CVS commit: pkgsrc/www/py-django-allauth

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/py-django-allauth
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Mon, 17 Nov 2025 08:42:23 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Mon Nov 17 08:42:23 UTC 2025

Modified Files:
        pkgsrc/www/py-django-allauth: Makefile PLIST distinfo

Log Message:
py-django-allauth: updated to 65.13.0

65.13.0 (2025-10-31)
********************

Note worthy changes
-------------------

- IdP: Added support for RP-Initiated Logout.

- Headless: added JWT token strategy.

- Added support for "Trust this browser?" functionality for logging in by code.
  See ``ACCOUNT_LOGIN_BY_CODE_TRUST_ENABLED``.

- OpenID Connect: to avoid issues with client IDs containing colons,
  ``client_secret_post`` is now preferred above ``client_secret_basic``.

Security notice
---------------

- Both Okta and NetIQ were using ``preferred_username`` as the identifier for
  third-party provider accounts.  That value may be mutable and should therefore
  be avoided for authorization decisions.  The providers are now using ``sub``
  instead.

- IdP: marking a user as ``is_active=False`` after having handed tokens for that
  user while the account was still active had no effect. Fixed -- the
  access/refresh tokens are now rejected. Thanks to Joshua Rogers for reporting
  this and the previous issue.

Backwards incompatible changes
------------------------------

- Headless now requires the ``headless`` extra to be installed. For example:
  ``pip install django-allauth[headless]``.

- Okta and NetIQ: see the security notice on Okta and NetIQ. Already existing
  ``SocialAccount`` records will no longer be linked due to the switch to
  ``sub``.  You will need to manually handle this situation either, by
  populating ``SocialAccount.uid`` based on ``sub`` located in
  ``SocialAccount.extra_data``,or, if you are absolutely certain the security
  notice is of no concern for your use case, by setting ``"uid_field":
  "preferred_username"`` in the relevant ``SocialApp.settings``.


To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/py-django-allauth/Makefile
cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/py-django-allauth/PLIST
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/py-django-allauth/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/py-django-allauth/Makefile
diff -u pkgsrc/www/py-django-allauth/Makefile:1.22 pkgsrc/www/py-django-allauth/Makefile:1.23
--- pkgsrc/www/py-django-allauth/Makefile:1.22  Thu Jul 10 15:53:45 2025
+++ pkgsrc/www/py-django-allauth/Makefile       Mon Nov 17 08:42:23 2025
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.22 2025/07/10 15:53:45 adam Exp $
+# $NetBSD: Makefile,v 1.23 2025/11/17 08:42:23 adam Exp $
 
-DISTNAME=      django_allauth-65.10.0
+DISTNAME=      django_allauth-65.13.0
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:S/_/-/}
 CATEGORIES=    www python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=d/django-allauth/}
@@ -16,9 +16,9 @@ DEPENDS+=     ${PYPKGPREFIX}-django>=4.2.16:
 # openid
 DEPENDS+=      ${PYPKGPREFIX}-openid>=3.0.8:../../security/py-openid
 # socialaccount
-DEPENDS+=      ${PYPKGPREFIX}-JWT>=1.7:../../textproc/py-JWT
+DEPENDS+=      ${PYPKGPREFIX}-JWT>=2.0:../../textproc/py-JWT
+DEPENDS+=      ${PYPKGPREFIX}-oauthlib>=3.3.0:../../security/py-oauthlib
 DEPENDS+=      ${PYPKGPREFIX}-requests>=2.0.0:../../devel/py-requests
-DEPENDS+=      ${PYPKGPREFIX}-requests-oauthlib>=0.3.0:../../security/py-requests-oauthlib
 
