Test on Django 6.0

[adamchainz]

Now in beta: https://www.djangoproject.com/weblog/2025/oct/22/django-60-beta-released/

Since it has built-in CSP support, maybe this should be the last version that django-csp supports?

[robhudson]

Thanks for this. I haven't had time to think through the future of this package but initial thought is this might be useful for extra CSP things. E.g. this package has some template helpers and alternative middleware for throttling. I also need to write a migration guide from this package to Django's CSP.

[adamchainz]

IMO, you can archive this package after a while, leaving 6.0 as the last version.

The template tags are a bit weird—I don't think it's easier to write {% script %} over <script nonce=...>, and the feedback for not including a nonce is instant, anyway.

The throttling middleware also feels a bit like a hack. If you use a reliable service like https://report-uri.com/, then throttling isn't a huge issue. And regardless, it's a small class, not worth keeping the whole package around for.

I also need to write a migration guide from this package to Django's CSP.

You don't need to… no obligation 💚 But if you'd like to, that would be helpful! I'm happy to help review. I'll be doing a migration for one client project soon enough, so I'll have some experience.