chore(deps): update dependency djangorestframework to v3.15.2 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
djangorestframework (source, changelog)	==3.14.0 → ==3.15.2

GitHub Vulnerability Alerts

CVE-2024-21520

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with
tags.

---

Release Notes

encode/django-rest-framework (djangorestframework)

v3.15.2

Compare Source

What's Changed

• Add @​api_view example to caching documentation by @​BradWells in #​9131
• Update docstring by @​jthevos in #​9340
• Apply black formatting to caching markdown by @​jthevos in #​9341
• Update renderers documentation example by @​mgaligniana in #​9362
• Removing live examples of tutorial code that are no longer hosted by @​TGoddessana in #​9363
• Docs: Remove an unnecessary step from quickstart.md by @​gogowitsch in #​9387
• Documentation: Add Python 3.12 to the requirements by @​Szaroslav in #​9382
• Tweak README.md links. by @​tomchristie in #​9375
• Revert "Ensure CursorPagination respects nulls in the ordering field" by @​max-muoto in #​9381
• use warnings rather than logging a warning for DecimalField warnings by @​terencehonles in #​9367
• 2024042 docs by @​peterthomassen in #​9392
• Cleanup by @​peterthomassen in #​9393
• tests: Check urlpatterns after cleanups by @​stanislavlevin in #​9400
• docs: Correct some evaluation results and a httpie option in Tutorial1 by @​wkwkhautbois in #​9421
• Add __hash__ method for permissions.OperandHolder class by @​vanya909 in #​9417
• Fix potential XSS vulnerability in break_long_headers template filter by @​ch4n3-yoon in #​9435
• Version 3.15.2. by @​tomchristie in #​9439

New Contributors

• @​BradWells made their first contribution in #​9131
• @​jthevos made their first contribution in #​9340
• @​gogowitsch made their first contribution in #​9387
• @​Szaroslav made their first contribution in #​9382
• @​wkwkhautbois made their first contribution in #​9421
• @​ch4n3-yoon made their first contribution in #​9435

Full Changelog: encode/django-rest-framework@3.15.1...3.15.2

v3.15.1: Version 3.15.1

Compare Source

What's Changed

• Update the message to be consistent with the Django `HttpResponseBa… by @​maycuatroi in #​9287
• Make inflection package truly optional by @​browniebroke in #​9303
• Fix broken links in release notes for 3.15 by @​browniebroke in #​9305
• TokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by @​alexdlaird in #​9301
• Add drf-sendables to third-party-packages.md by @​amikrop in #​9261
• Revert "feat: Add some changes to ValidationError to support django style vad…" by @​auvipy in #​9326
• Revert "Re-prefetch related objects after updating" by @​auvipy in #​9327
• Revert #​8863 by @​tomchristie in #​9330
• Revert #​8009 by @​tomchristie in #​9332
• Revert #​9030 by @​tomchristie in #​9333
• Revert "Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces" by @​auvipy in #​9335
• SearchFilter.get_search_terms returns list. by @​tomchristie in #​9338
• Version 3.15.1 by @​tomchristie in #​9339

New Contributors

• @​maycuatroi made their first contribution in #​9287
• @​alexdlaird made their first contribution in #​9301

Full Changelog: encode/django-rest-framework@3.15.0...3.15.1

v3.15.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.