Django is now a CVE Numbering Authority (CNA)
https://www.djangoproject.com/weblog/2025/oct/30/django-is-now-a-cve-numbering-authority-cna/
/r/django
https://redd.it/1ojui2k
https://www.djangoproject.com/weblog/2025/oct/30/django-is-now-a-cve-numbering-authority-cna/
/r/django
https://redd.it/1ojui2k
Django Project
Django is now a CVE Numbering Authority (CNA)
Posted by CNA Coordinators Thibaud Colas, Natalia Bidart, Jacob Walls on Oct. 30, 2025
Trying to use cascading deletes in SQLAlchemy with a many-to-many relationship between two tables, would like some help
For the site I've been building, to manage permissions I've been using a role-based where we have the class/table
Here's the definition of
class UserRoleOwnership(DBModel):
id: Mappedint = mappedcolumn(primarykey=True)
useruuid: Mapped[UUID] = mappedcolumn(ForeignKey('user.uuid', ondelete='CASCADE'))
/r/flask
https://redd.it/1okbqg7
For the site I've been building, to manage permissions I've been using a role-based where we have the class/table
User representing individual users, UserRole (which only contains id and name columns), and UserRoleOwnership to manage the who has what roles, in what I believe (I started learning SQL two months ago, may be wrong) is described as a many-to-many relationship? So the ownership table has three columns: id (not really relevant here, auto increments), user_uuid, and role_id. The latter two are declared as foreign keys, referencing User.uuid and Role.id respectively. This has been working fine, until while I was writing more thorough tests I discovered, of course, if a User's record/row is deleted, all of their role ownership records still exist in the database. I tried looking into if there was a way to automatically delete the User's associated ownership records, and found the ondelete option for mapped_column as well as the cascade option on relationship, which seemed like they would help, but I keep running into issues.Here's the definition of
UserRoleOwnership:class UserRoleOwnership(DBModel):
id: Mappedint = mappedcolumn(primarykey=True)
useruuid: Mapped[UUID] = mappedcolumn(ForeignKey('user.uuid', ondelete='CASCADE'))
/r/flask
https://redd.it/1okbqg7
Reddit
From the flask community on Reddit
Explore this post and more from the flask community
R We found LRMs look great…until the problems get harder (AACL 2025)
Hi there! I'm excited to share this project on characterizing reasoning capabilities of Large Reasoning Models (LLMs incentivized with "thinking").
Our paper: "Reasoning Models Reason Well, Until They Don't"
What it’s about: We look at large reasoning models (LRMs) and try to answer the question of "how do they generalize when reasoning complexity is steadily scaled up?"
Short answer: They’re solid in the easy/mid range, then fall off a cliff once complexity crosses a threshold. We use graph reasoning and deductive reasoning as a testbed, then we try to reconcile the results with real world graph distributions.
Details:
Built a dataset/generator (DeepRD) to generate queries of specified complexity (no limit to samples or complexity). Generates both symbolic and 'proof shaped' queries.
We hope this helps for future work in reasoning training+evaluation!
Tested graph connectivity + natural-language proof planning.
Saw sharp drop-offs once complexity passes a certain point—generalization doesn’t magically appear with current LRMs.
Compared against complexity in real-world graphs/proofs: most day-to-day cases are “in range,” but the long tail is risky.
Provide some in depth analysis on error modes
Why it matters: Benchmarks with limited complexity can make models look more general than they are. The drop in performance can be quite
/r/MachineLearning
https://redd.it/1okdq0s
Hi there! I'm excited to share this project on characterizing reasoning capabilities of Large Reasoning Models (LLMs incentivized with "thinking").
Our paper: "Reasoning Models Reason Well, Until They Don't"
What it’s about: We look at large reasoning models (LRMs) and try to answer the question of "how do they generalize when reasoning complexity is steadily scaled up?"
Short answer: They’re solid in the easy/mid range, then fall off a cliff once complexity crosses a threshold. We use graph reasoning and deductive reasoning as a testbed, then we try to reconcile the results with real world graph distributions.
Details:
Built a dataset/generator (DeepRD) to generate queries of specified complexity (no limit to samples or complexity). Generates both symbolic and 'proof shaped' queries.
We hope this helps for future work in reasoning training+evaluation!
Tested graph connectivity + natural-language proof planning.
Saw sharp drop-offs once complexity passes a certain point—generalization doesn’t magically appear with current LRMs.
Compared against complexity in real-world graphs/proofs: most day-to-day cases are “in range,” but the long tail is risky.
Provide some in depth analysis on error modes
Why it matters: Benchmarks with limited complexity can make models look more general than they are. The drop in performance can be quite
/r/MachineLearning
https://redd.it/1okdq0s
arXiv.org
Reasoning Models Reason Well, Until They Don't
Large language models (LLMs) have shown significant progress in reasoning tasks. However, recent studies show that transformers and LLMs fail catastrophically once reasoning problems exceed modest...
Friday Daily Thread: r/Python Meta and Free-Talk Fridays
# Weekly Thread: Meta Discussions and Free Talk Friday 🎙️
Welcome to Free Talk Friday on /r/Python! This is the place to discuss the r/Python community (meta discussions), Python news, projects, or anything else Python-related!
## How it Works:
1. Open Mic: Share your thoughts, questions, or anything you'd like related to Python or the community.
2. Community Pulse: Discuss what you feel is working well or what could be improved in the /r/python community.
3. News & Updates: Keep up-to-date with the latest in Python and share any news you find interesting.
## Guidelines:
All topics should be related to Python or the /r/python community.
Be respectful and follow Reddit's Code of Conduct.
## Example Topics:
1. New Python Release: What do you think about the new features in Python 3.11?
2. Community Events: Any Python meetups or webinars coming up?
3. Learning Resources: Found a great Python tutorial? Share it here!
4. Job Market: How has Python impacted your career?
5. Hot Takes: Got a controversial Python opinion? Let's hear it!
6. Community Ideas: Something you'd like to see us do? tell us.
Let's keep the conversation going. Happy discussing! 🌟
/r/Python
https://redd.it/1okfus7
# Weekly Thread: Meta Discussions and Free Talk Friday 🎙️
Welcome to Free Talk Friday on /r/Python! This is the place to discuss the r/Python community (meta discussions), Python news, projects, or anything else Python-related!
## How it Works:
1. Open Mic: Share your thoughts, questions, or anything you'd like related to Python or the community.
2. Community Pulse: Discuss what you feel is working well or what could be improved in the /r/python community.
3. News & Updates: Keep up-to-date with the latest in Python and share any news you find interesting.
## Guidelines:
All topics should be related to Python or the /r/python community.
Be respectful and follow Reddit's Code of Conduct.
## Example Topics:
1. New Python Release: What do you think about the new features in Python 3.11?
2. Community Events: Any Python meetups or webinars coming up?
3. Learning Resources: Found a great Python tutorial? Share it here!
4. Job Market: How has Python impacted your career?
5. Hot Takes: Got a controversial Python opinion? Let's hear it!
6. Community Ideas: Something you'd like to see us do? tell us.
Let's keep the conversation going. Happy discussing! 🌟
/r/Python
https://redd.it/1okfus7
Redditinc
Reddit Rules
Reddit Rules - Reddit
Can you break our pickle sandbox? Blog + exploit challenge inside
I've been working on a different approach to pickle security with a friend.
We wrote up a blog post about it and built a challenge to test if it actually holds up. The basic idea: we intercept and block the dangerous operations at the interpreter level during deserialization (RCE, file access, network calls, etc.). Still experimental, but we tested it against 32+ real vulnerabilities and got <0.8% performance overhead.
Blog post with all the technical details: https://iyehuda.substack.com/p/we-may-have-finally-fixed-pythons
Challenge site (try to escape): https://pickleescape.xyz
Curious what you all think - especially interested in feedback if you've dealt with pickle issues before or know of edge cases we might have missed.
/r/Python
https://redd.it/1ok548a
I've been working on a different approach to pickle security with a friend.
We wrote up a blog post about it and built a challenge to test if it actually holds up. The basic idea: we intercept and block the dangerous operations at the interpreter level during deserialization (RCE, file access, network calls, etc.). Still experimental, but we tested it against 32+ real vulnerabilities and got <0.8% performance overhead.
Blog post with all the technical details: https://iyehuda.substack.com/p/we-may-have-finally-fixed-pythons
Challenge site (try to escape): https://pickleescape.xyz
Curious what you all think - especially interested in feedback if you've dealt with pickle issues before or know of edge cases we might have missed.
/r/Python
https://redd.it/1ok548a
Substack
We May Have Finally Fixed Python’s 25-Year-Old Vulnerability
A Context Tainting Approach to Mitigate Python Deserialization Attacks
D Monthly Who's Hiring and Who wants to be Hired?
For Job Postings please use this template
>Hiring: [Location\], Salary:[\], [Remote | Relocation\], [Full Time | Contract | Part Time\] and [Brief overview, what you're looking for\]
For Those looking for jobs please use this template
>Want to be Hired: [Location\], Salary Expectation:[\], [Remote | Relocation\], [Full Time | Contract | Part Time\] Resume: [Link to resume\] and [Brief overview, what you're looking for\]
​
Please remember that this community is geared towards those with experience.
/r/MachineLearning
https://redd.it/1okj2rw
For Job Postings please use this template
>Hiring: [Location\], Salary:[\], [Remote | Relocation\], [Full Time | Contract | Part Time\] and [Brief overview, what you're looking for\]
For Those looking for jobs please use this template
>Want to be Hired: [Location\], Salary Expectation:[\], [Remote | Relocation\], [Full Time | Contract | Part Time\] Resume: [Link to resume\] and [Brief overview, what you're looking for\]
​
Please remember that this community is geared towards those with experience.
/r/MachineLearning
https://redd.it/1okj2rw
Reddit
From the MachineLearning community on Reddit
Explore this post and more from the MachineLearning community
R FastJAM: a Fast Joint Alignment Model for Images (NeurIPS 2025)
Hi everyone!
I'm excited to share our NeurIPS 2025 paper "FastJAM: a Fast Joint Alignment Model for Images".
Authors: Omri Hirsch*, Ron Shapira Weber*, Shira Ifergane, Oren Freifeld.
FastJAM is a lightweight graph-based framework for joint image alignment that runs in seconds rather than minutes or hours (for previous works).
Example of FastJAM Joint alignment results:
https://preview.redd.it/nile4xo2m8yf1.jpg?width=1183&format=pjpg&auto=webp&s=9329c8ef0c5dfdafe7f138281ff704028cb0508e
FastJAM reformulates the joint alignment problem using sparse keypoints and graph neural networks (GNNs). By propagating correspondence information across images, FastJAM predicts consistent transformations for an entire collection of images, achieving a large speedup in runtime and better or comparable results across all datasets.
FastJAM GNN Architecture:
https://preview.redd.it/vscp7qdam8yf1.png?width=1302&format=png&auto=webp&s=be944c251ae1faa8b2b1586ebebd7be1ce36e3e3
🌐Project Page
📄Paper
💻GitHub
/r/MachineLearning
https://redd.it/1ojx3wc
Hi everyone!
I'm excited to share our NeurIPS 2025 paper "FastJAM: a Fast Joint Alignment Model for Images".
Authors: Omri Hirsch*, Ron Shapira Weber*, Shira Ifergane, Oren Freifeld.
FastJAM is a lightweight graph-based framework for joint image alignment that runs in seconds rather than minutes or hours (for previous works).
Example of FastJAM Joint alignment results:
https://preview.redd.it/nile4xo2m8yf1.jpg?width=1183&format=pjpg&auto=webp&s=9329c8ef0c5dfdafe7f138281ff704028cb0508e
FastJAM reformulates the joint alignment problem using sparse keypoints and graph neural networks (GNNs). By propagating correspondence information across images, FastJAM predicts consistent transformations for an entire collection of images, achieving a large speedup in runtime and better or comparable results across all datasets.
FastJAM GNN Architecture:
https://preview.redd.it/vscp7qdam8yf1.png?width=1302&format=png&auto=webp&s=be944c251ae1faa8b2b1586ebebd7be1ce36e3e3
🌐Project Page
📄Paper
💻GitHub
/r/MachineLearning
https://redd.it/1ojx3wc
Authentication in Django - Your Opinions
Hello,
I'm on a constant learning path with Django, I want some recommendations from you.
Currently I'm working on a project, to mainly showcase that I can master Authentication in Django.
I implemented Session-based authentication, Oauth2 and JWT Authentication.
I want to know what can I add to this project, to enhance my skills ?
ANY info is helpful.
/r/django
https://redd.it/1okpqcu
Hello,
I'm on a constant learning path with Django, I want some recommendations from you.
Currently I'm working on a project, to mainly showcase that I can master Authentication in Django.
I implemented Session-based authentication, Oauth2 and JWT Authentication.
I want to know what can I add to this project, to enhance my skills ?
ANY info is helpful.
/r/django
https://redd.it/1okpqcu
Reddit
From the django community on Reddit
Explore this post and more from the django community
My type-safe asyncio lib and the fingerprinting guide it spawned
I wanted to share a project that’s been my passion, a
This meant engineering a type-safe core by mapping the entire CDP protocol using
It also required deep research to build the advanced evasion features. I ended up going down the rabbit hole and writing a full manual on modern bot detection (TLS/JA3, Canvas, biometrics), which I'm also sharing: `https://pydoll.tech/docs/deep-dive/fingerprinting/`
The project is OSS and was a massive deep-dive into
/r/Python
https://redd.it/1okypr5
I wanted to share a project that’s been my passion, a
asyncio\-native automation library (pydoll). My main goal was to build a 100% type-safe API on top of the chaotic Chrome DevTools Protocol.This meant engineering a type-safe core by mapping the entire CDP protocol using
TypedDicts. This gives the user full IDE autocomplete for every command and event. I wrote about that design philosophy here: `https://pydoll.tech/docs/deep-dive/fundamentals/typing-system/`It also required deep research to build the advanced evasion features. I ended up going down the rabbit hole and writing a full manual on modern bot detection (TLS/JA3, Canvas, biometrics), which I'm also sharing: `https://pydoll.tech/docs/deep-dive/fingerprinting/`
The project is OSS and was a massive deep-dive into
asyncio and typing. I'd love your feedback on the architecture./r/Python
https://redd.it/1okypr5
Reddit
From the Python community on Reddit
Explore this post and more from the Python community
Will we ever see decent typing support in Django?
Yes, there are the django stubs, but they are definitely not exhaustive.
Do you think Django will ever have first-class support for typing, especially as it seems like the Python ecosystem as a whole is moving in this direction?
/r/django
https://redd.it/1oktb8f
Yes, there are the django stubs, but they are definitely not exhaustive.
Do you think Django will ever have first-class support for typing, especially as it seems like the Python ecosystem as a whole is moving in this direction?
/r/django
https://redd.it/1oktb8f
Reddit
From the django community on Reddit
Explore this post and more from the django community
State of Django 2025 from JetBrains
A new set of survey results just dropped, this time in the form of Django-specific data gathered by JetBrains:
[Django Developers Survey 2025 Results](https://lp.jetbrains.com/django-developer-survey-2025/)
Some key takeaways:
* HTMX and Alpine.js are the fastest-growing JavaScript frameworks used with Django.
* HTMX is fantastic - my personal take ;)
* 38% of developers use AI to learn Django.
* 3 out of 4 Django developers have 3+ years of professional coding experience.
* 63% already use type hints, and more plan to.
* This is good. Type hints were a good idea.
* 76% use PostgreSQL as their database backend.
/r/Python
https://redd.it/1ol145x
A new set of survey results just dropped, this time in the form of Django-specific data gathered by JetBrains:
[Django Developers Survey 2025 Results](https://lp.jetbrains.com/django-developer-survey-2025/)
Some key takeaways:
* HTMX and Alpine.js are the fastest-growing JavaScript frameworks used with Django.
* HTMX is fantastic - my personal take ;)
* 38% of developers use AI to learn Django.
* 3 out of 4 Django developers have 3+ years of professional coding experience.
* 63% already use type hints, and more plan to.
* This is good. Type hints were a good idea.
* 76% use PostgreSQL as their database backend.
/r/Python
https://redd.it/1ol145x
JetBrains: Developer Tools for Professionals and Teams
Django Developers Survey 2025 Results
Official Django Developers Survey 2025 Results by Django Software Foundation and JetBrains: around 4,600 responses.
Saturday Daily Thread: Resource Request and Sharing! Daily Thread
# Weekly Thread: Resource Request and Sharing 📚
Stumbled upon a useful Python resource? Or are you looking for a guide on a specific topic? Welcome to the Resource Request and Sharing thread!
## How it Works:
1. Request: Can't find a resource on a particular topic? Ask here!
2. Share: Found something useful? Share it with the community.
3. Review: Give or get opinions on Python resources you've used.
## Guidelines:
Please include the type of resource (e.g., book, video, article) and the topic.
Always be respectful when reviewing someone else's shared resource.
## Example Shares:
1. Book: "Fluent Python" \- Great for understanding Pythonic idioms.
2. Video: Python Data Structures \- Excellent overview of Python's built-in data structures.
3. Article: Understanding Python Decorators \- A deep dive into decorators.
## Example Requests:
1. Looking for: Video tutorials on web scraping with Python.
2. Need: Book recommendations for Python machine learning.
Share the knowledge, enrich the community. Happy learning! 🌟
/r/Python
https://redd.it/1ola3n2
# Weekly Thread: Resource Request and Sharing 📚
Stumbled upon a useful Python resource? Or are you looking for a guide on a specific topic? Welcome to the Resource Request and Sharing thread!
## How it Works:
1. Request: Can't find a resource on a particular topic? Ask here!
2. Share: Found something useful? Share it with the community.
3. Review: Give or get opinions on Python resources you've used.
## Guidelines:
Please include the type of resource (e.g., book, video, article) and the topic.
Always be respectful when reviewing someone else's shared resource.
## Example Shares:
1. Book: "Fluent Python" \- Great for understanding Pythonic idioms.
2. Video: Python Data Structures \- Excellent overview of Python's built-in data structures.
3. Article: Understanding Python Decorators \- A deep dive into decorators.
## Example Requests:
1. Looking for: Video tutorials on web scraping with Python.
2. Need: Book recommendations for Python machine learning.
Share the knowledge, enrich the community. Happy learning! 🌟
/r/Python
https://redd.it/1ola3n2
YouTube
Data Structures and Algorithms in Python - Full Course for Beginners
A beginner-friendly introduction to common data structures (linked lists, stacks, queues, graphs) and algorithms (search, sorting, recursion, dynamic programming) in Python. This course will help you prepare for coding interviews and assessments.
🔗 Course…
🔗 Course…
Open-source Django portfolio (UI generated by lovable from my sketch)
https://redd.it/1olfvyl
@pythondaily
https://redd.it/1olfvyl
@pythondaily
Reddit
From the django community on Reddit: Open-source Django portfolio (UI generated by lovable from my sketch)
Explore this post and more from the django community