Skip to content

2.21.0 — Gunicorn in production (catch-up release since 2.9.0)

Latest

Choose a tag to compare

@jonfroehlich jonfroehlich released this 23 Jun 18:03

This is a catch-up release: deploy tags have run well ahead of published GitHub Releases (the last was 2.9.0), so these notes roll up the major work shipped across 2.102.21. The headline change in 2.21.0 itself is moving production onto Gunicorn.

2.21.0 — Production-grade serving

  • Gunicorn replaces Django's dev runserver on test & prod (#1034). We'd been running the development server in production since 2017, which Django's docs explicitly warn against (unaudited for security/performance). Gunicorn brings managed workers, crash recovery, and request timeouts. The swap is fully inside the container — Apache still reverse-proxies and serves static/media — so nothing changed for visitors except robustness.
  • /version/ now reports the live WSGI server (and already exposed git SHA + build time, #1366), so a deploy can be confirmed at a glance.

Highlights since 2.9.0

Admin & content management

  • Restructured admin access into personal accounts + permission groups (#1125): Editors (full content) and Contributors (submit/review, no deletes); account/Grant/Award admin reserved for superusers.
  • Replaced CKEditor 4 with django-prose-editor (#1269) — removed an EOL editor with unpatched XSS, unblocking the path to newer Django; legacy news images made responsive.
  • Admin changelist performance + usability pass (#1346), photo/upload guards so files survive validation errors (#248, #1346), banner management in admin (#1082), poster/talk preview popovers (#840), media-integrity row action (#1376).

Analytics, SEO & social

  • Migrated to native GA4 analytics (#855).
  • SEO/social metadata overhaul: Open Graph/canonical/meta-description fallbacks, sitemap lastmod + scheme fixes, search-console docs (#1236, #1142, #1324, #1313).

Accessibility

  • Reduced-motion support (pauses video/animated logo) (#1294), related-project alt text (#1020), banner cross-fade blink fix (#1010), mobile section-nav and project-listing overflow fixes (#1331, #1367).

Data integrity

  • De-duplicated duplicate people and colliding url_names (#1275, #1206); PI/Co-PI project data-health checks (#1182); link/propagate artifacts to their publication's projects (#649).

Infrastructure & testing

  • Custom 404 page (#1190), upload file-type validation (#6), test-coverage backfill + Pa11y CI + factory_boy fixtures (#1278, #1272), CI guard against multi-line {# #} template comments.

Full commit history: 2.9.0...2.21.0