Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency oauth2client to v1.4.12 - autoclosed #8

Closed
wants to merge 1 commit into from
Closed

Update dependency oauth2client to v1.4.12 - autoclosed #8

wants to merge 1 commit into from

Conversation

dev-mend-for-github-com[bot]
Copy link

@dev-mend-for-github-com dev-mend-for-github-com bot commented Dec 14, 2022
edited

This PR contains the following updates:

Package Update Change
oauth2client minor ==1.3 -> ==1.4.12

By merging this PR, the issue #7 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 CVE-2020-13757
Medium Medium 5.9 CVE-2020-25658
Medium Medium 4.0 WS-2012-0012

Release Notes

google/oauth2client

v1.4.12

Compare Source

  • Fix OS X flaky test failure (#​189).
  • Fix broken OpenSSL import (#​191).
  • Remove @util.positional from wrapped request in Credentials.authorize()
    (#​196, #​197).
  • Changing pinned dependencies to >= (#​200, #​204).
  • Support client authentication using Authorization header (#​206).
  • Clarify environment check in case where GAE imports succeed but GAE services
    aren't available (#​208).

v1.4.11

Compare Source

  • Better environment detection with Managed VMs.
  • Better OpenSSL detection in exotic environments.

v1.4.10

Compare Source

  • Update the OpenSSL check to be less strict about finding crypto.py in
    the OpenSSL directory.
  • tox updates for new environment handling in tox.

v1.4.9

Compare Source

  • Ensure that the ADC fails if we try to write the well-known file to a
    directory that doesn't exist, but not if we try to read from one.

v1.4.8

Compare Source

  • Better handling of body during token refresh when body is a stream.
  • Better handling of expired tokens in storage.
  • Cleanup around openSSL import.
  • Allow custom directory for the well_known_file.
  • Integration tests for python2 and python3. (!!!)
  • Stricter file permissions when saving the well_known_file.
  • Test cleanup around config file locations.

v1.4.7

Compare Source

  • Add support for Google Developer Shell credentials.
  • Better handling of filesystem errors in credential refresh.
  • python3 fixes
  • Add NO_GCE_CHECK for skipping GCE detection.
  • Better error messages on InvalidClientSecretsError.
  • Comment cleanup on run_flow.

v1.4.6

Compare Source

  • Add utility function to convert PKCS12 key to PEM. (#​115)
  • Change GCE detection logic. (#​93)
  • Add a tox env for doc generation.

v1.4.5

Compare Source

  • Set a shorter timeout for an Application Default Credentials issue on some
    networks. (#​93, #​101)
  • Test cleanup, switch from mox to mock. (#​103)
  • Switch docs to sphinx from epydoc.

v1.4.4

Compare Source

  • Fix a bug in bytes/string encoding of headers.

v1.4.3

Compare Source

  • Big thanks to @​dhermes for spotting and fixing a mess in our test setup.

  • Fix a serious issue with tests not being run. (#​86, #​87, #​89)

  • Start credentials cleanup for single 2LO/3LO call. (#​83, #​84)

  • Clean up stack traces when re-raising in some places. (#​79)

  • Clean up doc building. (#​81, #​82)

  • Fixed minimum version for six dependency. (#​75)

v1.4.2

Compare Source

  • Several small bugfixes related to six/py3 support.

v1.4.1

Compare Source

  • Fix OS X flaky test failure (#​189).
  • Fix broken OpenSSL import (#​191).
  • Remove @util.positional from wrapped request in Credentials.authorize()
    (#​196, #​197).
  • Changing pinned dependencies to >= (#​200, #​204).
  • Support client authentication using Authorization header (#​206).
  • Clarify environment check in case where GAE imports succeed but GAE services
    aren't available (#​208).

v1.4

Compare Source

  • Fix OS X flaky test failure (#​189).
  • Fix broken OpenSSL import (#​191).
  • Remove @util.positional from wrapped request in Credentials.authorize()
    (#​196, #​197).
  • Changing pinned dependencies to >= (#​200, #​204).
  • Support client authentication using Authorization header (#​206).
  • Clarify environment check in case where GAE imports succeed but GAE services
    aren't available (#​208).

v1.3.2

Compare Source

  • Quick bugfix for an issue with dict-like arguments to flow.step2_exchange,
    which is common in some environments (such as GAE).

v1.3.1

Compare Source

  • Quick bugfix for bad error handling in from_json.
  • If you want to rebase/retry this PR, check this box

@dev-mend-for-github-com dev-mend-for-github-com bot added the security fix Security fix generated by Mend label Dec 14, 2022
@dev-mend-for-github-com
Copy link
Author

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 Update dependency oauth2client to v1.4.12 - autoclosed Feb 11, 2023
@dev-mend-for-github-com dev-mend-for-github-com bot deleted the whitesource-remediate/oauth2client-1.x branch February 11, 2023 15:15
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 - autoclosed Update dependency oauth2client to v1.4.12 Feb 12, 2023
@dev-mend-for-github-com dev-mend-for-github-com bot restored the whitesource-remediate/oauth2client-1.x branch February 12, 2023 15:24
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 Update dependency oauth2client to v1.4.12 - autoclosed Mar 18, 2023
@dev-mend-for-github-com dev-mend-for-github-com bot deleted the whitesource-remediate/oauth2client-1.x branch March 18, 2023 20:57
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 - autoclosed Update dependency oauth2client to v1.4.12 Mar 19, 2023
@dev-mend-for-github-com dev-mend-for-github-com bot restored the whitesource-remediate/oauth2client-1.x branch March 19, 2023 21:00
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 Update dependency oauth2client to v1.4.12 - autoclosed Apr 25, 2023
@dev-mend-for-github-com dev-mend-for-github-com bot deleted the whitesource-remediate/oauth2client-1.x branch April 25, 2023 12:27
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 - autoclosed Update dependency oauth2client to v1.4.12 Apr 25, 2023
@dev-mend-for-github-com dev-mend-for-github-com bot force-pushed the whitesource-remediate/oauth2client-1.x branch from 2978bca to 711f8fe Compare April 25, 2023 12:53
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency oauth2client to v1.4.12 Update dependency oauth2client to v1.4.12 - autoclosed May 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants