Upgrade: Bump omniauth-google-oauth2 from 1.1.2 to 1.2.1 (#4933)

Bumps [omniauth-google-oauth2](https://github.com/zquestz/omniauth-google-oauth2) from 1.1.2 to 1.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zquestz/omniauth-google-oauth2/releases">omniauth-google-oauth2's releases</a>.</em></p> <blockquote> <h2>Release v1.2.1</h2> <h3>Added</h3> <ul> <li>Use jwt v2.9.2's public claims verification API - <a href="https://redirect.github.com/zquestz/omniauth-google-oauth2/pull/465">zquestz/omniauth-google-oauth2#465</a></li> </ul> <h3>Deprecated</h3> <ul> <li>Nothing.</li> </ul> <h3>Removed</h3> <ul> <li>Support for jwt < 2.9.2.</li> </ul> <h3>Fixed</h3> <ul> <li>Nothing.</li> </ul> <h2>Release v1.2.0</h2> <h3>Added</h3> <ul> <li>jwt 2.9.0 support for their updated claims code.</li> <li>'smart' image resizing option.</li> </ul> <h3>Deprecated</h3> <ul> <li>Nothing.</li> </ul> <h3>Removed</h3> <ul> <li>Ruby 2.3 and 2.4 support.</li> <li>Support for jwt < 2.9.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed image sizing code.</li> <li>Rubocop configuration updates.</li> </ul> <h2>Release v1.1.3</h2> <h3>Added</h3> <ul> <li>Updated to use POST instead of GET for tokeninfo endpoint. (<a href="https://redirect.github.com/zquestz/omniauth-google-oauth2/pull/457">zquestz/omniauth-google-oauth2#457</a>)</li> </ul> <h3>Deprecated</h3> <ul> <li>Nothing.</li> </ul> <h3>Removed</h3> <ul> <li>Nothing.</li> </ul> <h3>Fixed</h3> <ul> <li>Documentation typos.</li> <li>Rubocop configuration updates.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/zquestz/omniauth-google-oauth2/blob/master/CHANGELOG.md">omniauth-google-oauth2's changelog</a>.</em></p> <blockquote> <h2>1.2.1 - 2025-01-18</h2> <h3>Added</h3> <ul> <li>Use jwt v2.9.2's public claims verification API - <a href="https://redirect.github.com/zquestz/omniauth-google-oauth2/pull/465">zquestz/omniauth-google-oauth2#465</a></li> </ul> <h3>Deprecated</h3> <ul> <li>Nothing.</li> </ul> <h3>Removed</h3> <ul> <li>Support for jwt < 2.9.2.</li> </ul> <h3>Fixed</h3> <ul> <li>Nothing.</li> </ul> <h2>1.2.0 - 2024-09-15</h2> <h3>Added</h3> <ul> <li>jwt 2.9.0 support for their updated claims code.</li> </ul> <h3>Deprecated</h3> <ul> <li>Nothing.</li> </ul> <h3>Removed</h3> <ul> <li>Ruby 2.3 and 2.4 support.</li> <li>Support for jwt < 2.9.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed image sizing code.</li> <li>Rubocop configuration updates.</li> </ul> <h2>1.1.3 - 2024-08-29</h2> <h3>Added</h3> <ul> <li>Updated to use POST instead of GET for tokeninfo endpoint.</li> </ul> <h3>Deprecated</h3> <ul> <li>Nothing.</li> </ul> <h3>Removed</h3> <ul> <li>Nothing.</li> </ul> <h3>Fixed</h3> <ul> <li>Documentation typos.</li> <li>Rubocop configuration updates.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/3366dcb8fe0a8523259cf684d9cd31ddc3e1fae3"><code>3366dcb</code></a> Unlock Sinatra version in example</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/a1ce6125c681ee02acfe13f7c202944cec6a5a1d"><code>a1ce612</code></a> Updated CHANGELOG.md for 1.2.1</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/f7b7a7d2aef3718caa4e3f5caf38686883fd0843"><code>f7b7a7d</code></a> Bump version to 1.2.1</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/865653899615e4cacfd21bfa3847dc2dcd505fd5"><code>8656538</code></a> Add examples/Gemfile.lock to .gitignore</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/5298eb1ca6b3e7c747af0dd44d8308351f990bba"><code>5298eb1</code></a> Use jwt v2.9.2's public claims verification API</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/4dea8db47e3737df75e6187a918f9d923ab11458"><code>4dea8db</code></a> Use local source for example code</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/7086b8257f942616fae25a3d9c5639aba8fe43ec"><code>7086b82</code></a> Add FUNDING.yml</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/719bd91e5763100c55c350df2a8200f8146b213f"><code>719bd91</code></a> Clarify use for storing devise google data in callbacks controller</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/11af0784aeb6a195d4e1857bdf0f696dc6f80e4b"><code>11af078</code></a> Add 1.2.0 changelog and slight doc changes for image sizing</li> <li><a href="https://github.com/zquestz/omniauth-google-oauth2/commit/452e119f3252f3751030eeb95cb37bcfb550a836"><code>452e119</code></a> Update image sizing based on docs at <a href="https://developers.google.com/people/ima">https://developers.google.com/people/ima</a>...</li> <li>Additional commits viewable in <a href="https://github.com/zquestz/omniauth-google-oauth2/compare/v1.1.2...v1.2.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=omniauth-google-oauth2&package-manager=bundler&previous-version=1.1.2&new-version=1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
TheOdinProject · Feb 18, 2025 · 7ac085a · 7ac085a
1 parent 124fc35
commit 7ac085a
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 13 deletions.
