Bump authlib from 0.15.3 to 0.15.4 #47

dependabot · 2021-06-07T05:52:25Z

Bumps authlib from 0.15.3 to 0.15.4.

Changelog

Changelog

.. meta:: :description: The full list of changes between each Authlib release.

Here you can see the full list of changes between each Authlib release.

Version 1.0

Plan to release in Mar, 2021.

We have dropped support for Python 2 in this release. We have removed built-in SQLAlchemy integration.

OAuth Client Changes:

The whole framework client integrations have been restructured, if you are using the client properly, e.g. oauth.register(...), it would work as before.

OAuth Provider Changes:

In Flask OAuth 2.0 provider, we have removed the deprecated OAUTH2_JWT_XXX configuration, instead, developers should define .get_jwt_config on OpenID extensions and grant types.

SQLAlchemy integrations has been removed from Authlib. Developers should define the database by themselves.

JOSE Changes

JWS has been renamed to JsonWebSignature

JWE has been renamed to JsonWebEncryption

JWK has been renamed to JsonWebKey

JWT has been renamed to JsonWebToken

The "Key" model has been re-designed, checkout the :ref:jwk_guide for updates.

Added ES256K algorithm for JWS and JWT.

Breaking Changes: find how to solve the deprecate issues via https://git.io/JkY4f

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [authlib](https://github.com/lepture/authlib) from 0.15.3 to 0.15.4. - [Release notes](https://github.com/lepture/authlib/releases) - [Changelog](https://github.com/lepture/authlib/blob/master/docs/changelog.rst) - [Commits](https://github.com/lepture/authlib/commits) --- updated-dependencies: - dependency-name: authlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2021-10-18T17:02:10Z

Superseded by #59.

dependabot bot added the pip dependencies pip dependencies label Jun 7, 2021

dependabot bot closed this Oct 18, 2021

dependabot bot deleted the dependabot/pip/authlib-0.15.4 branch October 18, 2021 17:02

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump authlib from 0.15.3 to 0.15.4 #47

Bump authlib from 0.15.3 to 0.15.4 #47

dependabot bot commented on behalf of github Jun 7, 2021

dependabot bot commented on behalf of github Oct 18, 2021

Bump authlib from 0.15.3 to 0.15.4 #47

Bump authlib from 0.15.3 to 0.15.4 #47

Conversation

dependabot bot commented on behalf of github Jun 7, 2021

Changelog

Version 1.0

dependabot bot commented on behalf of github Oct 18, 2021