id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
30399	Use Python stdlib html.escape() to in django.utils.html.escape()	Jon Dufresne	nobody	"The function `django.utils.html.escape()` partially duplicates the Python stdlib function `html.escape()`. We can replace this duplication with wider community developed version.

`html.escape()` has been available since Python 3.2:

https://docs.python.org/3/library/html.html#html.escape

This function is also faster than Django's. As Python bug https://bugs.python.org/issue18020 concludes, using `.replace()` can be faster than `.translate()`. This function gets called numerous times when rendering templates. After making the change locally, I saw the following improvement:

master:

{{{
$ python -m timeit -s 'from django.utils.html import escape' 'escape(copyright)'
50000 loops, best of 5: 4.03 usec per loop
}}}

branch:

{{{
$ python -m timeit -s 'from django.utils.html import escape' 'escape(copyright)'
100000 loops, best of 5: 2.45 usec per loop
}}}

One small concern, `html.escape()` converts `'` to `&#x27` rather than `&#39`. These values are functionally equivalent HTML, but I'll mention it as a backwards incompatible change as the literal text has changed
"	Cleanup/optimization	closed	Utilities	dev	Normal	fixed			Ready for checkin	1	0	0	0	0	0