[security] build(deps): bump django from 3.0.6 to 3.0.7#28
[security] build(deps): bump django from 3.0.6 to 3.0.7#28dependabot-preview[bot] wants to merge 1 commit intoproject-set-upfrom
Conversation
Bumps [django](https://github.com/django/django) from 3.0.6 to 3.0.7. - [Release notes](https://github.com/django/django/releases) - [Commits](django/django@3.0.6...3.0.7) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
dependabot-preview
bot
added
the
dependencies
Codecov Report
@@ Coverage Diff @@
## project-set-up #28 +/- ##
===============================================
Coverage 80.23% 80.23%
===============================================
Files 7 7
Lines 258 258
===============================================
Hits 207 207
Misses 51 51 Continue to review full report at Codecov.
|
|
We've just been alerted that this update fixes a security vulnerability: Sourced from The GitHub Security Advisory Database.
|
dependabot-preview
bot
changed the title
dependabot-preview
bot
added
the
security
|
Superseded by #42. |
Bumps django from 3.0.6 to 3.0.7.
Commits
44da7ab[3.0.x] Bumped version for 3.0.7 release.84b2da5[3.0.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...1f2dd37[3.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...256d297[3.0.x] Added release date for 2.2.13 and 3.0.7.8734a02[3.0.x] Updated link to Celery.d22f678[3.0.x] Refs #31485 -- Backported jQuery upgrade to 3.5.1.b9db041[3.0.x] Adjusted URL example in tutorial.caf7c46[3.0.x] Fixed #31643 -- Changed virtualenv doc references to Python 3 venv.9297a3e[3.0.x] Fixed typo in docs/ref/templates/language.txt.2638627[3.0.x] Fixed #31570 -- Corrected translation loading for apps providing terr...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language@dependabot badge mewill comment on this PR with code to add a "Dependabot enabled" badge to your readmeAdditionally, you can set the following in your Dependabot dashboard: