search

zgzgorg / iam-backend

0 stars 2 forks source link

chore(deps): bump flask-login from 0.5.0 to 0.6.1 #102

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps flask-login from 0.5.0 to 0.6.1.

Release notes

Sourced from flask-login's releases.

0.6.1

Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-061

0.6.0

This release sets new minimum versions of Python, Flask, and Werkzeug, and fixes compatibility with the latest versions of those.

  • Python >= 3.7
  • Flask >= 1.0.4, this will be bumped to reflect the latest supported release (2.1) in the future
  • Werkzeug >= 1.0.1, this will be bumped to reflect the latest supported release (2.1) in the future
Changelog

Sourced from flask-login's changelog.

Version 0.6.1

Released on May 1st, 2022

  • Only preserve subdomain or host view args in unauthorized redirect #663
  • The new utility function login_remembered returns True if the current login is remembered across sessions. #654
  • Fix side effect potentially executing view twice for same request. #666
  • Clarify usage of FlaskLoginClient test client in docs. #668

Version 0.6.0

Released on March 30th, 2022

  • Drop support for Python 2.7, 3.5, and 3.6, which have all reached the end of their official support. #594, #638
  • The minimum supported version of Flask is 1.0.4, and Werkzeug is 1.0.1. However, projects are advised to use the latest versions of both. #639
  • Only flash "needs_refresh_message" if value is set #464
  • Modify expand_login_view to allow for subdomain and host matching for login_view #462
  • Add accessors for request_loader and user_loader callback functions #472
  • Change "remember_me" cookie to match Werkzeug default value #488
  • Change "remember_me" cookie to HttpOnly, matching Flask session cookie #488
  • Add example for using unauthorized_handler #492
  • Fix assertEqual deprecation warning in pytest #518
  • Fix collections deprecation warning under Python 3.8 #525
  • Replace safe_str_cmp with hmac.compare_digest #585
  • Document REMEMBER_COOKIE_SAMESITE config #577
  • Revise setup.py to use README.md for long description #598
  • Various documentation corrections #484, #482, #487, #534
  • Fix from flask_login import * behavior, although note that import * is not usually a good pattern in code. #485
  • UserMixin.is_authenticated will return whatever is_active returns by default. This prevents inactive users from logging in. #486, #530
  • Session protection will only mark the session as not fresh if it's not already marked as such, avoiding modifying the session cookie unnecessarily. #612
Commits
  • bb25407 v0.6.1 (#669)
  • 138f839 Clarify usage of FlaskLoginClient test client (#668)
  • 4986897 Fix for #662 - Better Flask 1.x detection (#667)
  • ecd3b59 Clean up docs and tests after merging login_remembered() (#665)
  • 1fb74c5 Cleanup changelog after merge conflict
  • b617255 Utility function to check whether current login is remembered (#654)
  • 4a4869a Bump version 0.6.1-dev0 (#664)
  • c877c1c Only preserve subdomain or host view args in login redirect (#663)
  • cdcfef0 Fix template example in documentation (#661)
  • c7150c8 docs: Add note on where to find available configuration (#659)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 2 years ago

Codecov Report

Merging #102 (de38f64) into master (28529de) will not change coverage. The diff coverage is n/a.

@@            Coverage Diff            @@
##            master      #102   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           15        15           
  Lines          666       666           
=========================================
  Hits           666       666
Flag Coverage Δ
unittests 100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 28529de...de38f64. Read the comment docs.

dependabot[bot] commented 2 years ago

Superseded by #125.