iobroker-community-adapters / ioBroker.google-smart-home-fulfillment

A Google Smart Home Actions fulfillment server for ioBroker.
MIT License
4 stars 1 forks source link

Bump oidc-provider from 6.31.1 to 8.4.4 #91

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 10 months ago

Bumps oidc-provider from 6.31.1 to 8.4.4.

Release notes

Sourced from oidc-provider's releases.

v8.4.4

Refactor

  • test decoded basic auth tokens for their VSCHAR pattern (3f86cc0)

Fixes

  • DPoP,PAR,JAR: validate DPoP before invalidating JAR during PAR (ca0f999)

v8.4.3

This release contains only code refactoring, dependency, or documentation updates.

v8.4.2

Fixes

  • reject client JSON Web Key Set null value (#1237) (cce6d43)

v8.4.1

This release contains only code refactoring, dependency, or documentation updates.

v8.4.0

Features

  • DPoP: remove experimental flag, DPoP is now RFC9449 (89d133e)

v8.3.2

Fixes

  • assign extraTokenClaims return to the model (e296dc7)

v8.3.1

Fixes

  • DPoP: compare htu scheme and hostname case independent (b72d668)

v8.3.0

Features

  • allow specifying the user-agent header for outgoing requests (95f24ef)

v8.2.2

Fixes

  • ignore non-existent resource scopes during refresh (#1222) (bdf23ba)

v8.2.1

Fixes

... (truncated)

Changelog

Sourced from oidc-provider's changelog.

8.4.4 (2024-01-08)

Refactor

  • test decoded basic auth tokens for their VSCHAR pattern (3f86cc0)

Fixes

  • DPoP,PAR,JAR: validate DPoP before invalidating JAR during PAR (ca0f999)

8.4.3 (2023-12-14)

8.4.2 (2023-12-02)

Fixes

  • reject client JSON Web Key Set null value (#1237) (cce6d43)

8.4.1 (2023-10-25)

8.4.0 (2023-09-08)

Features

  • DPoP: remove experimental flag, DPoP is now RFC9449 (89d133e)

8.3.2 (2023-09-02)

Fixes

  • assign extraTokenClaims return to the model (e296dc7)

8.3.1 (2023-08-30)

Fixes

  • DPoP: compare htu scheme and hostname case independent (b72d668)

8.3.0 (2023-08-27)

Features

  • allow specifying the user-agent header for outgoing requests (95f24ef)

... (truncated)

Commits
  • 81c683d chore(release): 8.4.4
  • 29b9667 chore: add documentation updates and refactors to future changelogs
  • ca0f999 fix(DPoP,PAR,JAR): validate DPoP before invalidating JAR during PAR
  • 3f86cc0 refactor: test decoded basic auth tokens for their VSCHAR pattern
  • 391885c chore: bump upload-artifact
  • b583993 Revert "build(deps): bump actions/upload-artifact from 3 to 4" (#1243)
  • 1111362 build(deps): bump github/codeql-action from 2 to 3 (#1241)
  • 68112d3 build(deps): bump actions/upload-artifact from 3 to 4 (#1242)
  • 55f4fb7 chore(release): 8.4.3
  • 6904545 chore: bump deps
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 9 months ago

Superseded by #93.