Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the python-packages group with 4 updates in the / directory: cloudflare, django-test-plus, django and whitenoise.
Updates
cloudflare
from 2.20.0 to 3.0.1Release notes
Sourced from cloudflare's releases.
... (truncated)
Changelog
Sourced from cloudflare's changelog.
... (truncated)
Commits
Updates
django-test-plus
from 2.2.3 to 2.2.4Changelog
Sourced from django-test-plus's changelog.
Commits
Updates
django
from 5.0.6 to 5.0.7Commits
deec9b9
[5.0.x] Bumped version for 5.0.7 release.3a7bf7f
[5.0.x] Made cosmetic edits to 5.0.7 release notes.8e7a44e
[5.0.x] Fixed CVE-2024-39614 -- Mitigated potential DoS in get_supported_lang...9f4f63e
[5.0.x] Fixed CVE-2024-39330 -- Added extra file name validation in Storage's...07cefde
[5.0.x] Fixed CVE-2024-39329 -- Standarized timing of verify_password() when ...7285644
[5.0.x] Fixed CVE-2024-38875 -- Mitigated potential DoS in urlize and urlizet...8303400
[5.0.x] Fixed 35506 -- Clarified initial references to URLconf in tutorial 1.c76089b
[5.0.x] Refs #35560 -- Corrected CheckConstraint argument name in model_field...43aa0c1
[5.0.x] Removed outdated note about limitations in Clickjacking protection.0602fc2
[5.0.x] Fixed #35560 -- Made Model.full_clean() ignore GeneratedFields for co...Updates
whitenoise
from 6.6.0 to 6.7.0Changelog
Sourced from whitenoise's changelog.
Commits
1db0e43
Version 6.7.0ea72844
Tidy pyproject.toml readme and license fields727fce0
Support Django 5.1 (#588)1c2d056
[pre-commit.ci] pre-commit autoupdate (#587)dc58053
Upgrade requirements (#586)cff77f3
[pre-commit.ci] pre-commit autoupdate (#585)da24115
Merge pull request #584 from evansd/security-contact5c12dd6
Add security contact information220a988
[pre-commit.ci] pre-commit autoupdate (#583)b0c36de
Upgrade requirements (#582)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show