-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix(django): Upgrade of 4.2.14 #10553
Conversation
DryRun Security SummaryThis pull request updates the Django version in the DefectDojo application's Expand for full summarySummary: This pull request updates the Django version from 4.2.13 to 4.2.14 in the Files Changed:
Code AnalysisWe ran
Riskiness🟢 Risk threshold not exceeded. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |
… kiuwan-sca # By dependabot[bot] (13) and others # Via GitHub * 'kiuwan-sca' of github.com:mwager/django-DefectDojo: (39 commits) Deprecate Python-jose and migrate okta to python_social_auth (DefectDojo#10117) fix: dockerfile warnings (DefectDojo#10505) Ruff: Add and fix Q000 (DefectDojo#10095) Fix(django): Upgrade of 4.2 (DefectDojo#10553) fix(deps): build python psycopg3 dependency instead of use the pre-build binary (DefectDojo#10491) Bump coverage from 7.5.4 to 7.6.0 (DefectDojo#10560) Bump asteval from 1.0.0 to 1.0.1 (DefectDojo#10561) Bump djangorestframework from 3.14.0 to 3.15.2 (DefectDojo#10431) Bump boto3 from 1.34.142 to 1.34.143 (DefectDojo#10558) Bump django-debug-toolbar from 4.4.5 to 4.4.6 (DefectDojo#10557) Bump boto3 from 1.34.141 to 1.34.142 (DefectDojo#10551) Bump packageurl-python from 0.15.2 to 0.15.3 (DefectDojo#10541) Bump boto3 from 1.34.140 to 1.34.141 (DefectDojo#10542) Update helm lock file Update versions in application files Update versions in application files API: Convert get_filterset calls to get_queryset (DefectDojo#10543) Bump django-debug-toolbar from 4.4.4 to 4.4.5 (DefectDojo#10527) Fix ruff Ruff fix ... # Conflicts: # dojo/settings/.settings.dist.py.sha256sum
While waiting for the acceptance of #10409, it might be a good idea to upgrade Django at least to
4.2.14
to mitigate known issues: https://docs.djangoproject.com/en/5.0/releases/4.2.14/This change is not offered by
dependabot
because it is monitoring only the latest versions (in running configuration).