Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump doorkeeper from 4.4.3 to 5.8.0 #4407

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 4, 2024

Bumps doorkeeper from 4.4.3 to 5.8.0.

Release notes

Sourced from doorkeeper's releases.

v5.8.0

  • #1739 Add support for dynamic scopes
  • #1715 Fix token introspection invalid request reason
  • #1714 Fix Doorkeeper::AccessToken.find_or_create_for with empty scopes which raises NoMethodError
  • #1712 Add Pragma: no-cache to token response
  • #1726 Refactor token introspection class.
  • #1727 Allow to set null secret value for Applications if they are public.
  • #1735 Add pkce_code_challenge_methods config option.

v5.7.1

  • #1705 Add force_pkce option that requires non-confidential clients to use PKCE when requesting an access_token using an authorization code

v5.7.0

  • #1696 Add missing #issued_token method to OAuth::TokenResponse
  • #1697 Allow a TokenResponse body to be customized (memoize response body).
  • #1702 Fix bugs for error response in the form_post and error view
  • #1660 Custom access token attributes are now considered when finding matching tokens (fixes #1665). Introduce revoke_previous_client_credentials_token configuration option.

v5.6.9

  • #1691 Make new Doorkeeper errors backward compatible with older extensions.

v5.6.8

  • #1680 Fix handle_auth_errors :raise NotImplementedError

v5.6.7

  • #1662 Specify uri_redirect validation class explicitly.
  • #1652 Add custom attributes support to token generator.
  • #1667 Pass client instead of grant.application to find_or_create_access_token.
  • #1673 Honor custom_access_token_attributes in client credentials grant flow.
  • #1676 Improve AuthorizationsController error response handling
  • #1677 Fix URIHelper.valid_for_authorization? breaking for non url URIs.

v5.6.6

  • #1644 Update HTTP headers.
  • #1646 Block public clients automatic authorization skip.
  • #1648 Add custom token attributes to Refresh Token Request.
  • #1649 Fixed custom_access_token_attributes related errors.

v5.6.5

  • #1602 Allow custom data to be stored inside access grants/tokens.
  • #1634 Code refactoring for custom token attributes.
  • #1639 Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint.

v5.6.4

  • #1633 Apply ORM configuration in #to_prepare block to avoid autoloading errors.

v5.6.3

  • #1622 Drop support for Rubies 2.5 and 2.6
  • #1605 Fix URI validation for Ruby 3.2+.
  • #1625 Exclude endless access tokens from StaleRecordsCleaner.

... (truncated)

Changelog

Sourced from doorkeeper's changelog.

5.8.0

  • #1739 Add support for dynamic scopes
  • #1715 Fix token introspection invalid request reason
  • #1714 Fix Doorkeeper::AccessToken.find_or_create_for with empty scopes which raises NoMethodError
  • #1712 Add Pragma: no-cache to token response
  • #1726 Refactor token introspection class.
  • #1727 Allow to set null secret value for Applications if they are public.
  • #1735 Add pkce_code_challenge_methods config option.

5.7.1

  • #1705 Add force_pkce option that requires non-confidential clients to use PKCE when requesting an access_token using an authorization code

5.7.0

  • #1696 Add missing #issued_token method to OAuth::TokenResponse
  • #1697 Allow a TokenResponse body to be customized (memoize response body).
  • #1702 Fix bugs for error response in the form_post and error view
  • #1660 Custom access token attributes are now considered when finding matching tokens (fixes #1665). Introduce revoke_previous_client_credentials_token configuration option.

5.6.9

  • #1691 Make new Doorkeeper errors backward compatible with older extensions.

5.6.8

  • #1680 Fix handle_auth_errors :raise NotImplementedError

5.6.7

  • #1662 Specify uri_redirect validation class explicitly.
  • #1652 Add custom attributes support to token generator.
  • #1667 Pass client instead of grant.application to find_or_create_access_token.
  • #1673 Honor custom_access_token_attributes in client credentials grant flow.
  • #1676 Improve AuthorizationsController error response handling
  • #1677 Fix URIHelper.valid_for_authorization? breaking for non url URIs.

5.6.6

  • #1644 Update HTTP headers.
  • #1646 Block public clients automatic authorization skip.
  • #1648 Add custom token attributes to Refresh Token Request.
  • #1649 Fixed custom_access_token_attributes related errors.

5.6.5

  • #1602 Allow custom data to be stored inside access grants/tokens.
  • #1634 Code refactoring for custom token attributes.

... (truncated)

Upgrade guide

Sourced from doorkeeper's upgrade guide.

See Upgrade Guides in the project Wiki.

Commits
  • be58d6b Release 5.8.0 🎉
  • 4ca1d55 Merge pull request #1732 from ransombriggs/fix-docker-file-tests
  • 5057044 Merge pull request #1739 from stanhu/sh-support-dynamic-scopes
  • 4a0f7ce Add entry in CHANGELOG.md
  • f71f4e4 Merge branch 'main' into fix-docker-file-tests
  • ba5b258 Exclude lib/doorkeeper/config.rb from Code Climate
  • 6c06b02 Add support for dynamic scopes
  • c113fa3 Merge pull request #1742 from stanhu/sh-fix-broken-main
  • 40b9cb0 Fix broken tests for older Rails versions
  • a33a90a Revert authorization_spec changes
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 4.4.3 to 5.8.0.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Upgrade guide](https://github.com/doorkeeper-gem/doorkeeper/blob/main/UPGRADE.md)
- [Commits](doorkeeper-gem/doorkeeper@v4.4.3...v5.8.0)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/doorkeeper-5.8.0 branch from 5726e73 to 59811ba Compare November 5, 2024 03:48
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 9, 2024

Superseded by #4420.

@dependabot dependabot bot closed this Dec 9, 2024
@dependabot dependabot bot deleted the dependabot/bundler/doorkeeper-5.8.0 branch December 9, 2024 11:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants