Update social-auth-core requirement from >=3.3.0 to >=4.8.7

[dependabot]

Updates the requirements on social-auth-core to permit the latest version.

Release notes

Sourced from social-auth-core's releases.

4.8.7

Added

• OpenID Connect backends can now opt in to PKCE support

Changed

• PKCE defaults now match RFC 7636 requirements

Security

• Tightened redirect URL validation
• Tightened OAuth state handling for Clever, Eventbrite, GoClio, MailChimp, SurveyMonkey and Untappd backends
• SAML authentication now restores saved sessions only after response validation

Changelog

Sourced from social-auth-core's changelog.

4.8.7 - 2026-04-23

Added

• OpenID Connect backends can now opt in to PKCE support

Changed

• PKCE defaults now match RFC 7636 requirements

Security

• Tightened redirect URL validation
• Tightened OAuth state handling for Clever, Eventbrite, GoClio, MailChimp, SurveyMonkey and Untappd backends
• SAML authentication now restores saved sessions only after response validation

4.8.6 - 2026-04-20

Changed

• storage.UserProtocol now supports read-only attributes for better type-checker compatibility
• Improved type annotations and enabled mypy type checking in CI

Fixed

• sanitize_redirect() now handles invalid redirect values that raise ValueError
• Fixed timezone handling when working with dates

Security

• Require PyJWT >= 2.12.0 to address CVE-2026-32597

4.8.5 - 2026-02-10

Changed

• Fixed partial pipeline handling for unauthenticated users

4.8.4 - 2026-02-10

Changed

• Improved type annotations
• Code cleanups
• Improved error handling in SAML

Added

• Add Azure AD(Entra ID) federated client assertion support (FIC)

... (truncated)

Commits

• caed978 chore: release 4.8.7
• 7a5e650 fix(deps): update dependency pyright to v1.1.409 (#1688)
• e2d5409 fix(utils): improve redirect URL validation
• f66f8c2 fix(backends): tighten OAuth state handling
• 8d7a8b3 fix(utils): tighten URL validation
• be0733b fix(saml): restore session after validating response
• 4671231 update PKCE default code settings to match RFC
• d902fab feat(backend): add opt-in PKCE support of OIDC
• b52ac8c fix(deps): update dependency mypy to v1.20.2 (#1678)
• 6037759 fix(deps): update dependency ty to v0.0.32 (#1677)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)