build(deps): Bump django from 5.2.6 to 6.0.3

[dependabot]

Bumps django from 5.2.6 to 6.0.3.

Commits

• a0d3bdb [6.0.x] Bumped version for 6.0.3 release.
• 264d5c7 [6.0.x] Fixed CVE-2026-25674 -- Prevented potentially incorrect permissions o...
• b1444d9 [6.0.x] Fixed CVE-2026-25673 -- Simplified URLField scheme detection.
• 1b22d53 [6.0.x] Fixed #36961 -- Fixed TypeError in deprecation warnings if Django is ...
• 27ed90a [6.0.x] Ensured spelling checks pass OK.
• 659bacf [6.0.x] Aligned docs checks between GitHub Actions and local development.
• e65c412 [6.0.x] Adjusted default DoS severity level in Security Policy.
• 5b70253 [6.0.x] Fixed #36848 -- Mentioned BadRequest exception in docs/ref/views.txt.
• 3a04b22 [6.0.x] Fixed #36951 -- Removed empty exc_info from log_task_finished signal ...
• d112203 [6.0.x] Fixed #36944 -- Removed MAX_LENGTH_HTML and related 5M chars limit re...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

@dependabot merge

[codacy-production]

Codacy's Analysis Summary

0 new issue (≤ 1 medium issue)
0 new security issue (≤ 0 issue)
0 complexity
0 duplications
More details

✨ AI Reviewer: first review requested successfully. As new changes are pushed, run a review below.
_{AI can make mistakes. Always validate suggestions.}

 
  Run Reviewer ▶︎  
 

[codacy-production]

Pull Request Overview

This PR upgrades Django to version 6.0.3, which includes critical security fixes for CVE-2026-25674 and CVE-2026-25673. However, the transition from 5.x to 6.x is a major release that removes previously deprecated features. This upgrade carries a high risk of runtime failures if the codebase has not been audited for compatibility with the Django 6.0 release specifications.

About this PR

• The PR description correctly identifies the dependency bump and security fixes but lacks context regarding the verification steps performed. For major framework upgrades, including a summary of test results or a note on migration compatibility is recommended to ensure stability.

---

🗒️ Improve review quality by adding custom instructions

[codacy-production]

_{🟡 MEDIUM RISK}

Suggestion: The upgrade from Django 5.2.6 to 6.0.3 is a major version jump. Django's release policy dictates that major versions remove APIs that were deprecated in the preceding minor releases. Any remaining usage of these features will lead to runtime exceptions in middleware, templates, or model definitions.

Recommendation: Execute the full automated test suite and utilize python manage.py check to identify immediate system-level incompatibilities.

Try running the following prompt in your IDE agent:

Review the codebase for any Django APIs or settings deprecated in the 5.x series and suggest the necessary updates for Django 6.0 compatibility.