search

anitab-org / portal

THIS PROJECT IS ARCHIVED. Systers Portal for communities.
GNU General Public License v2.0
68 stars 209 forks source link

chore: bump django-allauth from 0.42.0 to 0.44.0 #700

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps django-allauth from 0.42.0 to 0.44.0.

Changelog

Sourced from django-allauth's changelog.

0.44.0 (2020-11-25)

Security notice

In previous versions, the mechanism to prevent too many failed login attempts (ACCOUNT_LOGIN_ATTEMPTS_LIMIT) could be bypassed by changing the casing of the login.

Backwards incompatible changes

  • The certificate key part of the SOCIALACCOUNT_PROVIDERS configuration has been renamed to certificate_key. This is done to prevent the key from being displayed without being masked in Django debug pages.

0.43.0 (2020-10-15)

Note worthy changes

  • New translation: Slovenian.
  • If ACCOUNT_LOGIN_ATTEMPTS_LIMIT is set and the user successfully resets their password, the timeout is cleared to allow immediate login.
  • You can now limit the amount of email addresses a user can associate to his account by setting ACCOUNT_MAX_EMAIL_ADDRESSES.
  • New providers: Apple, Okta, Stocktwits, Zoho, Zoom.
  • If email verification is set to mandatory, the email address you use to login with must now be verified as well. In previous versions, it was sufficient if the account had at least one verified email address, not necessarily the one used to login with.
  • Added a new setting: ACCOUNT_SIGNUP_REDIRECT_URL -- the URL (or URL name) to redirect to directly after signing up.

Backwards incompatible changes

  • In previous versions, the allauth app included a base.html template. This template could conflict with an equally named template at project level. Therefore, base.html has now been moved to account/base.html -- you will need to check your templates and likely override account/base.html within your project.
Commits
  • 32b42df chore: Preparing release 0.44.0
  • 2fa7038 fix(account/adapter): Prevent login attempts casing bypass
  • 701d8ff fix(i18n/ja): Fix fuzzy translation in Japanese locale
  • 23c2d55 fix(i18n/pl): Fix a typo in Polish translation
  • b00acf4 fix(socialaccount/apple): missing argument: 'permitted_methods'
  • 3a75c65 docs: update version number
  • 4ebeea7 docs(apple): warn about session issues
  • 19a55f6 fix(apple): get user data with token
  • e43bfd9 chore(socialaccount): Rename certificate to certificate_key
  • 103c8af chore: Set version for development
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
codecov-io commented 3 years ago

Codecov Report

Merging #700 (556aeb9) into develop (523a215) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff            @@
##           develop     #700   +/-   ##
========================================
  Coverage    89.99%   89.99%           
========================================
  Files           49       49           
  Lines         2699     2699           
========================================
  Hits          2429     2429           
  Misses         270      270

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 523a215...556aeb9. Read the comment docs.