Bump django-cors-headers from 2.5.3 to 3.2.1 in /calyx/src

[dependabot-preview]

Bumps django-cors-headers from 2.5.3 to 3.2.1.

Changelog

Sourced from django-cors-headers's changelog.

3.2.1 (2020-01-04)

• Update LICENSE file to Unix line endings, fixing issues with license checker pip-licenses ([Issue #477](adamchainz/django-cors-headers#477)).

3.2.0 (2019-11-15)

• Converted setuptools metadata to configuration file. This meant removing the __version__ attribute from the package. If you want to inspect the installed version, use importlib.metadata.version("django-cors-headers") (docs / backport).
• Support Python 3.8.

3.1.1 (2019-09-30)

• Support the value file:// for origins, which is accidentally sent by some versions of Chrome on Android.

3.1.0 (2019-08-13)

• Drop Python 2 support, only Python 3.5-3.7 is supported now.
• Fix all links for move from github.com/ottoyiu/django-cors-headers to github.com/adamchainz/django-cors-headers.

3.0.2 (2019-05-28)

• Add a hint to the corsheaders.E013 check to make it more obvious how to resolve it.

3.0.1 (2019-05-13)

• Allow 'null' in CORS_ORIGIN_WHITELIST check.

3.0.0 (2019-05-10)

• CORS_ORIGIN_WHITELIST now requires URI schemes, and optionally ports. This is part of the CORS specification (Section 3.2) that was not implemented in this library, except from with the CORS_ORIGIN_REGEX_WHITELIST setting. It fixes a security issue where the CORS middleware would allow requests between schemes, for example from insecure http:// Origins to a secure https:// site.

  You will need to update your whitelist to include schemes, for example from this:

  CORS_ORIGIN_WHITELIST = ['example.com']
  

  ...to this:

  CORS_ORIGIN_WHITELIST = ['https://example.com']
  

• Removed the CORS_MODEL setting, and associated class. It seems very few, or no users were using it, since there were no bug reports since its move to abstract in version 2.0.0 (2017-01-07). If you are using this functionality, you can continue by changing your model to not inherit from the abstract one, and add a signal handler for check_request_enabled that reads from your model. Note you'll need to handle the move to include schemes for Origins.

... (truncated)

Commits

• 45f3982 Version 3.2.1
• 05dd7d2 Update LICENSE year to 2020 (#476)
• fd2063d Remove runtests.py (#474)
• 0452e55 Upgrade requirements (#473)
• c6d17c8 Upgrade requirements (#471)
• e44766d Small readability improvement (#468)
• b697a5d Restore Black on code checks (#467)
• 2a56a28 Upgrade requirements (#466)
• 5071f37 Version 3.2.0
• 6eba1e2 Test Django 2.2 on Python 3.8 (#465)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)