Bump requests-oauthlib from 1.3.1 to 2.0.0

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps requests-oauthlib from 1.3.1 to 2.0.0.

Changelog

Sourced from requests-oauthlib's changelog.

v2.0.0 (22 March 2024) ++++++++++++++++++++++++

Full set of changes are in github.

Additions & changes:

OAuth2Session now correctly uses the self.verify value if verify is not overridden in fetch_token and refresh_token. Fixes [#404](https://github.com/requests/requests-oauthlib/issues/404) <https://github.com/requests/requests-oauthlib/issues/404>_.

OAuth2Session constructor now uses its client.scope when a client is provided and scope is not overridden. Fixes [#408](https://github.com/requests/requests-oauthlib/issues/408) <https://github.com/requests/requests-oauthlib/issues/408>_

Add refresh_token_request and access_token_request compliance hooks

Add PKCE support and Auth0 example

Add support for Python 3.8-3.12

Remove support of Python 2.x, <3.7

Migrated to Github Action

Updated dependencies

Cleanup some docs and examples

v1.4.0 (27 Feb 2024) ++++++++++++++++++++++++

Version 2.0.0 published initially as 1.4.0, it was yanked eventually.

Commits

7af9125 Merge pull request #534 from iliakur/patch-1
90352e4 Merge pull request #537 from requests/2.0.0
a09d0ab Update 1.4.0 into 2.0.0 to be semver compliant.
d96b740 Added package file
3109c26 simplify python_requires expression
1c5cea7 python_requires gt 2.7
a53457e Drop py2 support from the wheel
eee74a2 Merge pull request #529 from dosisod/drop-python2-support
ed578f1 Merge pull request #530 from requests/autotest
6cdf982 Automated tests for examples in docs
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Nov 05 '24 13:11 dependabot[bot]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Nov 05 '24 13:11 sonarqubecloud[bot]