chore(deps): update dependency django to v6.0.3 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
django (changelog)	==6.0.2 → ==6.0.3

GitHub Vulnerability Alerts

CVE-2026-25673

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29.

URLField.to_python() in Django calls urllib.parse.urlsplit(), which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial of service via large URL inputs containing these characters.

Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Seokchan Yoon for reporting this issue.

CVE-2026-25674

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29.

Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's temporary umask change affects other threads in multi-threaded environments.

Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Tarek Nakkouch for reporting this issue.

---

Release Notes

django/django (django)

v6.0.3

Compare Source

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Test results for commit fbceb4b

Test coverage for fbceb4b

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py      54      9      2      1    82%   72-78, 99-101, 114-116
src/state.py      85      1     16      1    98%   204
----------------------------------------------------------
TOTAL            139     10     18      2    92%

Static code analysis report

Run started:2026-03-30 20:08:01.419845+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 975
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

[github-actions]

Test results for commit fbceb4b

Test coverage for fbceb4b

Name            Stmts   Miss Branch BrPart  Cover   Missing
-----------------------------------------------------------
src/charm.py      140     31     36     14    73%   103-106, 111-112, 116, 123-125, 130->136, 135, 138, 149-150, 152, 154->160, 159, 165-166, 173-176, 209-210, 231, 237, 240, 255-278
src/policy.py      98     68     20      0    25%   24-26, 31, 40-44, 55, 72-76, 89-103, 133-134, 142, 175-196, 219-238, 249-257, 265-271, 279-284, 295-298
src/relay.py      142      8     46      2    95%   155->178, 252-268, 398-401
src/timer.py       11      4      0      0    64%   48-61
-----------------------------------------------------------
TOTAL             391    111    102     16    70%

Static code analysis report

Run started:2026-03-30 20:08:30.370930+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 1810
  Total lines skipped (#nosec): 6
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 1

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

[github-actions]

Test results for commit fbceb4b

Test coverage for fbceb4b

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py     176     36     38      8    78%   67-69, 76-77, 81, 94, 97-98, 128, 170-200, 213->228, 221-227, 353-367
src/squid.py     110      6     34      5    92%   65, 75, 175, 264, 313, 322, 344->351, 346->348
----------------------------------------------------------
TOTAL            286     42     72     13    84%

Static code analysis report

Run started:2026-03-30 20:08:33.019559+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 2243
  Total lines skipped (#nosec): 1
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 1

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):