Bump social-auth-core from 4.5.4 to 4.5.6 #11825
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [social-auth-core](https://github.com/python-social-auth/social-core) from 4.5.4 to 4.5.6. - [Release notes](https://github.com/python-social-auth/social-core/releases) - [Changelog](https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md) - [Commits](python-social-auth/social-core@4.5.4...4.5.6) --- updated-dependencies: - dependency-name: social-auth-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
DryRun Security SummaryThe requirements.txt file is updated to use social-auth-core version 4.5.6 instead of 4.5.4, with potential security implications that should be reviewed in the release notes. Expand for full summaryThe pull request updates the social-auth-core library version from 4.5.4 to 4.5.6 in requirements.txt. Security considerations include: potential security patches in the version upgrade, recommended review of release notes for specific security improvements related to the authentication library. Code AnalysisWe ran
|
|
@dependabot rebase |
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
|
Conflicts have been resolved. A maintainer will review the pull request shortly. |
|
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
Bumps social-auth-core from 4.5.4 to 4.5.6.
Release notes
Sourced from social-auth-core's releases.
... (truncated)
Changelog
Sourced from social-auth-core's changelog.
Commits
b2d50a9fix: corrected backeds nonce interfaced60d968chore: release 4.5.60bd5eadfix: revert API changes from #986f665a79chore: define workflow permissionsa53bf90chore: Version bump 4.5.5d9657bcchore: exclude license-files metadata0b850d2chore: remove debuggingf096007chore: build release on tag49951d4fix: stop using reusable workflow for publishing5d14d41chore: debug publishingDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)