docs: Update Django links to our current version.

api_docs/incoming-webhooks-walkthrough.md

@@ -144,7 +144,7 @@ You should name your webhook function as such
 integration and is always lower-case.
 
 At minimum, the webhook function must accept `request` (Django
-[HttpRequest](https://docs.djangoproject.com/en/3.2/ref/request-response/#django.http.HttpRequest)
+[HttpRequest](https://docs.djangoproject.com/en/5.0/ref/request-response/#django.http.HttpRequest)
 object), and `user_profile` (Zulip's user object). You may also want to
 define additional parameters using the `REQ` object.
 

docs/contributing/code-style.md

@@ -254,7 +254,7 @@ for bar in bars:
 ...which makes a database query for every `Bar`. While this may be fast
 locally in development, it may be quite slow in production! Instead,
 tell Django's [QuerySet
-API](https://docs.djangoproject.com/en/dev/ref/models/querysets/) to
+API](https://docs.djangoproject.com/en/5.0/ref/models/querysets/) to
 _prefetch_ the data in the initial query:
 
 ```python

docs/development/using.md

@@ -94,7 +94,7 @@ for mobile development][mobile-dev-server].
 
 [rest-api]: https://zulip.com/api/rest
 [authentication-dev-server]: authentication.md
-[django-runserver]: https://docs.djangoproject.com/en/3.2/ref/django-admin/#runserver
+[django-runserver]: https://docs.djangoproject.com/en/5.0/ref/django-admin/#runserver
 [new-feature-tutorial]: ../tutorials/new-feature-tutorial.md
 [testing-docs]: ../testing/testing.md
 [mobile-dev-server]: https://github.com/zulip/zulip-mobile/blob/main/docs/howto/dev-server.md#using-a-dev-version-of-the-server

docs/overview/directory-structure.md

@@ -10,15 +10,15 @@ flow through these files.
 ### Core Python files
 
 Zulip uses the [Django web
-framework](https://docs.djangoproject.com/en/3.2/), so a lot of these
+framework](https://docs.djangoproject.com/en/5.0/), so a lot of these
 paths will be familiar to Django developers.
 
 - `zproject/urls.py` Main
-  [Django routes file](https://docs.djangoproject.com/en/3.2/topics/http/urls/).
+  [Django routes file](https://docs.djangoproject.com/en/5.0/topics/http/urls/).
   Defines which URLs are handled by which view functions or templates.
 
 - `zerver/models/*.py`
-  [Django models](https://docs.djangoproject.com/en/3.2/topics/db/models/)
+  [Django models](https://docs.djangoproject.com/en/5.0/topics/db/models/)
   files. Defines Zulip's database tables.
 
 - `zerver/lib/*.py` Most library code.
@@ -28,7 +28,7 @@ paths will be familiar to Django developers.
   all code calling `send_event` to trigger [pushing data to
   clients](../subsystems/events-system.md) must live here.
 
-- `zerver/views/*.py` Most [Django views](https://docs.djangoproject.com/en/3.2/topics/http/views/).
+- `zerver/views/*.py` Most [Django views](https://docs.djangoproject.com/en/5.0/topics/http/views/).
 
 - `zerver/webhooks/` Webhook views and tests for [Zulip's incoming webhook integrations](https://zulip.com/api/incoming-webhooks-overview).
 
@@ -38,7 +38,7 @@ paths will be familiar to Django developers.
 
 - `zerver/lib/markdown/` [Backend Markdown processor](../subsystems/markdown.md).
 
-- `zproject/backends.py` [Authentication backends](https://docs.djangoproject.com/en/3.2/topics/auth/customizing/).
+- `zproject/backends.py` [Authentication backends](https://docs.djangoproject.com/en/5.0/topics/auth/customizing/).
 
 ---
 

docs/production/authentication-methods.md

@@ -1169,7 +1169,7 @@ reject authentication requests e.g. based on IP address of the
 request, this is where it should happen.
 :::
 
-[django-authenticate-details]: https://docs.djangoproject.com/en/dev/topics/auth/customizing/#writing-an-authentication-backend
+[django-authenticate-details]: https://docs.djangoproject.com/en/5.0/topics/auth/customizing/#writing-an-authentication-backend
 
 ## Adding more authentication backends
 

docs/production/email.md

@@ -207,7 +207,7 @@ aren't receiving emails from Zulip:
   will try to use the TLS protocol on port 465, which won't work.
 
 - Zulip's email sending configuration is based on the standard Django
-  [SMTP backend](https://docs.djangoproject.com/en/3.2/topics/email/#smtp-backend)
+  [SMTP backend](https://docs.djangoproject.com/en/5.0/topics/email/#smtp-backend)
   configuration. So if you're having trouble getting your email
   provider working, you may want to search for documentation related
   to using your email provider with Django.

docs/production/management-commands.md

@@ -185,4 +185,4 @@ upgrade.
 [zulip-api]: https://zulip.com/api/rest
 [webhook-integrations]: https://zulip.com/api/incoming-webhooks-overview
 [management-commands-dev]: ../subsystems/management-commands.md
-[django-management]: https://docs.djangoproject.com/en/3.2/ref/django-admin/#django-admin-and-manage-py
+[django-management]: https://docs.djangoproject.com/en/5.0/ref/django-admin/#django-admin-and-manage-py

