django-boost
django-boost copied to clipboard
ChanTsune
Update django requirement from <5,>=3.0 to >=5.0.7,<6
Updates the requirements on django to permit the latest version.
Commits
deec9b9[5.0.x] Bumped version for 5.0.7 release.3a7bf7f[5.0.x] Made cosmetic edits to 5.0.7 release notes.8e7a44e[5.0.x] Fixed CVE-2024-39614 -- Mitigated potential DoS in get_supported_lang...9f4f63e[5.0.x] Fixed CVE-2024-39330 -- Added extra file name validation in Storage's...07cefde[5.0.x] Fixed CVE-2024-39329 -- Standarized timing of verify_password() when ...7285644[5.0.x] Fixed CVE-2024-38875 -- Mitigated potential DoS in urlize and urlizet...8303400[5.0.x] Fixed 35506 -- Clarified initial references to URLconf in tutorial 1.c76089b[5.0.x] Refs #35560 -- Corrected CheckConstraint argument name in model_field...43aa0c1[5.0.x] Removed outdated note about limitations in Clickjacking protection.0602fc2[5.0.x] Fixed #35560 -- Made Model.full_clean() ignore GeneratedFields for co...- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}