Advertise with Us|Sign Up to the Newsletter

WebDevPro #95: Latest Django, Python, Spring Tools Releases + Meta AI Privacy Scare 🌍🔍

Crafting the Web: Tips, Tools, and Trends for Developers

Get hands-on with MCP!

webdevpro-95-latest-django-python-spring-tools-releases-meta-ai-privacy-scare-img-1

Join us on July 19 for a 150-minute interactive MCP Workshop. Go beyond theory and learn how to build and ship real-world MCP solutions. Limited spots available! Reserve your seat today.

Use code EARLY35 for 35% off

Hi ,

Bugfixes, AI upgrades, security alarms and one privacy blunder that has everyone talking. From core tooling like Django, Spring, and Python getting critical fixes, to OpenAI's smoother GPT-4o and a major misstep in Meta’s AI app design, this week’s webdev round-up is packed with updates that may not make the front page, but absolutely belong in your workflow.

Here’s your quick brief:

🛠️ Django 5.0.6 and 4.2.13 patch packaging bugs for smoother rollouts
🌱 Spring Tools 4.31.0 brings sharper AOT query insight and Spring Boot 3.5 support
🐍 Python 3.13.5 fixes a Windows regression affecting extension modules
🤖 GPT-4o’s June update improves memory, function calls, and multimodal stability
🕵️‍♂️ Meta’s AI app stirs privacy concerns after users share personal data publicly, unknowingly

In the Expert corner, devs debate the value of Rust compiler speed, explore the rise of passkeys in Spring Security, and unpack how prompt-first AI design could reshape tooling entirely. Read Benj Edward’s o3-pro take or see how David Crawshaw wrestles with AI agents in real workflows.

📘 This week’s book pick: Practical Serverless and Microservices with C#.
Whether you’re scaling with Azure Functions or simplifying microservices with .NET Aspire, this guide hits both breadth and depth. Grab your copy today!

Got a tip or take? Send it our way and you might see it featured in WebDevPro!

Advertise with us
Interested in reaching our audience? Reply to this email or write to kinnaric@packt.com.
Learn more about our sponsorship opportunities here.

Latest news: what's new in web development? 🧑‍💻

From framework fixes to AI feature upgrades (and one major privacy red flag), this week’s updates span the tools and topics shaping modern development. Whether you're deep in Python, Spring, or just keeping an eye on AI evolutions, here’s what’s worth your attention.

🛠️ Django 5.0.6 and 4.2.13 Bugfix Releases: Django has issued bugfix releases 5.0.6 and 4.2.13, which are reissues of the previous 5.0.5 and 4.2.12 versions. These updates address packaging errors and ensure the stability and reliability of the framework for ongoing projects.

🌱 Spring Tools 4.31.0 Sharpens the Dev Toolkit:The latest Spring Tools update brings smoother support for Spring Boot 3.5, better code navigation in VSCode/Eclipse with hierarchical symbols, and improved AOT query visibility. Plus, it’s fully compatible with the Eclipse 2025-06 release.

🐍 Python 3.13.5 Fixes Windows Regression: Python 3.13.5 has been released to address a regression affecting Windows users, specifically an issue with the pyconfig.h file in the traditional installer. This fix ensures that extension module builds specify Py_GIL_DISABLED when targeting the free-threaded runtime, maintaining compatibility and stability for developers working on Windows platforms.

🤖 OpenAI GPT-4o June Update: Enhanced Functionality:OpenAI has rolled out updates to GPT-4o, focusing on improving system behavior based on user feedback. Enhancements include more reliable memory usage, improved function calling accuracy, and increased stability in multi-modal interactions. These updates aim to make GPT-4o more intuitive and effective across various tasks.

🕵️‍♂️ Meta AI App Raises Privacy Concerns:Meta's AI app, launched in April 2025, has come under scrutiny for potential privacy issues. The app features a "Discover" feed where users can share their interactions with the AI chatbot. However, many users have inadvertently shared sensitive information, including personal medical issues and legal matters, often linked to identifiable Instagram profiles. Privacy advocates express concern over users' misunderstanding of the visibility and privacy of their data.

Focus mode: On (ft. Beats)🎧

Your code has a rhythm. Your focus should too. This week, we’re tuning into music that powers better dev sessions:

Need Deep Flow? Try Endel for AI-generated soundscapes that sync with your circadian rhythm. Think: personalized ambient playlists that cut through noise (literally).
Science-Backed Beats: Brain.fm is built on neuroscience. Their “Focus” mode has been shown to improve attention within 15 minutes—perfect for getting into deep work fast.
Curated for Coders: Explore Programming Music, a GitHub-curated list of playlists and albums tailored for developers. From ambient to electronic, find your perfect coding soundtrack.

webdevpro-95-latest-django-python-spring-tools-releases-meta-ai-privacy-scare-img-2

Because sometimes the best productivity tool... is a good pair of headphones.

Expert corner: what's the web community talking about?🎙

webdevpro-95-latest-django-python-spring-tools-releases-meta-ai-privacy-scare-img-3

What are developers really talking about right now? Whether it’s speculative AI, secure auth, or the eternal love-hate with compilers, this week’s community picks capture the pulse.

🧠 Decoding AI "Reasoning" with OpenAI's o3-pro: Viktor Farcic demonstrates how AI can streamline interactions with IDPs. More intuitive than GUIs, more powerful than CLIs. From querying databases to spinning up infrastructure, we're heading toward a prompt-first future.

🎙️ Exploring Passkeys with Spring Security:In a recent episode of A Bootiful Podcast, Daniel Garnier-Moiroux delves into the integration of passkeys within Spring Security applications. The discussion offers valuable insights into enhancing authentication mechanisms and the evolving landscape of web security.

💰 Meta's $15 Billion Bet on Superintelligence:Meta is reportedly investing $15 billion to pursue the development of computerised "superintelligence," aiming to surpass current AI capabilities. This strategic move includes acquiring a significant stake in Scale AI and reflects Meta's ambition to regain its position in the AI race. The initiative has prompted discussions about the feasibility and ethical considerations of such advancements.

🦀 Rust's Compiler Performance Debate:A thought-provoking blog post questions why Rust doesn't prioritize compiler performance more aggressively. The author suggests that while compiler speed is important, it's just one of many aspects the Rust community balances to maintain the language's robustness and safety guarantees.

🤖 Programming with AI Agents:David Crawshaw shares his experiences and challenges in integrating AI agents into programming workflows. He emphasizes the importance of understanding the limitations and potential of agents, advocating for a balanced approach that combines human intuition with AI assistance.

Packt catalogue plus a bonus excerpt📚

webdevpro-95-latest-django-python-spring-tools-releases-meta-ai-privacy-scare-img-4

📘 Practical Serverless and Microservices with C# by Gabriel Baptista and Francesco Abbruzzese

Learn how to build secure, scalable apps using Azure Functions, Container Apps, and .NET Aspire. This book shows you when to use microservices and serverless and when not to, while guiding you through real-world scenarios, cost planning, and best practices for cloud-native development.

Pre-order now!

Meet Gabriel...

Gabriel Baptista is a tech leader with 20+ years in software development. He heads a team building retail and industrial apps, serves on a tech advisory board, teaches computer engineering, and co-founded start-ups in automation and logistics. He’s also taught software and IT at multiple institutions.

webdevpro-95-latest-django-python-spring-tools-releases-meta-ai-privacy-scare-img-5

webdevpro-95-latest-django-python-spring-tools-releases-meta-ai-privacy-scare-img-6

...and Francesco

Francesco Abbruzzese, author of the MVC and Blazor Controls Toolkits, has championed the Microsoft web stack since ASP.NET MVC's inception. His company, Mvcct Team, builds web apps, tools, and services. He began with AI-based financial decision systems and later contributed to top-10 games like Puma Street Soccer.

