Skip to content

2025 06 17 dep updates#549

Merged
stevejalim merged 3 commits into
mainfrom
2025-06-17--dep-updates
Jun 17, 2025
Merged

2025 06 17 dep updates#549
stevejalim merged 3 commits into
mainfrom
2025-06-17--dep-updates

Conversation

@stevejalim

@stevejalim stevejalim commented Jun 17, 2025

Copy link
Copy Markdown
Collaborator

Description

Dep bumps for security

  • I have manually tested this.
  • I have recorded this change in CHANGELOG.md.

@stevejalim stevejalim requested review from Copilot and robhudson June 17, 2025 13:13

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates several production dependencies to address security concerns and records the bump in the changelog.

  • Pinned new versions and hashes for numerous packages in requirements/production.txt
  • Updated minimum version constraints for Django and Sentry SDK in requirements/production.in
  • Added a 1.9.2 entry to CHANGELOG.md

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

File Description
requirements/production.txt Bumped and rehashed certifi, cryptography, Django, and many other packages for security updates
requirements/production.in Raised Django to >=4.2.23 and Sentry SDK to 2.30.0
CHANGELOG.md Added ## [1.9.2] section for dependency updates
Comments suppressed due to low confidence (2)

CHANGELOG.md:18

  • [nitpick] Consider adding a release date next to the version header (e.g., ## [1.9.2] - 2025-06-17) to keep the changelog consistent and informative.
## [1.9.2]

requirements/production.in:2

  • The minimum version for cryptography in production.in remains at 44.0.1, but production.txt pins to 45.0.4. Consider updating this constraint to >=45.0.4 for consistency.
cryptography>=44.0.1

@stevejalim stevejalim merged commit 0617785 into main Jun 17, 2025
2 checks passed
@stevejalim stevejalim deleted the 2025-06-17--dep-updates branch June 17, 2025 14:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants