Skip to content

Bump authlib from 1.6.6 to 1.6.11 in /ai/gen-ai-agents/custom-rag-agent/files#2805

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/ai/gen-ai-agents/custom-rag-agent/files/authlib-1.6.11
Open

Bump authlib from 1.6.6 to 1.6.11 in /ai/gen-ai-agents/custom-rag-agent/files#2805
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/ai/gen-ai-agents/custom-rag-agent/files/authlib-1.6.11

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 16, 2026
edited
Loading

Bumps authlib from 1.6.6 to 1.6.11.

Release notes

Sourced from authlib's releases.

v1.6.11

Full Changelog: authlib/authlib@v1.6.10...v1.6.11

  • Fix CSRF issue with starlette client

v1.6.10

Full Changelog: authlib/authlib@v1.6.9...v1.6.10

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.

v1.6.9

Full Changelog: authlib/authlib@v1.6.8...v1.6.9

Changes in jose module

  • Not using header's jwk automatically
  • Add ES256K into default jwt algorithms
  • Remove deprecated algorithm from default registry
  • Generate random cek when cek length doesn't match

v1.6.8

Full Changelog: authlib/authlib@v1.6.7...v1.6.8

  • Add EdDSA to default jwt instance.

v1.6.7

Full Changelog: authlib/authlib@v1.6.6...v1.6.7

Set supported algorithms for the default jwt instance.

Changelog

Sourced from authlib's changelog.

Version 1.6.11

Released on Apr 16, 2026

  • Fix CSRF vulnerability in the Starlette OAuth client when a cache is configured.

Version 1.6.10

Released on Apr 13, 2026

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.

Version 1.6.9

Released on Mar 2, 2026

  • Not using header's jwk automatically.
  • Add ES256K into default jwt algorithms.
  • Remove deprecated algorithm from default registry.
  • Generate random cek when cek length doesn't match.

Version 1.6.8

Released on Feb 17, 2026

  • Add EdDSA to default jwt instance.

Version 1.6.7

Released on Feb 6, 2026

  • Set supported algorithms for the default jwt instance.
Commits
  • 0dc0e5b chore: bump to 1.6.11
  • aa7b8e4 Merge commit from fork
  • 401a770 fix: CSRF issue with starlette client
  • ef09aeb chore: release 1.6.10
  • 3be0846 fix: redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError
  • 9266eaa chore: release 1.6.9
  • b9bb2b2 fix(oidc): fail close at validating c_hash and at_hash
  • 1b0a1d9 fix(jose): generate random cek when cek length doesn't match
  • 5be3c51 fix(jose): add ES256K into default jwt algorithms
  • 48b345f fix(jose): remove deprecated algorithm from default registry
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 16, 2026
@dependabot dependabot bot mentioned this pull request Apr 16, 2026
Closed
@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Apr 16, 2026
@dependabot dependabot bot force-pushed the dependabot/pip/ai/gen-ai-agents/custom-rag-agent/files/authlib-1.6.11 branch 6 times, most recently from 457fe64 to 982fad0 Compare April 21, 2026 12:43
@dependabot
Bump authlib in /ai/gen-ai-agents/custom-rag-agent/files
cebf182 
Bumps [authlib](https://github.com/authlib/authlib) from 1.6.6 to 1.6.11.
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/v1.6.11/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.6...v1.6.11)

---
updated-dependencies:
- dependency-name: authlib
  dependency-version: 1.6.11
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/ai/gen-ai-agents/custom-rag-agent/files/authlib-1.6.11 branch from 982fad0 to cebf182 Compare April 21, 2026 12:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file OCA Verified All contributors have signed the Oracle Contributor Agreement. python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants