AI code review pitfalls, Django performance wins, Python’s lazy imports story, and sharp edges in today’s tooling.

Django News

This Django newsletter covers a supply chain attack on PyPI packages highlighting the need for dependency locking, the PyCon US 2026 schedule going live, DSF board updates, and Wagtail CMS tutorials. Articles include Python's lazy imports journey from PEP 690 rejection to PEP 810 acceptance, AI code review pitfalls with database indexes, Django ORM performance improvements by removing redundant indexes, SHA pinning limitations in GitHub Actions, and OpenAI's acquisition of Astral (makers of uv). Community events include DjangoCon Europe in Athens and DjangoCon US in Chicago.

Supply Chain Wake-Up Call