Bump fruitcake/laravel-cors from 1.0.6 to 2.0.2

[dependabot-preview]

Bumps fruitcake/laravel-cors from 1.0.6 to 2.0.2.

Release notes

Sourced from fruitcake/laravel-cors's releases.

Support Laravel 8

Add support for Laravel 8, drop unsupported versions.

Use reflective headers/methods

Uses v2.0.1 of stack-cors, re-enables reflective headers instead of wildcards.

v2.0 (2020-05-11)

asm89/stack-cors 2.x is now used, with these notable changes:

Added

• CORS headers are better cachable now, with correct Vary headers (#asm89/stack-cors#70, #asm89/stack-cors#74)

Changed

• CORS headers are added to non-Origin requests when possible (#asm89/stack-cors#73)
• Requests are no longer blocked by the server, only by the browser (#asm89/stack-cors#70)

Add headers with Event Listener

No release notes provided.

Update max_age check, improve tests

No release notes provided.

Update to v2

• Don't block CORS requests in Laravel, leave it to the browser
• Update Vary headers for better caching
• Use static/cacheable headers when possible

Changelog

Sourced from fruitcake/laravel-cors's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

v2.0 (2020-05-11)

asm89/stack-cors 2.x is now used, with these notable changes:

Added

• CORS headers are better cachable now, with correct Vary headers (#asm89/stack-cors#70, #asm89/stack-cors#74)

Changed

• CORS headers are added to non-Origin requests when possible (#asm89/stack-cors#73)
• Requests are no longer blocked by the server, only by the browser (#asm89/stack-cors#70)

v1.0 (2019-12-27)

Breaking changes

• Adding the middleware on Route groups is no longer supported. You can use the new paths option to match your routes
• The config file has been changed from camelCase to snake_case, please update your own config.
• The deprecated Lumen ServiceProvider has been removed.
• There is no need to manually configure the cors config in Lumen.

Added

• The paths option is added to match certain routes only, while still using global middleware. This allows for better error handling.

v0.11.0 (2017-12-xx)

Breaking changes

• The wildcard matcher is changed. You can use allowedOriginPatterns for your own patterns, or simple wildcards in the normal origins. Eg. *.laravel.com should still work.

v0.9.0 (2016-03-2017)

Breaking changes

• The cors alias is no longer added by default. Use the full class or add the alias yourself.
• The Lumen ServiceProvider has been removed. Both Laravel and Lumen should use Barryvdh\Cors\ServiceProvider::class.
• Barryvdh\Cors\Stack\CorsService moves to \Barryvdh\Cors\CorsService (namespace changed).
• Barryvdh\Cors@addActualRequestHeaders will automatically attached when Exception occured.

Added

• Better error-handling when exceptions occur.
• A lot of tests, also on older Laravel versions.

Commits

• 4b19bfc Support Laravel 8 (#495)
• f12db78 Avoid duplicate tests (#492)
• c1a83e8 Test Laravel 8 (#491)
• d24d345 Update readme.md
• 3dcfa0c Update readme.md
• 2fe92f6 Update docs and tests to reflect that Origin header always contains scheme (#...
• a19569a Update wildcard comments in config file (#470)
• 64fd49e Clarify position
• 0c60ec6 Update readme.md
• 1bd392e Common problems
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Looks like fruitcake/laravel-cors is no longer updatable, so this is no longer needed.