andrewpollock
commented
1 month ago This is a test fixture that is not intended to be changed
Closed dependabot[bot] closed 1 month ago
andrewpollock
commented
1 month ago This is a test fixture that is not intended to be changed
dependabot[bot]
commented
1 month ago This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml
Bumps the pip group with 1 update in the /cmd/osv-scanner/fixtures/locks-requirements directory: django.
Updates
djangofrom 2.2.24 to 3.2.25Commits
c98eca3[3.2.x] Bumped version for 3.2.25 release.072963e[3.2.x] Fixed CVE-2024-27351 -- Prevented potential ReDoS in Truncator.words().2ad2676[3.2.x] Added release date for 3.2.25.fc41af6[3.2.x] Fixed #35172 -- Fixed intcomma for string floats.b9170b4[3.2.x] Added CVE-2024-24680 to security archive.e5350a9[3.2.x] Post release version bump.f5c8808[3.2.x] Bumped version for 3.2.24 release.c1171ff[3.2.x] Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template ...9dc3456[3.2.x] Added stub release notes 3.2.24.90eae45[3.2.x] Fixed documented alias of smart_text().Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show