Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump django-allauth from 0.54.0 to 0.63.2 #575

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 26, 2024

Bumps django-allauth from 0.54.0 to 0.63.2.

Changelog

Sourced from django-allauth's changelog.

0.63.2 (2024-05-24)


Note worthy changes

  • allauth.headless now supports the is_open_for_signup() adapter method. In case signup is closed, a 403 is returned during signup.

  • Connecting a third-party account in HEADLESS_ONLY mode failed if the connections view could not be reversed, fixed.

  • In case a headless attempt was made to connect a third-party account that was already connected to a different account, no error was communicated to the frontend. Fixed.

  • When the headless provider signup endpoint was called while that flow was not pending, a crash would occur. This has been fixed to return a 409 (conflict).

  • Microsoft provider: the URLs pointing to the login and graph API are now configurable via the app settings.

0.63.1 (2024-05-17)


Note worthy changes

  • When only allauth.account was installed, you could run into an exception stating "allauth.socialaccount not installed, yet its models are imported.". This has been fixed.

  • When SOCIALACCOUNT_EMAIL_AUTHENTICATION was turned on, and a user would connect a third-party account for which email authentication would kick in, the connect was implicitly skipped. Fixed.

  • The recommendation from the documentation to protect the Django admin login could cause an infinite redirect loop in case of AUTHENTICATED_LOGIN_REDIRECTS. A decorator secure_admin_login() is now offered out of the box to ensure that the Django admin is properly secured by allauth (e.g. rate limits, 2FA).

  • Subpackages from the tests package were packaged, fixed.

0.63.0 (2024-05-14)


Note worthy changes

... (truncated)

Commits
  • 5d21115 chore: Release 0.63.2
  • 03779ae chore(i18n): Translations
  • 51ae70e fix(kakao): Change deprecated properties to profile information
  • 92c1918 feat(microsoft): Configurable endpoints
  • dba724d docs(signals): Add note when social_account_added is called
  • 2a8ebc7 fix(headless): Provider signup called while not pending
  • 891c6fa feat(atlassian): add user's name as account string representation
  • 6ca37d7 fix(templates): errors not renderered on individual field
  • 1c8b41f fix(examples): Don't depend on outdated version
  • 2f0cfeb docs(examples): README typ-o
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [django-allauth](https://github.com/pennersr/django-allauth) from 0.54.0 to 0.63.2.
- [Changelog](https://github.com/pennersr/django-allauth/blob/main/ChangeLog.rst)
- [Commits](pennersr/django-allauth@0.54.0...0.63.2)

---
updated-dependencies:
- dependency-name: django-allauth
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 26, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github May 31, 2024

Superseded by #586.

@dependabot dependabot bot closed this May 31, 2024
@dependabot dependabot bot deleted the dependabot/pip/django-allauth-0.63.2 branch May 31, 2024 23:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants