Skip to content

Bump django-allauth from 0.50.0 to 0.52.0 [LBC-287]#441

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/django-allauth-0.52.0
Open

Bump django-allauth from 0.50.0 to 0.52.0 [LBC-287]#441
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/django-allauth-0.52.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 9, 2023
edited
Loading

Bumps django-allauth from 0.50.0 to 0.52.0.

Changelog

Sourced from django-allauth's changelog.

0.52.0 (2022-12-29)

Note worthy changes

  • Officially support Django 4.1.

  • New providers: OpenID Connect, Twitter (OAuth2), Wahoo, DingTalk.

  • Introduced a new provider setting OAUTH_PKCE_ENABLED that enables the PKCE-enhanced Authorization Code Flow for OAuth 2.0 providers.

  • When ACCOUNT_PREVENT_ENUMERATION is turned on, enumeration is now also prevented during signup, provided you are using mandatory email verification. There is a new email template (templates/account/email/acccount_already_exists_message.txt) that will be used in this scenario.

  • Updated URLs of Google's endpoints to the latest version; removed a redundant userinfo call.

  • Fixed Pinterest provider on new api version.

0.51.0 (2022-06-07)

Note worthy changes

  • New providers: Snapchat, Hubspot, Pocket, Clever.

Security notice

The reset password form is protected by rate limits. There is a limit per IP, and per email. In previous versions, the latter rate limit could be bypassed by changing the casing of the email address. Note that in that case, the former rate limit would still kick in.

Commits
  • 18d9413 chore: Preparing release 0.52.0
  • fc3163e chore(pinterest): black
  • f0dc74d chore(pinterest): PINTEREST_VERSION -> API_VERSION
  • c16d8d1 docs(pinterest): 📝 update changelog for pinterest
  • 2443c54 fix(pinterest): 🐛 make v3 get user info work well, and update the docs
  • 27f7f1c fix(google): enable needed id_token verification
  • e6c5a04 feat(google): drop a redundant userinfo call
  • fe1d55c feat(google): update URLs
  • 0bfc710 chore(templates): Add mobile-first meta tags
  • 911b072 feat(pinterest): Support API v3/v5
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 9, 2023
@janbaykara janbaykara changed the title Bump django-allauth from 0.50.0 to 0.52.0 Bump django-allauth from 0.50.0 to 0.52.0 [LBC-287] Jan 9, 2023
@dependabot dependabot bot mentioned this pull request Jan 9, 2023
Closed
@linear
Copy link

linear bot commented Jan 9, 2023

LBC-287 "Bump django-allauth from 0.50.0 to 0.52.0" (commonknowledge/leftbookclub #441)

Bumps django-allauth from 0.50.0 to 0.52.0.

Changelog

Sourced from django-allauth's changelog.

0.52.0 (2022-12-29)

Note worthy changes

  • Officially support Django 4.1.

  • New providers: OpenID Connect, Twitter (OAuth2), Wahoo, DingTalk.

  • Introduced a new provider setting OAUTH_PKCE_ENABLED that enables the PKCE-enhanced Authorization Code Flow for OAuth 2.0 providers.

  • When ACCOUNT_PREVENT_ENUMERATION is turned on, enumeration is now also prevented during signup, provided you are using mandatory email verification. There is a new email template (templates/account/email/acccount_already_exists_message.txt) that will be used in this scenario.

  • Updated URLs of Google's endpoints to the latest version; removed a redundant userinfo call.

  • Fixed Pinterest provider on new api version.

0.51.0 (2022-06-07)

Note worthy changes

  • New providers: Snapchat, Hubspot, Pocket, Clever.

Security notice

The reset password form is protected by rate limits. There is a limit per IP, and per email. In previous versions, the latter rate limit could be bypassed by changing the casing of the email address. Note that in that case, the former rate limit would still kick in.

Commits
  • 18d9413 chore: Preparing release 0.52.0
  • fc3163e chore(pinterest): black
  • f0dc74d chore(pinterest): PINTEREST_VERSION -> API_VERSION
  • c16d8d1 docs(pinterest): 📝 update changelog for pinterest
  • 2443c54 fix(pinterest): 🐛 make v3 get user info work well, and update the docs
  • 27f7f1c fix(google): enable needed id_token verification
  • e6c5a04 feat(google): drop a redundant userinfo call
  • fe1d55c feat(google): update URLs
  • 0bfc710 chore(templates): Add mobile-first meta tags
  • 911b072 feat(pinterest): Support API v3/v5
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

commonknowledge/leftbookclub #441 by @dependabot[bot] on GitHub

via LinearSync

@dependabot
Bump django-allauth from 0.50.0 to 0.52.0
dcd3b2e 
Bumps [django-allauth](https://github.com/pennersr/django-allauth) from 0.50.0 to 0.52.0.
- [Release notes](https://github.com/pennersr/django-allauth/releases)
- [Changelog](https://github.com/pennersr/django-allauth/blob/master/ChangeLog.rst)
- [Commits](pennersr/django-allauth@0.50.0...0.52.0)

---
updated-dependencies:
- dependency-name: django-allauth
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/django-allauth-0.52.0 branch from cbb89ce to dcd3b2e Compare February 2, 2023 10:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants