Bump django-filter from 2.2.0 to 22.1

[dependabot]

Bumps django-filter from 2.2.0 to 22.1.

Release notes

Sourced from django-filter's releases.

21.1

No release notes provided.

Version 2.4.0

• SECURITY: Added a MaxValueValidator to the form field for NumberFilter. This prevents a potential DoS attack if numbers with very large exponents were subsequently converted to integers.

  The default limit value for the validator is 1e50.

  The new NumberFilter.get_max_validator() allows customising the used validator, and may return None to disable the validation entirely.

• Added testing against Django 3.1 and Python 3.9.

  In addition tests against Django main development branch are now required to pass.

Version 2.3.0

https://github.com/carltongibson/django-filter/blob/master/CHANGES.rst#version-230-2020-6-5

Changelog

Sourced from django-filter's changelog.

Version 22.1 (2022-6-17)

• Update supported Python and Django versions: minimal Python is now 3.7, minimum Django is now 3.2.

• Added testing for Python 3.10 and Django 4.1.

• Removed outdated deprecated warnings for code removed in version 2.1.

• The code base is now formatted with Black.

Version 21.1 (2021-9-24)

This is a maintenance release updating CI testing for the latest non-end-of-life versions of Python and Django, and updating package metadata accordingly.

With this release django-filter is switching to a two-part CalVer versioning scheme, such as 21.1. The first number is the year. The second is the release number within that year.

On an on-going basis, Django-Filter aims to support all current Django versions, the matching current Python versions, and the latest version of Django REST Framework.

Please see:

• Status of supported Python branches <https://devguide.python.org/#status-of-python-branches>_
• List of supported Django versions <https://www.djangoproject.com/download/#support-versions>_

Support for Python and Django versions will be dropped when they reach end-of-life. Support for Python versions will dropped when they reach end-of-life, even when still supported by a current version of Django.

Other breaking changes are rare. Where required, every effort will be made to apply a "Year plus two" deprecation period. For example, a change initially introduced in 23.x would offer a fallback where feasible and finally be removed in 25.1. Where fallbacks are not feasible, breaking changes without deprecation will be called out in the release notes.

Beyond that change, there are few changes. Some small bugfixes, improvements to localisation, and documentation tweaks. Thanks to all who were involved.

Version 2.4.0 (2020-9-27)

• SECURITY: Added a MaxValueValidator to the form field for

... (truncated)

Commits

• 2c81768 Updated isort config to use black profile.
• 6d02135 Renamed branch in GHA workflow.
• 9f188ff Added Black usage to change notes.
• f4866a9 Applied Black.
• ab35490 Updated version and change notes for 22.1 release.
• f532ca1 Removed duplicate Python version specifier.
• e2f560f Install package when building docs.
• 057eaee Added RTD config.
• b972fc7 Updated change notes.
• cd994e0 Updated copyright in docs.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)