docs/subsystems/caching.md

@@ -263,4 +263,4 @@ cached by clients is changed. Clients are responsible for handling
 the events, updating their state, and rerendering any UI components
 that might display the modified state.
 
-[post-save-signals]: https://docs.djangoproject.com/en/3.2/ref/signals/#post-save
+[post-save-signals]: https://docs.djangoproject.com/en/5.0/ref/signals/#post-save

docs/subsystems/client.md

@@ -29,7 +29,7 @@ The `webhook_view` auth decorator, used for most incoming
 webhooks, accepts the name of the integration as an argument and uses
 it to generate a client name that it adds to the `request_notes`
 object that can be accessed with the `request` (Django
-[HttpRequest](https://docs.djangoproject.com/en/3.2/ref/request-response/#django.http.HttpRequest))
+[HttpRequest](https://docs.djangoproject.com/en/5.0/ref/request-response/#django.http.HttpRequest))
 object via `zerver.lib.request.get_request_notes(request)`.
 
 In most integrations, `request_notes.client` is then passed to

docs/subsystems/logging.md

@@ -267,5 +267,5 @@ a new view:
   (intended to catch issues where we generate a lot of deferred work).
 
 [python-logging]: https://docs.python.org/3/library/logging.html
-[django-logging]: https://docs.djangoproject.com/en/3.2/topics/logging/
+[django-logging]: https://docs.djangoproject.com/en/5.0/topics/logging/
 [sentry]: https://sentry.io

docs/subsystems/management-commands.md

@@ -62,4 +62,4 @@ to do anything special like restart the server when iteratively
 testing one, even if testing in a Zulip production environment where
 the server doesn't normally restart whenever a file is edited.
 
-[django-docs]: https://docs.djangoproject.com/en/3.2/howto/custom-management-commands/
+[django-docs]: https://docs.djangoproject.com/en/5.0/howto/custom-management-commands/

docs/subsystems/schema-migrations.md

@@ -1,7 +1,7 @@
 # Schema migrations
 
 Zulip uses the [standard Django system for doing schema
-migrations](https://docs.djangoproject.com/en/3.2/topics/migrations/).
+migrations](https://docs.djangoproject.com/en/5.0/topics/migrations/).
 There is some example usage in the [new feature
 tutorial](../tutorials/new-feature-tutorial.md).
 
@@ -171,7 +171,7 @@ an incorrect migration messes up a database in a way that's impossible
 to undo without going to backups.
 
 [django-migration-test-blog-post]: https://www.caktusgroup.com/blog/2016/02/02/writing-unit-tests-django-migrations/
-[migrations-non-atomic]: https://docs.djangoproject.com/en/3.2/howto/writing-migrations/#non-atomic-migrations
+[migrations-non-atomic]: https://docs.djangoproject.com/en/5.0/howto/writing-migrations/#non-atomic-migrations
 
 ## Schema and initial data changes
 

docs/subsystems/settings.md

@@ -26,7 +26,7 @@ convenient for:
 ## Server settings
 
 Zulip uses the [Django settings
-system](https://docs.djangoproject.com/en/3.2/topics/settings/), which
+system](https://docs.djangoproject.com/en/5.0/topics/settings/), which
 means that the settings files are Python programs that set a lot of
 variables with all-capital names like `EMAIL_GATEWAY_PATTERN`. You can
 access these anywhere in the Zulip Django code using e.g.:
@@ -159,7 +159,7 @@ accessed in initialization of Django (or Zulip) internals
 (e.g. `DATABASES`). See the [Django docs on overriding settings in
 tests][django-test-settings] for more details.
 
-[django-test-settings]: https://docs.djangoproject.com/en/3.2/topics/testing/tools/#overriding-settings
+[django-test-settings]: https://docs.djangoproject.com/en/5.0/topics/testing/tools/#overriding-settings
 
 ## Realm settings
 

docs/testing/linters.md

@@ -209,7 +209,7 @@ option of Puppet.
 
 Zulip uses two HTML templating systems:
 
-- [Django templates](https://docs.djangoproject.com/en/3.2/topics/templates/)
+- [Django templates](https://docs.djangoproject.com/en/5.0/topics/templates/)
 - [handlebars](https://handlebarsjs.com/)
 
 Zulip has an internal tool that validates both types of templates for

docs/testing/testing-with-django.md

@@ -4,7 +4,7 @@
 
 Zulip uses the Django framework for its Python backend. We
 use the testing framework from
-[django.test](https://docs.djangoproject.com/en/3.2/topics/testing/)
+[django.test](https://docs.djangoproject.com/en/5.0/topics/testing/)
 to test our code. We have thousands of automated tests that verify that
 our backend works as expected.
 

docs/tutorials/life-of-a-request.md

@@ -54,7 +54,7 @@ application.
 ## Django routes the request to a view in urls.py files
 
 There are various
-[urls.py](https://docs.djangoproject.com/en/3.2/topics/http/urls/)
+[urls.py](https://docs.djangoproject.com/en/5.0/topics/http/urls/)
 files throughout the server codebase, which are covered in more detail
 in
 [the directory structure doc](../overview/directory-structure.md).
@@ -171,7 +171,7 @@ PUT=create_user_backend
 ```
 
