From 6cf0c3c08db3f790e8a9e5ddee9a7e50e9f36d3d Mon Sep 17 00:00:00 2001
From: Klaas van Schelven <klaas@vanschelven.com>
Date: Wed, 7 Jan 2026 17:59:17 +0100
Subject: [PATCH] Dependabot: don't upgrade verbose_csrf_middleware

---
 .github/dependabot.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index d71a39a..e56e3cc 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -15,6 +15,11 @@ updates:
       versions:
       - ">=6.0"
 
+    # As per Django; for each django version we match the verbose_csrf_middleware
+    - dependency-name: "verbose_csrf_middleware"
+      versions:
+      - ">=6.0"
+
     # 8.7.2. is the last version to support ProcessState (i.e. minidump parsing) which we need
     - dependency-name: "symbolic"
       versions: