Bump social-auth-core from 4.5.0 to 4.5.1

[dependabot]

Bumps social-auth-core from 4.5.0 to 4.5.1.

Release notes

Sourced from social-auth-core's releases.

Release 4.5.1

Changed

• OpenID Connect skips at_hash validation when missing
• redirect_name is now passed to backend on do_complete
• next is preserved through SAML RelayState
• Add Discogs backend
• Add BitbucketDataCenterOAuth2 backend
• Keycloak's ID_KEY is no longer configurable (it never worked)

Changelog

Sourced from social-auth-core's changelog.

4.5.1 - 2023-11-29

Changed

• OpenID Connect skips at_hash validation when missing
• redirect_name is now passed to backend on do_complete
• next is preserved through SAML RelayState
• Add Discogs backend
• Add BitbucketDataCenterOAuth2 backend
• Keycloak's ID_KEY is no longer configurable (it never worked)

Commits

• f1b9fa5 Version bump 4.5.1
• 0925304 Revert "Make Keycloak's ID_KEY configurable"
• 51ff887 feat: add new backend BitbucketDataCenterOAuth2 (#856)
• a670659 [pre-commit.ci] pre-commit autoupdate
• 1025578 Create a backend for OAuth1 connection to Discogs
• fcc6894 Merge pull request #851 from RJPercival/next_url_in_relay_state
• b631796 Pass "next" URL through SAML RelayState
• 0d629f4 Pass redirect_name from do_complete action to Backend
• b9d9937 Use shared templates from the .github repo
• 2f08a38 Add documentation to PR checklist
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dryrunsecurity]

Contextual Security Analysis

As DryRun Security performs checks, we’ll summarize them here. You can always dive into the results in the section below for checks.

Status	DryRun Security Check
✅	Configured Sensitive Files Check
✅	AI-powered Sensitive Files Check

Chat with your AI-powered Security Buddy by typing /dryrunsec: (or /drs:) followed by your question. Example: /dryrunsec: From a security perspective, what are some sensitive files in an Express application?

Install and configure more repositories at DryRun Security

[mtesauro]

Approved