Skip to content

chore(deps)(deps): bump whitenoise from 6.2.0 to 6.12.0 in the python-minor-patch group across 1 directory#42

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-minor-patch-ee737bb5c3
Open

chore(deps)(deps): bump whitenoise from 6.2.0 to 6.12.0 in the python-minor-patch group across 1 directory#42
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-minor-patch-ee737bb5c3

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 3, 2026
edited
Loading

Bumps the python-minor-patch group with 1 update in the / directory: whitenoise.

Updates whitenoise from 6.2.0 to 6.12.0

Changelog

Sourced from whitenoise's changelog.

6.12.0 (2026-02-27)

  • Drop Python 3.9 support.
  • Fix potential unauthorised file access vulnerability in "autorefesh" mode. See PR [#684](https://github.com/evansd/whitenoise/issues/684) <https://github.com/evansd/whitenoise/pull/684>__ for details, and a reminder that autorefresh mode has always been documented as unsuitable for production use. Thanks Seth Larson for reporting.

6.11.0 (2025-09-18)

  • Support Django 6.0.

6.10.0 (2025-09-09)

  • Support Python 3.14.

6.9.0 (2025-02-06)

  • Support Django 5.2.

6.8.2 (2024-10-29)

  • Fix compression speed gains for the thread pool when running Django’s collectstatic. The thread pool had no effect due to use of a generator for the results, a refactoring introduced when reviewing the initial PR.

    Thanks to Petr Přikryl for the investigation and fix in PR [#616](https://github.com/evansd/whitenoise/issues/616) <https://github.com/evansd/whitenoise/pull/616>__.

6.8.1 (2024-10-28)

  • Raise any errors from threads in the whitenoise.compress command.

    Regression in 6.8.0. Thanks to Tom Grainger for the spotting this with a comment on PR [#484](https://github.com/evansd/whitenoise/issues/484) <https://github.com/evansd/whitenoise/pull/484#discussion_r1818989096>__.

6.8.0 (2024-10-28)

  • Drop Django 3.2 to 4.1 support.

  • Drop Python 3.8 support.

  • Support Python 3.13.

  • Fix a bug introduced in version 6.0.0 where Range requests could lead to database connection errors in other requests.

    Thanks to Per Myren for the detailed investigation and fix in PR [#612](https://github.com/evansd/whitenoise/issues/612) <https://github.com/evansd/whitenoise/pull/612>__.

... (truncated)

Commits

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 3, 2026

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot changed the title chore(deps)(deps): bump whitenoise from 6.2.0 to 6.12.0 in the python-minor-patch group chore(deps)(deps): bump whitenoise from 6.2.0 to 6.12.0 in the python-minor-patch group across 1 directory May 4, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/python-minor-patch-ee737bb5c3 branch from 57ae3fb to a4ab7b7 Compare May 4, 2026 20:42
@dependabot
chore(deps)(deps): bump whitenoise
89ae9af 
Bumps the python-minor-patch group with 1 update in the / directory: [whitenoise](https://github.com/evansd/whitenoise).


Updates `whitenoise` from 6.2.0 to 6.12.0
- [Changelog](https://github.com/evansd/whitenoise/blob/main/docs/changelog.rst)
- [Commits](evansd/whitenoise@6.2.0...6.12.0)

---
updated-dependencies:
- dependency-name: whitenoise
  dependency-version: 6.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/python-minor-patch-ee737bb5c3 branch from a4ab7b7 to 89ae9af Compare May 11, 2026 23:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants