Skip to content

build(deps): bump django from 5.1.15 to 6.0.5 in /backend#3305

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/backend/django-6.0.4
Closed

build(deps): bump django from 5.1.15 to 6.0.5 in /backend#3305
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/backend/django-6.0.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 13, 2026
edited
Loading

Bumps django from 5.1.15 to 6.0.5.

Commits
  • 8f8ad09 [6.0.x] Bumped version for 6.0.5 release.
  • 44ad76e [6.0.x] Fixed CVE-2026-6907 -- Prevented caching of requests when Vary header...
  • 1b0184a [6.0.x] Fixed CVE-2026-35192 -- Ensured Vary header is sent when setting sess...
  • ad8f9e1 [6.0.x] Fixed CVE-2026-5766 -- Enforced DATA_UPLOAD_MAX_MEMORY_SIZE in Memory...
  • 990ab01 [6.0.x] Fixed #37039 -- Removed outdated note from QuerySet.iterator() docs.
  • f0c269f [6.0.x] Fixed typo in stub release notes for 5.2.14.
  • 8bcd15b [6.0.x] Fixed #37067 -- Added trailing slash in django_file_prefixes().
  • 3cdec64 [6.0.x] Refs CVE-2026-25674 -- Clarified role of umask in upload permissions.
  • 5dd5c70 [6.0.x] Added stub release notes and release date for 6.0.5 and 5.2.14.
  • 8ee7341 [6.0.x] Refs #373, #34122 -- Removed warning that ForeignObject is an interna...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the backend Code review backend label Apr 13, 2026
@dependabot dependabot Bot mentioned this pull request Apr 13, 2026
Closed
@dependabot dependabot Bot changed the title build(deps): bump django from 5.1.15 to 6.0.4 in /backend build(deps): bump django from 5.1.15 to 6.0.5 in /backend May 11, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/django-6.0.4 branch 3 times, most recently from 4f202ab to 84bc05e Compare May 11, 2026 18:30
@dependabot
build(deps): bump django from 5.1.15 to 6.0.5 in /backend
dbc18aa 
Bumps [django](https://github.com/django/django) from 5.1.15 to 6.0.5.
- [Commits](django/django@5.1.15...6.0.5)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 6.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/django-6.0.4 branch from 84bc05e to dbc18aa Compare May 11, 2026 19:03
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 11, 2026

Superseded by #3355.

@dependabot dependabot Bot closed this May 11, 2026
@dependabot dependabot Bot deleted the dependabot/pip/backend/django-6.0.4 branch May 11, 2026 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

backend Code review backend

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants