Skip to content
This repository has been archived by the owner on May 10, 2021. It is now read-only.

Bump doorkeeper from 4.4.1 to 5.0.0 #561

Closed
wants to merge 1 commit into from
Closed

Bump doorkeeper from 4.4.1 to 5.0.0 #561

wants to merge 1 commit into from

Conversation

dependabot-preview[bot]
Copy link
Contributor

@dependabot-preview dependabot-preview bot commented Aug 27, 2018
edited
Loading

Bumps doorkeeper from 4.4.1 to 5.0.0.

Release notes

Sourced from doorkeeper's releases.

v5.0.0

  • [#1127] Change the token_type initials of the Banner Token to uppercase to comply with the RFC6750 specification.

v5.0.0.rc2

  • [#1106] Restrict access to AdminController with 'Forbidden 403' if admin_authenticator is not
    configured by developers..
  • [#1108] Simple formating of callback URLs when listing oauth applications
  • [#1116] AccessGrants will now be revoked along with AccessTokens when
    hitting the AuthorizedApplicationController#destroy route.
  • [#1114] Make token info endpoint's attributes consistent with token creation
  • [#1119] Fix token revocation for OAuth apps using "implicit" grant flow
  • [#1122] Fix AuthorizationsController#new error response to be in JSON format

v5.0.0.rc1

  • [#1103] Allow customizing use_refresh_token
  • [#1089] Removed enable_pkce_without_secret configuration option
  • [#1102] Expiration time based on scopes
  • [#1099] All the configuration variables in Doorkeeper.configuration now
    always return a non-nil value (true or false)
  • [#1099] ORM / Query optimization: Do not revoke the refresh token if it is not enabled
    in doorkeeper.rb
  • [#996] Expiration Time Base On Grant Type
  • [#997] Allow PKCE authorization_code flow as specified in RFC7636
  • [#907] Fix lookup for matching tokens in certain edge-cases
  • [#992] Add API option to use Doorkeeper without management views for API only
    Rails applications (api_only)
  • [#1045] Validate redirect_uri as the native URI when making authorization code requests
  • [#1048] Remove deprecated Doorkeeper#configured?, Doorkeeper#database_installed?, and
    Doorkeeper#installed? method
  • [#1031] Allow public clients to authenticate without client_secret. Define an app as
    either public or private/confidential
  • [#1010] Add configuration to enforce configured scopes (default_scopes and
    optional_scopes) for applications
  • [#1060] Ensure that the native redirect_uri parameter matches with redirect_uri of the client
  • [#1064] Add :before_successful_authorization and :after_successful_authorization hooks
  • [#1069] Upgrade Bootstrap to 4 for Admin
  • [#1068] Add rake task to cleanup databases that can become large over time
  • [#1072] AuthorizationsController: Memoize strategy.authorize_response result to enable
    subclasses to use the response object.
  • [#1075] Call before_successful_authorization and after_successful_authorization hooks
    on create action as well as new
  • [#1082] Fix #916: remember routes mapping and use it required places (fix error with
    customized Token Info route).
  • [#1086, #1088] Fix bug with receiving default scopes in the token even if they are
    not present in the application scopes (use scopes intersection).
  • [#1076] Add config to enforce content type to application/x-www-form-urlencoded
  • Fix bug with force_ssl_in_redirect_uri when it breaks existing applications with an
    SSL redirect_uri.

v4.4.2

... (truncated)
Changelog

Sourced from doorkeeper's changelog.

5.0.0

  • [#1127] Change the token_type initials of the Banner Token to uppercase to comply with the RFC6750 specification.

5.0.0.rc2

  • [#1106] Restrict access to AdminController with 'Forbidden 403' if admin_authenticator is not
    configured by developers..
  • [#1108] Simple formating of callback URLs when listing oauth applications
  • [#1116] AccessGrants will now be revoked along with AccessTokens when
    hitting the AuthorizedApplicationController#destroy route.
  • [#1114] Make token info endpoint's attributes consistent with token creation
  • [#1119] Fix token revocation for OAuth apps using "implicit" grant flow
  • [#1122] Fix AuthorizationsController#new error response to be in JSON format

5.0.0.rc1

  • [#1103] Allow customizing use_refresh_token
  • [#1089] Removed enable_pkce_without_secret configuration option
  • [#1102] Expiration time based on scopes
  • [#1099] All the configuration variables in Doorkeeper.configuration now
    always return a non-nil value (true or false)
  • [#1099] ORM / Query optimization: Do not revoke the refresh token if it is not enabled
    in doorkeeper.rb
  • [#996] Expiration Time Base On Grant Type
  • [#997] Allow PKCE authorization_code flow as specified in RFC7636
  • [#907] Fix lookup for matching tokens in certain edge-cases
  • [#992] Add API option to use Doorkeeper without management views for API only
    Rails applications (api_only)
  • [#1045] Validate redirect_uri as the native URI when making authorization code requests
  • [#1048] Remove deprecated Doorkeeper#configured?, Doorkeeper#database_installed?, and
    Doorkeeper#installed? method
  • [#1031] Allow public clients to authenticate without client_secret. Define an app as
    either public or private/confidential
  • [#1010] Add configuration to enforce configured scopes (default_scopes and
    optional_scopes) for applications
  • [#1060] Ensure that the native redirect_uri parameter matches with redirect_uri of the client
  • [#1064] Add :before_successful_authorization and :after_successful_authorization hooks
  • [#1069] Upgrade Bootstrap to 4 for Admin
  • [#1068] Add rake task to cleanup databases that can become large over time
  • [#1072] AuthorizationsController: Memoize strategy.authorize_response result to enable
    subclasses to use the response object.
  • [#1075] Call before_successful_authorization and after_successful_authorization hooks
    on create action as well as new
  • [#1082] Fix #916: remember routes mapping and use it required places (fix error with
    customized Token Info route).
  • [#1086, #1088] Fix bug with receiving default scopes in the token even if they are
    not present in the application scopes (use scopes intersection).
  • [#1076] Add config to enforce content type to application/x-www-form-urlencoded
  • Fix bug with force_ssl_in_redirect_uri when it breaks existing applications with an
... (truncated)
Upgrade guide

Sourced from doorkeeper's upgrade guide.

See Upgrade Guides
in the project Wiki.

Commits
  • 4c94445 Prepare 5.0.0 release
  • bd631bc [ci skip] Merge NEWS.md
  • 7044d1f Merge pull request #1131 from salbertson/patch-1
  • 001fb02 Add a "Reviewed by Hound" badge
  • 3471a94 [ci skip] Update NEWS.md with 4.4.1 release
  • c5d27ea Merge pull request #1127 from sequoia-china/fixed/rfc_6750_token_type
  • 9a42b98 Change the token_type initials of the Banner Token to uppercase.
  • 4094aaa Merge pull request #1123 from arsduo/patch-1
  • 6c82384 Add note about Rails CSRF protections
  • 178e86c [ci skip] Release 5.0.0.rc2
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@coveralls
Copy link

coveralls commented Aug 27, 2018
edited
Loading

Coverage Status

Coverage remained the same at 96.203% when pulling 31490a5 on dependabot/bundler/doorkeeper-5.0.0 into 11dde20 on master.

@dependabot-preview dependabot-preview bot force-pushed the dependabot/bundler/doorkeeper-5.0.0 branch from b3cb94d to 31490a5 Compare September 18, 2018 00:26
@dependabot-preview
Copy link
Contributor Author

Superseded by #589.

@dependabot-preview dependabot-preview bot deleted the dependabot/bundler/doorkeeper-5.0.0 branch October 15, 2018 05:47
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies ruby
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@coveralls @dependabot-support