Django 4.2 is nearing the end of its official support window. With extended support ending in April 2026, now is the time to plan your upgrade strategy to stay secure and compatible with the broader Python ecosystem.

So if you have a project that uses Django 4.2, that means your project will be at risk to any new security vulnerabilities that are found after April 2026. You have a few options to mitigate this: 

• Upgrade to a newer version of Django and fix all the potential breaking changes.
• Patch the vulnerabilities yourself and maintain your own version of Django 4.2, although that leads to significant overhead.
• Find a service that will patch the vulnerabilities and release new versions so you don’t have to worry about it.

‍

Key dates to keep in mind

• Release date: April 3, 2023 (initial 4.2 release)
• End of mainstream support: December 2023
• End of extended support / EOL: April 30, 2026

‍

Django 4.2 has been an LTS release that has been supported for about three years now, but this support period is ending soon.

‍

What End of Life means

When a project reaches EOL, there will be no more official releases. That means security vulnerabilities discovered after that point will not be patched. For production systems, this has real consequences:

• Incompatibilities with newer libraries and Python versions
• More effort needed for manual fixes and leading to patchy software
• Possible issues with compliance or client requirements

Ending support is a necessary part of how any project, like Django, continues to evolve. Maintaining old release lines indefinitely would slow progress and place an unsustainable burden on open source maintainers. EOL is how the package keeps moving forward.

There are also downstream effects. Once a release line reaches EOL, new CVEs are marked as affecting it by default. As a result, security scanners will flag EOL Django versions regardless of whether a specific fix exists, which can quickly create operational and compliance pressure for teams still running them.

‍

What you should do next

Upgrading your package version to a newer one is always the first thing to try. All of the security patches are in place and it’s a version that is currently being maintained. The Django version you upgrade to depends on which version of Python you’re using.

If you're on Python 3.12, 3.13, or 3.14, I recommend trying to migrate directly to Django 6.0. Keep in mind that 6.0 will stop being supported in April 2027. So you’ll likely be upgrading again next year if you go this route.

If you need Python 3.10 or 3.11, Django 5.2 is the version you want. Again, keep in mind that 5.2 is in LTS until April 2028. So you’d have a few more years to decide what your plan will be to upgrade your whole system.

Although, upgrading might not be possible if you are working in a large codebase because it could lead to conflicts with other packages or even the version of the Python language you’re using.

For those cases, extended support exists. At HeroDevs, we provide Never-Ending Support for Django versions that have reached EOL, including 4.2. This includes ongoing security patching, helping keep your team secure while planning your next move.

‍