Address security alerts for Opencodelists

[lucyb]

From Steve: There are several outstanding dependency upgrades that have not been merged, so there are currently 18 active security alerts in this project.

[iaindillingham]

https://github.com/opensafely-core/opencodelists/security/dependabot/82 is blocked until we upgrade django and django-debug-toolbar.

[StevenMaude]

If testing/upgrading to Django 5 is a little bit tricky, it might be easier to upgrade to the latest Django 4.2 (we're already on a 4.2 version).

It's a long term support release and still gets security updates, although Dependabot wants to upgrade us to Django 5.