Django 2.2.19 security update

When Django issues security releases, the release manager updates the pinned Django versions in the appropriate community release repos.

I just did that for Django 2.2.19, released today. The open-release/koa.master branch is updated.


I’m trying to record how release tasks get done, so:

I have a directory with the 33 branched koa repos checked out, and I have the gittree and gittreeif bash functions available in my shell.

Then:

export BRANCH=open-release/koa.master
export NEWVER=2.2.19
gittree git fetch --all
gittreeif origin/$BRANCH "git checkout $BRANCH; git pull; git status -s -b"
gittreeif origin/$BRANCH git branch --set-upstream-to=origin/$BRANCH $BRANCH
# Eyeball the current Django state
gittreeif origin/$BRANCH -q pwd | while read d; do rg -i '^django==' -g '*.in' -g '*.txt' $d | sed 's/#.*//'; done
# Create a shell script to make the change
gittreeif origin/$BRANCH -q pwd | while read d; do rg -n -i '^django==2\.2\.' -g '*.in' -g '*.txt' $d | awk -F: "{print \"sed -E -i '' '\" \$2 \"s/==2\\\\.2\\\\.[0-9]+/==$NEWVER/' \" \$1 \"   # \" \$3}" ; done > /tmp/doit.sh
# Run the shell script
source /tmp/doit.sh
# Eyeball what the shell script did
gittreeif origin/$BRANCH git status -s -b
GIT_PAGER=cat gittreeif origin/$BRANCH git diff
# Commit the changes
gittreeif origin/$BRANCH git commit -am "chore: upgrade Django to $NEWVER"
gittreeif origin/$BRANCH git push
# Check that everything is clean.
gittreeif origin/$BRANCH git status -s -b
3 Likes

I will be honest I had not looked at your instructions or bash functions yet. And each time there was a new Django security update, I needed to do some things manually in our fork.

This morning I just looked at them and adapted them for our fork. Well, I needed to run “brew install ripgrep” because I didn’t have “rg” installed on my mac, but apart from that, very nice indeed!

Thanks Ned for sharing the instructions and your gittree and gittreeif bash functions. Incredibly useful.

1 Like

Recently we also had a django-debug-toolbar upgrade, so I further generalized the patch application steps:

# Define the branch to work on
export BRANCH=open-release/lilac.master
# What package are we upgrading? From what maj.min to what new version?
export PKG=Django OLDMAJ=2 OLDMIN=2 NEWVER=2.2.23
gittree git fetch --all
gittreeif origin/$BRANCH "git switch $BRANCH; git pull; git status -s -b"
gittreeif origin/$BRANCH git branch --set-upstream-to=origin/$BRANCH $BRANCH
# Eyeball the current state
gittreeif origin/$BRANCH -q pwd | while read d; do rg -i "^${PKG}==" -g '*.in' -g '*.txt' $d | sed 's/#.*//'; done
# Create a shell script to make the change
gittreeif origin/$BRANCH -q pwd | while read d; do rg -n -i "^${PKG}==${OLDMAJ}\.${OLDMIN}" -g '*.in' -g '*.txt' $d | awk -F: "{print \"sed -E -i '' '\" \$2 \"s/==${OLDMAJ}\\\\.${OLDMIN}(\\\\.[0-9]+)?/==$NEWVER/' \" \$1 \"   # \" \$3}" ; done > /tmp/doit.sh
# Run the shell script
source /tmp/doit.sh
# Eyeball what the shell script did
gittreeif origin/$BRANCH git status -s -b
GIT_PAGER=cat gittreeif origin/$BRANCH git diff
# Commit the changes
gittreeif origin/$BRANCH git commit -am "chore: upgrade ${PKG} to ${NEWVER}"
gittreeif origin/$BRANCH git push
# Check that everything is clean.
gittreeif origin/$BRANCH git status -s -b
1 Like