Update oauth2 requirement from ~> 1.4 to >= 1.4, < 3.0 #4

dependabot · 2022-06-22T06:12:48Z

Updates the requirements on oauth2 to permit the latest version.

Changelog

[2.0.0] - 2022-06-21

Added

#158, #344 - Optionally pass raw response to parsers (@niels)

#190, #332, #334, #335, #360, #426, #427, #461 - Documentation (@josephpage, @pboling, @meganemura, @joshRpowell, @elliotcm)

#220 - Support IETF rfc7523 JWT Bearer Tokens Draft 04+ (@jhmoore)

#298 - Set the response object on the access token on Client#get_token for debugging (@cpetschnig)

#305 - Option: OAuth2::Client#get_token - :access_token_class (AccessToken); user specified class to use for all calls to get_token (@styd)

#346 - Modern gem structure (@pboling)

#351 - Support Jruby 9k (@pboling)

#362 - Support SemVer release version scheme (@pboling)

#363 - New method OAuth2::AccessToken#refresh! same as old refresh, with backwards compatibility alias (@pboling)

#364 - Support application/hal+json format (@pboling)

#365 - Support application/vnd.collection+json format (@pboling)

#376 - Documentation: Example / Test for Google 2-legged JWT (@jhmoore)

#381 - Spec for extra header params on client credentials (@nikz)

#394 - Option: OAuth2::AccessToken#initialize - :expires_latency (nil); number of seconds by which AccessToken validity will be reduced to offset latency (@klippx)

#412 - Support application/vdn.api+json format (from jsonapi.org) (@david-christensen)

#413 - Documentation: License scan and report (@meganemura)

#442 - Option: OAuth2::Client#initialize - :logger (::Logger.new($stdout)) logger to use when OAUTH_DEBUG is enabled (for parity with 1-4-stable branch) (@rthbound)

#494 - Support OIDC 1.0 Private Key JWT; based on the OAuth JWT assertion specification (RFC 7523) (@SteveyblamWork)

#549 - Wrap Faraday::ConnectionFailed in OAuth2::ConnectionFailed (@nikkypx)

#550 - Raise error if location header not present when redirecting (@stanhu)

#552 - Add missing version.rb require (@ahorek)

#553 - Support application/problem+json format (@janz93)

#560 - Support IETF rfc6749, section 2.3.1 - don't set auth params when nil (@bouk)

#571 - Support Ruby 3.1 (@pboling)

#575 - Support IETF rfc7231, section 7.1.2 - relative location in redirect (@pboling)

#581 - Documentation: of breaking changes (@pboling)

Changed

#191 - BREAKING: Token is expired if expired_at time is now (@davestevens)

#312 - BREAKING: Set :basic_auth as default for :auth_scheme instead of :request_body. This was default behavior before 1.3.0. (@tetsuya, @wy193777)

#317 - Dependency: Upgrade jwt to 2.x.x (@travisofthenorth)

#338 - Dependency: Switch from Rack::Utils.escape to CGI.escape (@josephpage)

#339, #368, #424, #479, #493, #539, #542, #553 - CI Updates, code coverage, linting, spelling, type fixes, New VERSION constant (@pboling, @josephpage, @ahorek)

#410 - BREAKING: Removed the ability to call .error from an OAuth2::Response object (@jhmoore)

#414 - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)

#489 - BREAKING: Default value for option OAuth2::Client - :authorize_url removed leading slash to work with relative paths by default ('oauth/authorize') (@ghost)

#489 - BREAKING: Default value for option OAuth2::Client - :token_url removed leading slash to work with relative paths by default ('oauth/token') (@ghost)

#576 - BREAKING: Stop rescuing parsing errors (@pboling)

#591 - DEPRECATION: OAuth2::Client - :extract_access_token option is deprecated

Fixed

#158, #344 - Handling of errors when using omniauth-facebook (@niels)

#294 - Fix: "Unexpected middleware set" issue with Faraday when OAUTH_DEBUG=true (@spectator, @gafrom)

#300 - Documentation: Oauth2::Error - Error codes are strings, not symbols (@NobodysNightmare)

#318, #326, #343, #347, #397, #464, #561, #565 - Dependency: Support all versions of faraday (see [gemfiles/README.md][gemfiles/readme] for compatibility matrix with Ruby engines & versions) (@pboling, @raimondasv, @zacharywelch, @Fudoshiki, @ryogift, @sj26, @jdelStrother)

#322, #331, #337, #361, #371, #377, #383, #392, #395, #400, #401, #403, #415, #567 - Updated Rubocop, Rubocop plugins and improved code style (@pboling, @bquorning, @lautis, @spectator)

#328 - Documentation: Homepage URL is SSL (@amatsuda)

#339, #479 - Update testing infrastructure for all supported Rubies (@pboling and @josephpage)

#366 - Security: Fix logging to $stdout of request and response bodies via Faraday's logger and ENV["OAUTH_DEBUG"] == 'true' (@pboling)

#380 - Fix: Stop attempting to encode non-encodable objects in Oauth2::Error (@jhmoore)

... (truncated)

Commits

2313d09 Bump oauth2 to 2.0.0
9846a7d ➖ rubocop-ruby2_2 doesn't need to be a direct dependency
23c4db5 👽️ Extract version_gem library from this one
083fbac 🙈 Ignore OS output
3dba3cb 🔧 Development Versions
83b7233 🙈 Ignore tool output
c2b65fb 👷 Turn off Windows JRuby
b01a05d 👷 Make Windows non-experimental support
aa63321 👷 Do not install bundler on Windows JRuby
6b0901c 👷 Split Windows JRuby to separate build
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [oauth2](https://github.com/oauth-xx/oauth2) to permit the latest version. - [Release notes](https://github.com/oauth-xx/oauth2/releases) - [Changelog](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md) - [Commits](oauth-xx/oauth2@v1.4.0...v2.0.0) --- updated-dependencies: - dependency-name: oauth2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

CHTJonas · 2023-08-03T14:21:32Z

@dependabot rebase

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 22, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update oauth2 requirement from ~> 1.4 to >= 1.4, < 3.0 #4

Update oauth2 requirement from ~> 1.4 to >= 1.4, < 3.0 #4

dependabot bot commented on behalf of github Jun 22, 2022 •

edited

Loading

CHTJonas commented Aug 3, 2023

Update oauth2 requirement from ~> 1.4 to >= 1.4, < 3.0 #4

Are you sure you want to change the base?

Update oauth2 requirement from ~> 1.4 to >= 1.4, < 3.0 #4

Conversation

dependabot bot commented on behalf of github Jun 22, 2022 • edited Loading

[2.0.0] - 2022-06-21

Added

Changed

Fixed

CHTJonas commented Aug 3, 2023

dependabot bot commented on behalf of github Jun 22, 2022 •

edited

Loading