Skip to content

core: bump webauthn from 1.10.1 to 1.11.0#7021

Merged
BeryJu merged 1 commit intomainfrom
dependabot/pip/webauthn-1.11.0
Oct 2, 2023
Merged

core: bump webauthn from 1.10.1 to 1.11.0#7021
BeryJu merged 1 commit intomainfrom
dependabot/pip/webauthn-1.11.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 2, 2023

Bumps webauthn from 1.10.1 to 1.11.0.

Release notes

Sourced from webauthn's releases.

v1.11.0

Changes:

  • The credential argument in verify_registration_response() and verify_authentication_response() can now also be a stringified JSON str or a plain JSON dict version of a WebAuthn response (#172, #178)
  • Various methods will now raise webauthn.helpers.exceptions.InvalidCBORData when there is a problem parsing CBOR-encoded data (#179)
  • Updated dependencies to cbor2==5.4.6 and cryptography==41.0.4 (#178)
Changelog

Sourced from webauthn's changelog.

v1.11.0

Changes:

  • The credential argument in verify_registration_response() and verify_authentication_response() can now also be a stringified JSON str or a plain JSON dict version of a WebAuthn response (#172, #178)
  • Various methods will now raise webauthn.helpers.exceptions.InvalidCBORData when there is a problem parsing CBOR-encoded data (#179)
  • Updated dependencies to cbor2==5.4.6 and cryptography==41.0.4 (#178)
Commits
  • efc5345 Update CHANGELOG for v1.11.0
  • e94beac Bump version to v1.11.0
  • e94d88f Merge pull request #179 from duo-labs/176-better-cbor-parsing-error-handling
  • 6f28bcf Add new unit test
  • c531ab0 Use parse_cbor over cbor2.loads
  • b75daf8 Create new parse_cbor to encapsulate cbor2 usage
  • ead0833 Merge pull request #178 from duo-labs/prepare-for-next-release
  • e8f9ed4 Fix typo in comment
  • 7f16d4d Fix mypy issue related to FieldValidationInfo
  • ab681ea Update pydantic libs
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
core: bump webauthn from 1.10.1 to 1.11.0
64e9cf5 
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.10.1 to 1.11.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](duo-labs/py_webauthn@v1.10.1...v1.11.0)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner October 2, 2023 04:41
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 2, 2023
@netlify
Copy link

netlify bot commented Oct 2, 2023
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit 64e9cf5
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/651a49e6a10ece0008ab6f48

@codecov
Copy link

codecov bot commented Oct 2, 2023
edited
Loading

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (d55c0c1) 92.70% compared to head (64e9cf5) 92.71%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7021      +/-   ##
==========================================
+ Coverage   92.70%   92.71%   +0.01%     
==========================================
  Files         567      567              
  Lines       27965    27965              
==========================================
+ Hits        25923    25925       +2     
+ Misses       2042     2040       -2
Flag Coverage Δ
e2e 51.12% <ø> (+0.01%) ⬆️
integration 26.27% <ø> (ø)
unit 89.60% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@BeryJu BeryJu merged commit 202b715 into main Oct 2, 2023
@BeryJu BeryJu deleted the dependabot/pip/webauthn-1.11.0 branch October 2, 2023 09:26
kensternberg-authentik added a commit that referenced this pull request Oct 2, 2023
@kensternberg-authentik
Merge branch 'main' into web/wdio-2
84cbbc6 
* main:
  web/admin: use <pre> for order field on bound elements (#7031)
  blueprints: fix mismatched user-login stage order (#7030)
  stages/email: rework email templates (#7029)
  website/docs: add notice for nginx ingress configuration requirement (#7027)
  translate: Updates for web/xliff/en.xlf in fr
  web: locales: rename fr_FR to fr to match transifex
  events: fix error when storing events with date/time/datetime/etc (#7028)
  stages/invitation: fix mis-matched serializer class for invitation (#7018)
  web: bump mermaid from 10.4.0 to 10.5.0 in /web (#7026)
  web: bump core-js from 3.32.2 to 3.33.0 in /web (#7020)
  core: bump webauthn from 1.10.1 to 1.11.0 (#7021)
  core: bump pylint from 2.17.6 to 2.17.7 (#7022)
  core: bump django-redis from 5.3.0 to 5.4.0 (#7023)
  core: bump packaging from 23.1 to 23.2 (#7024)
kensternberg-authentik added a commit that referenced this pull request Oct 2, 2023
@kensternberg-authentik
Merge branch 'main' into application-wizard-2-with-api-and-tests
f564c9d 
* main: (23 commits)
  web/admin: use <pre> for order field on bound elements (#7031)
  blueprints: fix mismatched user-login stage order (#7030)
  stages/email: rework email templates (#7029)
  website/docs: add notice for nginx ingress configuration requirement (#7027)
  translate: Updates for web/xliff/en.xlf in fr
  web: locales: rename fr_FR to fr to match transifex
  events: fix error when storing events with date/time/datetime/etc (#7028)
  stages/invitation: fix mis-matched serializer class for invitation (#7018)
  web: bump mermaid from 10.4.0 to 10.5.0 in /web (#7026)
  web: bump core-js from 3.32.2 to 3.33.0 in /web (#7020)
  core: bump webauthn from 1.10.1 to 1.11.0 (#7021)
  core: bump pylint from 2.17.6 to 2.17.7 (#7022)
  core: bump django-redis from 5.3.0 to 5.4.0 (#7023)
  core: bump packaging from 23.1 to 23.2 (#7024)
  web/admin: invitation stage: default "continue without invitation" to false
  core: bump pydantic from 2.4.1 to 2.4.2 (#7014)
  website: bump postcss from 8.4.30 to 8.4.31 in /website (#7015)
  internal: fix redis session store (#7011)
  web: bump rollup from 3.29.3 to 3.29.4 in /web (#7009)
  core: bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 (#7007)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BeryJu BeryJu BeryJu approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BeryJu