by Martin Breuss Publication date Dec 08, 2025 Reading time estimate 18m community news

A lot happened last month in the world of Python! The core developers pushed ahead on Python 3.15, accepting PEP 810 to bring explicit lazy imports to the language. PyPI tightened account security, Django 6.0 landed with a slew of new features while celebrating twenty years of releases, and the Python Software Foundation (PSF) laid out its financial outlook and kicked off a year-end fundraiser.

Let’s dive into the biggest Python news from the past month!

Python Releases and PEP Highlights

Last month brought forward movement on Python 3.15, with a new alpha release and a major PEP acceptance. Windows users also got an update to the new Python install manager that’s set to replace the traditional installers.

Python 3.15.0 Alpha 2 Keeps the Train Moving

Python 3.15’s second alpha, 3.15.0a2, arrived on November 19 as part of the language’s regular annual release cadence. It’s an early developer preview that isn’t intended for production, but it shows how 3.15 is shaping up and gives library authors something concrete to test against.

Like alpha 1, this release is still relatively small in user-visible features, but it continues the work of:

• Making UTF-8 the default text encoding for files that don’t specify an encoding, via PEP 686
• Providing a dedicated profiling API designed to work better with modern profilers and monitoring tools, via PEP 799
• Exposing lower-level C APIs for creating bytes objects more efficiently, via PEP 782

If you maintain packages, now is a good time to start running tests against the alphas in a separate environment so you can catch regressions early.

You can always confirm which Python you’re running with python -VV:

Just remember to keep the alpha builds isolated from your everyday projects!

PEP 810 Accepted: Explicit Lazy Imports

One of the month’s most consequential decisions for the language was the acceptance of PEP 810 – Explicit lazy imports, which you may have read about in last month’s news. The Python Steering Council accepted the proposal on November 3, only a month after its formal creation on October 2. With the PEP moving from Draft to Accepted, it’s now targeted for inclusion in Python 3.15!

PEP 810 introduces new syntax for imports that are evaluated only when first used, rather than at module import time. At a high level, you’ll be able to write:

In this example, Python loads the json module only if parse() runs.

The goals of explicit lazy imports are to:

• Improve startup time for large applications with many rarely used imports
• Break tricky import cycles without resorting to local imports inside functions
• Give frameworks and tools a clear, explicit way to defer expensive imports

Lazy imports are entirely opt-in, meaning that only imports marked as lazy change their behavior. The PEP is also careful to spell out how lazy modules interact with attributes like __all__, exception reporting, and tools such as debuggers.

If you maintain a framework, CLI tool, or large application, it’s worth reading through the PEP and thinking about where lazy imports could simplify your startup path or trim cold-start latency.

Python’s New Install Manager Moves Forward on Windows

On the Windows side, the past month also saw a new Python install manager build: version 25.1 beta 2. The tool is designed to simplify installing Python on Windows and managing multiple Python versions, providing a more modern alternative to the long-standing MSI and EXE installers.

The announcement also reiterates that starting with Python 3.16, the old .exe installer format will be removed in favor of the new install manager. If you’re a Windows user who relies on manual installer workflows, now is a good time to test the manager and report any rough edges before the legacy path goes away.

Packaging and Infrastructure: Security and Sustainability

The Python ecosystem’s infrastructure recently saw several important updates. PyPI added new security measures, the PSF shared candid details about its financial situation, and the Code of Conduct Working Group published its first transparency report.

PyPI Adds Email Verification for TOTP Logins

If you publish packages to the Python Package Index (PyPI) using Time-based One-Time Passwords (TOTP) for two-factor authentication, there’s a new security step in your login flow. On November 14, the PyPI team announced email verification for TOTP-based logins from unrecognized devices or browsers.

Previously, a correct TOTP code was enough to sign in. Now, when you log in with TOTP from a new device, PyPI sends you an email titled “Unrecognized login to your PyPI account” with a link that you must click to complete the login. Once you’ve confirmed a device, future logins from it proceed as before.

Users who rely on WebAuthn security keys or passkeys won’t see a change, since those methods are already considered phishing-resistant. The blog post also explicitly recommends migrating to passkeys or hardware keys when possible, because TOTP codes can still be phished.

If you maintain packages, this is a good moment to:

• Confirm that your PyPI email address is up to date
• Check that you have backup 2FA methods configured
• Consider upgrading to passkeys or hardware keys for stronger protection

You may think you’re just a small phish in the sea, but with the growing importance and interconnectedness of open-source Python packages, maybe your library is already being used in a critical area. And even if that’s not the case, it’s still better to avoid the poky end of a phishing line.

PSF Shares Its Financial Outlook and Calls for Support

On November 4, the Python Software Foundation (PSF) published Connecting the Dots: Understanding the PSF’s Current Financial Outlook, a detailed blog post that explains the organization’s current financial situation and why it’s launching a more visible year-end fundraiser.

The post pulls together several earlier updates about grants, PyCon US finances, and sustainability efforts. The key points are:

• The PSF’s assets and annual revenue have declined, while costs have gone up.
• PyCon US has run at a loss for three consecutive years, despite cost-cutting and strong volunteer support.
• New revenue channels, such as PyPI Organizations and sponsorship outreach, are helping but haven’t yet closed the gap.

The Foundation currently has a little more than six months of operating runway. That isn’t an immediate crisis, but it’s shorter than the twelve-plus months it would prefer.

To address this, the PSF launched a year-end fundraiser and membership drive on November 12. The campaign encourages individuals to:

• Donate directly
• Become supporting members
• Persuade their employers to sponsor the PSF or upgrade existing sponsorships

PSF funding underpins PyPI, PyCon US, developers-in-residence, and other infrastructure that most Python projects rely on every day.

If your team ships Python code, this is a good time to ask whether your company is contributing back in proportion to how much it depends on the language and its ecosystem.

Code of Conduct Working Group Publishes First Transparency Report

Transparency around community safety took a step forward. On November 25, the PSF’s Code of Conduct Working Group released its first annual transparency report, covering cases handled during the 2024 calendar year.

The one-page report explains how the working group enforces the PSF’s Code of Conduct, summarizes the kinds of incidents it dealt with, and outlines improved record-keeping practices so that future reports can be published more quickly. Going forward, the group intends to publish these reports in the first quarter of each year.

This kind of reporting makes it easier for community members to understand how the Code of Conduct is applied in practice. It’s a positive sign for transparency in the wider Python community.

Django and Web Framework News

Django had a big month! The framework shipped version 6.0, issued security patches for older versions, and celebrated twenty years of releases with a retrospective post.

Django 6.0 Released

The Django team shipped Django 6.0 on December 3, capping off a development cycle that included several betas and a release candidate.

If you’ve been following along with the pre-releases, you’ll recognize the headline features:

• Built-in Content Security Policy (CSP) support
• A new tasks framework for defining and enqueuing background work (still requires a worker mechanism like Celery to run the tasks)
• Template partials for more composable templates
• A modernized email backend and tighter alignment with recent Python releases

Check out the release notes for the full list of changes, deprecations, and upgrade considerations. If you haven’t already tested your projects against the pre-releases, now is the time to upgrade!

Security Releases and Django’s CNA Status

Earlier in the month, Django issued security releases for 5.2.8, 5.1.14, and 4.2.26, addressing two vulnerabilities: a Windows NFKC redirect denial-of-service issue and a high-severity SQL injection via the QuerySet Q._connector attribute. New and final security relases 5.2.9 and 5.1.15 also shipped early December.

If you’re on any supported 5.2, 5.1, or 4.2 version, the recommended course of action is to upgrade to the latest patch as soon as you can. Even if your application doesn’t obviously expose the affected code paths, security fixes are one place where it pays to be boring and up-to-date.

On the vulnerability-management front, Django also formalized its role as a CVE Numbering Authority (CNA). That means the project can now assign CVE identifiers directly for security issues in Django and related components, instead of going through intermediate organizations. For maintainers and security teams, this should translate into clearer, more timely CVE entries for Django vulnerabilities.

Django Celebrates Twenty Years of Releases

Django turned 20 this summer, and this month marked twenty years of Django releases. The team celebrated the milestone with a short retrospective blog post.

Over those two decades, Django’s steady release cadence and long-term support policy have given organizations confidence to build large, long-lived systems on top of it.

If you already build web apps with Django, it’s also worth celebrating this smaller 20th anniversary. Maybe revisit this summer’s birthday page and the State of Django 2025 survey results from JetBrains, which highlights trends in package usage and deployment practices across the ecosystem. Tools like Wagtail and Django Ninja are showing strong adoption!

Community and Ecosystem Highlights

Community discussions surfaced several trends and projects worth highlighting. From performance tips to MicroPython in video games, and from Advent of Code’s new format to updates in Python’s voting-system governance, there’s plenty to explore.

Performance: From Code to Tooling

JetBrains published Why Performance Matters in Python Development at the end of October, followed by a piece in early November titled 10 Smart Performance Hacks for Faster Python Code. These articles underscore that before reaching for exotic optimizations, you can often get significant wins by:

• Choosing appropriate data structures and algorithms
• Using built-in modules like itertools, functools, and collections effectively
• Measuring code paths with modern profiling tools rather than guessing

On the tooling side, coverage.py’s maintainer, Ned Batchelder, wrote candidly about a week that involved three releases and a move to a new GitHub organization. The post is a nice case study in handling breaking changes, user feedback, and semantic versioning in a widely used testing tool.

Hardware, Games, and MicroPython

One of the more fun stories making the rounds was about MicroPython being embedded in a PlayStation game called Tibor: Tale of a Kind Vampire. In a GitHub discussion, a developer explained how they embedded MicroPython inside Unreal Engine 5 to port the game to PlayStation 5, Nintendo Switch, and Xbox. Players can even open a built-in scripting console and tinker with game behavior via Python code running inside the game engine!

It’s a reminder that Python and its microcontroller-friendly variants continue to pop up in unusual places, from embedded devices to consumer games, lowering the barrier to experimentation and modding.

Big-Ticket Libraries

In the machine-learning world, PyTorch 2.9 landed with the usual mix of performance improvements, expanded quantization options, and enhancements to distributed and generative-AI workflows.

While the details are most relevant if you’re already invested in PyTorch, the broader pattern continues: major ML frameworks keep refining their Python APIs and tooling to make production deployments more approachable, even as their internals grow more complex.

Advent of Code 2025: Fewer Puzzles, Same Holiday Spirit

The beloved Advent of Code puzzle event returned for its eleventh year on December 1, but with some notable changes. Creator Eric Wastl announced that this year’s event will feature just 12 puzzles instead of the traditional 25, and the global leaderboard has been retired.

From the FAQ:

It takes a ton of my free time every year to run Advent of Code, and building the puzzles accounts for the majority of that time. After keeping a consistent schedule for ten years(!), I needed a change.

The puzzles still release daily starting December 1, but now end mid-December. The Hacker News discussion saw mostly positive reactions, with many participants noting they typically dropped off around the halfway point anyway due to the increasing difficulty coinciding with busy holiday schedules.

If you’ve never tried Advent of Code, this might actually be the perfect year to start! You can get set up with Real Python’s Advent of Code: Solving Your Puzzles With Python tutorial, listen to the Real Python Podcast episode on solving AoC puzzles, or follow along with the Advent of Code video course.

BLOC STAR Voting Adopted for Python Steering Council Elections

After months of community discussion, the Python community has finalized its choice of voting platform for future Steering Council elections. BetterVoting.com, run by the Equal Vote Coalition, will provide BLOC STAR voting for the upcoming elections.

The switch to BLOC STAR voting was approved last year, and the community has been working on implementation details since then. In a Discourse discussion initiated by Guido van Rossum, developers tested the platform and worked with the BetterVoting team to add features like editable ballots and candidate hyperlinks.

It’s exciting to see Real Python community member Adam Masiarek contributing to this effort! Adam is a contributor to starpy, the Python implementation of STAR Voting maintained by the Equal Vote Coalition. His work includes adding test cases, setting up CI pipelines, and reorganizing the project structure.

PEP 8107, which governs the 2026 term Steering Council election, is now in place with the new voting configuration. Tim Peters has also noted that if this election goes smoothly, he’ll suggest that the PSF consider adopting BLOC STAR for Board elections as well.

AI and Machine Learning Highlights

It was also a busy month for the big AI labs, with Google and Anthropic both releasing flagship models within a week of each other. The speed of significant developments in AI is tough to stay on top of! Here’s a quick tour of what Python developers should know.

Google Launches Gemini 3

Google officially launched Gemini 3 on November 18. The model pushes the frontier of multimodal reasoning with a 1-million-token context window, and it’s now available through Google AI Studio, Vertex AI, and the Gemini API. The image generation capabilities via Nano Banana Pro also made a splash.

Alongside the model, Google released a Gemini-powered coding interface called Google Antigravity. The tool allows for multi-pane agentic coding similar to tools like Cursor, combining a vibe-coding-style prompt window with a command-line interface and a browser pane.

The tight integration with Google’s own Chrome browser may be the biggest win. It allows agents running in Antigravity to test web apps directly in the browser, collect feedback through screen recordings and screenshots, and then iterate and improve autonomously.

You can also try the new Gemini model with Google’s CLI-focused AI coding tool, Gemini CLI, or in third-party platforms like GitHub Copilot.

Anthropic Releases Claude Opus 4.5

Less than a week after Gemini 3 was released, Anthropic released Claude Opus 4.5 on November 24. According to Anthropic, it’s their best model yet for coding, agents, and computer use.

Pricing has dropped significantly compared to the previous Opus model, making it more attractive for developers building LLM-powered applications.

If you use Claude Code, you might be interested in Simon Willison’s experience using a preview to complete a new alpha release of sqlite-utils.

With these new releases, AI coding tools have taken another leap forward. If you haven’t revisited your AI coding assistant setup recently, or you want to start experimenting, then these releases are worth exploring.

Real Python Roundup

As always, the Real Python site was busy this month with new tutorials, courses, and podcast episodes touching on everything from AI assistants to terminal UIs.

If you prefer learning through video, then check out these new courses that cover fundamental Python concepts and modern development tools:

Ready to test your knowledge? Try out these quizzes to reinforce what you’ve learned:

Your host Christopher Bailey from The Real Python Podcast published three new episodes. You can find them on your favorite podcast player or with the direct links below:

In this month’s Office Hours—the weekly community meetup with Python experts from the Real Python team—community members learned about using the AI coding tools Claude Code, Cursor, and Google Antigravity to build real projects.

If you missed last month’s news roundup that focused on Python 3.14’s release and the start of the 3.15 alpha series, you can go back and read Python 3.14 Released and Other Python News for November 2025.

What’s Next for Python?

Looking ahead toward the end of 2025:

• The Python 3.15 alpha series will continue into 2026, with PEP 810 and other features landing during the alpha phase. Now is a great time to start testing against early builds!
• The PSF’s year-end fundraiser and membership drive will run through December, and PyCon US 2026’s call for proposals is still open, giving you a chance to share your work with the broader community.

That’s it for this month’s roundup. Until next time, happy Pythoning! And if lazy imports or Django 6.0 inspire you to build something cool, consider writing it up or proposing a talk. The Python community thrives on its diversity of voices and stories!