Chore(deps): Bump the django-dependencies group with 2 updates

[dependabot]

Bumps the django-dependencies group with 2 updates: django and django-debug-toolbar.

Updates django from 5.1.4 to 5.1.5

Commits

• 3d3d7f5 [5.1.x] Bumped version for 5.1.5 release.
• 4806731 [5.1.x] Fixed CVE-2024-56374 -- Mitigated potential DoS in IPv6 validation.
• d6749de [5.1.x] Made cosmetic edits to 5.1.5 release notes.
• b325864 [5.1.x] Fixed #36077 -- Corrected docs on pk value where Model.save() execute...
• 8d81c47 [5.1.x] Fixed #35999 -- Removed #django IRC channel references where appropri...
• 6b9d5ac [5.1.x] Strengthened wording on supported Python versions in FAQ.
• 0966cc7 [5.1.x] Added stub release notes and release date for 5.1.5, 5.0.11, and 4.2.18.
• 638547b [5.1.x] Fixed typo in tutorial 5.
• 2ee6ca6 [5.1.x] Fixed #34856 -- Fixed references to index_together in historical migr...
• 85c3550 [5.1.x] Refs #27236 -- Removed references to index_together from ModelState.f...
• Additional commits viewable in compare view

Updates django-debug-toolbar from 4.4.6 to 5.0.1

Release notes

Sourced from django-debug-toolbar's releases.

5.0.1

What's Changed

There were no functional changes in this version.

PRs

• Update release workflows to latest trusted publisher GHA. by @​tim-schilling in django-commons/django-debug-toolbar#2054

Full Changelog: django-commons/django-debug-toolbar@5.0.0...5.0.1

5.0.0

What's Changed

Please note that Django Debug Toolbar has now moved into the Django Commons organization.

Changelog

• Added Python 3.13 to the CI matrix.
• Removed support for Python 3.8 as it has reached end of life.
• Converted to Django Commons PyPI release process.
• Fixed a crash which occurred when using non-str static file values.
• Documented experimental async support.
• Improved troubleshooting doc for incorrect mime types for .js static files
• Support async applications and ASGI from Google Summer of Code Project 2024 <https://summerofcode.withgoogle.com/programs/2024/projects/iXVvyGYp>__.
• Added Django 5.1 to the CI matrix.
• Added support for the LoginRequiredMiddleware introduced in Django 5.1.
• Support select and explain buttons for UNION queries on PostgreSQL.
• Fixed internal toolbar requests being instrumented if the Django setting FORCE_SCRIPT_NAME was set.
• Increase opacity of show Debug Toolbar handle to improve accessibility.
• Changed the RedirectsPanel to be async compatible.
• Increased the contrast of text with dark mode enabled.
• Add translations for Bulgarian and Korean.
• Update translations for several languages.
• Include new translatable strings for translation.
• Fixed a crash which happened in the fallback case when session keys cannot be sorted.

PRs

• Async compatible debug-toolbar middleware by @​salty-ivy in django-commons/django-debug-toolbar#1938
• Add async tests by @​salomvary in django-commons/django-debug-toolbar#1835
• Update installation.rst by @​Dr-Bernard in django-commons/django-debug-toolbar#1967
• Make toolbar compatible with FORCE_SCRIPT_NAME by @​dmartin in django-commons/django-debug-toolbar#1970
• Support select and explain for UNION queries by @​friedelwolff in django-commons/django-debug-toolbar#1972
• Override DEBUG=True in async middleware compatibility tests by @​salty-ivy in django-commons/django-debug-toolbar#1977
• Quick hack for including csp_nonces from requests into script tags by @​karolyi in django-commons/django-debug-toolbar#1975

... (truncated)

Changelog

Sourced from django-debug-toolbar's changelog.

5.0.1 (2025-01-13)

• Fixing the build and release process. No functional changes.

5.0.0 (2025-01-11)

• Added Python 3.13 to the CI matrix.
• Removed support for Python 3.8 as it has reached end of life.
• Converted to Django Commons PyPI release process.
• Fixed a crash which occurred when using non-str static file values.
• Documented experimental async support.
• Improved troubleshooting doc for incorrect mime types for .js static files

Please see everything under 5.0.0-alpha as well.

5.0.0-alpha (2024-09-01)

• Support async applications and ASGI from Google Summer of Code Project 2024 <https://summerofcode.withgoogle.com/programs/2024/projects/iXVvyGYp>__.
• Added Django 5.1 to the CI matrix.
• Added support for the LoginRequiredMiddleware introduced in Django 5.1.
• Support select and explain buttons for UNION queries on PostgreSQL.
• Fixed internal toolbar requests being instrumented if the Django setting FORCE_SCRIPT_NAME was set.
• Increase opacity of show Debug Toolbar handle to improve accessibility.
• Changed the RedirectsPanel to be async compatible.
• Increased the contrast of text with dark mode enabled.
• Add translations for Bulgarian and Korean.
• Update translations for several languages.
• Include new translatable strings for translation.
• Fixed a crash which happened in the fallback case when session keys cannot be sorted.

Commits

• 345b760 Reverting back to tags GHA trigger.
• b6ae021 Version 5.0.1
• 8d365cd Remove unnecessary trigger for releasing new versions.
• 5620e0e Correct the trusted publisher release GHA version.
• 43d56b8 Support pushing to test pypi on every push.
• f0c61d4 Update release workflows to latest trusted publisher GHA.
• 0e55ae7 Version 5.0.0
• d7fb357 [pre-commit.ci] pre-commit autoupdate
• 4ab012d Updated Troubleshooting documentation: simpler mimetype workaround for .js fi...
• cda70d3 Documented experimental async support.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions