diff --git a/poetry.lock b/poetry.lock
index 8a5157cde..454e00237 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -38,13 +38,13 @@ files = [
[[package]]
name = "asgiref"
-version = "3.7.2"
+version = "3.8.1"
description = "ASGI specs, helper code, and adapters"
optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
files = [
- {file = "asgiref-3.7.2-py3-none-any.whl", hash = "sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e"},
- {file = "asgiref-3.7.2.tar.gz", hash = "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed"},
+ {file = "asgiref-3.8.1-py3-none-any.whl", hash = "sha256:3e1e3ecc849832fe52ccf2cb6686b7a55f82bb1d6aee72a58826471390335e47"},
+ {file = "asgiref-3.8.1.tar.gz", hash = "sha256:c343bd80a0bec947a9860adb4c432ffa7db769836c64238fc34bdc3fec84d590"},
]
[package.extras]
@@ -972,17 +972,17 @@ typing-extensions = ">=3.10.0.0"
[[package]]
name = "django"
-version = "4.2.17"
+version = "5.1.4"
description = "A high-level Python web framework that encourages rapid development and clean, pragmatic design."
optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.10"
files = [
- {file = "Django-4.2.17-py3-none-any.whl", hash = "sha256:3a93350214ba25f178d4045c0786c61573e7dbfa3c509b3551374f1e11ba8de0"},
- {file = "Django-4.2.17.tar.gz", hash = "sha256:6b56d834cc94c8b21a8f4e775064896be3b4a4ca387f2612d4406a5927cd2fdc"},
+ {file = "Django-5.1.4-py3-none-any.whl", hash = "sha256:236e023f021f5ce7dee5779de7b286565fdea5f4ab86bae5338e3f7b69896cf0"},
+ {file = "Django-5.1.4.tar.gz", hash = "sha256:de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a"},
]
[package.dependencies]
-asgiref = ">=3.6.0,<4"
+asgiref = ">=3.8.1,<4"
sqlparse = ">=0.3.1"
tzdata = {version = "*", markers = "sys_platform == \"win32\""}
@@ -1006,35 +1006,37 @@ django-ipware = ">=3.0.2,<3.1.0"
[[package]]
name = "django-celery-beat"
-version = "2.6.0"
+version = "2.7.0"
description = "Database-backed Periodic Tasks."
optional = false
-python-versions = "*"
+python-versions = ">=3.8"
files = [
- {file = "django-celery-beat-2.6.0.tar.gz", hash = "sha256:f75b2d129731f1214be8383e18fae6bfeacdb55dffb2116ce849222c0106f9ad"},
+ {file = "django_celery_beat-2.7.0-py3-none-any.whl", hash = "sha256:851c680d8fbf608ca5fecd5836622beea89fa017bc2b3f94a5b8c648c32d84b1"},
+ {file = "django_celery_beat-2.7.0.tar.gz", hash = "sha256:8482034925e09b698c05ad61c36ed2a8dbc436724a3fe119215193a4ca6dc967"},
]
[package.dependencies]
celery = ">=5.2.3,<6.0"
cron-descriptor = ">=1.2.32"
-Django = ">=2.2,<5.1"
+Django = ">=2.2,<5.2"
django-timezone-field = ">=5.0"
python-crontab = ">=2.3.4"
tzdata = "*"
[[package]]
name = "django-chunk-upload-handlers"
-version = "0.0.14"
+version = "0.0.15"
description = "Chunking Django file handlers for S3 and ClamAV service uploads"
optional = false
python-versions = ">=3.8"
files = [
- {file = "django_chunk_upload_handlers-0.0.14.tar.gz", hash = "sha256:4a8c7113f1fea9f307b4caa79995dc5824c7f5bc70bdc486cb93b5091d782854"},
+ {file = "django_chunk_upload_handlers-0.0.15-py3-none-any.whl", hash = "sha256:ab19bba5b1c6efa484bea4fe8c4b1807d7e513abd89bcf8b4822c10495337bc5"},
