add them in manually when required

Adam Johnson

unread,
Nov 28, 2022, 11:35:40 PM11/28/22
to django-d...@googlegroups.com
I am not sure the db level defaults PR is suitable for a GSoC project at this point - it’s pretty well developed. I think it could do with some review and testing form those who are interested.

Adrian Torres

unread,
Nov 29, 2022, 4:41:49 AM11/29/22
to Django developers (Contributions to Django itself)
I'd personally like to see better support for safe / N-1 compatible migrations within Django itself, currently if you do CD / blue-green tower / etc. deployments you need to be very careful about the migration operations that you introduce version-to-version, although I'm not sure what that would look like.

+1 to OIDC, CORS and DB defaults

If nothing else, this thread has at least made me aware of some interesting tickets :-)

Adrian

charettes

unread,
Nov 29, 2022, 4:40:41 PM11/29/22
to Django developers (Contributions to Django itself)
Adrian,

> I'd personally like to see better support for safe / N-1 compatible migrations within Django itself, currently if you do CD / blue-green tower / etc. deployments you need to be very careful about the migration operations that you introduce version-to-version, although I'm not sure what that would look like.

There's a little project that we use at $WORK to do just that[0]. I'm not sure its inclusion in core is even proposable at this time as is still has received very little feedback from external users but the gist of the tool is that it introduces a notion of phases to migrations (pre and post-deployment) and augments the `makemigrations` command so it splits operations that require multiple phases in multiple migrations and adds a `--pre-deploy` flag to the `migrate` command to only run migrations meant to be run prior to a deployment.

I don't want to hijack the this thread to discuss it in details but feel free to try it out and reach out personally if you'd like more details. We've used it internally to deploy changes using ArgoCD to Kubernetes clusters internally and I was planing on presenting the tool in the near future at a Django event once we get more feedback about it.


Cheers,
Simon

Ryan Cheley

unread,
Dec 12, 2022, 9:44:24 AM12/12/22
to Django developers (Contributions to Django itself)
Perhaps one of the ideas for GSoC would be to update the code for the ORM (or maybe just a single backend?) to include Type hints. Last year (2022) it was mentioned here.

I think this might make it easier to allow newcomers to try work Trac Tickets. When I was working ticket 10070 I found myself (on more than one occasion) asking, what is this going to return? I was able to hack my way through it, but it would have been nice (potentially) have had had types in there!

I know that there was a discussion on the Developers list here and here and a proposed DEP that was closed ... the idea seems to be more of a 'wait and see'.

I believe Carlton also referenced the idea of type hints in a couple of episodes of Django Chat (e103 with Nikita Sobolev and e105 with Adam Johnson)

Current ticket in trac is 29299

Cheers,

Ryan

Mehfooz Shayan

unread,
Dec 12, 2022, 1:27:08 PM12/12/22
to django-d...@googlegroups.com
Hi Developers, I am a Junior Python / Django Developer. I have developed some projects with help of Django Backend Development with complete authentication & authorization and others features. 

So now my question is that, I am also learning Flutter in my university course (Mobile Application Development - Flutter), so can I deploy my ML, AI model with the help of Django as a Backend and FrontEnd of Mobile application in Flutter ???

It will be easy or difficult to connect Django + Flutter for AI, ML models? Any youtube channel or suggestion where i can covers these things so i can develop my projects. 

Thanks

--

Carlton Gibson

unread,
Jan 17, 2023, 9:53:50 AM1/17/23
to Django developers (Contributions to Django itself)
Hi All! 

Thanks for your earlier replies, comments and ideas!

The organisation application period for GSoC begins next week, so I've pulled them together to begin the ideas page: 

It's not 100% — not least I need to go over the WIKI formatting, and make it consistent (but ignore that, or make clean ups :) 
Please have a look — see if the descriptions make sense. 
(I want to add a few more links and such, and tweak the descriptions — again, happy to take edits :) 

If you suggested an idea I put you as a Possible Mentor
That doesn't mean you're committed to anything — but equally we do need mentors… :)
What's involved? Not too much: being available to comment on a PR on your project is the main bit. 
If you know you're not happy to mentor, you can remove yourself: if you're the only person, please put me instead. 
(If you didn't suggest an idea but might like mentoring do feel free to do the opposite :) 

It's Google Summer of Code — so there's ages before anything much else happens. 

Thanks again. 

Kind Regards,

Carlton

Manav Agarwal

unread,
Jan 17, 2023, 4:26:08 PM1/17/23
to django-d...@googlegroups.com
Hii All!

I am a Google Summer of Code 2021 Student and have contributed to The schema editor project. 
I would be happy to mentor a project this year.

--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.


--
Regards
Manav Agarwal

https://www.linkedin.com/in/manav-agarwal-982553190/

"If your actions inspire others to dream more, learn more, do more and become more, you are a leader.”

Carlton Gibson

unread,
Jan 18, 2023, 2:30:55 AM1/18/23
to django-d...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages