Menu improvements in django-prose-editor

I have repeatedly mentioned the django-prose-editor project in my weeknotes but I haven't written a proper post about it since rebuilding it on top of Tiptap at the end of 2024.

Much has happened in the meantime. A lot of work went into the menu system (as alluded to in the title of this post), but by no means does that cover all the work. As always, the CHANGELOG is the authoritative source.

0.11 introduced HTML sanitization which only allows HTML tags and attributes which can be added through the editor interface. Previously, we used nh3 to clean up HTML and protect against XSS, but now we can be much more strict and use a restrictive allowlist.

We also switched to using ES modules and importmaps in the browser.

Last but not least 0.11 also introduced end-to-end testing using Playwright.

The main feature in 0.12 was the switch to Tiptap 3.0 which fixed problems with shared extension storage when using several prose editors on the same page.

In 0.13 we switched from esbuild to rslib. Esbuild's configuration is nicer to look at, but rslib is built on the very powerful rspack which I'm using everywhere.

In 0.14, 0.15 and 0.16 the Menu extension was made more reusable and the way extension can register their own menu items was reworked.

The upcoming 0.17 release (alpha releases are available and I'm using them in production right now!) is a larger release again and introduces a completely reworked menu system. The menu now not only supports button groups and dialogs but also dropdowns directly in the toolbar. This allows for example showing a dropdown for block types:

The styles are the same as those used in the editor interface.

The same interface can not only be used for HTML elements, but also for HTML classes. Tiptap has a TextStyle extension which allows using inline styles; I'd rather have a more restricted way of styling spans, and the prose editor TextClass extension does just that: It allows applying a list of predefined CSS classes to <span> elements. Of course the dropdown also shows the resulting presentation if you provide the necessary CSS to the admin interface.

23 Aug 2025 5:00pm GMT

News

State of Python 2025 Is Out!

Explore the key trends and actionable ideas from the latest Python Developers Survey, which was conducted jointly by the Python Software Foundation and JetBrains PyCharm and includes insights from over 30,000 developers.

jetbrains.com

PyPI now serves project status markers in API responses

PyPI now exposes standardized project status markers through its HTML and JSON index APIs, enabling package installers to programmatically signal dependency status and manage installations.

pypi.org

Preventing Domain Resurrection Attacks

PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take an account through password resets.

pypi.org

Updates to Django

Today "Updates to Django" is presented by Velda Kiara from Django Events Foundation North America (DEFNA)! 🚀

Last week we had 15 pull requests merged into Django by 10 different contributors - including a first-time contributor! Congratulations to Rohit for having their first commits merged into Django - welcome on board!

Django Core Updates ✨

• Fix to Subquery.resolve_expression() output field handling which corrects how Django determines the output_field in subqueries. This adjustment restores consistent and predictable query behavior.

• Template partials arrive in DTL adds two new tags, partial and partialdef, that let developers define and reuse named chunks of templates. This brings cleaner organization and modularity to template design

Community Updates 🦄

Want to celebrate Django's birthday with fellow Djangonauts? Head over to the Django20 website to attend one of the birthday celebrations to a city near you.

That's all for this week in Django development! 🐍🦄

Django Newsletter

Wagtail CMS

Wagtail Space 2025 is a go!

Wagtail Space 2025 is a free three-day Zoom event featuring lightning talks and networking to shape future Wagtail improvements.

wagtail.org

Sponsored Link 1

AI-Powered Django Development & Consulting

REVSYS specializes in integrating powerful AI technologies, including GPT-5, directly into your Django applications. We help bring modern, intelligent features to your project that boost user engagement and streamline content workflows.

revsys.com

Articles

Sometimes LFU > LRU

Stop letting bot traffic evict your customers' sessions. A simple Redis configuration switch from LRU to LFU solved our crawler problem, with a Django configuration example.

revsys.com

Python Namespace Packages are a pain

Ensuring init.py is present in every directory prevents ambiguous namespace packages, streamlines module imports, and mitigates cryptic errors in Python packaging.

joshcannon.me

DjangoCon Africa x UbuCon 2025 Reflections: Stay For The Community

DjangoCon Africa x UbuCon 2025 underlines robust community collaboration, open-source initiative growth and challenges in sustaining African Django development through engaging sprints and talks.

scribe.rip

Customize your IPython shell in Docker

Customize your IPython shell in Docker with tailored profiles and startup scripts that streamline Django shell_plus debugging, imports, and UUID extraction workflows.

frankwiles.com

Best Python Books (2025)

An up-to-date list of the best books for learning Python.

wsvincent.com

Events

Friends of PyCon Africa Livestream

Join the August 30th livestream celebrating the vibrant Python community across Africa! This isn't your typical webinar - it's a dynamic, fun-filled conversation where Python community members will drop in and out throughout the event, sharing their stories, projects, and passion for Python.

Guests include Carlton Gibson, Dawn Wages, Michael Kennedy, Sarah Abderemane, and more.

pycon.org

Be Part of Something Amazing: Volunteer at DjangoCon US 2025 in Chicago!

Join DjangoCon US 2025 as a volunteer in Chicago to gain insider event management experience, expand your network, and strengthen the Django community.

djangocon.us

Videos

Talk Python Live Stream: Celebrating Django's 20th Birthday with its Creators

A discussion of Django's past, present, and future featuring Adrian Holovaty, Simon Willison, Thibaud Colas, Jeff Triplett, Will Vincent, and Michael Kennedy.

youtube.com

"How a Solo Hobbyist Learned to Love Testing" - Carl James

PyOhio talk on slowly integrating testing into Django apps and, by proxy, learning more about the underlying libraries along the way.

youtu.be

DjangoCon Videos

Logs, shells, caches and other strange words we use daily

This insightful talk reveals the unexpected origins of computing terms, linking historical context to modern software engineering practices relevant to Django experts.

djangotv.com

Sponsored Link 2

Sponsor this newsletter!

django-news.com

Podcasts

Django Brew #6: Celebrating 20 Years of Django

A podcast episode celebrates Django's 20th anniversary using trivia, reflections, and community updates to engage developers with historical highlights and events.

djangobrew.com

Test & Code | 238: So Long, and Thanks for All the Fish

Brian Okken reflects on a decade of Python testing and podcasting, sharing lessons learned and inviting continued engagement via his Python platforms. A farewell to a fun 10 years.

testandcode.com

Django News Jobs

Senior Python Developer at Basalt Health 🆕

Senior Full Stack Engineer at Lyst 🆕

Backend Python Software Engineer (Hybrid) at NVIDIA 🆕

Senior Python Developer at Brightwater

Senior Backend Engineer at Prowler

Django Newsletter

Projects

joshuadavidthomas/mcp-django-shell

MCP server providing a stateful Django shell for AI assistants.

github.com

edelvalle/djhtmx

Interactive UI components for Django using htmx.org.

github.com

---

This RSS feed is published on https://django-news.com/. You can also subscribe via email.

22 Aug 2025 3:00pm GMT

Another short one today, that is a pattern I have noticed in a couple pieces of software I use, notably Todoist, Slack & Vivaldi. All three of these allow a user to configure the menu options to some degree. Slack has the option to customise the navigation options shown within a particular workspace to optimise the experience for a user. Todoist takes this a step further in the mobile app to allow a user to sort the menu items.

Browsers have always had a great experience of customisation, but Vivaldi takes this to an awesome extreme by allowing a user to customise each and every possible context menu, giving true flexability to their users.

Personally I have never considered the power of this and wonder if there are any efficient implementation of this for Django without creating a huge amount of complexity. The naive default solution would likely involve a model and a context processor and/or a middleware, it might be something I add in my next project, if we feel it would be beneficial to our users.

18 Aug 2025 5:00am GMT