Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update requests-oauthlib requirement from <2,>=0.3.0 to >=0.3.0,<3 #354

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 18, 2024

Updates the requirements on requests-oauthlib to permit the latest version.

Changelog

Sourced from requests-oauthlib's changelog.

v2.0.0 (22 March 2024) ++++++++++++++++++++++++

Full set of changes are in github.

Additions & changes:

  • OAuth2Session now correctly uses the self.verify value if verify is not overridden in fetch_token and refresh_token. Fixes [#404](https://github.com/requests/requests-oauthlib/issues/404) <https://github.com/requests/requests-oauthlib/issues/404>_.
  • OAuth2Session constructor now uses its client.scope when a client is provided and scope is not overridden. Fixes [#408](https://github.com/requests/requests-oauthlib/issues/408) <https://github.com/requests/requests-oauthlib/issues/408>_
  • Add refresh_token_request and access_token_request compliance hooks
  • Add PKCE support and Auth0 example
  • Add support for Python 3.8-3.12
  • Remove support of Python 2.x, <3.7
  • Migrated to Github Action
  • Updated dependencies
  • Cleanup some docs and examples

v1.4.0 (27 Feb 2024) ++++++++++++++++++++++++

  • Version 2.0.0 published initially as 1.4.0, it was yanked eventually.

v1.3.1 (21 January 2022) ++++++++++++++++++++++++

  • Add initial support for OAuth Mutual TLS (draft-ietf-oauth-mtls)
  • Removed outdated LinkedIn Compliance Fixes
  • Add eBay compliance fix
  • Add Spotify OAuth 2 Tutorial
  • Add support for python 3.8, 3.9
  • Fixed LinkedIn Compliance Fixes
  • Fixed ReadTheDocs Documentation and sphinx errors
  • Moved pipeline to GitHub Actions

v1.3.0 (6 November 2019) ++++++++++++++++++++++++

  • Instagram compliance fix
  • Added force_querystring argument to fetch_token() method on OAuth2Session

v1.2.0 (14 January 2019) ++++++++++++++++++++++++

  • This project now depends on OAuthlib 3.0.0 and above. It does not support versions of OAuthlib before 3.0.0.
  • Updated oauth2 tests to use 'sess' for an OAuth2Session instance instead of auth

... (truncated)

Commits
  • 7af9125 Merge pull request #534 from iliakur/patch-1
  • 90352e4 Merge pull request #537 from requests/2.0.0
  • a09d0ab Update 1.4.0 into 2.0.0 to be semver compliant.
  • d96b740 Added package file
  • 3109c26 simplify python_requires expression
  • 1c5cea7 python_requires gt 2.7
  • a53457e Drop py2 support from the wheel
  • eee74a2 Merge pull request #529 from dosisod/drop-python2-support
  • ed578f1 Merge pull request #530 from requests/autotest
  • 6cdf982 Automated tests for examples in docs
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [requests-oauthlib](https://github.com/requests/requests-oauthlib) to permit the latest version.
- [Release notes](https://github.com/requests/requests-oauthlib/releases)
- [Changelog](https://github.com/requests/requests-oauthlib/blob/master/HISTORY.rst)
- [Commits](requests/requests-oauthlib@v0.3.0...v2.0.0)

---
updated-dependencies:
- dependency-name: requests-oauthlib
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Aug 18, 2024
@freakboy3742 freakboy3742 merged commit 7b093c2 into main Aug 18, 2024
6 checks passed
@dependabot dependabot bot deleted the dependabot/pip/requests-oauthlib-gte-0.3.0-and-lt-3 branch August 18, 2024 22:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant