search

mewstcom / mewst

ほっとするマイクロブログ
https://mewst.com
GNU Affero General Public License v3.0
8 stars 0 forks source link

Bump doorkeeper from 5.7.0 to 5.7.1 #915

Closed dependabot[bot] closed 2 days ago

dependabot[bot] commented 4 months ago

Bumps doorkeeper from 5.7.0 to 5.7.1.

Release notes

Sourced from doorkeeper's releases.

v5.7.1

  • #1705 Add force_pkce option that requires non-confidential clients to use PKCE when requesting an access_token using an authorization code
Changelog

Sourced from doorkeeper's changelog.

5.7.1

  • #1705 Add force_pkce option that requires non-confidential clients to use PKCE when requesting an access_token using an authorization code
Commits
  • 1cd750b Release 5.7.1 :tada:
  • 7ffdeec [ci skip] Fix CHANGELOG.md
  • f7bbce5 Merge pull request #1704 from doorkeeper-gem/dependabot/bundler/sqlite3-tw-2.0
  • cf8ec04 Merge pull request #1705 from mattmanning/option-force-pkce
  • 26247b7 remove pry-byebug development dependency
  • 5ac9035 Validate presence of code_challenge in pre authorization when force_pkce is set
  • 2def866 add development dependency pry-byebug for debugging
  • 5bf9d40 Check for code_verifier, not code_challenge
  • 006c35d Add entry to CHANGELOG.md
  • 3c4dbba Add force_pkce option
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
shimbaco commented 2 days ago

@dependabot rebase

dependabot[bot] commented 2 days ago

Superseded by #1029.