From 543401009f84b69b511672cd8e2c1a6a260dd90d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 5 Feb 2026 11:46:39 +0000
Subject: [PATCH 1/2] fix: requirements/production.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335
---
 requirements/production.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements/production.txt b/requirements/production.txt
index e73ec4bd..49bf7aba 100644
--- a/requirements/production.txt
+++ b/requirements/production.txt
@@ -16,4 +16,5 @@ django-anymail  # https://github.com/anymail/django-anymail
 
 # Elastic-APM  # https://pypi.org/project/elastic-apm/
 # ------------------------------------------------------------------------------
-elastic-apm==6.15.1
\ No newline at end of file
+elastic-apm==6.15.1
+django>=4.2.28 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file

From 0370b7f1aac5e7600b79a642e3899a15eb88391c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 6 Feb 2026 02:55:39 +0000
Subject: [PATCH 2/2] fix: requirements/production.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335