Bump django-allauth from 0.54.0 to 0.55.0

[dependabot[bot]]

Bumps django-allauth from 0.54.0 to 0.55.0.

Changelog

Sourced from django-allauth's changelog.

0.55.0 (2023-08-22)

---

Note worthy changes

• Introduced a new setting ACCOUNT_PASSWORD_RESET_TOKEN_GENERATOR that allows you to specify the token generator for password resets.

• Dropped support for Django 2.x and 3.0.

• Officially support Django 4.2.

• New providers: Miro, Questrade

• It is now possible to manage OpenID Connect providers via the Django admin. Simply add a SocialApp for each OpenID Connect provider.

• There is now a new flow for changing the email address. When enabled (ACCOUNT_CHANGE_EMAIL), users are limited to having exactly one email address that they can change by adding a temporary second email address that, when verified, replaces the current email address.

• Changed spelling from "e-mail" to "email". Both are correct, however, the trend over the years has been towards the simpler and more streamlined form "email".

• Added support for SAML 2.0. Thanks to Dskrpt <https://dskrpt.de>_ for sponsoring the development of this feature!

• Fixed Twitter OAuth2 authentication by using basic auth and adding scope tweet.read.

• Added (optional) support for authentication by email for social logins (see SOCIALACCOUNT_EMAIL_AUTHENTICATION).

Security notice

• Even with account enumeration prevention in place, it was possible for a user to infer whether or not a given account exists based by trying to add secondary email addresses . This has been fixed -- see the note on backwards incompatible changes.

Backwards incompatible changes

• Data model changes: when ACCOUNT_UNIQUE_EMAIL=True (the default), there was a unique constraint on set on the email field of the EmailAddress

... (truncated)

Commits

• 89c5820 chore: Release 0.55.0
• 6e0725b fix(socialaccount): provider.name must be a class level property
• 3d685a2 fix(facebook): Use GET to access access_token endpoint
• abb196c fix(example): Don't create app for 'openid_connect'
• b8bf1c9 refactor(account/forms): Drop deprecated custom signup .save()
• 47597d3 fix(account): Custom user without first/last_name
• 31c16af feat(settings): support ALLAUTH_SETTING_GETTER str path
• eb56bf0 fix(auth0): Expose 'picture' in payload
• 69d79cb fix(steam): Require OpenID
• c733459 feat(telegram): Configurable auth_date validity
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)