package updates for Django 3.2

This commit is contained in:
Philip Sargent 2022-03-16 11:02:54 +00:00
parent d3ddcba313
commit 60fc66cdf5
2 changed files with 10 additions and 8 deletions

View File

@ -1,10 +1,12 @@
asgiref==3.5.0 asgiref==3.3.4
confusable-homoglyphs==3.2.0 confusable-homoglyphs==3.2.0
coverage==6.3.2 coverage==5.5
Django==3.2.12 Django==3.2.12
docutils==0.18.1 docutils==0.14
gunicorn==20.1.0 gunicorn==20.1.0
pytz==2021.3 Pillow==9.0.1
sqlparse==0.4.2 pytz==2019.1
typing-extensions==4.1.1 reportlab==3.6.8
Unidecode==1.3.3 sqlparse==0.2.4
typing-extensions==3.7.4.3
Unidecode==1.0.23

View File

@ -1,7 +1,7 @@
System check identified some issues: System check identified some issues:
WARNINGS: WARNINGS:
?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, and SECURE_SSL_REDIRECT settings will have no effect. ?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT settings will have no effect.
?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions. ?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token. ?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
?: (security.W018) You should not have DEBUG set to True in deployment. ?: (security.W018) You should not have DEBUG set to True in deployment.