 are supplied as arguments to `rest_path`, along with the
-[HTTPRequest](https://docs.djangoproject.com/en/3.2/ref/request-response/).
+[HTTPRequest](https://docs.djangoproject.com/en/5.0/ref/request-response/).
 The request has the HTTP verb `PUT`, which `rest_dispatch` can use to
 find the correct view to show:
 `zerver.views.users.create_user_backend`.
@@ -190,14 +190,14 @@ Our API works on JSON requests and responses. Every API endpoint should
 ```
 
 in a [Django HttpResponse
-object](https://docs.djangoproject.com/en/3.2/ref/request-response/)
+object](https://docs.djangoproject.com/en/5.0/ref/request-response/)
 with a `Content-Type` of 'application/json'.
 
 To pass back data from the server to the calling client, in the event of
 a successfully handled request, we use `json_success(request, data)`.
 
 The `request` argument is a [Django HttpRequest
-object](https://docs.djangoproject.com/en/3.2/ref/request-response/).
+object](https://docs.djangoproject.com/en/5.0/ref/request-response/).
 The `data` argument is a Python object which can be converted to a JSON
 string and has a default value of an empty Python dictionary.
 

docs/tutorials/new-feature-tutorial.md

@@ -20,7 +20,7 @@ tests, use Django's tooling.
 Zulip's [directory structure](../overview/directory-structure.md)
 will also be helpful to review when creating a new feature. Many
 aspects of the structure will be familiar to Django developers. Visit
-[Django's documentation](https://docs.djangoproject.com/en/3.2/#index-first-steps)
+[Django's documentation](https://docs.djangoproject.com/en/5.0/#index-first-steps)
 for more information about how Django projects are typically
 organized. And finally, the
 [message sending](../subsystems/sending-messages.md) documentation on
@@ -240,7 +240,7 @@ Create the migration file using the Django `makemigrations` command:
 (NNNN is a number that is equal to the number of migrations.)
 
 If you run into problems, the
-[Django migration documentation](https://docs.djangoproject.com/en/3.2/topics/migrations/)
+[Django migration documentation](https://docs.djangoproject.com/en/5.0/topics/migrations/)
 is helpful.
 
 ### Test your migration changes

docs/tutorials/writing-views.md

@@ -35,7 +35,7 @@ or JSON (data for Zulip clients on all platforms, custom bots, and
 integrations).
 
 The format of the URL patterns in Django is [documented
-here](https://docs.djangoproject.com/en/3.2/topics/http/urls/), and
+here](https://docs.djangoproject.com/en/5.0/topics/http/urls/), and
 the Zulip specific details for these are discussed in detail in the
 [life of a request doc](life-of-a-request.md#options).
 
@@ -93,7 +93,7 @@ specific to Zulip.
 def home(request: HttpRequest) -> HttpResponse:
 ```
 
-[login-required-link]: https://docs.djangoproject.com/en/3.2/topics/auth/default/#django.contrib.auth.decorators.login_required
+[login-required-link]: https://docs.djangoproject.com/en/5.0/topics/auth/default/#django.contrib.auth.decorators.login_required
 
 ### Writing a template
 

zerver/lib/scim_filter.py

@@ -50,7 +50,7 @@ class ZulipUserFilterQuery(UserFilterQuery):
         Return extra SQL and params to be attached to end of current Query's
         SQL and params. The return format matches the format that should be used
         for providing raw SQL with params to Django's .raw():
-        https://docs.djangoproject.com/en/3.2/topics/db/sql/#passing-parameters-into-raw
+        https://docs.djangoproject.com/en/5.0/topics/db/sql/#passing-parameters-into-raw
 
         Here we ensure that results are limited to the subdomain of the request
         and also exclude bots, as we currently don't want them to be managed by SCIM2.

zerver/lib/webhooks/common.py

@@ -149,7 +149,7 @@ def check_send_webhook_message(
 def standardize_headers(input_headers: Union[None, Dict[str, Any]]) -> Dict[str, str]:
     """This method can be used to standardize a dictionary of headers with
     the standard format that Django expects. For reference, refer to:
-    https://docs.djangoproject.com/en/3.2/ref/request-response/#django.http.HttpRequest.headers
+    https://docs.djangoproject.com/en/5.0/ref/request-response/#django.http.HttpRequest.headers
 
     NOTE: Historically, Django's headers were not case-insensitive. We're still
     capitalizing our headers to make it easier to compare/search later if required.

zerver/migrations/0460_backfill_realmauditlog_extradata_to_json_field.py

@@ -57,7 +57,7 @@ def do_bulk_backfill_extra_data(
         # OLD_VALUE and NEW_VALUE is mapped from the value of the extra_data
         # field (which is just a old full name string) and None, respectively.
         # Documentation for JSONObject:
-        # https://docs.djangoproject.com/en/4.2/ref/models/database-functions/#jsonobject
+        # https://docs.djangoproject.com/en/5.0/ref/models/database-functions/#jsonobject
     ).update(extra_data_json=JSONObject(**{OLD_VALUE: "extra_data", NEW_VALUE: None}))
 
     inconsistent_extra_data_json: List[Tuple[int, str, object, object]] = []

zerver/models/users.py

@@ -545,7 +545,7 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings):
     #
     # In Django, the convention is to use an empty string instead of NULL/None
     # for text-based fields. For more information, see
-    # https://docs.djangoproject.com/en/3.2/ref/models/fields/#django.db.models.Field.null.
+    # https://docs.djangoproject.com/en/5.0/ref/models/fields/#django.db.models.Field.null.
     timezone = models.CharField(max_length=40, default="")
 
     AVATAR_FROM_GRAVATAR = "G"

zerver/tests/test_example.py

@@ -19,7 +19,7 @@ from zerver.models.users import get_user_by_delivery_email
 
 # Most Zulip tests use ZulipTestCase, which inherits from django.test.TestCase.
 # We recommend learning Django basics first, so search the web for "django testing".
-# A common first result is https://docs.djangoproject.com/en/3.2/topics/testing/
+# A common first result is https://docs.djangoproject.com/en/5.0/topics/testing/
 class TestBasics(ZulipTestCase):
     def test_basics(self) -> None:
         # Django's tests are based on Python's unittest module, so you

zerver/views/user_settings.py

@@ -353,7 +353,7 @@ def json_change_settings(
 
         do_change_password(user_profile, new_password)
         # Password changes invalidates sessions, see
-        # https://docs.djangoproject.com/en/3.2/topics/auth/default/#session-invalidation-on-password-change
+        # https://docs.djangoproject.com/en/5.0/topics/auth/default/#session-invalidation-on-password-change
         # for details. To avoid this logging the user out of their own
         # session (which would provide a confusing UX at best), we
         # update the session hash here.

zproject/computed_settings.py

@@ -222,7 +222,7 @@ SILENCED_SYSTEM_CHECKS = [
     # `unique=True`.  For us this is `email`, and it's unique only per-realm.
     # Per Django docs, this is perfectly fine so long as our authentication
     # backends support the username not being unique; and they do.
-    # See: https://docs.djangoproject.com/en/3.2/topics/auth/customizing/#django.contrib.auth.models.CustomUser.USERNAME_FIELD
+    # See: https://docs.djangoproject.com/en/5.0/topics/auth/customizing/#django.contrib.auth.models.CustomUser.USERNAME_FIELD
     "auth.W004",
     # models.E034 limits index names to 30 characters for Oracle compatibility.
     # We aren't using Oracle.

zproject/default_settings.py

@@ -484,7 +484,7 @@ TERMS_OF_SERVICE_MESSAGE: Optional[str] = None
 # Configuration for JWT auth (sign in and API key fetch)
 JWT_AUTH_KEYS: Dict[str, JwtAuthKey] = {}
 
-# https://docs.djangoproject.com/en/3.2/ref/settings/#std:setting-SERVER_EMAIL
+# https://docs.djangoproject.com/en/5.0/ref/settings/#std:setting-SERVER_EMAIL
 # Django setting for what from address to use in error emails.
 SERVER_EMAIL = ZULIP_ADMINISTRATOR
 # Django setting for who receives error emails.

zproject/prod_settings_template.py

@@ -44,7 +44,7 @@ EXTERNAL_HOST = "zulip.example.com"
 ## representing the host/domain names that your users can enter in
 ## their browsers to access Zulip.  This is a security measure; for
 ## details, see the Django documentation:
-## https://docs.djangoproject.com/en/3.2/ref/settings/#allowed-hosts
+## https://docs.djangoproject.com/en/5.0/ref/settings/#allowed-hosts
 ##
 ## Zulip automatically adds to this list "localhost", "127.0.0.1", and
 ## patterns representing EXTERNAL_HOST and subdomains of it.  If you are

zproject/sentry.py

@@ -100,7 +100,7 @@ def setup_sentry(dsn: Optional[str], environment: str) -> None:
     )
 
     # Ignore all of the loggers from django.security that are for user
-    # errors; see https://docs.djangoproject.com/en/3.2/ref/exceptions/#suspiciousoperation
+    # errors; see https://docs.djangoproject.com/en/5.0/ref/exceptions/#suspiciousoperation
     ignore_logger("django.security.SuspiciousOperation")
     ignore_logger("django.security.DisallowedHost")
     ignore_logger("django.security.DisallowedModelAdminLookup")