Fix remaining Dependabot security alerts (#2804)
## Summary - **Rails example**: Upgrade Rails 7.1.6 → 7.2.3.1 to fix 8 alerts: activestorage path traversal/glob injection/DoS/content type bypass, activesupport ReDoS/DoS/XSS, and actionview XSS - **Django example**: Update sqlparse 0.5.3 → 0.5.4 (DoS via formatting list of tuples) - **Drupal example**: Update psysh v0.12.15 → v0.12.19 (local privilege escalation via CWD .psysh.php auto-load) ## Test plan - [x] Verify `go build ./...` still passes (no Go changes) - [ ] Confirm Dependabot alerts are resolved after merge 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
M
Mike Landau committed
d6bd8d548af94058e178751b27ac943e0e934fbd
Parent: 27a1502
Committed by GitHub <noreply@github.com>
on 3/25/2026, 7:33:48 PM