Bump wagtail from 7.3 to 7.3.1

[dependabot]

Bumps wagtail from 7.3 to 7.3.1.

Release notes

Sourced from wagtail's releases.

7.3.1

• Fix: CVE-2026-28222: Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes (Guan Chenxian, Matt Westcott)
• Fix: CVE-2026-28223: Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface (Guan Chenxian, Matt Westcott)
• Fix: Update dependencies to allow django-modelsearch 1.2 and django-tasks 0.11
• Fix: Fix duplicate inline panel items when editing snippets with autosave enabled (Sage Abdullah)
• Fix: Prevent dropdowns from closing after a successful autosave (Sage Abdullah)
• Fix: Show placeholder image icons when image upload previews fail (Collins Kubu)
• Fix: Ensure that 'create' form within choosers is not hidden on validation errors (Ankit Chaudhary)
• Maintenance: Update semgrep to 1.150.0 (Pravin Kamble)

Changelog

Sourced from wagtail's changelog.

7.3.1 (03.03.2026)

 * Fix: CVE-2026-28222: Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes (Guan Chenxian, Matt Westcott)
 * Fix: CVE-2026-28223: Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface (Guan Chenxian, Matt Westcott)
 * Fix: Update dependencies to allow django-modelsearch 1.2 and django-tasks 0.11
 * Fix: Fix duplicate inline panel items when editing snippets with autosave enabled (Sage Abdullah)
 * Fix: Prevent dropdowns from closing after a successful autosave (Sage Abdullah)
 * Fix: Show placeholder image icons when image upload previews fail (Collins Kubu)
 * Fix: Ensure that 'create' form within choosers is not hidden on validation errors (Ankit Chaudhary)
 * Maintenance: Update semgrep to 1.150.0 (Pravin Kamble)

Commits

• 136e2f6 Release note for updating semgrep to 1.150.0 in 7.2.3
• 21177fe Version bump to 7.3.1 final
• 06750d4 Release note for CVE-2026-28223 in 7.3.1
• 1b971d0 Release note for CVE-2026-28223 in 7.2.3
• 3aada71 Release note for CVE-2026-28223 in 7.0.6
• 804ed3b Release note for CVE-2026-28223 in 6.3.8
• ba70244 Enforce HTML escaping of all confirmation / warning / error messages
• 423934e Release note for CVE-2026-28222 in 7.3.1
• a2db131 Release note for CVE-2026-28222 in 7.2.3
• 16bbf26 Release note for CVE-2026-28222 in 7.0.6
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)