+ {file = "django_chunk_upload_handlers-0.0.15.tar.gz", hash = "sha256:dcc11267f6fca75e31d5726bea48172426b10a65e4a97e6bc72782e9c368bef5"},
]
[package.dependencies]
boto3 = ">=1.17.89"
-django = ">=4.2.9,<4.3.0"
+django = ">=4.2,<6.0"
django-storages = ">=1.11.1"
[[package]]
@@ -1147,18 +1149,18 @@ Django = ">=3.2"
[[package]]
name = "django-feedback-govuk"
-version = "0.2.10"
+version = "0.2.11"
description = "A Django app to gather and send internal Government staff feedback"
optional = false
python-versions = "<4.0,>=3.9"
files = [
- {file = "django_feedback_govuk-0.2.10-py3-none-any.whl", hash = "sha256:a62504720eca8abea0ac57036a38fe88c957fa1e406abfe742886de390014821"},
- {file = "django_feedback_govuk-0.2.10.tar.gz", hash = "sha256:9c5593328a927745e4c836f11f843e8ed1f5fd704e3efa1aa2b34626411338b2"},
+ {file = "django_feedback_govuk-0.2.11-py3-none-any.whl", hash = "sha256:4533fbee005218ba46dd91788d0db35141423a6419affd6860684c3cd38e1103"},
+ {file = "django_feedback_govuk-0.2.11.tar.gz", hash = "sha256:f90d8b950576427f3c3248b767e3d5d9e5c779a04ce03bdd82f3e524eda8eda2"},
]
[package.dependencies]
crispy-forms-gds = ">=0.2.4,<0.3.0"
-Django = ">=3.2,<4.3"
+Django = ">=4.2,<5.2"
django-crispy-forms = ">=1.9,<2.0"
[[package]]
@@ -1177,33 +1179,33 @@ Django = ">=4.2"
[[package]]
name = "django-hawk"
-version = "1.2.1"
+version = "1.2.3"
description = "Authenticate Django Views with HAWK"
optional = false
-python-versions = ">=3.7,<4.0"
+python-versions = "<4.0,>=3.8"
files = [
- {file = "django_hawk-1.2.1-py3-none-any.whl", hash = "sha256:0a7c672d09d15522a629c76a6a22c7fdd4f0deba6c381cded5e3e98ed6c3cf61"},
- {file = "django_hawk-1.2.1.tar.gz", hash = "sha256:adc92dfba07c8d6e2a81c18c620e7b04a6116f234c97f9b06e696f118e6c9cb8"},
+ {file = "django_hawk-1.2.3-py3-none-any.whl", hash = "sha256:08703dcff6b39283316b185e61ea4ec6330a328d0b04a67e6ad4d52c949ea081"},
+ {file = "django_hawk-1.2.3.tar.gz", hash = "sha256:cb177f9b454254edbf39b0b4bd1c0b85caf716b1899fd1ddb1afbce6eeba0537"},
]
[package.dependencies]
-Django = ">=3.2,<4.3"
+Django = ">=4.2,<5.2"
mohawk = ">=1.0.0,<2.0"
[[package]]
name = "django-hawk-drf"
-version = "1.1.2"
+version = "1.1.4"
description = "Authenticate Django Rest Framework Views with django-hawk"
optional = false
-python-versions = ">=3.7,<4.0"
+python-versions = "<4.0,>=3.8"
files = [
- {file = "django_hawk_drf-1.1.2-py3-none-any.whl", hash = "sha256:c3c75e434d3c1f31c87caca333cd020ceb10716a776add0801e5debce1102fe6"},
- {file = "django_hawk_drf-1.1.2.tar.gz", hash = "sha256:3ad594e0618700d45df1d228d5f837cf1d1f01368050b331dc66c7c249f56187"},
+ {file = "django_hawk_drf-1.1.4-py3-none-any.whl", hash = "sha256:cd9bba1d55d2bca7be2d9ae04a1a7ee04fe6c7486c82bb7904f2ac63e94ac24a"},
+ {file = "django_hawk_drf-1.1.4.tar.gz", hash = "sha256:30444352fedfb310ac0a34f5216e668dd09956bde8efeea2d9efd541cbe0f3d3"},
]
[package.dependencies]
-Django = ">=3.2,<5.1"
-django-hawk = ">=1.1.0,<2.0.0"
+Django = ">=4.2,<5.2"
+django-hawk = ">=1.2.3,<2.0.0"
djangorestframework = ">=3.10.3,<4.0"
[[package]]
@@ -1219,17 +1221,17 @@ files = [
[[package]]
name = "django-log-formatter-asim"
-version = "0.0.4"
+version = "0.0.6"
description = "Formats Django logs in ASIM format."
optional = false
-python-versions = ">=3.9,<4"
+python-versions = "<4,>=3.9"
files = [
- {file = "django_log_formatter_asim-0.0.4-py3-none-any.whl", hash = "sha256:7e4c00b4367d0143b34d341ebea6da4bc3057d2055ba29f25666ff85cf939fd3"},
- {file = "django_log_formatter_asim-0.0.4.tar.gz", hash = "sha256:37c46a02a1e01b6837b10b399a0ea4eab4a9c4a8f1801c9fde43ee4d1045afe4"},
+ {file = "django_log_formatter_asim-0.0.6-py3-none-any.whl", hash = "sha256:00923cb95b599082d94895af1333d1bb8fce05a3d742dd571d32b7e0e480ead3"},
+ {file = "django_log_formatter_asim-0.0.6.tar.gz", hash = "sha256:ba35df7a8c5f5bad2e006b55dea8e339ef82f7476a93e6cae4d2bbea12938c2b"},
]
[package.dependencies]
-django = ">=3,<5"
+django = {version = ">=3,<6", markers = "python_version >= \"3.10\" and python_version < \"4\""}
pre-commit = ">=3.5.0,<4.0.0"
[[package]]
@@ -1332,17 +1334,17 @@ resolved_reference = "29108a5b94397ba6107e6899db957289c75468c1"
[[package]]
name = "django-staff-sso-client"
-version = "4.2.2"
+version = "4.3.0"
description = "Reusable Django app to facilitate gov.uk Staff Single Sign On"
optional = false
python-versions = "*"
files = [
- {file = "django_staff_sso_client-4.2.2-py3-none-any.whl", hash = "sha256:de94952af49fd14b8b4c32a26bcf47ab6369377fb4798683ca0654cca878f817"},
- {file = "django_staff_sso_client-4.2.2.tar.gz", hash = "sha256:1a36b3d740d4360b44221004156443092163277cb467b5775ba2a522345b8786"},
+ {file = "django_staff_sso_client-4.3.0-py3-none-any.whl", hash = "sha256:873279b74cc40517af6b5c6c043db74e66d3d4f147ed1495ec357ac26c14d6fa"},
+ {file = "django_staff_sso_client-4.3.0.tar.gz", hash = "sha256:4f320c5c5da02a9da9f5da90b32749ff3a0ad0dcf51eb758fb85fd0e932b5261"},
]
[package.dependencies]
-Django = ">=4.2.10,<5.0"
+Django = ">=4.2.10,<6.0"
requests-oauthlib = "*"
[package.extras]
@@ -1387,17 +1389,17 @@ Django = ">=4.1"
[[package]]
name = "django-timezone-field"
-version = "6.0.1"
+version = "7.0"
description = "A Django app providing DB, form, and REST framework fields for zoneinfo and pytz timezone objects."
optional = false
-python-versions = ">=3.8,<4.0"
+python-versions = "<4.0,>=3.8"
files = [
- {file = "django_timezone_field-6.0.1-py3-none-any.whl", hash = "sha256:ed28d3ff8e3500f2bc173cdf1aab7a3244ef607d06ad890611512de1bae6074d"},
- {file = "django_timezone_field-6.0.1.tar.gz", hash = "sha256:916d0fd924443462f099f02122cc38d6a6e901ea17f1206c343836199df8bc49"},
+ {file = "django_timezone_field-7.0-py3-none-any.whl", hash = "sha256:3232e7ecde66ba4464abb6f9e6b8cc739b914efb9b29dc2cf2eee451f7cc2acb"},
+ {file = "django_timezone_field-7.0.tar.gz", hash = "sha256:aa6f4965838484317b7f08d22c0d91a53d64e7bbbd34264468ae83d4023898a7"},
]
[package.dependencies]
-Django = ">=3.2,<5.0"
+Django = ">=3.2,<6.0"
[[package]]
name = "django-treebeard"
@@ -4000,13 +4002,13 @@ test = ["covdefaults (>=2.3)", "coverage (>=7.2.7)", "coverage-enable-subprocess
[[package]]
name = "wagtail"
-version = "6.2.2"
+version = "6.3.2"
description = "A Django content management system."
optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.9"
files = [
- {file = "wagtail-6.2.2-py3-none-any.whl", hash = "sha256:d0382603aef5d7e4a46529aa125857774a317c2870c9b6836767932969829429"},
- {file = "wagtail-6.2.2.tar.gz", hash = "sha256:506ac2b59dae85069ae754b45bc13b91cbd86e92d4f5d663658773b0ed7a16b9"},
+ {file = "wagtail-6.3.2-py3-none-any.whl", hash = "sha256:ac72f7138281ef47360057ebfb835a8eae34048efeed10ca9f4aabbc8f4e4ea5"},
+ {file = "wagtail-6.3.2.tar.gz", hash = "sha256:e4271222bd2498040a60dd5e27228dcd481cc2310aa8fc951f0f4e23d20fbc50"},
]
[package.dependencies]
@@ -4016,21 +4018,21 @@ Django = ">=4.2,<6.0"
django-filter = ">=23.3,<25"
django-modelcluster = ">=6.2.1,<7.0"
django-permissionedforms = ">=0.1,<1.0"
-django-taggit = ">=5.0,<5.1"
+django-taggit = ">=5.0,<6.2"
django-treebeard = ">=4.5.1,<5.0"
djangorestframework = ">=3.15.1,<4.0"
draftjs-exporter = ">=2.1.5,<6.0"
l18n = ">=2018.5"
laces = ">=0.1,<0.2"
openpyxl = ">=3.0.10,<4.0"
-Pillow = ">=9.1.0,<11.0.0"
+Pillow = ">=9.1.0,<12.0.0"
requests = ">=2.11.1,<3.0"
telepath = ">=0.3.1,<1"
Willow = {version = ">=1.8.0,<2", extras = ["heif"]}
[package.extras]
-docs = ["Sphinx (>=7.0)", "myst-parser (==2.0.0)", "pyenchant (>=3.1.1,<4)", "sphinx-autobuild (>=0.6.0)", "sphinx-copybutton (>=0.5,<1.0)", "sphinx-wagtail-theme (==6.3.0)", "sphinxcontrib-spelling (>=7,<8)"]
-testing = ["Jinja2 (>=3.0,<3.2)", "azure-mgmt-cdn (>=12.0,<13.0)", "azure-mgmt-frontdoor (>=1.0,<1.1)", "boto3 (>=1.28,<2)", "coverage (>=3.7.0)", "curlylint (==0.13.1)", "django-pattern-library (>=0.7)", "djhtml (==3.0.6)", "doc8 (==0.8.1)", "factory-boy (>=3.2)", "freezegun (>=0.3.8)", "polib (>=1.1,<2.0)", "python-dateutil (>=2.7)", "pytz (>=2014.7)", "ruff (==0.1.5)", "semgrep (==1.40.0)", "tblib (>=2.0,<3.0)"]
+docs = ["Sphinx (>=7.3)", "myst-parser (==2.0.0)", "pyenchant (>=3.1.1,<4)", "sphinx-autobuild (>=0.6.0)", "sphinx-wagtail-theme (==6.4.0)", "sphinxcontrib-spelling (>=7,<8)"]
+testing = ["Jinja2 (>=3.0,<3.2)", "azure-mgmt-cdn (>=12.0,<13.0)", "azure-mgmt-frontdoor (>=1.0,<1.1)", "boto3 (>=1.28,<2)", "coverage (>=3.7.0)", "curlylint (==0.13.1)", "django-pattern-library (>=0.7)", "djhtml (==3.0.6)", "doc8 (==0.8.1)", "factory-boy (>=3.2)", "freezegun (>=0.3.8)", "polib (>=1.1,<2.0)", "python-dateutil (>=2.7)", "ruff (==0.1.5)", "semgrep (==1.40.0)", "tblib (>=2.0,<3.0)"]
[[package]]
name = "wagtail_adminsortable"
@@ -4393,4 +4395,4 @@ test = ["big-O", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more-it
[metadata]
lock-version = "2.0"
python-versions = "^3.12"
-content-hash = "238237610c2522b289520a8a550f54e1765abd6db2d1c0e6a9a6d40e658f2f5d"
+content-hash = "1367eaa851de702933f8c72d9e3846d3e9163dc972f659580de58705a51082b6"
diff --git a/pyproject.toml b/pyproject.toml
index fc956e124..3c028cbf4 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -10,7 +10,7 @@ package-mode = false
[tool.poetry.dependencies]
python = "^3.12"
# Django
-django = "^4.2"
+django = "^5.1"
django-environ = "^0.10.0"
django-settings-export = "^1.2.1"
# TODO: Set django-simple-history to the next release after 3.4.0 (when released)
@@ -22,13 +22,13 @@ crispy-forms-gds = "^0.2.6"
# DIT Django
django-audit-log-middleware = "^0.0.4"
django-hawk-drf = "^1.1.0"
-django-chunk-upload-handlers = "^0.0.14"
-django-feedback-govuk = "^0.2.9"
+django-chunk-upload-handlers = "^0.0.15"
+django-feedback-govuk = "^0.2.10"
django_log_formatter_ecs = "^0.0.5"
django-staff-sso-client = "^4.2"
notifications-python-client = "^8.2"
# Wagtail
-wagtail = "^6.2"
+wagtail = "^6.3"
wagtailmedia = "^0.14.2"
wagtailmenus = "^3.1.8"
wagtail-draftail-anchors = "^0.6.0"
@@ -50,7 +50,6 @@ redis = "^4.5.4"
atoma = "^0.0.17"
bleach = "^6.0.0"
elastic-apm = "^6.15.1"
-requests = "^2.32.0"
boto3 = "^1.26.115"
pyjwt = { extras = ["crypto"], version = "^2.6.0" }
wagtail-generic-chooser = "^0.6"
@@ -58,7 +57,7 @@ wagtail-modeladmin = "^2.0.0"
dj-database-url = "^2.1.0"
django-celery-beat = "^2.5.0"
django-waffle = "^4.0.0"
-django-log-formatter-asim = "0.0.4"
+django-log-formatter-asim = "^0.0.6"
dbt-copilot-python = "^0.1.3"
opentelemetry-distro = "^0.43b0"
opentelemetry-exporter-otlp = "^1.22.0"
diff --git a/src/core/migrations/0007_alter_historicaldocument_file_size.py b/src/core/migrations/0007_alter_historicaldocument_file_size.py
new file mode 100644
index 000000000..336b2f185
--- /dev/null
+++ b/src/core/migrations/0007_alter_historicaldocument_file_size.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2.17 on 2024-12-20 16:53
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ("core", "0006_tag_taggedpage"),
+ ]
+
+ operations = [
+ migrations.AlterField(
+ model_name="historicaldocument",
+ name="file_size",
+ field=models.PositiveBigIntegerField(editable=False, null=True),
+ ),
+ ]
diff --git a/src/peoplefinder/forms/profile_edit.py b/src/peoplefinder/forms/profile_edit.py
index c7e1acb16..467773589 100644
--- a/src/peoplefinder/forms/profile_edit.py
+++ b/src/peoplefinder/forms/profile_edit.py
@@ -302,8 +302,10 @@ def __init__(self, *args, **kwargs):
self.request_user = kwargs.pop("request_user", None)
super().__init__(*args, **kwargs)
- remote_working_choices = self.fields["remote_working"].choices
- self.fields["remote_working"].choices = remote_working_choices[1:]
+ remote_working_choices = list(self.fields["remote_working"].choices)
+ if remote_working_choices[0][0] == "":
+ remote_working_choices.pop(0)
+ self.fields["remote_working"].choices = remote_working_choices
usual_office_days_label = self.fields["usual_office_days"].label + " (optional)"
self.fields["usual_office_days"].label = ""
diff --git a/src/peoplefinder/services/person.py b/src/peoplefinder/services/person.py
index e9f413615..752b98465 100644
--- a/src/peoplefinder/services/person.py
+++ b/src/peoplefinder/services/person.py
@@ -12,7 +12,7 @@
from django.http import HttpRequest
from django.shortcuts import reverse
from django.utils import timezone
-from django.utils.html import strip_tags
+from django.utils.html import escape, strip_tags
from django.utils.safestring import mark_safe
from notifications_python_client.notifications import NotificationsAPIClient
@@ -551,6 +551,8 @@ def get_profile_section_values(
field_value = getattr(person, field_name)
if isinstance(field_value, str):
+ # escaping field_value before using mark_safe -> https://docs.djangoproject.com/en/dev/releases/4.2.17/#django-4-2-17-release-notes
+ field_value = escape(field_value)
# Replace newlines with "
".
field_value = mark_safe( # noqa: S308
strip_tags(field_value).replace("\n", "
")