Open zerothabhishek opened 5 years ago
pillow seems to be unused.
3 more dependencies need update - handlebars, extend and sshpk as pointed out by GitHub @dependabot
Won't @dependabot create a PR if a security issue be found? Do we explicitly need to update some dependency?
Ref: https://requires.io/github/pythonindia/junction/requirements/?branch=master
Many libraries in requirements.txt are using old, insecure versions. They must be updated to the latest secure versions.
This also requires a Django upgrade. Related Issue: 514