Open lucyb opened 5 months ago
https://github.com/opensafely-core/opencodelists/security/dependabot/82 is blocked until we upgrade django and django-debug-toolbar.
If testing/upgrading to Django 5 is a little bit tricky, it might be easier to upgrade to the latest Django 4.2 (we're already on a 4.2 version).
It's a long term support release and still gets security updates, although Dependabot wants to upgrade us to Django 5.
From Steve: There are several outstanding dependency upgrades that have not been merged, so there are currently 18 active security alerts in this project.