If you’ve worked with Kubernetes for local microservices testing, you know the setup can be heavy. In this excerpt from Practical Serverless and Microservices Applications with C# and Azure, see how the same scenario is simplified using .NET Aspire — a lighter, code-first way to orchestrate microservices locally:

Using .NET Aspire in practice

In this section, we will adapt the Kubernetes exampleto run with Aspire. As a first step, let’s copy the whole solution folder into another in a different location, so we can modify it without destroying the previous version.

Then, let’s execute the following steps to prepare the overall solution:

Add a new App Host project to the solution and call it CarSharingAppHost.
Add a new .NET Aspire Service Defaults project to the solution and call it CarSharingServiceDefaults.
Add a reference to the FakeSource, FakeDestination, and RoutesPlanning projects to the CarSharingAppHost
Add a reference to the CarSharingServiceDefaults project to the FakeSource, FakeDestination, and RoutesPlanning
Right-click on the CarSharingAppHost project and, in the menu that appears, select Set as Startup Project.

The preceding steps prepare the solution for .NET Aspire. Now, let’s start modifying the code. As a first step, we must add service defaults to all the microservices. Therefore, let’s add builder.AddServiceDefaults(); to the program.cs file of the FakeSource, FakeDestination, and RoutesPlanning projects. Then, we must add app.MapDefaultEndpoints(), which adds health endpoints just to the program.cs file of the RoutesPlanning project, since it is the only web project that we have among our microservices. It must be placed as shown here:

var app = builder.Build();
app.MapDefaultEndpoints();

Now, let’s remember that we added all the microservices parameters as environment variables in their Properties/launcheSettings.json file. We placed them in the Docker launch settings. Now, since these projects will not use Docker anymore while running in Aspire, we must copy all these definitions into the other launch setting profile.

This is the launch settings code of the RoutesPlanning project after this change:

{
"profiles": {
"http": {
"commandName": "Project",
"environmentVariables": {
//place here your environment variables
"ConnectionStrings__DefaultConnection": "Server=localhost;
Database=RoutesPlanning;User Id=sa;Password=Passw0rd_;
Trust Server Certificate=True;MultipleActiveResultSets=true",
"ConnectionStrings__RabbitMQConnection": "host=localhost:5672;
username=guest;password=_myguest;publisherConfirms=true;timeout=10",
"Messages__SubscriptionIdPrefix": "routesPlanning",
"Topology__MaxDistanceKm": "50",
"Topology__MaxMatches": "5",
"Timing__HousekeepingIntervalHours": "48",
"Timing__HousekeepingDelayDays": "10",
"Timing__OutputEmptyDelayMS": "500",
"Timing__OutputBatchCount": "10",
"Timing__OutputRequeueDelayMin": "5",
"Timing__OutputCircuitBreakMin": "4"
},
"dotnetRunMessages": true,
"applicationUrl": "http://localhost:5212"
},
"Container (Dockerfile)": {
…
…

Want the full walkthrough with real code, resource config, and deployment guidance?
Pre-order the book!

Developer tip of the week 💡

🔐 Mastering OAuth 2.0: Secure Authorization Simplified

Understanding OAuth 2.0 is crucial for modern web development, especially when dealing with third-party integrations. OAuth 2.0 allows users to grant limited access to their resources without sharing credentials. For instance, enabling an application to access your profile data without exposing your password.

Key components of the OAuth 2.0 flow include:

Resource Owner: The user who authorizes access.
Client: The application requesting access.
Authorization Server: Validates the user and issues access tokens.
Resource Server: Hosts the protected resources.

A typical flow involves the user authorizing the client, the client receiving an authorization grant, exchanging it for an access token from the authorization server, and then accessing the resource server using that token.

And that's a wrap 🎬

Another week, another stack of updates, hot takes, and low-key chaos. If your brain’s buzzing with thoughts, tools, or spicy dev opinions, don’t gatekeep.

Until next time.

Cheers!

Kinnari Chohan,

Editor-in-chief

SUBSCRIBE FOR MORE AND SHARE IT WITH A FRIEND!