Deps: Bump the python-packages group with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates: django, djangorestframework, astroid and urllib3.

Updates django from 2.2.28 to 4.2.5

Commits

• b8b2f74 [4.2.x] Bumped version for 4.2.5 release.
• 9c51b4d [4.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding....
• acfb427 [4.2.x] Fixed #34803 -- Fixed queryset crash when filtering againts deeply ne...
• 55a0b9c [4.2.x] Added stub release notes and release date for 4.2.5, 4.1.11, and 3.2.21.
• 8e8c318 [4.2.x] Avoided counting exceptions in AsyncClient docs.
• dcb9d7a [4.2.x] Improved formset docs by using a set instead of a list in the custom ...
• f55b420 [4.2.x] Fixed #34781 -- Updated logging ref docs for django.server's request ...
• 46b2b08 [4.2.x] Fixed #34779 -- Avoided unnecessary selection of non-nullable m2m fie...
• d34db66 [4.2.x] Fixed #34773 -- Fixed syncing DEFAULT_FILE_STORAGE/STATICFILES_STORAG...
• a22aeef [4.2.x] Fixed #15799 -- Doc'd that Storage._open() should raise FileNotFoundE...
• Additional commits viewable in compare view

Updates djangorestframework from 3.11.2 to 3.14.0

Release notes

Sourced from djangorestframework's releases.

Version 3.14.0

• Django 2.2 is no longer supported. #8662
• Django 4.1 compatibility. #8591
• Add --api-version CLI option to generateschema management command. #8663
• Enforce is_valid(raise_exception=False) as a keyword-only argument. #7952
• Stop calling set_context on Validators. #8589
• Return NotImplemented from ErrorDetails.__ne__. #8538
• Don't evaluate DateTimeField.default_timezone when a custom timezone is set. #8531
• Make relative URLs clickable in Browseable API. #8464
• Support ManyRelatedField falling back to the default value when the attribute specified by dot notation doesn't exist. Matches ManyRelatedField.get_attribute to Field.get_attribute. #7574
• Make schemas.openapi.get_reference public. #7515
• Make ReturnDict support dict union operators on Python 3.9 and later. #8302
• Update throttling to check if request.user is set before checking if the user is authenticated. #8370

Version 3.13.1

• Revert schema naming changes with function based @api_view. #8297

Version 3.13.0

• Django 4.0 compatability. #8178
• Add max_length and min_length options to ListSerializer. #8165
• Add get_request_serializer and get_response_serializer hooks to AutoSchema. #7424
• Fix OpenAPI representation of null-able read only fields. #8116
• Respect UNICODE_JSON setting in API schema outputs. #7991
• Fix for RemoteUserAuthentication. #7158
• Make Field constructors keyword-only. #7632

3.12.4

No release notes provided.

Commits

• 2da473c Add 3.14 announcement to the docs
• 58e0a69 Update setup.py to drop Django 2.2 and update release notes (#8666)
• 11bfda9 both statement have dupplicate bodies (#8633)
• 058424c docs: delete duplicate explanation (#8641)
• eb88dfc Add --api-version CLI option to generateschema (#8663)
• f34f156 Remove old deprecation classes for 3.14 release (#8664)
• c6cafc9 Update release-notes.md
• f8b3f38 Update supported versions for 3.14 release (#8662)
• b658915 Version 3.14.0 proposal (#8599)
• 51f1aff Revert 8552 (#8661)
• Additional commits viewable in compare view

Updates astroid from 2.15.6 to 2.15.7

Changelog

Sourced from astroid's changelog.

What's New in astroid 2.15.7?

Release date: 2023-09-23

• Fix a crash when inferring a typing.TypeVar call.

  Closes pylint-dev/pylint#8802

• Infer user-defined enum classes by checking if the class is a subtype of enum.Enum.

  Closes pylint-dev/pylint#8897

• Fix inference of functions with @functools.lru_cache decorators without parentheses.

  Closes pylint-dev/pylint#8868

• Make sys.argv uninferable because it never is. (It's impossible to infer the value it will have outside of static analysis where it's our own value.)

  Refs pylint-dev/pylint#7710

Commits

• 29b42e5 Bump astroid to 2.15.7, update changelog
• 1f62beb Infer user-defined enum classes by checking if the class is a subtype of ``en...
• 0e0dd9c [Backport maintenance/2.15.x] Make sys.argv uninferable because it never is...
• 5cfbcbf [Backport maintenance/2.15.x] Fix inference involving @functools.lru_cache ...
• 28ef038 [Backport maintenance/2.15.x] Fix a crash when inferring a typing.TypeVar c...
• See full diff in compare view

Updates urllib3 from 2.0.4 to 2.0.5

Release notes

Sourced from urllib3's releases.

2.0.5

• Allowed pyOpenSSL third-party module without any deprecation warning. #3126
• Fixed default blocksize of HTTPConnection classes to match high-level classes. Previously was 8KiB, now 16KiB. #3066

Changelog

Sourced from urllib3's changelog.

2.0.5 (2023-09-20)

• Allowed pyOpenSSL third-party module without any deprecation warning. ([#3126](https://github.com/urllib3/urllib3/issues/3126) <https://github.com/urllib3/urllib3/issues/3126>__)
• Fixed default blocksize of HTTPConnection classes to match high-level classes. Previously was 8KiB, now 16KiB. ([#3066](https://github.com/urllib3/urllib3/issues/3066) <https://github.com/urllib3/urllib3/issues/3066>__)

Commits

• d9f85a7 Release 2.0.5
• d41f412 Undeprecate pyOpenSSL module (#3127)
• b6c04cb Fix a link to "absolute URI" definition (#3128)
• af7c78f refactor: change double conditional to one (#3118)
• 34c13c8 Refer to current internet standards in docs on proxies (#3124)
• a3e94f2 Fix a name of an attribute in docs (#3125)
• da69d4f Fix docs build (#3123)
• 18831e5 Bump actions/checkout from 3.6.0 to 4.0.0 (#3116)
• cf8e184 Unquote all GitHub Action names to fix auto-updating comments (#3121)
• 26c1b3f Unquote GitHub Action name to test auto-updating comments
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
django	[>= 3.a, < 4]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

Merging #820 (081b760) into main (45cc2ce) will increase coverage by 0.07%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #820      +/-   ##
==========================================
+ Coverage   88.58%   88.65%   +0.07%     
==========================================
  Files          35       35              
  Lines        1331     1331              
==========================================
+ Hits         1179     1180       +1     
+ Misses        152      151       -1     

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.