harvest-project / harvest

End-to-end user friendly and scalable torrenting server
Apache License 2.0
10 stars 3 forks source link

Bump django from 2.1.7 to 2.2.18 #26

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps django from 2.1.7 to 2.2.18.

Commits
  • fc0c8cf [2.2.x] Bumped version for 2.2.18 release.
  • 21e7622 [2.2.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archiv...
  • ee9d623 [2.2.x] Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database.
  • e8e28e7 [2.2.x] Updated CVE URL.
  • e893c0a [2.2.x] Fixed #31850 -- Fixed BasicExtractorTests.test_extraction_warning wit...
  • 3da29a3 [2.2.x] Post-release version bump.
  • c769f65 [2.2.x] Bumped version for 2.2.17 release.
  • 3db9a7a [2.2.x] Set release date for 2.2.17.
  • b4b8ca4 [2.2.x] Refs #31040 -- Doc'd Python 3.9 compatibility.
  • 01742aa [2.2.x] Refs #31040 -- Fixed Python PendingDeprecationWarning in select_for_u...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/harvest-project/harvest/network/alerts).
dependabot[bot] commented 3 years ago

Superseded by #30.