From a0f0fdf4d4c8b78cdb6c3f238ed1472461dcc1b4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 10 Jan 2024 11:30:21 +0000
Subject: Bump authlib from 1.2.1 to 1.3.0 (#16801)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [authlib](https://github.com/lepture/authlib) from 1.2.1 to 1.3.0.
Release notes
Sourced from authlib's
releases.
Version 1.3.0
Bug fixes
Breaking changes
Changelog
Sourced from authlib's
changelog.
Version 1.3.0
Released on Dec 17, 2023
- Restore
AuthorizationServer.create_authorization_response
behavior,
via :PR:558
- Include
leeway
in validate_iat()
for JWT,
via :PR:565
- Fix
encode_client_secret_basic
, via
:PR:594
- Use single key in JWK if JWS does not specify
kid
, via
:PR:596
- Fix error when RFC9068 JWS has no scope field, via
:PR:
598
- Get werkzeug version using importlib, via :PR:
591
New features:
- RFC9068 implementation, via :PR:
586
, by @azmeuk
.
Breaking changes:
- End support for python 3.7
Commits
a7d68b4
chore: release 1.3.0
a26f1d0
Merge GitHub action for release
2d66702
Merge pull request #591
from Sparrow0hawk/patch-2
0f8e087
docs: add changelog for 1.3.0
3ffc950
chore: fix pypi release action
a2543b9
chore: add pypi github action
c7e1b2d
chore: move configuration from setup.cfg to pyproject.toml
04e83f6
Merge pull request #598
from tanguilp/fix-rfc9068-no-scope-in-jws
092f688
Fix error when RFC9068 JWS has no scope field
ac58322
Get werkzeug version using importlib
- Additional commits viewable in compare
view
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=authlib&package-manager=pip&previous-version=1.2.1&new-version=1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
poetry.lock | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/poetry.lock b/poetry.lock
index b3e046b52d..1b5ed91d5e 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -64,17 +64,17 @@ tests-no-zope = ["cloudpickle", "hypothesis", "mypy (>=1.1.1)", "pympler", "pyte
[[package]]
name = "authlib"
-version = "1.2.1"
+version = "1.3.0"
description = "The ultimate Python library in building OAuth and OpenID Connect servers and clients."
optional = true
-python-versions = "*"
+python-versions = ">=3.8"
files = [
- {file = "Authlib-1.2.1-py2.py3-none-any.whl", hash = "sha256:c88984ea00149a90e3537c964327da930779afa4564e354edfd98410bea01911"},
- {file = "Authlib-1.2.1.tar.gz", hash = "sha256:421f7c6b468d907ca2d9afede256f068f87e34d23dd221c07d13d4c234726afb"},
+ {file = "Authlib-1.3.0-py2.py3-none-any.whl", hash = "sha256:9637e4de1fb498310a56900b3e2043a206b03cb11c05422014b0302cbc814be3"},
+ {file = "Authlib-1.3.0.tar.gz", hash = "sha256:959ea62a5b7b5123c5059758296122b57cd2585ae2ed1c0622c21b371ffdae06"},
]
[package.dependencies]
-cryptography = ">=3.2"
+cryptography = "*"
[[package]]
name = "automat"
--
cgit 1.4.1