Skip to content

build(deps): bump authlib from 1.6.9 to 1.6.12#240

Merged
kevinbackhouse merged 4 commits into
mainfrom
dependabot/pip/authlib-1.6.12
May 22, 2026
Merged

build(deps): bump authlib from 1.6.9 to 1.6.12#240
kevinbackhouse merged 4 commits into
mainfrom
dependabot/pip/authlib-1.6.12

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 13, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps authlib from 1.6.9 to 1.6.12.

Release notes

Sourced from authlib's releases.

v1.6.12

v1.6.11

Full Changelog: authlib/authlib@v1.6.10...v1.6.11

  • Fix CSRF issue with starlette client

v1.6.10

Full Changelog: authlib/authlib@v1.6.9...v1.6.10

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Changelog

Sourced from authlib's changelog.

Version 1.6.12

Released on may 4, 2026

  • Fix redirecting to unvalidated redirect_uri on InvalidScopeError in OpenIDImplicitGrant and OpenIDHybridGrant.

Version 1.6.11

Released on Apr 16, 2026

  • Fix CSRF vulnerability in the Starlette OAuth client when a cache is configured.

Version 1.6.10

Released on Apr 13, 2026

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Commits
  • e46e515 chore: bump to 1.6.12
  • 9babc13 fix: redirecting to unvalidated redirect_uri on InvalidScopeError in OIDC grants
  • 0dc0e5b chore: bump to 1.6.11
  • aa7b8e4 Merge commit from fork
  • 401a770 fix: CSRF issue with starlette client
  • ef09aeb chore: release 1.6.10
  • 3be0846 fix: redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 13, 2026
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 13, 2026
@dependabot dependabot Bot added the python Pull requests that update python code label May 13, 2026
@dependabot dependabot Bot mentioned this pull request May 13, 2026
Closed
@dependabot dependabot Bot force-pushed the dependabot/pip/authlib-1.6.12 branch from fcccbf0 to 37c7221 Compare May 14, 2026 16:51
@dependabot
build(deps): bump authlib from 1.6.9 to 1.6.12
4f38ceb 
Bumps [authlib](https://github.com/authlib/authlib) from 1.6.9 to 1.6.12.
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/1.6.12/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.9...1.6.12)

---
updated-dependencies:
- dependency-name: authlib
  dependency-version: 1.6.12
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/authlib-1.6.12 branch from 37c7221 to 4f38ceb Compare May 19, 2026 09:47
@kevinbackhouse kevinbackhouse merged commit 8afbdc7 into main May 22, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/authlib-1.6.12 branch May 22, 2026 12:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kevinbackhouse kevinbackhouse kevinbackhouse approved these changes

@m-y-mo m-y-mo Awaiting requested review from m-y-mo

@p- p- Awaiting requested review from p- p- is a code owner

@JarLob JarLob Awaiting requested review from JarLob JarLob is a code owner

@sylwia-budzynska sylwia-budzynska Awaiting requested review from sylwia-budzynska sylwia-budzynska is a code owner

@Kwstubbs Kwstubbs Awaiting requested review from Kwstubbs Kwstubbs is a code owner

@anticomputer anticomputer Awaiting requested review from anticomputer anticomputer is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kevinbackhouse