Pin Django to 3.2.20 to remediate ReDoS CVE-2023-36053

[AnupDasT]

PR Title: Pin Django to 3.2.20 to remediate ReDoS CVE-2023-36053

Summary

• What: Update Django requirement to 3.2.20 and include supporting artifacts (smoke test, patch, docs).
• Why: Addresses ReDoS vulnerability CVE-2023-36053 and related Email/URL validator issues reported by dependency scans.
• Scope: Dependency pin only — no runtime code changes.

Changes

• Updated requirements.txt to Django==3.2.20.
• Added patches/fix-django-3.2.20.patch.
• Added scripts/smoke_check_django.py to validate installed Django version.
• Included supporting docs and scan outputs: docs/pr_django_bump.md, docs/issues/django-bump-issue.md, docs/remediation_plan.md, safety_results.json, bandit_results.json, bandit_core_results.json, requirements_clean.txt, requirements_audit_min.txt, and tools/parse_safety.py.

Verification

• Create and activate a venv, install deps, run the smoke check:

python -m venv .venv
.\.venv\Scripts\Activate.ps1
pip install -r requirements.txt
python scripts/smoke_check_django.py

• Expected: smoke script exits cleanly and confirms Django version is 3.2.20.

Security Context & References

• CVE: CVE-2023-36053 — ReDoS in Django validators (Email/URL)
• Mitigation: Upgrade to Django 3.2.20 which contains the upstream fixes.
• Evidence: see safety_results.json and patches/fix-django-3.2.20.patch.

Notes

• This PR is intentionally minimal to allow quick review and merge. Follow-up PRs should bump other high-risk packages per docs/remediation_plan.md and run CI.

Compare URL

• https://github.com/AIxBlock-2023/awesome-ai-dev-platform-opensource/compare/main...AnupDasT:fix/django-3.2.20?expand=1