Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update Django to 3.2.23 for Quince - Security Patch #375

Closed
wants to merge 1 commit into from
Closed

chore: update Django to 3.2.23 for Quince - Security Patch #375

wants to merge 1 commit into from

Conversation

magajh
Copy link
Contributor

@magajh magajh commented Nov 21, 2023
edited
Loading

Description

This PR updates Django to version 3.2.23 in the Quince release branch. The update includes the latest security patch, as part of the BTR working group's ongoing efforts to ensure the security of Open edX's supported named releases.

For more information, see: openedx/wg-build-test-release#324

@magajh magajh requested a review from a team as a code owner November 21, 2023 21:08
@openedx-webhooks openedx-webhooks added the open-source-contribution PR author is not from Axim or 2U label Nov 21, 2023
@openedx-webhooks
Copy link

Thanks for the pull request, @magajh! Please note that it may take us up to several weeks or months to complete a review and merge your PR.

Feel free to add as much of the following information to the ticket as you can:

  • supporting documentation
  • Open edX discussion forum threads
  • timeline information ("this must be merged by XX date", and why that is)
  • partner information ("this is a course on edx.org")
  • any other information that can help Product understand the context for the PR

All technical communication about the code itself will be done via the GitHub pull request interface. As a reminder, our process documentation is here.

Please let us know once your PR is ready for our review and all tests are green.

@magajh magajh mentioned this pull request Nov 21, 2023
Closed
@itsjeyd
Copy link

itsjeyd commented Nov 23, 2023

Hey @magajh, thanks for the changes! It looks like they are ready for review, so I'm updating the status of this PR accordingly.

@itsjeyd itsjeyd added the waiting for eng review PR is ready for review. Review and merge it, or suggest changes. label Nov 23, 2023
@itsjeyd
Copy link

itsjeyd commented Nov 23, 2023

@mattcarter This is ready for engineering review by Aurora.

@magajh
Copy link
Contributor Author

magajh commented Dec 4, 2023

This repository has recently been upgraded to Django version 4.2.7 (see commit: bb0cd7dac343e69b1bcf8a953348e01ae907d75b), which includes the latest security patch.

Given this upgrade, the changes proposed in this PR for updating Django to 3.2 with the latest security patch are now obsolete.

@magajh magajh closed this Dec 4, 2023
@openedx-webhooks
Copy link

@magajh Even though your pull request wasn’t merged, please take a moment to answer a two question survey so we can improve your experience in the future.

@itsjeyd itsjeyd added dependencies Pull requests that update a dependency file and removed waiting for eng review PR is ready for review. Review and merge it, or suggest changes. labels Dec 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file open-source-contribution PR author is not from Axim or 2U
Projects
Contributions
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@magajh @openedx-webhooks @itsjeyd