Skip to content

chore(deps): update uv: bump authlib from 1.6.9 to 1.6.11#255

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/uv/authlib-1.6.11
Apr 20, 2026
Merged

chore(deps): update uv: bump authlib from 1.6.9 to 1.6.11#255
github-actions[bot] merged 1 commit intomainfrom
dependabot/uv/authlib-1.6.11

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 17, 2026
edited
Loading

Bumps authlib from 1.6.9 to 1.6.11.

Release notes

Sourced from authlib's releases.

v1.6.11

Full Changelog: authlib/authlib@v1.6.10...v1.6.11

  • Fix CSRF issue with starlette client

v1.6.10

Full Changelog: authlib/authlib@v1.6.9...v1.6.10

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Changelog

Sourced from authlib's changelog.

Version 1.6.11

Released on Apr 16, 2026

  • Fix CSRF vulnerability in the Starlette OAuth client when a cache is configured.

Version 1.6.10

Released on Apr 13, 2026

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Commits
  • 0dc0e5b chore: bump to 1.6.11
  • aa7b8e4 Merge commit from fork
  • 401a770 fix: CSRF issue with starlette client
  • ef09aeb chore: release 1.6.10
  • 3be0846 fix: redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 17, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 17, 2026 00:19
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 17, 2026
@dependabot dependabot Bot requested review from awsjjzhou and rshevchuk-git April 17, 2026 00:19
@github-actions github-actions Bot enabled auto-merge (squash) April 17, 2026 00:19
@dependabot dependabot Bot force-pushed the dependabot/uv/authlib-1.6.11 branch from 77744d3 to cfa543a Compare April 20, 2026 08:07
@dependabot
chore(deps): update uv: bump authlib from 1.6.9 to 1.6.11
d929209 
Bumps [authlib](https://github.com/authlib/authlib) from 1.6.9 to 1.6.11.
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/v1.6.11/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.9...v1.6.11)

---
updated-dependencies:
- dependency-name: authlib
  dependency-version: 1.6.11
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/authlib-1.6.11 branch from cfa543a to d929209 Compare April 20, 2026 13:49
@github-actions github-actions Bot merged commit cf07b9c into main Apr 20, 2026
6 checks passed
@github-actions github-actions Bot deleted the dependabot/uv/authlib-1.6.11 branch April 20, 2026 13:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arnewouters arnewouters arnewouters approved these changes

@anasstahr anasstahr anasstahr approved these changes

@rshevchuk-git rshevchuk-git Awaiting requested review from rshevchuk-git rshevchuk-git is a code owner automatically assigned from aws/aws-mcp

@awsjjzhou awsjjzhou Awaiting requested review from awsjjzhou awsjjzhou is a code owner automatically assigned from aws/aws-mcp

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@arnewouters @anasstahr