devfaq
devfaq copied to clipboard
typeofweb-org
chore(deps): bump @fastify/oauth2 from 7.0.0 to 7.2.0
Bumps @fastify/oauth2 from 7.0.0 to 7.2.0.
Release notes
Sourced from @fastify/oauth2's releases.
v7.2.0
Full Changelog: https://github.com/fastify/fastify-oauth2/compare/v7.1.1...v7.2.0
⚠️ Security Release ⚠️
This release fixes CVE-2023-31999 GHSA-g8x5-p9qc-cf95.
v7.2.0 changes the default behavior to store the OAuth2
statein a cookie with thehttp-onlyandsame-site=laxattributes set. The state is now by default generated for every user.Note that this contains a breaking change in the
checkStateFunctionfunction, which now accepts the fullRequestobject.v7.1.1
What's Changed
- build(deps-dev): bump
@types/nodefrom 18.16.6 to 20.1.1 by@dependabotin fastify/fastify-oauth2#204- docs: Update README.md with revised information by
@rojandahalin fastify/fastify-oauth2#207- fixes #198 - change bearer to Bearer to match spec by
@dancastilloin fastify/fastify-oauth2#208New Contributors
@rojandahalmade their first contribution in fastify/fastify-oauth2#207@dancastillomade their first contribution in fastify/fastify-oauth2#208Full Changelog: https://github.com/fastify/fastify-oauth2/compare/v7.1.0...v7.1.1
v7.1.0
What's Changed
- Add note about node types by
@ghostdevvin fastify/fastify-oauth2#199- Fix description for Twitch auth by
@mcollinain fastify/fastify-oauth2#201- ci: only trigger on pushes to main branches by
@Fdawgsin fastify/fastify-oauth2#203- Adds "id_token" property to Token type definition by
@giacomorebonatoin fastify/fastify-oauth2#202New Contributors
@ghostdevvmade their first contribution in fastify/fastify-oauth2#199@mcollinamade their first contribution in fastify/fastify-oauth2#201@giacomorebonatomade their first contribution in fastify/fastify-oauth2#202Full Changelog: https://github.com/fastify/fastify-oauth2/compare/v7.0.1...v7.1.0
v7.0.1
- [Fix] type definition file (fastify/fastify-oauth2#196)
- docs: update Apple OAuth, recommend apple-signin-auth for new apple integrations (fastify/fastify-oauth2#189)
- docs: update on AccessToken object usage (fastify/fastify-oauth2#188)
- build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (fastify/fastify-oauth2#195)
- build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (fastify/fastify-oauth2#192)
- build(deps-dev): bump tsd from 0.25.0 to 0.26.0 (fastify/fastify-oauth2#191)
- build(deps-dev): bump tsd from 0.24.1 to 0.25.0 (fastify/fastify-oauth2#186)
- chore(.gitignore): add bun lockfile (fastify/fastify-oauth2#190
- chore(.gitignore): add clinic (fastify/fastify-oauth2#187)
Commits
b97cc9dBumped v7.2.0bff756bMerge pull request from GHSA-g8x5-p9qc-cf9585c1057Bumped v7.1.19abea66fixes #198 - change bearer to Bearer to match spec (#208)e8df9dcdocs: Update README.md with revised information (#207)dfafabebuild(deps-dev): bump@types/nodefrom 18.16.6 to 20.1.1 (#204)53e30b4Bumped v7.1.0fcdadacadd id_token type (#202)74db30fci: only trigger on pushes to main branches (#203)219831dFix description for Twitch auth (#201)- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by matteo.collina, a new releaser for @fastify/oauth2 since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| devfaq | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Aug 3, 2023 6:42am |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
0.0% Duplication
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}