Skip to content

Bump django from 4.2.16 to 4.2.27#764

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/django-4.2.27
Closed

Bump django from 4.2.16 to 4.2.27#764
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/django-4.2.27

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Dec 3, 2025

Copy link
Copy Markdown
Contributor

Bumps django from 4.2.16 to 4.2.27.

Commits
  • 5948e66 [4.2.x] Bumped version for 4.2.27 release.
  • 4d2b880 [4.2.x] Fixed CVE-2025-64460 -- Corrected quadratic inner text accumulation i...
  • f997037 [4.2.x] Fixed CVE-2025-13372 -- Protected FilteredRelation against SQL inject...
  • 4b5dcc9 [4.2.x] Added script to archive EOL stable branches.
  • 0e85bdb [4.2.x] Refs #36743 -- Added missing release notes for 5.1.15 and 4.2.27.
  • e697349 [4.2.x] Fixed #36743 -- Increased URL max length enforced in HttpResponseRedi...
  • 7d7f27b [4.2.x] Added timeout-minutes directive to all GitHub Actions workflows.
  • b40c057 [4.2.x] Added stub release notes and release date for 4.2.27.
  • b794e74 [4.2.x] Configured dangerous-triggers zizmor rule.
  • 6a80390 [4.2.x] Addressed unpinned-uses zizmor finding.
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
django [>= 5.a, < 6]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [django](https://github.com/django/django) from 4.2.16 to 4.2.27.
- [Commits](django/django@4.2.16...4.2.27)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 4.2.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Dec 3, 2025
@netlify

netlify Bot commented Dec 3, 2025

Copy link
Copy Markdown

Deploy Preview for bespoke-druid-3cf25f ready!

Name Link
🔨 Latest commit 25431f8
🔍 Latest deploy log https://app.netlify.com/projects/bespoke-druid-3cf25f/deploys/693019962e26a60008818650
😎 Deploy Preview https://deploy-preview-764--bespoke-druid-3cf25f.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@dependabot @github

dependabot Bot commented on behalf of github Dec 4, 2025

Copy link
Copy Markdown
Contributor Author

Superseded by #765.

@dependabot dependabot Bot closed this Dec 4, 2025
@dependabot dependabot Bot deleted the dependabot/pip/django-4.2.27 branch December 4, 2025 11:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants