Stay where you are, but stay secure
CodeStasis updates legacy Django versions by backporting and writing patches to fix security vulnerabilities, data loss bugs, and other issues.
With CodeStasis you can stay on the same old Django version for as long as you need, but still receive security updates and critical bug fixes. Read more »
Django is fantastic and well managed, but has reasonably decided that the huge effort of supporting old versions for a long time is too much work for a community project.
I've built and worked on countless Django applications in the past twelve years and seen many important codebases rely on old and unsupported versions of Django.
These applications should be kept patched and secure, but for many reasons they can't or won't be updated to use current releases.
Common reasons for not upgrading are:
- the cost outweighs the benefit
- limited budgets and overloaded developers
- the codebase is painted into a corner with technical debt
- an application is "done", feature-complete, and does everything it needs to
- missing awareness that security vulnerabilities (CVEs) or data loss bugs are discovered over time and need patching, even after support has ended for old versions
CodeStasis Django is drop-in replacement. A one-liner brings your old Django install up-to-date. E.g.
pip install --upgrade --extra-index-url https://pypi.codestasis.com/trial-t0ken/ Django~=2.1.19
Read the docs to learn how to use CodeStasis Django in your deployment scenario. Pip, Poetry or pipenv; Docker, CI pipelines, upgrades, and extra security.