Bump the python-dependencies group across 1 directory with 4 updates#7
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the python-dependencies group across 1 directory with 4 updates#7dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the python-dependencies group with 4 updates in the / directory: [certifi](https://github.com/certifi/python-certifi), [charset-normalizer](https://github.com/jawah/charset_normalizer), [django](https://github.com/django/django) and [idna](https://github.com/kjd/idna). Updates `certifi` from 2026.4.22 to 2026.6.17 - [Commits](certifi/python-certifi@2026.04.22...2026.06.17) Updates `charset-normalizer` from 3.4.7 to 3.4.9 - [Release notes](https://github.com/jawah/charset_normalizer/releases) - [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md) - [Commits](jawah/charset_normalizer@3.4.7...3.4.9) Updates `django` from 6.0.4 to 6.0.7 - [Commits](django/django@6.0.4...6.0.7) Updates `idna` from 3.13 to 3.18 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](kjd/idna@v3.13...v3.18) --- updated-dependencies: - dependency-name: certifi dependency-version: 2026.6.17 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: charset-normalizer dependency-version: 3.4.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: django dependency-version: 6.0.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: idna dependency-version: '3.18' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the python-dependencies group with 4 updates in the / directory: certifi, charset-normalizer, django and idna.
Updates
certififrom 2026.4.22 to 2026.6.17Commits
d0ac52f2026.06.17 (#418)d46de62Bump actions/checkout from 6.0.2 to 6.0.3 (#417)6c183ecfix: update Requests docs link to canonical URL (#415)36e3568Bump dessant/lock-threads from 6.0.0 to 6.0.2d7ea1512026.05.20 (#413)Updates
charset-normalizerfrom 3.4.7 to 3.4.9Release notes
Sourced from charset-normalizer's releases.
Changelog
Sourced from charset-normalizer's changelog.
Commits
cc68407Merge pull request #772 from jawah/fix-regression-fallback-path152b923chore: release 3.4.92bc2607fix: unicodedecodeerror in fallback pathbe252d7chore(deps): bump docker/setup-qemu-action from 4.1.0 to 4.2.0 (#767)71c7bddchore(deps): bump actions/setup-python from 6.2.0 to 6.3.0 (#768)aeea391chore(deps): bump pypa/cibuildwheel from 3.4.1 to 4.1.0 (#758)a6f8febMerge pull request #770 from jawah/unblock-ci528e16cchore: add osv-scanner.toml5993498chore: ast_serialize musl missing prebuilt riscv,s390x,ppc64leaa2ddd8Release 3.4.8 (#766)Updates
djangofrom 6.0.4 to 6.0.7Commits
e2a4246[6.0.x] Bumped version for 6.0.7 release.a5de13f[6.0.x] Fixed CVE-2026-53878 -- Prevented newlines from being accepted in Dom...38dfbd2[6.0.x] Fixed CVE-2026-53877 -- Prevented heap buffer over-read when creating...64f9a2b[6.0.x] Fixed CVE-2026-48588 -- Prevented caching of responses that set cooki...c26957a[6.0.x] Fixed flatpages synopsis in docs.0b60f44[6.0.x] Added FILE_UPLOAD_DIRECTORY_PERMISSIONS to docs settings index.d928e30[6.0.x] Fixed #37172 -- Linked to upload handlers section in FILE_UPLOAD_* se...e18935c[6.0.x] Fixed #37158 -- Reordered the contribution checklist sections.490eb9c[6.0.x] Fixed document referenced in multiple toctrees warning in docs/intern...748a9b5[6.0.x] Fixed duplicate target name in docs/internals/howto-release-django.txt.Updates
idnafrom 3.13 to 3.18Changelog
Sourced from idna's changelog.
... (truncated)
Commits
f39ea90Release 3.1840f4e40Pre-release 3.18rc01a5bf80Merge pull request #253 from kjd/lenient-decode5bbb26fMerge branch 'master' into lenient-decodec532baeRename decode() lenient= option to display= (issue #248)0b1758bMerge pull request #252 from kjd/release-3.17f48619cRelease 3.177421ba8Pre-release 3.17rc022ebb73Merge pull request #251 from kjd/structure-optimizations2a7ac0aDrop redundant parallel-arrays comment from uts46dataDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions