koba-lab / mastodon

A GNU Social-compatible microblogging server
https://ika.queloud.net
GNU Affero General Public License v3.0
5 stars 7 forks source link

Bump doorkeeper from 5.5.4 to 5.6.5 #839

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps doorkeeper from 5.5.4 to 5.6.5.

Release notes

Sourced from doorkeeper's releases.

v5.6.5

  • #1602 Allow custom data to be stored inside access grants/tokens.
  • #1634 Code refactoring for custom token attributes.
  • #1639 Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint.

v5.6.4

  • #1633 Apply ORM configuration in #to_prepare block to avoid autoloading errors.

v5.6.3

  • #1622 Drop support for Rubies 2.5 and 2.6
  • #1605 Fix URI validation for Ruby 3.2+.
  • #1625 Exclude endless access tokens from StaleRecordsCleaner.
  • #1626 Remove deprecated active_record_options config option.
  • #1631 Fix regression with redirect behavior after token lookup optimizations (redirect to app URI when found).
  • #1630 Special case unique index creation for refresh_token on SQL Server.
  • #1627 Lazy evaluate Doorkeeper config when loading files and executing initializers.

v5.6.2

  • #1604 Fix fetching of the application when custom application_class defined.

v5.6.1

  • #1593 Add support for Trilogy ActiveRecord adapter.
  • #1597 Add optional support to use the url path for the native authorization code flow. Ports forward #1143 from 4.4.3
  • #1599 Remove unnecessarily re-fetch of application object when creating an access token.

v5.6.0

  • #1581 Consider token_type_hint when searching for access token in TokensController to avoid extra database calls.

v5.6.0.rc1

  • #1551 Change lazy loading for ORM to be Ruby standard autoload.

  • #1552 Remove duplicate IDs on Auth form to improve accessibility.

  • #1542 Improve performance of Doorkeeper::AccessToken#matching_token_for using database specific SQL time math.

    [IMPORTANT]: API of the Doorkeeper::AccessToken#matching_token_for method has changed and now it returns only active access tokens (previously they were just not revoked). Please remember that the idea of the reuse_access_token option is to check for existing active token (see configuration option description).

Changelog

Sourced from doorkeeper's changelog.

5.6.5

  • #1602 Allow custom data to be stored inside access grants/tokens.
  • #1634 Code refactoring for custom token attributes.
  • #1639 Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint.

5.6.4

  • #1633 Apply ORM configuration in #to_prepare block to avoid autoloading errors.

5.6.3

  • #1622 Drop support for Rubies 2.5 and 2.6
  • #1605 Fix URI validation for Ruby 3.2+.
  • #1625 Exclude endless access tokens from StaleRecordsCleaner.
  • #1626 Remove deprecated active_record_options config option.
  • #1631 Fix regression with redirect behavior after token lookup optimizations (redirect to app URI when found).
  • #1630 Special case unique index creation for refresh_token on SQL Server.
  • #1627 Lazy evaluate Doorkeeper config when loading files and executing initializers.

5.6.2

  • #1604 Fix fetching of the application when custom application_class defined.

5.6.1

  • #1593 Add support for Trilogy ActiveRecord adapter.
  • #1597 Add optional support to use the url path for the native authorization code flow. Ports forward #1143 from 4.4.3
  • #1599 Remove unnecessarily re-fetch of application object when creating an access token.

5.6.0

  • #1581 Consider token_type_hint when searching for access token in TokensController to avoid extra database calls.

5.6.0.rc2

  • #1558 Fixed bug: able to obtain a token with default scopes even if they are not present in the application scopes when using client credentials.
  • #1567 Only filter code parameter if authorization_code grant flow is enabled.

5.6.0.rc1

  • #1551 Change lazy loading for ORM to be Ruby standard autoload.

  • #1552 Remove duplicate IDs on Auth form to improve accessibility.

  • #1542 Improve performance of Doorkeeper::AccessToken#matching_token_for using database specific SQL time math.

    [IMPORTANT]: API of the Doorkeeper::AccessToken#matching_token_for method has changed and now it returns only active access tokens (previously they were just not revoked). Please remember that the idea of the reuse_access_token option is to check for existing active token (see configuration option description).

Commits
  • dcce720 Release 5.6.5 :tada:
  • a90d4c1 Merge pull request #1639 from doorkeeper-gem/fix-auth-destroy
  • a2a39f9 Add grant type vlaidation to avoid Internal Server Error for DELETE /oauth/au...
  • 0dcb083 [ci skip] Fix CHANGELOG
  • 1e8c8cf Merge pull request #1634 from doorkeeper-gem/code-refactoring
  • a897741 Refactor custom token attributes & some other code
  • 8436928 Merge pull request #1602 from teamsimplepay/pre_auth_extension
  • e4ae754 Implementing feedback changes
  • b580c18 Added config option to permit and return custom fields in access tokens
  • 3ad48e0 Release 5.6.4 :tada:
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 8 months ago

This pull request has merge conflicts that must be resolved before it can be merged.