Python Weekly — June 16, 2026: Python 3.14.6 Lands and 3.15 Heads Toward Release

Welcome to this week's PyKIT digest. A fresh CPython maintenance release shipped with security fixes, Python 3.15 keeps marching toward its release, and Pydantic's httpx fork is reshaping a core piece of the HTTP stack. Here's what mattered in the Python world over the past week.

Python 3.14.6 and 3.13.14 are out

On June 10, the core team shipped Python 3.14.6, the sixth maintenance release of the 3.14 series, alongside 3.13.14. The 3.14.6 release rolls up roughly 179 bugfixes, build improvements, and documentation changes since 3.14.5. Notable fixes include a patch for a possible stack buffer overflow in bz2 when a decompressor is reused after an error, updated bundled libexpat (2.8.1, addressing CVE-2026-45186), and Android/iOS installers moving to OpenSSL 3.5.7. If you're on 3.14 or 3.13, this is a recommended upgrade. source

Python 3.15 in beta, with PEP 829 accepted

Python 3.15 has passed feature freeze and is now in the beta phase, with beta 2 released on June 2. Among the accepted changes is PEP 829 — Package Startup Configuration Files, which begins deprecating the code-execution path in .pth files and introduces a new .start file format naming explicit entry points. The change closes a long-standing security gap where installed packages could run code automatically at interpreter startup. source

Pydantic takes over httpx as "httpx2"

With the original httpx seeing limited recent activity, Pydantic has picked up stewardship of the popular HTTP client under a new package name, httpx2. The team says its aim is to honour the original project's design, keep it stable, and deliver timely security updates for a library that sits in the critical path of countless production systems. Migration is reportedly close to a find-and-replace for many users. source

Django ships security releases 6.0.6 and 5.2.15

The Django team issued security releases addressing two issues: a cookie-signing weakness in get_signed_cookie() where distinct name/salt pairs could collide, and a caching bug in UpdateCacheMiddleware tied to whitespace in Vary headers. Users on supported branches are encouraged to upgrade promptly. source

TIOBE June 2026: Python still #1, Rust hits a new high

The June TIOBE index keeps Python in the top spot at 18.96%, though that's down from 19.98% in May. The bigger story is Rust, which reached its highest TIOBE ranking yet at #12 — a signal of growing momentum for systems languages even as Python remains the default choice for data and AI work. source

PSF announces new Community Service Award recipients

The Python Software Foundation Board recognized five recipients with Community Service Awards — Inessa Pawson, Kafui Alordo, Kalyan Prasad, Maria Jose Molina Contreras, and Paul Everitt — for behind-the-scenes work that keeps conferences running and the community welcoming. The announcement lands as the PSF also shares strategic planning priorities amid a tighter funding environment. source

The 2026 Django Developers Survey is open

Django's annual developer survey is live. These surveys directly shape the framework's roadmap — from which database backends get attention to how the team prioritizes async — so it's worth a few minutes if you build with Django. source

That's the week in Python. See you in the next digest.