Bump devise_token_auth from 1.0.0 to 1.1.3 #43

dependabot · 2023-03-08T20:10:51Z

Bumps devise_token_auth from 1.0.0 to 1.1.3.

Changelog

Sourced from devise_token_auth's changelog.

v1.1.3 (2019-09-26)

Full Changelog

Fixed bugs:

XSS and Open Redirect #1332

fix(omniauth): fix CVE-2019-16751 #1342 (booleanbetrayal)

Closed issues:

Rails 6.0 #1334

CookieOverflow with #1322

Confirmations controller route error not found #1316

render_create_error not called when no json is provided #929

Merged pull requests:

CI: Use ruby 2.4.7 #1337 (olleolleolle)

CI: Use 2.5.6, 2.6.4 #1336 (olleolleolle)

Allow password reset with token alone #1295 (jkeen)

v1.1.2 (2019-08-24)

Full Changelog

Closed issues:

Make compatible with devise 4.7 #1331

Error after upgrade to Rails 6.0.0 #1329

Documentation link on sidebar is incorrect #1325

Unable to create user with mongodb as ORM #1293

Missing user credential in confirmation redirect url querystring #1292

Merged pull requests:

Fix devise version #1333 (laerciosb)

Skip callback when active record #1330 (enomotodev)

Use param-way version of saved_change_to_encrypted_password #1328 (MaicolBen)

v1.1.1 (2019-08-18)

Full Changelog

Closed issues:

I'm noticing that validate token requests are taking a long time - is there any way to turn down the cost in bcrypt for devise token auth so that the validate token requests are faster? #1326

How do I update a user without a token while using Devise token Auth? #1318

How to register with phone number instead of email as default #1313

uninitialized constant DeviseTokenAuth::Concerns in development. #1312

Change how to update existing user migration #1311

Huge performance downgrade from v0.1.43 to v1.1.0 #1301

Cant log in - #<NoMethodError: undefined method `current_sign_in_at' for #<User:0x000055e053c79c58>> #1300

... (truncated)

Commits

40ad3fe chore(version): bump v1.1.3
3bf9b9b fix(omniauth): fix CVE-2019-16751 (#1342)
b8620bb Allow password reset with token alone (#1295)
6c044c3 CI: Use ruby 2.4.7 (#1337)
fcbd135 CI: Use 2.5.6, 2.6.4 (#1336)
b6915aa Skip callback when active record (#1330)
d934274 Fix devise version (#1333)
2c3a8d8 Use param-way version of saved_change_to_encrypted_password (#1328)
917cdcf Bump version 1.1.1
3198518 Fix token doc links (#1327)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [devise_token_auth](https://github.com/lynndylanhurley/devise_token_auth) from 1.0.0 to 1.1.3. - [Release notes](https://github.com/lynndylanhurley/devise_token_auth/releases) - [Changelog](https://github.com/lynndylanhurley/devise_token_auth/blob/master/CHANGELOG.md) - [Commits](lynndylanhurley/devise_token_auth@v1.0.0...v1.1.3) --- updated-dependencies: - dependency-name: devise_token_auth dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump devise_token_auth from 1.0.0 to 1.1.3 #43

Bump devise_token_auth from 1.0.0 to 1.1.3 #43

dependabot bot commented on behalf of github Mar 8, 2023

Bump devise_token_auth from 1.0.0 to 1.1.3 #43

Are you sure you want to change the base?

Bump devise_token_auth from 1.0.0 to 1.1.3 #43

Conversation

dependabot bot commented on behalf of github Mar 8, 2023

v1.1.3 (2019-09-26)

v1.1.2 (2019-08-24)

v1.1.1 (2019-08-18)