CVS commit: pkgsrc/www/py-django-allauth

["Adam Ciarcinski" <adam%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   adam
Date:           Wed Jul 17 09:12:55 UTC 2024

Modified Files:
        pkgsrc/www/py-django-allauth: Makefile distinfo

Log Message:
py-django-allauth: updated to 0.63.6

0.63.6 (2024-07-12)
*******************

Security notice
---------------

- When the Facebook provider was configured to use the ``js_sdk`` method the
  login page could become vulnerable to an XSS attack.

0.63.5 (2024-07-11)
*******************

Fixes
-----

- The security fix in 0.63.4 that altered the ``__str__()`` of ``SocialToken``
  caused issues within the Amazon Cognito, Atlassian, JupyterHub, LemonLDAP,
  Nextcloud and OpenID Connect providers. Fixed.

0.63.4 (2024-07-10)
*******************

Security notice
---------------

- The ``__str__()`` method of the ``SocialToken`` model returned the access
  token. As a consequence, logging or printing tokens otherwise would expose the
  access token. Now, the method no longer returns the token. If you want to
  log/print tokens, you will now have to explicitly log the ``token`` field of
  the ``SocialToken`` instance.

- Enumeration prevention: the behavior on the outside of an actual signup versus
  a signup where the user already existed was not fully identical, fixed.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/py-django-allauth/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/py-django-allauth/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/py-django-allauth/Makefile
diff -u pkgsrc/www/py-django-allauth/Makefile:1.12 pkgsrc/www/py-django-allauth/Makefile:1.13
--- pkgsrc/www/py-django-allauth/Makefile:1.12  Mon Jun 10 07:28:52 2024
+++ pkgsrc/www/py-django-allauth/Makefile       Wed Jul 17 09:12:54 2024
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.12 2024/06/10 07:28:52 adam Exp $
+# $NetBSD: Makefile,v 1.13 2024/07/17 09:12:54 adam Exp $
 
-DISTNAME=      django_allauth-0.63.3
+DISTNAME=      django_allauth-0.63.6
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:S/_/-/}
 CATEGORIES=    www python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=d/django-allauth/}

Index: pkgsrc/www/py-django-allauth/distinfo
diff -u pkgsrc/www/py-django-allauth/distinfo:1.11 pkgsrc/www/py-django-allauth/distinfo:1.12
--- pkgsrc/www/py-django-allauth/distinfo:1.11  Mon Jun 10 07:28:52 2024
+++ pkgsrc/www/py-django-allauth/distinfo       Wed Jul 17 09:12:54 2024
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.11 2024/06/10 07:28:52 adam Exp $
+$NetBSD: distinfo,v 1.12 2024/07/17 09:12:54 adam Exp $
 
-BLAKE2s (django_allauth-0.63.3.tar.gz) = 53580416f4a4048691beaee620eda599a2b73d528e1bdace24e607804be50485
-SHA512 (django_allauth-0.63.3.tar.gz) = 5b698b687b683a827c14f8d5eed8c9e1c7847409c5d8382382ce5e0c4eb0ddc01272dd782eb1f55b82ecf7ab10d7ee8f0f8f64d73053d5783aeec50b45fd2227
-Size (django_allauth-0.63.3.tar.gz) = 1082417 bytes
+BLAKE2s (django_allauth-0.63.6.tar.gz) = d04e75d77f6d6a87ba11f2aa8c054a0785923df105e3c0db80a770c273e4dea3
+SHA512 (django_allauth-0.63.6.tar.gz) = 607b8b3812018f52ccd6e36625906685b3ece8ea441e8a9e3aa0f16a1111dfc31103226cc3bbfee4edf0d8ea920f39d21efff61b082d62c0b2dd3b81f718fab1
+Size (django_allauth-0.63.6.tar.gz) = 1082450 bytes