[all|requirements|stable] update django 1.x to 1.11.20

Dirk Müller dirk at dmllr.de
Tue May 7 21:02:57 UTC 2019


a number of security issues have been fixed for django 1.11.x which is
still used by
horizon for python 2.x and also optionally for python 3.x.

The horizon gate jobs are already using that version:


as they install django without using constraints.txt . Any objections
to updating
the global requirements constraints to match that?

Reviewing the django fixes on the 1.11.x closely only shows security and data
corruption bugfixes, so it should be pretty good on the risk/benefit trade-off.


More information about the openstack-discuss mailing list