Skip to content

build(deps): bump social-auth-app-django from 5.4.3 to 6.0.0#16150

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/social-auth-app-django-6.0.0
Open

build(deps): bump social-auth-app-django from 5.4.3 to 6.0.0#16150
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/social-auth-app-django-6.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps social-auth-app-django from 5.4.3 to 6.0.0.

Release notes

Sourced from social-auth-app-django's releases.

6.0.0

Security

  • Added the default Django confirmation page for externally resumed partial pipelines.

Breaking

  • Login views now always require POST requests, and the SOCIAL_AUTH_REQUIRE_POST setting was removed.

Changed

  • Raised the social-auth-core dependency to the next major release with the required Strategy hooks.

5.9.0

Changed

  • Added async support to SocialAuthExceptionMiddleware
  • Dropped support for Django 5.1, Django 5.2 is now the minimum supported version
  • Loosened the social-auth-core dependency to allow compatible 4.x releases
  • Improved release automation and GitHub release asset publishing

5.8.0

Changed

  • Added explicit Django 5.1, 5.2, and 6.0 package classifiers
  • DjangoStrategy now lazily creates a session when initialized without a request
  • Removed legacy replaces metadata from historical squashed migrations
  • Updated historical unique_together migration declarations for newer Django compatibility

5.7.0

Changed

  • Integrated with social_core using registry instead of monkey patching it

Donations

This project welcomes donations to make the development sustainable. The following platforms are available for funding Python Social Auth:

5.6.0

Changed

  • Fixed possibly unsafe account association (CVE-2025-61783)
  • Storage now filters for active users, you might need to customize SOCIAL_AUTH_ACTIVE_USERS_FILTER if your custom model does not have the is_active field

Added

... (truncated)

Changelog

Sourced from social-auth-app-django's changelog.

6.0.0 - 2026-06-23

Security

  • Added the default Django confirmation page for externally resumed partial pipelines.

Breaking

  • Login views now always require POST requests, and the SOCIAL_AUTH_REQUIRE_POST setting was removed.

Changed

  • Raised the social-auth-core dependency to the next major release with the required Strategy hooks.

5.9.0 - 2026-04-29

Changed

  • Added async support to SocialAuthExceptionMiddleware
  • Dropped support for Django 5.1, Django 5.2 is now the minimum supported version
  • Loosened the social-auth-core dependency to allow compatible 4.x releases
  • Improved release automation and GitHub release asset publishing

5.8.0 - 2026-04-20

Changed

  • Added explicit Django 5.1, 5.2, and 6.0 package classifiers
  • DjangoStrategy now lazily creates a session when initialized without a request
  • Removed legacy replaces metadata from historical squashed migrations
  • Updated historical unique_together migration declarations for newer Django compatibility

5.7.0 - 2025-12-18

Changed

  • Integrated with social_core using registry instead of monkey patching it

5.6.0 - 2025-10-09

Changed

  • Fixed possibly unsafe account association (CVE-2025-61783)
  • Storage now filters for active users, you might need to customize SOCIAL_AUTH_ACTIVE_USERS_FILTER if your custom model does not have the is_active field

Added

  • Django 6.0 and Python 3.14 compatibility
  • Type annotations
  • LoginRequiredMiddleware compatibility

... (truncated)

Commits
  • 127e2e9 chore: version bump 6.0.0 (#1011)
  • a1ebcb0 chore(deps): update actions/cache action to v6 (#1010)
  • 4ff79df fix(deps): update dependency django-stubs-ext to v6.0.6 (#1008)
  • 7d22b5e feat!: confirm external partial pipeline resumes
  • 895334e fix(deps): update dependency django-stubs to v6.0.6 (#1007)
  • 1cdda60 chore(deps): update pre-commit hook zizmorcore/zizmor-pre-commit to v1.26.1 (...
  • 45a5ecf chore(deps): update actions/checkout action to v7 (#1005)
  • 4eb2732 chore(deps): update pre-commit hook astral-sh/ruff-pre-commit to v0.15.18 (#1...
  • 6f763ac chore(deps): update pre-commit hook astral-sh/ruff-pre-commit to v0.15.17 (#1...
  • ba3563a chore(deps): update codecov/codecov-action action to v7 (#1002)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added backend dependencies Pull requests that update a dependency file engineering pip Used for dependabot PR's having to do with pip/python labels Jun 26, 2026
Bumps [social-auth-app-django](https://github.com/python-social-auth/social-app-django) from 5.4.3 to 6.0.0.
- [Release notes](https://github.com/python-social-auth/social-app-django/releases)
- [Changelog](https://github.com/python-social-auth/social-app-django/blob/master/CHANGELOG.md)
- [Commits](python-social-auth/social-app-django@5.4.3...6.0.0)

---
updated-dependencies:
- dependency-name: social-auth-app-django
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump social-auth-app-django from 5.4.3 to 6.0.0 build(deps): bump social-auth-app-django from 5.4.3 to 6.0.0 Jul 18, 2026
@dependabot
dependabot Bot force-pushed the dependabot/pip/social-auth-app-django-6.0.0 branch from 84e8d90 to cbe9a61 Compare July 18, 2026 03:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backend dependencies Pull requests that update a dependency file engineering pip Used for dependabot PR's having to do with pip/python

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants