codecov[bot]
commented
2 years ago Codecov Report
Merging #4660 (ae33ae3) into master (31546df) will not change coverage. The diff coverage is
n/a.
@@ Coverage Diff @@
## master #4660 +/- ##
=======================================
Coverage 92.35% 92.35%
=======================================
Files 238 238
Lines 6739 6739
=======================================
Hits 6224 6224
Misses 515 515 Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 31546df...ae33ae3. Read the comment docs.
pyup-bot
This PR updates django from 4.0.5 to 4.0.6.
Changelog
### 4.0.6 ``` ========================== *July 4, 2022* Django 4.0.6 fixes a security issue with severity "high" in 4.0.5. CVE-2022-34265: Potential SQL injection via ``Trunc(kind)`` and ``Extract(lookup_name)`` arguments ================================================================================================== :class:`Trunc() <django.db.models.functions.Trunc>` and :class:`Extract() <django.db.models.functions.Extract>` database functions were subject to SQL injection if untrusted data was used as a ``kind``/``lookup_name`` value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. ========================== ```Links
- PyPI: https://pypi.org/project/django - Changelog: https://pyup.io/changelogs/django/ - Homepage: https://www.djangoproject.com/