search

CLIMB-TRE / onyx

API for pathogen metadata
GNU General Public License v3.0
0 stars 1 forks source link

Bump django-rest-knox from 4.2.0 to 5.0.2 #241

Open dependabot[bot] opened 1 month ago

dependabot[bot] commented 1 month ago

Bumps django-rest-knox from 4.2.0 to 5.0.2.

Release notes

Sourced from django-rest-knox's releases.

Implement AUTO_REFRESH_MAX_TTL to limit total token lifetime when AUTO_REFRESH = True

No release notes provided.

Fix issue with migration

  • Fix migration when not overriding AuthToken model

First Jazzband release! Fixes and improvements.

This is the first Jazzband release of django-rest-knox, and it comes with an extensive list of fixes and improvements from the last version. Thanks to everyone in the community that contributed to help get this through! :rocket:

Warnings :warning:

  • Tokens created prior to this release will no longer work

Changelist

  • Fix migration reverse flow, enable migrate 0
  • Various documentation fixes and improvements
  • Drop cryptography in favor of hashlib
  • Make custom AuthModel work
  • Token prefix can be set in the setttings
  • Drop support for Django 4.0
  • Add support for Dango 4.2, 5.0 and Python 3.11 and 3.12
  • Cleanup legacy Python 2.0 code
  • Fix isort, flake8 usage for Python 3.10 in the test suite
  • Update Github actions version
  • Upgrade markdown dependency
  • Get rid of the six library
  • Add custom login / logout response support
  • Join the jazzband organization
  • Add pre-commit hooks
  • Add tracking of tests code coverage
  • Fix migrations when used in condition with a custom DB
  • Improve typing
  • Use self.authenticate_header() in authenticate() method to get auth header prefix
Changelog

Sourced from django-rest-knox's changelog.

5.0.2

  • Implement AUTO_REFRESH_MAX_TTL to limit total token lifetime when AUTO_REFRESH = True

5.0.1

  • Fix migration: retrieve TOKEN_MODEL from knox_settings instead of Django settings.

5.0.0

  • Tokens created prior to this release will no longer work
  • Fix migration reverse flow, enable migrate 0
  • Various documentation fixes and improvements
  • Drop cryptography in favor of hashlib
  • Make custom AuthModel work
  • Token prefix can be set in the setttings
  • Drop support for Django 4.0
  • Add support for Dango 4.2, 5.0 and Python 3.11 and 3.12
  • Cleanup legacy Python 2.0 code
  • Fix isort, flake8 usage for Python 3.10 in the test suite
  • Update Github actions version
  • Upgrade markdown dependency
  • Get rid of the six library
  • Add custom login / logout response support
  • Join the jazzband organization
  • Add pre-commit hooks
  • Add tracking of tests code coverage
  • Fix migrations when used in condition with a custom DB
  • Improve typing
  • Use self.authenticate_header() in authenticate() method to get auth header prefix
Commits
  • 7f35152 Merge pull request #369 from jazzband/giovanni/changelog-and-release
  • 5465580 chore: Update changelogs and release
  • 921818d Merge pull request #367 from jazzband/pre-commit-ci-update-config
  • a3dfcba Merge pull request #366 from christian-oudard/develop
  • d13ff2a [pre-commit.ci] auto fixes from pre-commit.com hooks
  • b4ea791 Review notes.
  • 770a3e6 [pre-commit.ci] pre-commit autoupdate
  • e81886a Review notes.
  • 32fd1c5 Implement AUTO_REFRESH_MAX_TTL to limit total token lifetime when AUTO_REFRES...
  • 7d564c1 Merge pull request #365 from jazzband/giovanni/improve-test-app
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)