search

FiniteMonkeys / kerbal-maps

A Google Maps-like UI for Kerbal Space Program (KSP) celestial bodies.
Apache License 2.0
9 stars 4 forks source link

Bump pow from 1.0.0 to 1.0.18 #205

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps pow from 1.0.0 to 1.0.18.

Release notes

Sourced from pow's releases.

v1.0.18

Bug fixes

  • [Pow.Phoenix.Routes] Fixed bug where callback route methods is not using the overridden method #418
  • [PowPersistentSession.Plug.Cookie] PowPersistentSession.Plug.Cookie.delete/2 now correctly pulls token during :before_send callback #420
  • [Pow.Plug.Session] Pow.Plug.Session.delete/2 now correctly pulls session id during :before_send callback so PowEmailConfirmation will remove set session #420

v1.0.17

Enhancements

  • [Pow.Ecto.Context] Calls to Pow.Ecto.Context.get_by/2 replaced with Pow.Operations.get_by/2 so custom users context module can be used. The following methods has been updated: #343
    • Pow.Ecto.Context.authenticate/2
    • PowEmailConfirmation.Ecto.Context.get_by_confirmation_token/2
    • PowInvitation.Ecto.Context.get_by_invitation_token/2
    • PowResetPassword.Ecto.Context.get_by_email/2
  • [Pow.Ecto.Schema.Changeset] Pow.Ecto.Schema.Changeset.confirm_password_changeset/3 now adds the default Ecto.Changeset.validate_confirmation/3 error instead of the previous not same as password error #380
  • [Pow.Ecto.Schema.Changeset] Pow.Ecto.Schema.Changeset.confirm_password_changeset/3 now uses the Ecto.Changeset.validate_confirmation/3 for validation and expects :password_confirmation instead of :confirm_password in params #379
  • [Pow.Ecto.Schema.Changeset] Pow.Ecto.Schema.Changeset.new_password_changeset/3 now only requires the :password_hash if there have been no previous errors set in the changeset #391
  • [Pow.Ecto.Schema] No longer adds :confirm_password virtual field #379
  • [Pow.Ecto.Schema] Now has an @after_compile callback that ensures all required fields has been defined #376
  • [PowInvitation.Phoenix.InvitationView] Now renders :password_confirmation field instead of :confirm_password #379
  • [PowResetPassword.Phoenix.ResetPasswordView] Now renders :password_confirmation field instead of :confirm_password #379
  • [Pow.Phoenix.RegistrationView] Now renders :password_confirmation field instead of :confirm_password #379
  • [PowEmailConfirmation.Ecto.Schema] No longer validates if :email has been taken before setting :unconfirmed_email #379
  • [PowEmailConfirmation.Phoenix.ControllerCallbacks] Now prevents user enumeration attack for PowInvitation.Phoenix.InvitationController.create/2 #384
  • [PowPersistentSession.Plug.Cookie] Changed default cookie name to persistent_session #385
  • [PowPersistentSession.Plug.Cookie] Removed renewal of cookie as the token will always expire #385
  • [PowPersistentSession.Plug.Cookie] No longer expires invalid cookies #390
  • [Pow.Operations] Added Pow.Operations.fetch_primary_key_values/2 #393
  • [PowPersistentSession.Plug.Base] Now registers :before_send callbacks #398
  • [PowPersistentSession.Plug.Cookie] Now updates cookie and backend store in :before_send callback #398
  • [Pow.Plug.Base] Now registers :before_send callbacks #398
  • [Pow.Plug.Session] Now updates plug session and backend store in :before_send callback #398
  • [Pow.Plug] Added Pow.Plug.create/3 #405
  • [Pow.Plug] Added Pow.Plug.delete/2 #405

Removed

  • [PowResetPassword.Phoenix.ResetPasswordController] Will no longer prevent information leak by checking if PowEmailConfirmation or registration routes are enabled; instead it'll by default prevent user enumeration, but can be disabled if pow_prevent_user_enumeration: false is set in conn.private #384

Bug fixes

  • [PowPersistentSession.Plug.Base] With custom :persistent_session_store now falls back to :cache_store_backend configuration option #408
  • [PowResetPassword.Plug] With custom :reset_password_token_store now falls back to :cache_store_backend configuration option #408
  • [Pow.Plug.Base] With custom :credentials_cache_store now falls back to :cache_store_backend configuration option #408

Deprecations

  • [Pow.Ecto.Changeset] Pow.Ecto.Schema.Changeset.confirm_password_changeset/3 has deprecated use of :confirm_password in params in favor of :password_confirmation #379
  • [Pow.Plug.Session] :session_store option has been renamed to :credentials_cache_store #399
... (truncated)
Changelog

Sourced from pow's changelog.

v1.0.18 (2020-02-14)

Bug fixes

  • [Pow.Phoenix.Routes] Fixed bug where callback route methods is not using the overridden method
  • [PowPersistentSession.Plug.Cookie] PowPersistentSession.Plug.Cookie.delete/2 now correctly pulls token during :before_send callback
  • [Pow.Plug.Session] Pow.Plug.Session.delete/2 now correctly pulls session id during :before_send callback so PowEmailConfirmation will remove set session

v1.0.17 (2020-02-04)

Enhancements

  • [Pow.Ecto.Context] Calls to Pow.Ecto.Context.get_by/2 replaced with Pow.Operations.get_by/2 so custom users context module can be used. The following methods has been updated:
    • Pow.Ecto.Context.authenticate/2
    • PowEmailConfirmation.Ecto.Context.get_by_confirmation_token/2
    • PowInvitation.Ecto.Context.get_by_invitation_token/2
    • PowResetPassword.Ecto.Context.get_by_email/2
  • [Pow.Ecto.Schema.Changeset] Pow.Ecto.Schema.Changeset.confirm_password_changeset/3 now adds the default Ecto.Changeset.validate_confirmation/3 error instead of the previous not same as password error
  • [Pow.Ecto.Schema.Changeset] Pow.Ecto.Schema.Changeset.confirm_password_changeset/3 now uses the Ecto.Changeset.validate_confirmation/3 for validation and expects :password_confirmation instead of :confirm_password in params
  • [Pow.Ecto.Schema.Changeset] Pow.Ecto.Schema.Changeset.new_password_changeset/3 now only requires the :password_hash if there have been no previous errors set in the changeset
  • [Pow.Ecto.Schema] No longer adds :confirm_password virtual field
  • [Pow.Ecto.Schema] Now has an @after_compile callback that ensures all required fields has been defined
  • [PowInvitation.Phoenix.InvitationView] Now renders :password_confirmation field instead of :confirm_password
  • [PowResetPassword.Phoenix.ResetPasswordView] Now renders :password_confirmation field instead of :confirm_password
  • [Pow.Phoenix.RegistrationView] Now renders :password_confirmation field instead of :confirm_password
  • [PowEmailConfirmation.Ecto.Schema] No longer validates if :email has been taken before setting :unconfirmed_email
  • [PowEmailConfirmation.Phoenix.ControllerCallbacks] Now prevents user enumeration for PowInvitation.Phoenix.InvitationController.create/2
  • [PowPersistentSession.Plug.Cookie] Changed default cookie name to persistent_session
  • [PowPersistentSession.Plug.Cookie] Removed renewal of cookie as the token will always expire
  • [PowPersistentSession.Plug.Cookie] No longer expires invalid cookies
  • [Pow.Operations] Added Pow.Operations.fetch_primary_key_values/2
  • [PowPersistentSession.Plug.Base] Now registers :before_send callbacks
  • [PowPersistentSession.Plug.Cookie] Now updates cookie and backend store in :before_send callback
  • [Pow.Plug.Base] Now registers :before_send callbacks
  • [Pow.Plug.Session] Now updates plug session and backend store in :before_send callback
  • [Pow.Plug] Added Pow.Plug.create/3
  • [Pow.Plug] Added Pow.Plug.delete/2

Removed

  • [PowResetPassword.Phoenix.ResetPasswordController] Will no longer prevent information leak by checking if PowEmailConfirmation or registration routes are enabled; instead it'll by default prevent user enumeration, but can be disabled if pow_prevent_user_enumeration: false is set in conn.private

Bug fixes

  • [PowPersistentSession.Plug.Base] With custom :persistent_session_store now falls back to :cache_store_backend configuration option
  • [PowResetPassword.Plug] With custom :reset_password_token_store now falls back to :cache_store_backend configuration option
  • [Pow.Plug.Base] With custom :credentials_cache_store now falls back to :cache_store_backend configuration option

Deprecations

... (truncated)
Commits
  • abe32dd Roll version
  • 97f8530 Merge pull request #420 from danschultzer/fix-delete-session
  • 9679a0e Fix delete session
  • 217d3d9 Merge pull request #418 from danschultzer/fallback-routes
  • 925bfcd More explicit way of handling custom routes module
  • 64d2010 Let all routes fallback to custom routes module
  • 1d05c05 Update deps
  • 291eff8 Update mix.lock with Elixir 1.10.0 structure
  • 15ac1e6 Merge pull request #416 from danschultzer/fix-typo
  • 72bd163 Fix typo
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 4 years ago

Superseded by #219.