Skip to content

Bump django from 4.2.4 to 4.2.7 in /requirements

Zilio, Nicola requested to merge dependabot/pip/requirements/django-4.2.7 into main

Created by: dependabot[bot]

Bumps django from 4.2.4 to 4.2.7.

Commits
  • d254a54 [4.2.x] Bumped version for 4.2.7 release.
  • 048a9eb [4.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows.
  • 3fae5d9 [4.2.x] Refs #30601 -- Fixed typos in docs/topics/db/transactions.txt.
  • a8aa940 [4.2.x] Refs #15578 -- Made cosmetic edits to fixtures docs.
  • 109f39a [4.2.x] Fixed #34932 -- Restored varchar_pattern_ops/text_pattern_ops index c...
  • 6161299 [4.2.x] Fixed typos in docs/ref/models/expressions.txt.
  • 696fbc3 [4.2.x] Fixed #30601 -- Doc'd the need to manually revert all app state on tr...
  • ffba631 [4.2.x] Fixed typo in docs/ref/contrib/gis/geos.txt.
  • 43a3646 [4.2.x] Fixed #15578 -- Stated the processing order of fixtures in the fixtur...
  • 0cd8b86 [4.2.x] Added stub release notes and release date for 4.2.7, 4.1.13, and 3.2.23.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Merge request reports