Skip to content

Bump oauth2 from 2.0.18 to 2.0.19#719

Merged
phylor merged 1 commit into
mainfrom
dependabot/bundler/oauth2-2.0.19
May 18, 2026
Merged

Bump oauth2 from 2.0.18 to 2.0.19#719
phylor merged 1 commit into
mainfrom
dependabot/bundler/oauth2-2.0.19

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026

Bumps oauth2 from 2.0.18 to 2.0.19.

Release notes

Sourced from oauth2's releases.

v2.0.19

2.0.19 - 2026-05-15

  • TAG: v2.0.19
  • COVERAGE: 100.00% -- 515/515 lines in 14 files
  • BRANCH COVERAGE: 100.00% -- 174/174 branches in 14 files
  • 89.11% documented

Added

  • gh!707 Add OAuth2.config[:filtered_label] to configure the placeholder used for filtered sensitive values in inspected objects and debug logging output by @​pboling
  • gh!707 Add OAuth2.config[:filtered_debug_keys] to configure which key names have their values redacted from debug logging output by @​pboling

Changed

  • gh!707 Make inspect-time and debug-log filters snapshot their configuration at initialization time rather than tracking later config changes by @​pboling
  • gh!714Refactor sensitive-value filtering to use auth-sanitizer while preserving OAuth2::FilteredAttributes as a permanent API alias by @​pboling

Removed

  • Remove the internal OAuth2::ThingFilter and OAuth2::SanitizedLogger implementations now provided by auth-sanitizer by @​pboling

Security

  • gh!707 Redact sensitive values from debug logging output, including Authorization headers and common token/secret fields in headers, query strings, form bodies, and JSON payloads by @​pboling
    • NOTE: debug logging has always been, and remains, opt-in. It is turned off by default.

Official Discord 👉️ [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite]

Many paths lead to being a sponsor or a backer of this project. Are you on such a path?

OpenCollective Backers OpenCollective Sponsors Sponsor Me on Github Liberapay Goal Progress [![Donate on PayPal][🖇paypal-img]][🖇paypal]

[![Buy me a coffee][🖇buyme-small-img]][🖇buyme] [Donate on Polar][🖇polar] [![Donate to my FLOSS efforts at ko-fi.com][🖇kofi-img]][🖇kofi] [![Donate to my FLOSS efforts using Patreon][🖇patreon-img]][🖇patreon]

... (truncated)

Changelog

Sourced from oauth2's changelog.

[2.0.19] - 2026-05-15

  • TAG: [v2.0.19][2.0.19t]
  • COVERAGE: 100.00% -- 515/515 lines in 14 files
  • BRANCH COVERAGE: 100.00% -- 174/174 branches in 14 files
  • 89.11% documented

Added

  • gh!707 Add OAuth2.config[:filtered_label] to configure the placeholder used for filtered sensitive values in inspected objects and debug logging output by @​pboling
  • gh!707 Add OAuth2.config[:filtered_debug_keys] to configure which key names have their values redacted from debug logging output by @​pboling

Changed

  • gh!707 Make inspect-time and debug-log filters snapshot their configuration at initialization time rather than tracking later config changes by @​pboling
  • gh!714Refactor sensitive-value filtering to use auth-sanitizer while preserving OAuth2::FilteredAttributes as a permanent API alias by @​pboling

Removed

  • Remove the internal OAuth2::ThingFilter and OAuth2::SanitizedLogger implementations now provided by auth-sanitizer by @​pboling

Security

  • gh!707 Redact sensitive values from debug logging output, including Authorization headers and common token/secret fields in headers, query strings, form bodies, and JSON payloads by @​pboling
    • NOTE: debug logging has always been, and remains, opt-in. It is turned off by default.
Commits
  • 63fddbe Merge pull request #715 from ruby-oauth/release-prep/v2.0.19
  • 3898b6c 🔖 Prepare release v2.0.19
  • 3fb1f37 🔧 Appraisals2
  • bc0b86d 🔧 mise.toml
  • 1f1ae93 📝 CHANGELOG.md
  • c7ff453 Merge pull request #711 from ruby-oauth/dependabot/github_actions/pozil/auto-...
  • 03f9a78 Bump pozil/auto-assign-issue from 2 to 3
  • 422bdfb Merge pull request #712 from ruby-oauth/dependabot/github_actions/ruby/setup-...
  • 26dd20f Merge pull request #713 from ruby-oauth/dependabot/github_actions/actions/dep...
  • 62cae3d Merge pull request #714 from ruby-oauth/feat/auth-sanitizer
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump oauth2 from 2.0.18 to 2.0.19
42f15ba 
Bumps [oauth2](https://github.com/ruby-oauth/oauth2) from 2.0.18 to 2.0.19.
- [Release notes](https://github.com/ruby-oauth/oauth2/releases)
- [Changelog](https://github.com/ruby-oauth/oauth2/blob/main/CHANGELOG.md)
- [Commits](ruby-oauth/oauth2@v2.0.18...v2.0.19)

---
updated-dependencies:
- dependency-name: oauth2
  dependency-version: 2.0.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@phylor phylor merged commit d27e703 into main May 18, 2026
2 checks passed
@phylor phylor deleted the dependabot/bundler/oauth2-2.0.19 branch May 18, 2026 08:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@phylor