Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump django from 4.2.14 to 4.2.15 in /src/backend #7827

Merged
merged 3 commits into from
Aug 8, 2024
Merged

Bump django from 4.2.14 to 4.2.15 in /src/backend #7827

merged 3 commits into from
Aug 8, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 7, 2024

Bumps django from 4.2.14 to 4.2.15.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump django from 4.2.14 to 4.2.15 in /src/backend
862288a 
Bumps [django](https://github.com/django/django) from 4.2.14 to 4.2.15.
- [Commits](django/django@4.2.14...4.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependency Relates to a project dependency python Pull requests that update Python code labels Aug 7, 2024
@netlify Netlify
Copy link

netlify bot commented Aug 7, 2024
edited
Loading

Deploy Preview for inventree-web-pui-preview ready!

Name Link
🔨 Latest commit 4e1c1f9
🔍 Latest deploy log https://app.netlify.com/sites/inventree-web-pui-preview/deploys/66b40e6ba6146f00078b6624
😎 Deploy Preview https://deploy-preview-7827--inventree-web-pui-preview.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse		 1 paths audited
Performance: 100 (no change from production)
Accessibility: 86 (no change from production)
Best Practices: 92 (no change from production)
SEO: 70 (no change from production)
PWA: -
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

@codecov Codecov
Copy link

codecov bot commented Aug 8, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.49%. Comparing base (0e8c297) to head (4e1c1f9).
Report is 8 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7827      +/-   ##
==========================================
- Coverage   83.50%   83.49%   -0.02%     
==========================================
  Files        1126     1126              
  Lines       50135    50145      +10     
  Branches     1687     1687              
==========================================
+ Hits        41867    41868       +1     
- Misses       7820     7848      +28     
+ Partials      448      429      -19
Flag Coverage Δ
backend 85.22% <ø> (+0.01%) ⬆️
migrations 42.48% <ø> (+0.05%) ⬆️
pui 64.81% <ø> (-0.25%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@matmair matmair added the security Relates to a security issue label Aug 8, 2024
@matmair matmair added this to the 0.16.0 milestone Aug 8, 2024
@matmair
Copy link
Member

matmair commented Aug 8, 2024

@SchrodingersGat there are several high profile security issues in Django 4.2.14 - this needs to land in 0.16.x before we releease

@SchrodingersGat SchrodingersGat added the backport Apply this label to a PR to enable auto-backport action label Aug 8, 2024
@SchrodingersGat SchrodingersGat merged commit a556409 into master Aug 8, 2024
43 checks passed
@SchrodingersGat SchrodingersGat deleted the dependabot/pip/src/backend/django-4.2.15 branch August 8, 2024 07:17
github-actions bot pushed a commit that referenced this pull request Aug 8, 2024
@dependabot
Bump django from 4.2.14 to 4.2.15 in /src/backend (#7827)
93b4b10 
* Bump django from 4.2.14 to 4.2.15 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.14 to 4.2.15.
- [Commits](django/django@4.2.14...4.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix formatting

* bump everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
(cherry picked from commit a556409)
@github-actions github-actions bot mentioned this pull request Aug 8, 2024
Merged
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 8, 2024

💚 All backports created successfully

Status Branch Result
0.16.x

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

SchrodingersGat pushed a commit that referenced this pull request Aug 8, 2024
@github-actions @dependabot
Bump django from 4.2.14 to 4.2.15 in /src/backend (#7827) (#7839)
44ed1b7 
* Bump django from 4.2.14 to 4.2.15 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.14 to 4.2.15.
- [Commits](django/django@4.2.14...4.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix formatting

* bump everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
(cherry picked from commit a556409)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SchrodingersGat SchrodingersGat Awaiting requested review from SchrodingersGat SchrodingersGat is a code owner

Assignees
No one assigned
Labels
backport Apply this label to a PR to enable auto-backport action backport-to-0.16.x dependency Relates to a project dependency python Pull requests that update Python code security Relates to a security issue
Projects
None yet
Milestone
0.16.0
Development

Successfully merging this pull request may close these issues.
2 participants
@matmair @SchrodingersGat