AAP-46640 Update pkgs to clear dependabot issues (#730)

bhavenst · web-flow · commit b581c350ef3d · 2025-06-04T15:08:57.000Z
diff --git a/requirements/requirements.in b/requirements/requirements.in
@@ -3,9 +3,9 @@
 # if you are add a new feature which requires dependencies they should be in a separate requirements_<feature>.in file
 #
 cryptography
-Django>=4.2.16,<4.3.0 # CVE-2024-45230
+Django>=4.2.21,<4.3.0 # CVE-2024-45230, CVE-2024-56374
 djangorestframework
 django-crum
 inflection
 sqlparse>=0.5.2 # https://github.com/ansible/django-ansible-base/security/dependabot/9
-dynaconf>=3.2.10,<4.0.0  # Dynaconf 4.0.0 is expected to be a major release with breaking changes
+dynaconf>=3.2.10,<4.0.0  # Dynaconf 4.0.0 is expected to be a major release with breaking changes
diff --git a/requirements/requirements_all.txt b/requirements/requirements_all.txt
@@ -15,7 +15,7 @@ channels==4.2.0
     # via -r requirements/requirements_channels.in
 charset-normalizer==3.4.0
     # via requests
-cryptography==44.0.0
+cryptography==44.0.1
     # via
     #   -r requirements/requirements.in
     #   jwcrypto
@@ -24,7 +24,7 @@ defusedxml==0.8.0rc2
     # via
     #   python3-openid
     #   social-auth-core
-django==4.2.17
+django==4.2.21
     # via
     #   -r requirements/requirements.in
     #   channels
diff --git a/requirements/requirements_dev.txt b/requirements/requirements_dev.txt
@@ -1,7 +1,7 @@
 ansible                 # Used in build process to generate some configs
 black==25.1.0           # Linting tool, if changed update pyproject.toml as well
 build
-django==4.2.17
+django==4.2.21
 django-debug-toolbar
 django-extensions
 djangorestframework
