MyFinances
MyFinances copied to clipboard
TreyWW
chore(deps-dev): bump social-auth-app-django from 5.4.1 to 5.6.0
Bumps social-auth-app-django from 5.4.1 to 5.6.0.
Release notes
Sourced from social-auth-app-django's releases.
5.6.0
Changed
- Fixed possibly unsafe account association (CVE-2025-61783)
- Storage now filters for active users
Added
- Django 6.0 and Python 3.14 compatibility
- Type annotations
- LoginRequiredMiddleware compatibility
RAISE_EXCEPTIONSandLOGIN_ERROR_URLcan be configured per backendRelease 5.5.1
Changed
- Fixed authentication with OpenID based services
Donations
This project welcomes donations to make the development sustainable, you can fund Python Social Auth on the following platforms:
Release 5.5.0
Changed
- Dropped support for older Django versions.
- Added non-empty constraint on
uid.- Added support for session restore with stricter SameSite cookie policy.
Donations
This project welcomes donations to make the development sustainable, you can fund Python Social Auth on the following platforms:
Release 5.4.3
What's Changed
- deps: Update supported Python versions by
@a-grealishin python-social-auth/social-app-django#621- Fixed rollback of extra_data migration by
@niklas-scholzin python-social-auth/social-app-django#626- Modernize the build by
@offbyonein python-social-auth/social-app-django#641- fix(ci): test django main only on Python 3.12+ by
@nijelin python-social-auth/social-app-django#647- chore: test against Django 5.1 and 5.2 by
@nijelin python-social-auth/social-app-django#656- chore: remove requirements files by
@nijelin python-social-auth/social-app-django#657- chore: update tox envlist by
@nijelin python-social-auth/social-app-django#658- chore: Version bump 5.4.3 by
@nijelin python-social-auth/social-app-django#659
... (truncated)
Changelog
Sourced from social-auth-app-django's changelog.
5.6.0 - 2025-10-09
Changed
- Fixed possibly unsafe account association (CVE-2025-61783)
- Storage now filters for active users
Added
- Django 6.0 and Python 3.14 compatibility
- Type annotations
- LoginRequiredMiddleware compatibility
RAISE_EXCEPTIONSandLOGIN_ERROR_URLcan be configured per backend5.5.1 - 2025-06-27
Changed
- Fixed authentication with OpenID based services
5.5.0 - 2025-06-27
Changed
- Dropped support for older Django versions.
- Added non-empty constraind on
uid.- Added support for session restore with stricter SameSite cookie policy.
5.4.3 - 2025-02-13
Changed
- Tested with recent Django and Python
- Modernized build system
- Fixed rollback of migrations
5.4.2 - 2024-07-12
Changed
- Fixed
UserSocialAuthcreation by allowingJSONFieldto be blank- Fixed the assumption that UID can only be an integer (#571)
- Fixed revert of migration
0013_migrate_extra_data.py
Commits
d1256b8chore: release 5.6.0ad7154ffeat: test with Python 3.14 and Django 6.0b0cacdbfix(deps): update dependency django-stubs to v5.2.7 (#817)b38830bfix(deps): update dependency django-stubs-ext to v5.2.7 (#818)598056echore(deps): update github/codeql-action action to v4 (#816)6b6cf28chore(deps): update astral-sh/setup-uv action to v7 (#815)08285a3chore(deps): update pre-commit hook astral-sh/ruff-pre-commit to v0.14.0 (#814)1406696chore(deps): update github/codeql-action action to v3.30.7 (#813)2432af5feat: allow to override RAISE_EXCEPTIONS and LOGIN_ERROR_URL per backend (#812)47dd0a9Fix linting issues in storage integration tests- Additional commits viewable in compare view
You can trigger a rebase of this PR by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
Dependency Review
✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF Scorecard
| Package | Version | Score | Details | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| pip/social-auth-app-django | 5.6.0 | :green_circle: 8.3 | Details
|
Scanned Files
- poetry.lock
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