diff --git a/Gemfile b/Gemfile
@@ -28,7 +28,7 @@ gem 'newrelic_rpm', '~> 9.16'
 gem 'noticed', '~> 1.6'
 gem 'octokit', '~> 9.2'
 gem 'omniauth-github', '~> 2.0.1'
-gem 'omniauth-google-oauth2', '~> 1.1.1'
+gem 'omniauth-google-oauth2', '~> 1.2.1'
 gem 'omniauth-rails_csrf_protection', '~> 1.0'
 gem 'pagy', '~> 9.3'
 gem 'pg', '~> 1.5'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -179,11 +179,12 @@ GEM
     factory_bot_rails (6.4.3)
       factory_bot (~> 6.4)
       railties (>= 5.0.0)
-    faraday (2.10.1)
-      faraday-net_http (>= 2.0, < 3.2)
+    faraday (2.12.2)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
       logger
-    faraday-net_http (3.1.1)
-      net-http
+    faraday-net_http (3.4.0)
+      net-http (>= 0.5.0)
     faraday-retry (2.2.1)
       faraday (~> 2.0)
     ferrum (0.15)
@@ -245,7 +246,7 @@ GEM
     jsbundling-rails (1.3.1)
       railties (>= 6.0.0)
     json (2.10.1)
-    jwt (2.8.2)
+    jwt (2.10.1)
       base64
     kramdown (2.4.0)
       rexml
@@ -263,7 +264,7 @@ GEM
     llhttp-ffi (0.5.0)
       ffi-compiler (~> 1.0)
       rake (~> 13.0)
-    logger (1.6.3)
+    logger (1.6.6)
     loofah (2.24.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
@@ -298,7 +299,7 @@ GEM
     multi_xml (0.7.1)
       bigdecimal (~> 3.1)
     mutex_m (0.3.0)
-    net-http (0.4.1)
+    net-http (0.6.0)
       uri
     net-imap (0.4.19)
       date
@@ -335,8 +336,8 @@ GEM
     omniauth-github (2.0.1)
       omniauth (~> 2.0)
       omniauth-oauth2 (~> 1.8)
-    omniauth-google-oauth2 (1.1.2)
-      jwt (>= 2.0)
+    omniauth-google-oauth2 (1.2.1)
+      jwt (>= 2.9.2)
       oauth2 (~> 2.0)
       omniauth (~> 2.0)
       omniauth-oauth2 (~> 1.8)
@@ -384,8 +385,9 @@ GEM
       rack (>= 1.0, < 4)
     rack-mini-profiler (3.3.1)
       rack (>= 1.2.0)
-    rack-protection (4.0.0)
+    rack-protection (4.1.1)
       base64 (>= 0.1.0)
+      logger (>= 1.6.0)
       rack (>= 3.0.0, < 4)
     rack-session (2.1.0)
       base64 (>= 0.1.0)
@@ -571,7 +573,7 @@ GEM
       concurrent-ruby (~> 1.0)
     unicode (0.4.4.5)
     unicode-display_width (2.6.0)
-    uri (0.13.0)
+    uri (1.0.2)
     vcr (6.3.1)
       base64
     version_gem (1.1.4)
@@ -638,7 +640,7 @@ DEPENDENCIES
   noticed (~> 1.6)
   octokit (~> 9.2)
   omniauth-github (~> 2.0.1)
-  omniauth-google-oauth2 (~> 1.1.1)
+  omniauth-google-oauth2 (~> 1.2.1)
   omniauth-rails_csrf_protection (~> 1.0)
   pagy (~> 9.3)
   parallel_tests (~> 4.7)