Skip to content

chore(deps): bump the security-updates group across 1 directory with 2 updates#5798

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/security-updates-f4d81d9bff
Closed

chore(deps): bump the security-updates group across 1 directory with 2 updates#5798
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/security-updates-f4d81d9bff

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 13, 2026
edited
Loading

Bumps the security-updates group with 2 updates in the / directory: authlib and paramiko.

Updates authlib from 1.6.11 to 1.6.12

Release notes

Sourced from authlib's releases.

v1.6.12

Changelog

Sourced from authlib's changelog.

Version 1.6.12

Released on may 4, 2026

  • Fix redirecting to unvalidated redirect_uri on InvalidScopeError in OpenIDImplicitGrant and OpenIDHybridGrant.
Commits
  • e46e515 chore: bump to 1.6.12
  • 9babc13 fix: redirecting to unvalidated redirect_uri on InvalidScopeError in OIDC grants
  • See full diff in compare view

Updates paramiko from 4.0.0 to 5.0.0

Commits
  • 710cc5c What's a few weeks between friends?
  • ea93c59 Fix up Ed25519Key so it has non-erroring repr() during fatal errors
  • 5b90ef9 ruff/isort
  • f3864b6 Changelog fixes
  • acd4bc1 Replace hardcoded PEM format in PKey.write* with new parameter
  • 6fa1556 Bump group-exchange kex min_bits to 2048
  • eb87ad3 Fix some tests that were incorrectly passing
  • 1ecc933 Remove GSSAPI support :(
  • 9bf5fca Remove SHA1-based (non-GSS) kex methods
  • b8f75c7 Lintin' ain't easy
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 13, 2026
@dependabot dependabot Bot force-pushed the dependabot/uv/security-updates-f4d81d9bff branch 2 times, most recently from 73f0150 to 26618d7 Compare May 16, 2026 10:14
@dependabot
chore(deps): bump the security-updates group across 1 directory with …
c2f8e59 
…2 updates

Bumps the security-updates group with 2 updates in the / directory: [authlib](https://github.com/authlib/authlib) and [paramiko](https://github.com/paramiko/paramiko).


Updates `authlib` from 1.6.11 to 1.6.12
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/1.6.12/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.11...1.6.12)

Updates `paramiko` from 4.0.0 to 5.0.0
- [Commits](paramiko/paramiko@4.0.0...5.0.0)

---
updated-dependencies:
- dependency-name: authlib
  dependency-version: 1.6.12
  dependency-type: indirect
  dependency-group: security-updates
- dependency-name: paramiko
  dependency-version: 5.0.0
  dependency-type: indirect
  dependency-group: security-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/security-updates-f4d81d9bff branch from 26618d7 to c2f8e59 Compare May 19, 2026 15:42
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 20, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 20, 2026
@dependabot dependabot Bot deleted the dependabot/uv/security-updates-f4d81d9bff branch May 20, 2026 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants