Skip to content

build(deps): bump authlib from 1.6.9 to 1.6.12#240

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/authlib-1.6.12
Open

build(deps): bump authlib from 1.6.9 to 1.6.12#240
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/authlib-1.6.12

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 13, 2026
edited
Loading

Bumps authlib from 1.6.9 to 1.6.12.

Release notes

Sourced from authlib's releases.

v1.6.12

v1.6.11

Full Changelog: authlib/authlib@v1.6.10...v1.6.11

  • Fix CSRF issue with starlette client

v1.6.10

Full Changelog: authlib/authlib@v1.6.9...v1.6.10

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Changelog

Sourced from authlib's changelog.

Version 1.6.12

Released on may 4, 2026

  • Fix redirecting to unvalidated redirect_uri on InvalidScopeError in OpenIDImplicitGrant and OpenIDHybridGrant.

Version 1.6.11

Released on Apr 16, 2026

  • Fix CSRF vulnerability in the Starlette OAuth client when a cache is configured.

Version 1.6.10

Released on Apr 13, 2026

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Commits
  • e46e515 chore: bump to 1.6.12
  • 9babc13 fix: redirecting to unvalidated redirect_uri on InvalidScopeError in OIDC grants
  • 0dc0e5b chore: bump to 1.6.11
  • aa7b8e4 Merge commit from fork
  • 401a770 fix: CSRF issue with starlette client
  • ef09aeb chore: release 1.6.10
  • 3be0846 fix: redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 13, 2026
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 13, 2026
@dependabot dependabot Bot added the python Pull requests that update python code label May 13, 2026
@dependabot dependabot Bot mentioned this pull request May 13, 2026
Closed
@dependabot dependabot Bot force-pushed the dependabot/pip/authlib-1.6.12 branch from fcccbf0 to 37c7221 Compare May 14, 2026 16:51
@dependabot
build(deps): bump authlib from 1.6.9 to 1.6.12
4f38ceb 
Bumps [authlib](https://github.com/authlib/authlib) from 1.6.9 to 1.6.12.
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/1.6.12/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.9...1.6.12)

---
updated-dependencies:
- dependency-name: authlib
  dependency-version: 1.6.12
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/authlib-1.6.12 branch from 37c7221 to 4f38ceb Compare May 19, 2026 09:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@m-y-mo m-y-mo Awaiting requested review from m-y-mo

@p- p- Awaiting requested review from p- p- is a code owner

@JarLob JarLob Awaiting requested review from JarLob JarLob is a code owner

@kevinbackhouse kevinbackhouse Awaiting requested review from kevinbackhouse kevinbackhouse is a code owner

@sylwia-budzynska sylwia-budzynska Awaiting requested review from sylwia-budzynska sylwia-budzynska is a code owner

@Kwstubbs Kwstubbs Awaiting requested review from Kwstubbs Kwstubbs is a code owner

@anticomputer anticomputer Awaiting requested review from anticomputer anticomputer is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants