From 5d9cfa148604d5e60204083d8fb89cdcfaa3b13d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Feb 2026 20:57:52 +0000
Subject: [PATCH 1/2] build(deps): bump django from 4.2.27 to 4.2.28

Bumps [django](https://github.com/django/django) from 4.2.27 to 4.2.28.
- [Commits](https://github.com/django/django/compare/4.2.27...4.2.28)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 4.2.28
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 poetry.lock    | 8 ++++----
 pyproject.toml | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/poetry.lock b/poetry.lock
index d8699a02b..2534e477f 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -530,14 +530,14 @@ test-randomorder = ["pytest-randomly"]
 
 [[package]]
 name = "django"
-version = "4.2.27"
+version = "4.2.28"
 description = "A high-level Python web framework that encourages rapid development and clean, pragmatic design."
 optional = false
 python-versions = ">=3.8"
 groups = ["main", "dev"]
 files = [
-    {file = "django-4.2.27-py3-none-any.whl", hash = "sha256:f393a394053713e7d213984555c5b7d3caeee78b2ccb729888a0774dff6c11a8"},
-    {file = "django-4.2.27.tar.gz", hash = "sha256:b865fbe0f4a3d1ee36594c5efa42b20db3c8bbb10dff0736face1c6e4bda5b92"},
+    {file = "django-4.2.28-py3-none-any.whl", hash = "sha256:49a23c1b83ef31525f8d71a57b040f91d34660edb3f086280a8519855655ed3c"},
+    {file = "django-4.2.28.tar.gz", hash = "sha256:a4b9cd881991add394cafa8bb3b11ad1742d1e1470ba99c3ef53dc540316ccfe"},
 ]
 
 [package.dependencies]
@@ -2956,4 +2956,4 @@ files = [
 [metadata]
 lock-version = "2.1"
 python-versions = "^3.11"
-content-hash = "1dfa20c8648ff18748224462ddd5b9a2703d98634988d67f21a4cd8c89561084"
+content-hash = "5ee5076597767f0176af83cdcd167983971ef1d19457d7fbc08c045e0922af25"
diff --git a/pyproject.toml b/pyproject.toml
index ac933a131..aa1de0a70 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -12,7 +12,7 @@ boto3 = "^1.28.53"
 botocore = "^1.31.53"
 chardet = "^3.0.4"
 cryptography = "^44.0.1"
-Django = "4.2.27"
+Django = "4.2.28"
 django-autocomplete-light = "^3.9.4"
 django-background-tasks-updated = "=1.2.7"
 django-q2 = "1.6.2"

From 6dc7394a34e19d4361ea7cbe162e8df6f6547cbe Mon Sep 17 00:00:00 2001
From: Tom Pollard <tpollard@mit.edu>
Date: Tue, 3 Feb 2026 16:08:20 -0500
Subject: [PATCH 2/2] build(deps): bump django from 4.2.27 to 4.2.28

---
 requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index e1bb07e23..d8c1ad576 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -356,9 +356,9 @@ django-storages==1.12.3 ; python_version >= "3.11" and python_version < "4.0" \
 django-tinymce==4.1.0 ; python_version >= "3.11" and python_version < "4.0" \
     --hash=sha256:02e3b70e940fd299f0fbef4315aee5c185664e1eb8cd396b176963954e4357c9 \
     --hash=sha256:9804836e6d2b08de3b03a27c100f8c2e9633549913eff8b323678a10cd48b94e
-django==4.2.27 ; python_version >= "3.11" and python_version < "4.0" \
-    --hash=sha256:b865fbe0f4a3d1ee36594c5efa42b20db3c8bbb10dff0736face1c6e4bda5b92 \
-    --hash=sha256:f393a394053713e7d213984555c5b7d3caeee78b2ccb729888a0774dff6c11a8
+django==4.2.28 ; python_version >= "3.11" and python_version < "4.0" \
+    --hash=sha256:49a23c1b83ef31525f8d71a57b040f91d34660edb3f086280a8519855655ed3c \
+    --hash=sha256:a4b9cd881991add394cafa8bb3b11ad1742d1e1470ba99c3ef53dc540316ccfe
 djangorestframework==3.15.2 ; python_version >= "3.11" and python_version < "4.0" \
     --hash=sha256:2b8871b062ba1aefc2de01f773875441a961fefbf79f5eed1e32b2f096944b20 \
     --hash=sha256:36fe88cd2d6c6bec23dca9804bab2ba5517a8bb9d8f47ebc68981b56840107ad