Upgrade Django to 4.2.10

checks/probes.py

@@ -1,7 +1,7 @@
 # Copyright: 2022, ECP, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
 from django.conf import settings
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 
 from checks import categories
 from checks.categories import MailTlsStarttlsExists, WebTlsHttpsExists

interface/batch/util.py

@@ -195,7 +195,7 @@ def get_user_from_request(request):
     DB) return the relevant user object from the DB.
 
     """
-    username = request.META.get("REMOTE_USER") or request.META.get("HTTP_REMOTE_USER")
+    username = request.META.get("REMOTE_USER") or request.headers.get("remote-user")
     if not username:
         username = getattr(settings, "BATCH_TEST_USER", None)
     user, created = BatchUser.objects.get_or_create(username=username)

interface/conntesturls/ipv4_urls.py

@@ -1,9 +1,9 @@
 # Copyright: 2022, ECP, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
-from django.conf.urls import url
+from django.urls import path
 
 from interface.views.connection import network_ipv4
 
 urlpatterns = [
-    url(r"^$", network_ipv4),
+    path("", network_ipv4),
 ]

interface/conntesturls/ipv6_urls.py

@@ -1,9 +1,9 @@
 # Copyright: 2022, ECP, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
-from django.conf.urls import url
+from django.urls import path
 
 from interface.views.connection import aaaa_ipv6
 
 urlpatterns = [
-    url(r"^$", aaaa_ipv6),
+    path("", aaaa_ipv6),
 ]

interface/conntesturls/resolver_urls.py

@@ -1,9 +1,9 @@
 # Copyright: 2022, ECP, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
-from django.conf.urls import url
+from django.urls import path
 
 from interface.views.connection import network_resolver
 
 urlpatterns = [
-    url(r"^$", network_resolver),
+    path("", network_resolver),
 ]

interface/templatetags/translate.py

@@ -6,7 +6,7 @@
 from django import template
 from django.conf import settings
 from django.template import Template
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 
 from checks.scoring import (
     STATUS_ERROR,

interface/urls.py

@@ -1,7 +1,7 @@
 # Copyright: 2022, ECP, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
 from django.conf import settings
-from django.conf.urls import url
+from django.urls import path, re_path
 from django.conf.urls.static import static
 
 from interface import views
@@ -17,118 +17,118 @@
 )
 
 urlpatterns = [
-    url(r"^$", views.indexpage),
-    url(r"^statistics/(?P<start_date>[0-9]{8})/(?P<end_date>[0-9]{8})/$", stats.statistics),
-    url(r"^copyright/$", views.copyrightpage),
-    url(r"^faqs/$", views.faqindexpage),
-    url(r"^faqs/report/$", views.faqreport, name="faqs_report"),
-    url(r"^faqs/badges/$", views.faqbadges, name="faqs_badges"),
-    url(r"^faqs/(?P<subject>[a-zA-Z0-9\-]{1,40})/$", views.faqarticlepage),
-    url(r"^usage/$", views.indexpage),
-    url(r"^widget-site/$", views.widgetsitepage),
-    url(r"^widget-mail/$", views.widgetmailpage),
-    url(r"^halloffame/$", views.hofchampionspage),
-    url(r"^halloffame/web/$", views.hofwebpage),
-    url(r"^halloffame/mail/$", views.hofmailpage),
-    url(r"^test-connection/$", views.testconnectionpage),
-    url(r"^connection/$", connection.index),
-    url(r"^(connection|conn)/gettestid/$", connection.gettestid),
-    url(rf"^(connection|conn)/finished/{regex_testid}$", connection.finished),
-    url(rf"^(connection|conn)/addr-test/{regex_testid}/$", connection.addr_ipv6),
-    url(rf"^(connection|conn)/{regex_testid}/results$", connection.results),
-    url(r"^test-site/$", views.testsitepage),
-    url(r"^(domain|site)/$", domain.index),
-    url(rf"^(domain|site)/{regex_dname}/$", domain.siteprocess),
-    url(rf"^(domain|site)/probes/{regex_dname}/$", domain.siteprobesstatus),
-    url(rf"^(domain|site)/(?P<probename>(ipv6|tls|dnssec|appsecpriv))/{regex_dname}/$", domain.siteprobeview),
-    url(rf"^(domain|site)/{regex_dname}/results$", domain.resultscurrent),
-    url(r"^(domain|site)/(?P<dname>.*)/(?P<id>[0-9]+)/$", domain.resultsstored, name="webtest_results"),
+    path("", views.indexpage),
+    re_path(r"^statistics/(?P<start_date>[0-9]{8})/(?P<end_date>[0-9]{8})/$", stats.statistics),
+    path("copyright/", views.copyrightpage),
+    path("faqs/", views.faqindexpage),
+    path("faqs/report/", views.faqreport, name="faqs_report"),
+    path("faqs/badges/", views.faqbadges, name="faqs_badges"),
+    re_path(r"^faqs/(?P<subject>[a-zA-Z0-9\-]{1,40})/$", views.faqarticlepage),
+    path("usage/", views.indexpage),
+    path("widget-site/", views.widgetsitepage),
+    path("widget-mail/", views.widgetmailpage),
+    path("halloffame/", views.hofchampionspage),
+    path("halloffame/web/", views.hofwebpage),
+    path("halloffame/mail/", views.hofmailpage),
+    path("test-connection/", views.testconnectionpage),
+    path("connection/", connection.index),
+    re_path(r"^(connection|conn)/gettestid/$", connection.gettestid),
+    re_path(rf"^(connection|conn)/finished/{regex_testid}$", connection.finished),
+    re_path(rf"^(connection|conn)/addr-test/{regex_testid}/$", connection.addr_ipv6),
+    re_path(rf"^(connection|conn)/{regex_testid}/results$", connection.results),
+    path("test-site/", views.testsitepage),
+    re_path(r"^(domain|site)/$", domain.index),
+    re_path(rf"^(domain|site)/{regex_dname}/$", domain.siteprocess),
+    re_path(rf"^(domain|site)/probes/{regex_dname}/$", domain.siteprobesstatus),
+    re_path(rf"^(domain|site)/(?P<probename>(ipv6|tls|dnssec|appsecpriv))/{regex_dname}/$", domain.siteprobeview),
+    re_path(rf"^(domain|site)/{regex_dname}/results$", domain.resultscurrent),
+    re_path(r"^(domain|site)/(?P<dname>.*)/(?P<id>[0-9]+)/$", domain.resultsstored, name="webtest_results"),
     # Non valid domain, convert to punycode and try again
     # these url()s should always be the last in the ^domain/ group
-    url(r"^(domain|site)/(?P<dname>.*)/$", domain.validate_domain),
-    url(r"^(domain|site)/(?P<dname>.*)/results$", domain.validate_domain),
-    url(r"^test-mail/$", views.testmailpage),
-    url(r"^mail/$", mail.index),
-    url(rf"^mail/{regex_mailaddr}/$", mail.mailprocess),
-    url(rf"^mail/probes/{regex_dname}/$", mail.siteprobesstatus),
-    url(rf"^mail/(?P<probename>(ipv6|auth|dnssec|tls))/{regex_mailaddr}/$", mail.mailprobeview),
-    url(rf"^mail/{regex_mailaddr}/results$", mail.resultscurrent),
-    url(r"^mail/(?P<dname>.*)/(?P<id>[0-9]+)/$", mail.resultsstored, name="mailtest_results"),
+    re_path(r"^(domain|site)/(?P<dname>.*)/$", domain.validate_domain),
+    re_path(r"^(domain|site)/(?P<dname>.*)/results$", domain.validate_domain),
+    path("test-mail/", views.testmailpage),
+    path("mail/", mail.index),
+    re_path(rf"^mail/{regex_mailaddr}/$", mail.mailprocess),
+    re_path(rf"^mail/probes/{regex_dname}/$", mail.siteprobesstatus),
+    re_path(rf"^mail/(?P<probename>(ipv6|auth|dnssec|tls))/{regex_mailaddr}/$", mail.mailprobeview),
+    re_path(rf"^mail/{regex_mailaddr}/results$", mail.resultscurrent),
+    re_path(r"^mail/(?P<dname>.*)/(?P<id>[0-9]+)/$", mail.resultsstored, name="mailtest_results"),
     # Non valid mail, convert to punycode and try again
     # these url()s should always be the last in the ^mail/ group
-    url(r"^mail/(?P<mailaddr>.*)/$", mail.validate_domain),
-    url(r"^mail/(?P<mailaddr>.*)/results$", mail.validate_domain),
-    url(rf"^clear/{regex_dname}/$", views.clear),
-    url(r"^change_language/$", views.change_language, name="change_language"),
+    re_path(r"^mail/(?P<mailaddr>.*)/$", mail.validate_domain),
+    re_path(r"^mail/(?P<mailaddr>.*)/results$", mail.validate_domain),
+    re_path(rf"^clear/{regex_dname}/$", views.clear),
+    path("change_language/", views.change_language, name="change_language"),
 ]
 
 if settings.INTERNETNL_BRANDING:
     urlpatterns += [
-        url(r"^contact/$", views.indexpage),
-        url(r"^blogs/$", views.blogindexpage),
-        url(r"^blogs/(?P<addr>[a-zA-Z0-9\-]{1,40})/$", views.blogarticlepage),
-        url(r"^blogs/(?P<author>[a-zA-Z0-9\-]{1,40})/(?P<article>[a-zA-Z0-9\-]{1,80})/$", views.blogarticlepage),
-        url(r"^news/$", views.newsindexpage),
-        url(r"^news/(?P<article>[a-zA-Z0-9\-]{1,80})/$", views.newsarticlepage),
-        url(r"^articles/$", views.articleindexpage),
-        url(r"^article/$", views.articlespage),
-        url(r"^article/(?P<article>[a-zA-Z0-9\.\-]{1,80})/$", views.articlepage),
-        url(r"^about/$", views.aboutpage),
-        url(r"^disclosure/$", views.disclosurepage),
-        url(r"^privacy/$", views.privacypage),
+        path("contact/", views.indexpage),
+        path("blogs/", views.blogindexpage),
+        re_path(r"^blogs/(?P<addr>[a-zA-Z0-9\-]{1,40})/$", views.blogarticlepage),
+        re_path(r"^blogs/(?P<author>[a-zA-Z0-9\-]{1,40})/(?P<article>[a-zA-Z0-9\-]{1,80})/$", views.blogarticlepage),
+        path("news/", views.newsindexpage),
+        re_path(r"^news/(?P<article>[a-zA-Z0-9\-]{1,80})/$", views.newsarticlepage),
+        path("articles/", views.articleindexpage),
+        path("article/", views.articlespage),
+        re_path(r"^article/(?P<article>[a-zA-Z0-9\.\-]{1,80})/$", views.articlepage),
+        path("about/", views.aboutpage),
+        path("disclosure/", views.disclosurepage),
+        path("privacy/", views.privacypage),
     ]
 
 # Host-urls that are accessible by host-only, which should be approachable by developers as well during
 # development (although your DNS is probably not set correctly to deal with the tests.
 # This is not enabled by default because it returns the ip address (pii) of the requester.
 if settings.DEBUG:
     urlpatterns += [
-        url(r"^network_ipv4/(?P<test_id>[0-9abcdef]+)/$", views.connection.network_ipv4),
-        url(r"^network_ipv6/(?P<test_id>[0-9abcdef]+)/$", views.connection.network_ipv6),
-        url(r"^network_resolver/(?P<test_id>[0-9abcdef]+)/$", views.connection.network_resolver),
+        re_path(r"^network_ipv4/(?P<test_id>[0-9abcdef]+)/$", views.connection.network_ipv4),
+        re_path(r"^network_ipv6/(?P<test_id>[0-9abcdef]+)/$", views.connection.network_ipv6),
+        re_path(r"^network_resolver/(?P<test_id>[0-9abcdef]+)/$", views.connection.network_resolver),
     ]
 
 if hasattr(settings, "MANUAL_HOF") and settings.MANUAL_HOF:
     for key in settings.MANUAL_HOF:
         urlpatterns += [
-            url(rf"^halloffame/(?P<manual_url>{key})/$", views.hofmanualpage),
+            re_path(rf"^halloffame/(?P<manual_url>{key})/$", views.hofmanualpage),
         ]
 
 if hasattr(settings, "HAS_ACCESSIBILITY_PAGE") and settings.HAS_ACCESSIBILITY_PAGE:
     urlpatterns += [
-        url(r"^accessibility/$", views.accessibility),
+        path("accessibility/", views.accessibility),
     ]
 
 if settings.ENABLE_BATCH is True:
     urlpatterns += [
-        url(
+        re_path(
             rf"^api/batch/v{BATCH_API_MAJOR_VERSION}/requests$",
             batch.endpoint_requests,
             name="batch_endpoint_requests",
         ),
-        url(
+        re_path(
             rf"^api/batch/v{BATCH_API_MAJOR_VERSION}/requests/{regex_testid}$",
             batch.endpoint_request,
             name="batch_endpoint_request",
         ),
-        url(
+        re_path(
             rf"^api/batch/v{BATCH_API_MAJOR_VERSION}/requests/{regex_testid}/results$",
             batch.endpoint_results,
             name="batch_endpoint_results",
         ),
-        url(
+        re_path(
             rf"^api/batch/v{BATCH_API_MAJOR_VERSION}/requests/{regex_testid}/results_technical$",
             batch.endpoint_results_technical,
             name="batch_endpoint_results_technical",
         ),
-        url(
+        re_path(
             rf"^api/batch/v{BATCH_API_MAJOR_VERSION}/metadata/report$",
             batch.endpoint_metadata_report,
             name="batch_endpoint_metadata_report",
         ),
-        url(r"^api/batch/openapi.yaml$", batch.documentation, name="batch_documentation"),
+        re_path(r"^api/batch/openapi.yaml$", batch.documentation, name="batch_documentation"),
         # The following should always be the last to catch now-invalid urls.
-        url(r"^api/batch/", batch.old_url, name="batch_old"),
+        re_path(r"^api/batch/", batch.old_url, name="batch_old"),
     ]
 
 # Serve static files for development, for production `whitenoise` app is used and the webserver is

interface/views/__init__.py

@@ -7,7 +7,7 @@
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import redirect, render
 from django.utils import translation
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 
 from interface import redis_id, simple_cache_page
 from interface.views.shared import (

interface/views/connection.py

@@ -10,7 +10,7 @@
 from django.core.cache import cache
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 from django_redis import get_redis_connection
 
 import unbound

interface/views/domain.py

@@ -7,7 +7,7 @@
 from django.core.cache import cache
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 
 from checks.models import (
     AutoConfOption,

interface/views/mail.py

@@ -7,7 +7,7 @@
 from django.core.cache import cache
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 
 from checks.models import (
     AutoConfOption,

interface/views/shared.py

@@ -18,7 +18,7 @@
 from django.shortcuts import render
 from django.utils import timezone
 from django.utils.http import url_has_allowed_host_and_scheme
-from django.utils.translation import ugettext as _
+from django.utils.translation import gettext as _
 
 import unbound
 
@@ -146,7 +146,7 @@ def get_client_ip(request):
 
     """
     if settings.DJANGO_IS_PROXIED:
-        ip = request.META.get("HTTP_X_FORWARDED_FOR", None)
+        ip = request.headers.get("x-forwarded-for", None)
     else:
         ip = request.META.get("REMOTE_ADDR")
     return ip

internetnl/custom_middlewares.py

@@ -24,7 +24,7 @@ def process_request(self, request):
         if translation.check_for_language(current_language):
             request.current_language_code = current_language
         else:
-            request.current_language_code = self.get_preferred_language(request.META.get("HTTP_ACCEPT_LANGUAGE", ""))
+            request.current_language_code = self.get_preferred_language(request.headers.get("accept-language", ""))
         translation.activate(request.current_language_code)
 
     def get_preferred_language(self, http_accept_language):

internetnl/urls.py

@@ -1,15 +1,15 @@
 # Copyright: 2022, ECP, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
 from django.conf import settings
-from django.conf.urls import include, url
+from django.urls import include, path, re_path
 from django.contrib import admin
 
 urlpatterns = [
-    url(r"^", include("interface.urls")),
+    path("", include("interface.urls")),
 ]
 handler404 = "interface.views.page404"
 
 if settings.DEBUG is True:
     urlpatterns += [
-        url(r"^admin/", admin.site.urls),
+        re_path(r"^admin/", admin.site.urls),
     ]

requirements.in

@@ -2,9 +2,8 @@
 # virtual environments
 wheel
 
-# The current LTS of django is 3.2, see: https://www.djangoproject.com/download/#supported-versions
-# We'll probably wait until 4.2 LTS to be available for the next upgrade.
-Django<4
+# The current LTS of django is 4.2, see: https://www.djangoproject.com/download/#supported-versions
+Django<5
 
 django-redis<5
 

requirements.txt

@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --resolver=backtracking requirements.in
+#    pip-compile requirements.in
 #
 amqp==5.1.1
     # via kombu
@@ -56,7 +56,7 @@ colorlog==6.7.0
     # via -r requirements.in
 cryptography==38.0.4
     # via -r requirements.in
-django==3.2.24
+django==4.2.10
     # via
     #   -r requirements.in
     #   django-bleach
@@ -150,8 +150,6 @@ python-dateutil==2.8.2
     #   sectxt
 pythonwhois-internet-nl @ https://github.com/internetstandards/python-whois/releases/download/v1.0.0/pythonwhois-internet.nl-1.0.0.tar.gz
     # via -r requirements.in
-pytz==2023.3
-    # via django
 pyyaml==6.0.1
     # via -r requirements.in
 redis==5.0.0