Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump webauthn from 3.1.0 to 3.2.2 #5238

Merged
merged 1 commit into from
Nov 19, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 14, 2024

Bumps webauthn from 3.1.0 to 3.2.2.

Changelog

Sourced from webauthn's changelog.

[v3.2.2] - 2024-11-14

Fixed

  • Fix PublicKeyCredential::Options#.as_json not camelCase'ing keys of attributes with hash or arrays as values. #445 [@​santiagorodriguez96]

[v3.2.1] - 2024-11-14

Fixed

[v3.2.0] - 2024-11-13

Added

  • Added AuthenticatorAttestationResponse#transports for accessing the response's transports value. #421 [@​santiagorodriguez96]
  • WebAuthn::AuthenticatorAssertionResponse#verify and WebAuthn::AuthenticatorAttestationResponse#verify, as well as RelyingParty#verify_registration and RelyingParty#verify_authentication now accept a user_presence keyword arg in order to be able to skip the user presence check for specific attestation and assertion verifications. By default, user presence will be checked unless silent_authentication is enabled for the Relying Party (as it was before). #432, #434, #435 (@​nov, [@​santiagorodriguez96])
  • WebAuthn::FakeClient#create and WebAuthn::FakeAuthenticator#make_credential now support a credential_algorithm and algorithm param (respectively) for choosing the algorithm to use for creating the credential. Supported values are: 'ES256', 'RSA256' and 'EdDSA'. #400, #437 [@​santiagorodriguez96]
  • Remove awrence dependency. #436 @​npezza
  • Run tests with Ruby 3.3. #416 [@​santiagorodriguez96]
  • Run tests with Ruby 3.4.0-preview2. #436 @​npezza

Changed

Commits
  • 6fa4831 Merge pull request #446 from cedarcode/sr--prepare-for-3.2.2-release
  • 6911787 build: bump version to v3.2.2
  • c385f25 Merge pull request #445 from cedarcode/sr--fix-serializer
  • 94d4607 fix(serializer): attributes with hashes as values ending up without camelCase...
  • 00b30c5 Merge pull request #443 from cedarcode/sr--prepare-for-3.2.1-release
  • 9357dad build: bump version to v3.2.1
  • e76d35c Merge pull request #442 from cedarcode/sr--fix-serializer
  • 99e9e4f fix: do not add the key to the hash if its value is nil
  • 0230ccc test: ensure that keys not set are not present when calling as_json
  • ad5e5ff Merge pull request #440 from cedarcode/sr--prepare-for-3.2.0-release
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Nov 14, 2024
@segiddins segiddins enabled auto-merge (squash) November 14, 2024 23:00
Bumps [webauthn](https://github.com/cedarcode/webauthn-ruby) from 3.1.0 to 3.2.2.
- [Changelog](https://github.com/cedarcode/webauthn-ruby/blob/master/CHANGELOG.md)
- [Commits](cedarcode/webauthn-ruby@v3.1.0...v3.2.2)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/webauthn-3.2.2 branch from 9b81334 to 25cdd40 Compare November 18, 2024 22:51
@segiddins segiddins merged commit bf11fa1 into master Nov 19, 2024
17 checks passed
@segiddins segiddins deleted the dependabot/bundler/webauthn-3.2.2 branch November 19, 2024 03:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
Development

Successfully merging this pull request may close these issues.

1 participant