 USE_LANGUAGES= # none
 

Index: pkgsrc/www/py-django-allauth/PLIST
diff -u pkgsrc/www/py-django-allauth/PLIST:1.16 pkgsrc/www/py-django-allauth/PLIST:1.17
--- pkgsrc/www/py-django-allauth/PLIST:1.16     Thu Jul 10 15:53:45 2025
+++ pkgsrc/www/py-django-allauth/PLIST  Mon Nov 17 08:42:23 2025
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.16 2025/07/10 15:53:45 adam Exp $
+@comment $NetBSD: PLIST,v 1.17 2025/11/17 08:42:23 adam Exp $
 ${PYSITELIB}/${WHEEL_INFODIR}/METADATA
 ${PYSITELIB}/${WHEEL_INFODIR}/RECORD
 ${PYSITELIB}/${WHEEL_INFODIR}/WHEEL
@@ -44,6 +44,9 @@ ${PYSITELIB}/allauth/account/forms.pyo
 ${PYSITELIB}/allauth/account/internal/__init__.py
 ${PYSITELIB}/allauth/account/internal/__init__.pyc
 ${PYSITELIB}/allauth/account/internal/__init__.pyo
+${PYSITELIB}/allauth/account/internal/constants.py
+${PYSITELIB}/allauth/account/internal/constants.pyc
+${PYSITELIB}/allauth/account/internal/constants.pyo
 ${PYSITELIB}/allauth/account/internal/decorators.py
 ${PYSITELIB}/allauth/account/internal/decorators.pyc
 ${PYSITELIB}/allauth/account/internal/decorators.pyo
@@ -208,6 +211,9 @@ ${PYSITELIB}/allauth/core/internal/model
 ${PYSITELIB}/allauth/core/internal/ratelimit.py
 ${PYSITELIB}/allauth/core/internal/ratelimit.pyc
 ${PYSITELIB}/allauth/core/internal/ratelimit.pyo
+${PYSITELIB}/allauth/core/internal/sessionkit.py
+${PYSITELIB}/allauth/core/internal/sessionkit.pyc
+${PYSITELIB}/allauth/core/internal/sessionkit.pyo
 ${PYSITELIB}/allauth/core/internal/urlkit.py
 ${PYSITELIB}/allauth/core/internal/urlkit.pyc
 ${PYSITELIB}/allauth/core/internal/urlkit.pyo
@@ -368,9 +374,39 @@ ${PYSITELIB}/allauth/headless/tokens/__i
 ${PYSITELIB}/allauth/headless/tokens/base.py
 ${PYSITELIB}/allauth/headless/tokens/base.pyc
 ${PYSITELIB}/allauth/headless/tokens/base.pyo
+${PYSITELIB}/allauth/headless/tokens/inputs.py
+${PYSITELIB}/allauth/headless/tokens/inputs.pyc
+${PYSITELIB}/allauth/headless/tokens/inputs.pyo
+${PYSITELIB}/allauth/headless/tokens/response.py
+${PYSITELIB}/allauth/headless/tokens/response.pyc
+${PYSITELIB}/allauth/headless/tokens/response.pyo
 ${PYSITELIB}/allauth/headless/tokens/sessions.py
 ${PYSITELIB}/allauth/headless/tokens/sessions.pyc
 ${PYSITELIB}/allauth/headless/tokens/sessions.pyo
+${PYSITELIB}/allauth/headless/tokens/strategies/__init__.py
+${PYSITELIB}/allauth/headless/tokens/strategies/__init__.pyc
+${PYSITELIB}/allauth/headless/tokens/strategies/__init__.pyo
+${PYSITELIB}/allauth/headless/tokens/strategies/base.py
+${PYSITELIB}/allauth/headless/tokens/strategies/base.pyc
+${PYSITELIB}/allauth/headless/tokens/strategies/base.pyo
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/__init__.py
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/__init__.pyc
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/__init__.pyo
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/internal.py
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/internal.pyc
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/internal.pyo
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/strategy.py
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/strategy.pyc
+${PYSITELIB}/allauth/headless/tokens/strategies/jwt/strategy.pyo
+${PYSITELIB}/allauth/headless/tokens/strategies/sessions.py
+${PYSITELIB}/allauth/headless/tokens/strategies/sessions.pyc
+${PYSITELIB}/allauth/headless/tokens/strategies/sessions.pyo
+${PYSITELIB}/allauth/headless/tokens/urls.py
+${PYSITELIB}/allauth/headless/tokens/urls.pyc
+${PYSITELIB}/allauth/headless/tokens/urls.pyo
+${PYSITELIB}/allauth/headless/tokens/views.py
+${PYSITELIB}/allauth/headless/tokens/views.pyc
+${PYSITELIB}/allauth/headless/tokens/views.pyo
 ${PYSITELIB}/allauth/headless/urls.py
 ${PYSITELIB}/allauth/headless/urls.pyc
 ${PYSITELIB}/allauth/headless/urls.pyo
@@ -434,6 +470,9 @@ ${PYSITELIB}/allauth/idp/oidc/internal/_
 ${PYSITELIB}/allauth/idp/oidc/internal/clientkit.py
 ${PYSITELIB}/allauth/idp/oidc/internal/clientkit.pyc
 ${PYSITELIB}/allauth/idp/oidc/internal/clientkit.pyo
+${PYSITELIB}/allauth/idp/oidc/internal/flows.py
+${PYSITELIB}/allauth/idp/oidc/internal/flows.pyc
+${PYSITELIB}/allauth/idp/oidc/internal/flows.pyo
 ${PYSITELIB}/allauth/idp/oidc/internal/oauthlib/__init__.py
 ${PYSITELIB}/allauth/idp/oidc/internal/oauthlib/__init__.pyc
 ${PYSITELIB}/allauth/idp/oidc/internal/oauthlib/__init__.pyo
@@ -455,12 +494,18 @@ ${PYSITELIB}/allauth/idp/oidc/internal/o
 ${PYSITELIB}/allauth/idp/oidc/internal/scope.py
 ${PYSITELIB}/allauth/idp/oidc/internal/scope.pyc
 ${PYSITELIB}/allauth/idp/oidc/internal/scope.pyo
+${PYSITELIB}/allauth/idp/oidc/internal/tokens.py
+${PYSITELIB}/allauth/idp/oidc/internal/tokens.pyc
+${PYSITELIB}/allauth/idp/oidc/internal/tokens.pyo
 ${PYSITELIB}/allauth/idp/oidc/migrations/0001_initial.py
 ${PYSITELIB}/allauth/idp/oidc/migrations/0001_initial.pyc
 ${PYSITELIB}/allauth/idp/oidc/migrations/0001_initial.pyo
 ${PYSITELIB}/allauth/idp/oidc/migrations/0002_client_default_scopes.py
 ${PYSITELIB}/allauth/idp/oidc/migrations/0002_client_default_scopes.pyc
 ${PYSITELIB}/allauth/idp/oidc/migrations/0002_client_default_scopes.pyo
+${PYSITELIB}/allauth/idp/oidc/migrations/0003_client_allow_uri_wildcards.py
+${PYSITELIB}/allauth/idp/oidc/migrations/0003_client_allow_uri_wildcards.pyc
+${PYSITELIB}/allauth/idp/oidc/migrations/0003_client_allow_uri_wildcards.pyo
 ${PYSITELIB}/allauth/idp/oidc/migrations/__init__.py
 ${PYSITELIB}/allauth/idp/oidc/migrations/__init__.pyc
 ${PYSITELIB}/allauth/idp/oidc/migrations/__init__.pyo
@@ -510,6 +555,8 @@ ${PYSITELIB}/allauth/locale/he/LC_MESSAG
 ${PYSITELIB}/allauth/locale/he/LC_MESSAGES/django.po
 ${PYSITELIB}/allauth/locale/hr/LC_MESSAGES/django.mo
 ${PYSITELIB}/allauth/locale/hr/LC_MESSAGES/django.po
+${PYSITELIB}/allauth/locale/ht/LC_MESSAGES/django.mo
+${PYSITELIB}/allauth/locale/ht/LC_MESSAGES/django.po
 ${PYSITELIB}/allauth/locale/hu/LC_MESSAGES/django.mo
 ${PYSITELIB}/allauth/locale/hu/LC_MESSAGES/django.po
 ${PYSITELIB}/allauth/locale/id/LC_MESSAGES/django.mo
@@ -605,6 +652,9 @@ ${PYSITELIB}/allauth/mfa/checks.pyo
 ${PYSITELIB}/allauth/mfa/internal/__init__.py
 ${PYSITELIB}/allauth/mfa/internal/__init__.pyc
 ${PYSITELIB}/allauth/mfa/internal/__init__.pyo
+${PYSITELIB}/allauth/mfa/internal/constants.py
+${PYSITELIB}/allauth/mfa/internal/constants.pyc
+${PYSITELIB}/allauth/mfa/internal/constants.pyo
 ${PYSITELIB}/allauth/mfa/internal/flows/__init__.py
 ${PYSITELIB}/allauth/mfa/internal/flows/__init__.pyc
 ${PYSITELIB}/allauth/mfa/internal/flows/__init__.pyo
@@ -1096,6 +1146,18 @@ ${PYSITELIB}/allauth/socialaccount/provi
 ${PYSITELIB}/allauth/socialaccount/providers/dingtalk/views.py
 ${PYSITELIB}/allauth/socialaccount/providers/dingtalk/views.pyc
 ${PYSITELIB}/allauth/socialaccount/providers/dingtalk/views.pyo
+${PYSITELIB}/allauth/socialaccount/providers/discogs/__init__.py
+${PYSITELIB}/allauth/socialaccount/providers/discogs/__init__.pyc
+${PYSITELIB}/allauth/socialaccount/providers/discogs/__init__.pyo
+${PYSITELIB}/allauth/socialaccount/providers/discogs/provider.py
+${PYSITELIB}/allauth/socialaccount/providers/discogs/provider.pyc
+${PYSITELIB}/allauth/socialaccount/providers/discogs/provider.pyo
+${PYSITELIB}/allauth/socialaccount/providers/discogs/urls.py
+${PYSITELIB}/allauth/socialaccount/providers/discogs/urls.pyc
+${PYSITELIB}/allauth/socialaccount/providers/discogs/urls.pyo
+${PYSITELIB}/allauth/socialaccount/providers/discogs/views.py
+${PYSITELIB}/allauth/socialaccount/providers/discogs/views.pyc
+${PYSITELIB}/allauth/socialaccount/providers/discogs/views.pyo
 ${PYSITELIB}/allauth/socialaccount/providers/discord/__init__.py
 ${PYSITELIB}/allauth/socialaccount/providers/discord/__init__.pyc
 ${PYSITELIB}/allauth/socialaccount/providers/discord/__init__.pyo
@@ -2580,11 +2642,13 @@ ${PYSITELIB}/allauth/templates/allauth/l
 ${PYSITELIB}/allauth/templates/allauth/layouts/entrance.html
 ${PYSITELIB}/allauth/templates/allauth/layouts/manage.html
 ${PYSITELIB}/allauth/templates/idp/oidc/authorization_form.html
+${PYSITELIB}/allauth/templates/idp/oidc/base.html
 ${PYSITELIB}/allauth/templates/idp/oidc/device_authorization_code_form.html
 ${PYSITELIB}/allauth/templates/idp/oidc/device_authorization_confirm_form.html
 ${PYSITELIB}/allauth/templates/idp/oidc/device_authorization_confirmed.html
 ${PYSITELIB}/allauth/templates/idp/oidc/device_authorization_denied.html
 ${PYSITELIB}/allauth/templates/idp/oidc/error.html
+${PYSITELIB}/allauth/templates/idp/oidc/logout.html
 ${PYSITELIB}/allauth/templates/mfa/authenticate.html
 ${PYSITELIB}/allauth/templates/mfa/base_entrance.html
 ${PYSITELIB}/allauth/templates/mfa/base_manage.html

Index: pkgsrc/www/py-django-allauth/distinfo
diff -u pkgsrc/www/py-django-allauth/distinfo:1.19 pkgsrc/www/py-django-allauth/distinfo:1.20
--- pkgsrc/www/py-django-allauth/distinfo:1.19  Thu Jul 10 15:53:45 2025
+++ pkgsrc/www/py-django-allauth/distinfo       Mon Nov 17 08:42:23 2025
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.19 2025/07/10 15:53:45 adam Exp $
+$NetBSD: distinfo,v 1.20 2025/11/17 08:42:23 adam Exp $
 
-BLAKE2s (django_allauth-65.10.0.tar.gz) = 0453bbe24c491d4554d00ab32926bb5e2730d1e32195620b599d81cd0d717038
-SHA512 (django_allauth-65.10.0.tar.gz) = c282aae8032e41d20f52b1cf1c36c799ba5e3d3198374d5c31ccae96d06e179fa21b69b8ad6432b1c146cb06245a448576b62c93657b8df7ca7720622ff01d13
-Size (django_allauth-65.10.0.tar.gz) = 1897777 bytes
+BLAKE2s (django_allauth-65.13.0.tar.gz) = 0e4cd02b6e5f2756d3320d6dea6d21473c01bb373f4fa3c178cd2a7910976a95
+SHA512 (django_allauth-65.13.0.tar.gz) = bc05bd23f1e364de6a737677d45bcaeb26a739c43baabb71ee61232ac43f9747beeaef3d3b5ab7ed05c878b35a95036d81a25fa31ae0b908e133a4c48dfa8a1a
+Size (django_allauth-65.13.0.tar.gz) = 1987616 bytes

Prev by Date: CVS commit: pkgsrc/www/py-django-bootstrap5
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/www/py-django-bootstrap5
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index