Bump omniauth from 1.2.2 to 1.9.0

[dependabot[bot]]

Bumps omniauth from 1.2.2 to 1.9.0.

Release notes

*Sourced from [omniauth's releases](https://github.com/omniauth/omniauth/releases).* > ## v1.9.0 > - Update `rack` to `>=2.0.6` per [CVE-2018-16471](https://nvd.nist.gov/vuln/detail/CVE-2018-16471) > - Allows usage of Hashie up to `3.7.0` > - Fixes Rubocop offenses. > > ## v1.8.1 > - Fix [CVE-2017-17042](https://nvd.nist.gov/vuln/detail/CVE-2017-17042) > > ## v1.8.0 > - Use `warn` over `$stderr.puts` > > ## v1.7.1 > - Update `mock_request_call` to use the same logic as [#912](https://github-redirect.dependabot.com/omniauth/omniauth/issues/912). (PR: [#913](https://github-redirect.dependabot.com/omniauth/omniauth/issues/913)) > > ## v1.7.0 > - Allow for `origin` param to be renamed or disabled. (PR: [#912](https://github-redirect.dependabot.com/omniauth/omniauth/issues/912); Issue: [#910](https://github-redirect.dependabot.com/omniauth/omniauth/issues/910)) > > ## v1.6.1 > ## Fixes > - Revert [#806](https://github-redirect.dependabot.com/omniauth/omniauth/issues/806) - "Sets `omniauth.headers` on the request phase" due to `ActionDispatch::Cookies::CookieOverflow` issues. (PR: [#889](https://github-redirect.dependabot.com/omniauth/omniauth/issues/889); Issue: [#888](https://github-redirect.dependabot.com/omniauth/omniauth/issues/888)) > > ## v1.6.0 > ## Updates / Fixes > - Performance benchmarks for middleware call (PR: [#775](https://github-redirect.dependabot.com/omniauth/omniauth/issues/775)) > - Simplify Default Strategy Options (PR: [#777](https://github-redirect.dependabot.com/omniauth/omniauth/issues/777)) > - Improve perf by using `Hashie::Mash#[]` (PR: [#778](https://github-redirect.dependabot.com/omniauth/omniauth/issues/778)) > - Pass through `test_mode` with alternate request method (PR: [#779](https://github-redirect.dependabot.com/omniauth/omniauth/issues/779)) > - Avoid Minitest warnings (PR: [#850](https://github-redirect.dependabot.com/omniauth/omniauth/issues/850)) > - Set `omniauth.headers` on the request phase (PR: [#806](https://github-redirect.dependabot.com/omniauth/omniauth/issues/806)) > - Set params when mocking a failure (PR: [#812](https://github-redirect.dependabot.com/omniauth/omniauth/issues/812); Issue: [#811](https://github-redirect.dependabot.com/omniauth/omniauth/issues/811)) > - docs: TestCase expects class in strategy method array (PR: [#868](https://github-redirect.dependabot.com/omniauth/omniauth/issues/868)) > - Update `AuthHash#regular_writer` to ensure that `#info` is a Hash ([#848](https://github-redirect.dependabot.com/omniauth/omniauth/issues/848)) > - Loosen `hashie` requirements to fix potential performance issues. Please define `3.4.6` in your Gemfile if you experience issues with `3.5.x`. (PR: [#887](https://github-redirect.dependabot.com/omniauth/omniauth/issues/887); Issue: [#886](https://github-redirect.dependabot.com/omniauth/omniauth/issues/886)) > > ## v1.5.0 > ## Defined Support > - Required Ruby version: `>= 2.1.9` > > ## Fixes > - Updated Hashie's `disable_warnings` setting > > ## Updated Dependencies & Security Updates > - `jruby-openssl` - `~> 0.9.19` > - `rake` - `>= 12.0` > - `yard` - `>= 0.9` > - `hashie` - `~> 3.5.0` > - `json` - `~> 2.0.3` > - `mime-types` - `~> 3.1` > - `rest-client` - `~> 2.0.0` > - `rspec` - `~> 3.5.0` > ... (truncated)

Commits

- [`cc0f552`](https://github.com/omniauth/omniauth/commit/cc0f5522621b4a372f4dff0aa608822aa082cb60) Update version to 1.9.0 - [`8186661`](https://github.com/omniauth/omniauth/commit/818666154d384c8ea2d4323e21f0b20d3924db24) Merge pull request [#951](https://github-redirect.dependabot.com/omniauth/omniauth/issues/951) from omniauth/audit - [`5b11a59`](https://github.com/omniauth/omniauth/commit/5b11a59087c38853400687bd75e24ca28fd73fdc) Update to rack 2.0.6 due to CVE-2018-16471 - [`7a0c641`](https://github.com/omniauth/omniauth/commit/7a0c6417ecf264a0fc4f5d359a2ecc1ca51e2b66) Merge pull request [#943](https://github-redirect.dependabot.com/omniauth/omniauth/issues/943) from schneems/schneems/allow-new-hashie - [`c2380ae`](https://github.com/omniauth/omniauth/commit/c2380ae848ce4e0e39b4bb94c5b8e3fd0a544825) Merge pull request [#950](https://github-redirect.dependabot.com/omniauth/omniauth/issues/950) from omniauth/fixing-rubocop-offenses - [`ace4ba3`](https://github.com/omniauth/omniauth/commit/ace4ba366aac0ec249ad563534ae600ffe93019d) Fix Rubocop; Min Ruby version 2.2; Update Travis platforms - [`74dd576`](https://github.com/omniauth/omniauth/commit/74dd5769263150ae647320209889e3f3c88e5731) Allow for using latest version of hashie - [`8179ba7`](https://github.com/omniauth/omniauth/commit/8179ba796aae82f857f63b50ae848a3fbe369b4d) Bump version to 1.8.1 [ci skip] - [`683c89c`](https://github.com/omniauth/omniauth/commit/683c89c3eb70f51b20524baf89358cc9b2f9454f) Merge pull request [#924](https://github-redirect.dependabot.com/omniauth/omniauth/issues/924) from omniauth/CVE-2017-17042 - [`809f39e`](https://github.com/omniauth/omniauth/commit/809f39e74aa6b0a02a9bd4b1a1ee8e9161fd0ea4) Update Yard dependency (CVE-2017-17042) - Additional commits viewable in [compare view](https://github.com/omniauth/omniauth/compare/v1.2.2...v1.9.0)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xaviershay/enki/network/alerts).

[dependabot[bot]]

Superseded by #121.