Skip to content

github actions on django 4.2 and 5.2 #377

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nossila merged 1 commit into from
Jan 27, 2026
Merged

github actions on django 4.2 and 5.2 #377

nossila merged 1 commit into from
Jan 27, 2026

Conversation

@nossila
Copy link
Member

@nossila nossila commented Jan 27, 2026
edited by coderabbitai bot
Loading

This PR updates the GitHub Actions workflow to test against Django minor versions (4.2 and 5.2) instead of specific patch versions (4.2.15 and 5.2.1), ensuring tests always run against the latest patch releases. The PR also adds an ignore flag for a new CVE vulnerability in protobuf.

Changes:

  • Updated Django version matrix from specific patch versions to minor versions using "~=" compatibility operator
  • Modified conditional checks from exact version matching to prefix matching using startsWith()
  • Added GHSA-7gcm-g887-7qv7 to the list of ignored vulnerabilities in pip-audit

Summary by CodeRabbit

  • Chores
    • Updated GitHub Actions workflow configuration to optimize testing processes and vulnerability scanning procedures.

✏️ Tip: You can customize this high-level summary in your review settings.

@nossila
github actions on django 4.2 and 5.2
1bb3cb3 
this way we will be installing the latest patch version always
Also ignoring CVE-2026-0994 since there is no fix yet
Copilot AI review requested due to automatic review settings January 27, 2026 00:32
@coderabbitai
Copy link

coderabbitai bot commented Jan 27, 2026
edited
Loading

Walkthrough

The pull request simplifies Django version matrix identifiers in a GitHub Actions workflow from explicit versions to shortened format (e.g., "4.2", "5.2"), and refactors version-matching logic to use startsWith() pattern instead of exact equality checks. Additionally, pip-audit configuration is updated with expanded ignore comments and new CVE entries.

Changes

Cohort / File(s) Summary
GitHub Actions Workflow Configuration
.github/workflows/github-actions.yml		 Django matrix versions simplified from explicit patch versions to major-minor identifiers; version condition checks refactored from equality (==) to prefix matching (startsWith()); pip-audit step updated to skip editable installs and ignore two CVEs (CVE-2025-61783, CVE-2026-0994) with added explanatory comments; coverage upload condition aligned with new version pattern.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Matrix versions trimmed so clean,
From patch-specific to lean,
startsWith() hops through the flow,
CVEs acknowledged, we all know—
Workflows hop lighter, faster they go! ✨

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: updating GitHub Actions to test against Django 4.2 and 5.2 versions instead of specific patch versions.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI reviewed Jan 27, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the GitHub Actions workflow to test against Django minor versions (4.2 and 5.2) instead of specific patch versions (4.2.15 and 5.2.1), ensuring tests always run against the latest patch releases. The PR also adds an ignore flag for a new CVE vulnerability in protobuf.

Changes:

  • Updated Django version matrix from specific patch versions to minor versions using "~=" compatibility operator
  • Modified conditional checks from exact version matching to prefix matching using startsWith()
  • Added CVE-2026-0994 to the list of ignored vulnerabilities in pip-audit

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@nossila nossila merged commit 8837113 into master Jan 27, 2026
16 checks passed
@nossila nossila deleted the hotfix/improve-github-actions-django-matrix branch January 27, 2026 11:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Hercilio1 Hercilio1 Awaiting requested review from Hercilio1 Hercilio1 is a code owner

@vitorguima vitorguima Awaiting requested review from vitorguima vitorguima is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nossila