[Snyk] Update Django version to resolve critical vulnerability #1248
Assignees
Labels
Comments
|
Todd Lees commented: Passes cr moving to qa |
|
Todd Lees commented: [https://app.circleci.com/pipelines/github/fecgov/fecfile-web-api/4786/workflows/309cb85a-ef78-48b0-8d84-b1c3103f6c22/jobs/13512|https://app.circleci.com/pipelines/github/fecgov/fecfile-web-api/4786/workflows/309cb85a-ef78-48b0-8d84-b1c3103f6c22/jobs/13512] !image-20241220-142753.png|width=1048,height=581,alt="image-20241220-142753.png"! |
|
Shelly Wise commented: QA review verified unit test pass per DEV. !image-20241227-143350.png|width=1488,height=688,alt="image-20241227-143350.png"! QA Review Completed. Moved to Stage Ready. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This week’s snyk review has shown two vulnerabilities in our API, one critical and one high (see screenshot below). The solution for both issues is to upgrade Django to at least v5.1.4, which is the latest version of Django at time of writing.
QA Notes
API changes with zero user-facing effects. Should have passing unit tests as normal.
DEV Notes
The dev should update Django to 5.1.4 along with any other packages that require updating alongside any django version upgrade.
Design
null
See full ticket and images here: FECFILE-1885
Pull Request: #1260
The text was updated successfully, but these errors were encountered: