minor: use django.conf.settings over dojo.settings everywhere

[fopina]

Description

I was having issues when setting DJANGO_MODULE_SETTINGS to a custom module and noticed dojo.settings was imported directly in some places

• wsgi.py
  • I can't find anything using this file (only dojo/wsgi.py)
  • typical django project does not have it either - only mainapp/wsgi.py and it is currently here
  • deleted
• dojo/location/models.py - setting read from dojo.settings instead of django.conf.settings
  • replaced use with django.conf.settings
  • also moved to app.ready() to avoid triggering LazySettings evaluation at model import time
• widgets.py - also replace dojo.settings direct use

[dryrunsecurity]

🔴 Risk threshold exceeded.

This pull request modifies sensitive files (dojo/apps.py and dojo/reports/widgets.py); the scanner flagged these as configured codepath edits and notes that sensitive paths and allowed authors can be set in .dryrunsecurity.yaml. These findings are marked with a failing risk threshold but are non-blocking.

🔴 Configured Codepaths Edit in dojo/apps.py (drs_102055b1)

Vulnerability	Configured Codepaths Edit
Description	Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.

🔴 Configured Codepaths Edit in dojo/reports/widgets.py (drs_3a61a761)

Vulnerability	Configured Codepaths Edit
Description	Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.

We've notified @mtesauro.

---

All finding details can be found in the DryRun Security Dashboard.

[valentijnscholten]

Let's verify it doesn't break Pro.

[valentijnscholten]

https://github.com/DefectDojo-Inc/dojo-pro/actions/runs/22684307629