Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update django-allauth to 0.34.0 #181

Closed
wants to merge 1 commit into from

Conversation

pyup-bot
Copy link
Collaborator

There's a new version of django-allauth available.
You are currently using 0.30.0. I have updated it to 0.34.0

These links might come in handy: PyPI | Changelog | Repo

Changelog

0.34.0


Security notice

  • The "Set Password" view did not properly check whether or not the user already
    had a usable password set. This allowed an attacker to set the password
    without providing the current password, but only in case the attacker already
    gained control over the victim's session.

Note worthy changes

  • New provider: Meetup.

0.33.0


Note worthy changes

  • Security: password reset tokens are now prevented from being leaked through
    the password reset URL.
  • New providers: Patreon, Authentiq, Dataporten.
  • Dropbox has been upgraded to API V2.
  • New translation: Norwegian.

Backwards incompatible changes

  • Dropped support for Django 1.9.

0.32.0


Note worthy changes

  • Improved AJAX support: the account management views (change/set password,
    manage e-mail addresses and social connections) now support AJAX GET requests.
    These views hand over all the required data for you to build your frontend
    application upon.
  • New providers: Dwolla, Trello.
  • Shopify: support for per-user access mode.

Backwards incompatible changes

  • In previous versions, the views only responded with JSON responses when
    issuing AJAX requests of type POST. Now, the views also respond in JSON when
    making AJAX GET requests.
  • The structure of the response for AJAX requests has changed. Previously, it
    contained a form_errors key containing all form validation errors, if any.
    Now, it contains a form key that describes the complete form, including
    the fields. Field specific errors are placed in
    form.fields['some_field'].errors, non-field errors in form.errors.
  • The parameters passed to the Facebook JS SDK FB.init() method used to contain
    cookie, status, and xfbml, all set to true. These parameters
    are no longer explicitly passed. You can use the newly introduced INIT_PARAMS
    provider setting to provide your own values.

0.31.0


Note worthy changes

  • Added a new user_logged_out signal.
  • OpenId: Added support for requesting additional data.
  • New providers: Auth0, Box, Line, Naver, Kakao, Daum, MailChimp, Eventbrite.

Backwards incompatible changes

  • Django 1.7 / Python 3.2 compatibility has been dropped.
  • Due to providers being registered in the same file as their definition
    it was impossible to subclass a provider without having the parent be
    registered. This has been addressed. If you have implemented a custom
    provider, you will need to change
    providers.registry.register(CustomProvider)
    into
    provider_classes = [CustomProvider].

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖

@pyup-bot
Copy link
Collaborator Author

pyup-bot commented Feb 2, 2018

Closing this in favor of #199

@pyup-bot pyup-bot closed this Feb 2, 2018
@eranrund eranrund deleted the pyup-update-django-allauth-0.30.0-to-0.34.0 branch February 2, 2018 19:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant