From 8237cdfc3cf04b62a3daeff749720935ff712aba Mon Sep 17 00:00:00 2001 From: arpit-jain_atko Date: Tue, 12 May 2026 16:33:51 +0530 Subject: [PATCH 1/6] Release v3.2.0 --- .version | 2 +- CHANGELOG.md | 11 +++ Gemfile.lock | 173 +++++++++++++++++++--------------- lib/omniauth-auth0/version.rb | 2 +- 4 files changed, 111 insertions(+), 77 deletions(-) diff --git a/.version b/.version index 50e47c8..a4f52a5 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -3.1.1 \ No newline at end of file +3.2.0 \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index fd800f0..c241fef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Change Log +## [v3.2.0](https://github.com/auth0/omniauth-auth0/tree/v3.2.0) (2026-05-12) +[Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.1...v3.2.0) + +**Added** +- Add support for client assertion signing key authentication [\#203](https://github.com/auth0/omniauth-auth0/pull/203) ([kaczowkad](https://github.com/kaczowkad)) + +**Security** +- Bump faraday from 2.7.10 to 2.14.1 [\#215](https://github.com/auth0/omniauth-auth0/pull/215) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump rack from 2.2.7 to 2.2.23 [\#217](https://github.com/auth0/omniauth-auth0/pull/217) ([dependabot[bot]](https://github.com/apps/dependabot)) +- chore: Bump rexml from 3.2.5 to 3.3.9 [\#206](https://github.com/auth0/omniauth-auth0/pull/206) ([arpit-jn](https://github.com/arpit-jn)) + ## [v3.2.0](https://github.com/auth0/omniauth-auth0/tree/v3.2.0) (2023-07-14) [Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.0...v3.2.0) diff --git a/Gemfile.lock b/Gemfile.lock index 08c0f2a..5e70b44 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - omniauth-auth0 (3.1.1) + omniauth-auth0 (3.2.0) jwt (~> 2) omniauth (~> 2) omniauth-oauth2 (~> 1) @@ -9,15 +9,18 @@ PATH GEM remote: https://rubygems.org/ specs: - addressable (2.8.4) - public_suffix (>= 2.0.2, < 6.0) - ast (2.4.2) + addressable (2.9.0) + public_suffix (>= 2.0.2, < 8.0) + ast (2.4.3) + base64 (0.3.0) + bigdecimal (4.1.2) coderay (1.1.3) - crack (0.4.5) + crack (1.0.1) + bigdecimal rexml daemons (1.4.1) - diff-lcs (1.5.0) - docile (1.4.0) + diff-lcs (1.6.2) + docile (1.4.1) dotenv (2.8.1) eventmachine (1.2.7) faraday (2.14.1) @@ -26,11 +29,16 @@ GEM logger faraday-net_http (3.4.2) net-http (~> 0.5) - ffi (1.15.5) - formatador (1.1.0) - guard (2.18.0) + ffi (1.17.4-aarch64-linux-gnu) + ffi (1.17.4-arm64-darwin) + ffi (1.17.4-x86_64-darwin) + ffi (1.17.4-x86_64-linux-gnu) + formatador (1.2.3) + reline + guard (2.20.1) formatador (>= 0.2.4) listen (>= 2.7, < 4.0) + logger (~> 1.6) lumberjack (>= 1.0.12, < 2.0) nenv (~> 0.1) notiffany (~> 0.0) @@ -42,90 +50,102 @@ GEM guard (~> 2.1) guard-compat (~> 1.1) rspec (>= 2.99.0, < 4.0) - hashdiff (1.0.1) - hashie (5.0.0) - json (2.6.3) - jwt (2.7.1) - language_server-protocol (3.17.0.3) - listen (3.8.0) + hashdiff (1.2.1) + hashie (5.1.0) + logger + io-console (0.8.2) + json (2.19.5) + jwt (2.10.2) + base64 + language_server-protocol (3.17.0.5) + lint_roller (1.1.0) + listen (3.10.0) + logger rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) logger (1.7.0) - lumberjack (1.2.8) - method_source (1.0.0) - multi_json (1.15.0) - multi_xml (0.6.0) - mustermann (3.0.0) - ruby2_keywords (~> 0.0.1) + lumberjack (1.4.2) + method_source (1.1.0) + multi_json (1.21.1) + multi_xml (0.9.1) + bigdecimal (>= 3.1, < 5) + mustermann (3.1.1) nenv (0.3.0) net-http (0.9.1) uri (>= 0.11.1) notiffany (0.1.3) nenv (~> 0.1) shellany (~> 0.0) - oauth2 (2.0.9) - faraday (>= 0.17.3, < 3.0) - jwt (>= 1.0, < 3.0) + oauth2 (2.0.18) + faraday (>= 0.17.3, < 4.0) + jwt (>= 1.0, < 4.0) + logger (~> 1.2) multi_xml (~> 0.5) rack (>= 1.2, < 4) - snaky_hash (~> 2.0) - version_gem (~> 1.1) - omniauth (2.1.1) + snaky_hash (~> 2.0, >= 2.0.3) + version_gem (~> 1.1, >= 1.1.9) + omniauth (2.1.4) hashie (>= 3.4.6) + logger rack (>= 2.2.3) rack-protection - omniauth-oauth2 (1.8.0) - oauth2 (>= 1.4, < 3) + omniauth-oauth2 (1.9.0) + oauth2 (>= 2.0.2, < 3) omniauth (~> 2.0) - parallel (1.23.0) - parser (3.2.2.3) + parallel (2.1.0) + parser (3.3.11.1) ast (~> 2.4.1) racc - pry (0.14.2) + prism (1.9.0) + pry (0.16.0) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (5.0.3) - racc (1.7.1) + reline (>= 0.6.0) + public_suffix (7.0.5) + racc (1.8.1) rack (2.2.23) - rack-protection (3.0.6) - rack - rack-test (2.1.0) + rack-protection (3.2.0) + base64 (>= 0.1.0) + rack (~> 2.2, >= 2.2.4) + rack-test (2.2.0) rack (>= 1.3) rainbow (3.1.1) - rake (13.0.6) + rake (13.4.2) rb-fsevent (0.11.2) - rb-inotify (0.10.1) + rb-inotify (0.11.1) ffi (~> 1.0) - regexp_parser (2.8.1) - rexml (3.3.9) - rspec (3.12.0) - rspec-core (~> 3.12.0) - rspec-expectations (~> 3.12.0) - rspec-mocks (~> 3.12.0) - rspec-core (3.12.2) - rspec-support (~> 3.12.0) - rspec-expectations (3.12.3) + regexp_parser (2.12.0) + reline (0.6.3) + io-console (~> 0.5) + rexml (3.4.4) + rspec (3.13.2) + rspec-core (~> 3.13.0) + rspec-expectations (~> 3.13.0) + rspec-mocks (~> 3.13.0) + rspec-core (3.13.6) + rspec-support (~> 3.13.0) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-mocks (3.12.6) + rspec-support (~> 3.13.0) + rspec-mocks (3.13.8) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-support (3.12.1) - rubocop (1.54.2) + rspec-support (~> 3.13.0) + rspec-support (3.13.7) + rubocop (1.86.1) json (~> 2.3) - language_server-protocol (>= 3.17.0) - parallel (~> 1.10) - parser (>= 3.2.2.3) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) + parallel (>= 1.10) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 1.8, < 3.0) - rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.28.0, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.49.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.29.0) - parser (>= 3.2.1.0) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.49.1) + parser (>= 3.3.7.2) + prism (~> 1.7) ruby-progressbar (1.13.0) - ruby2_keywords (0.0.5) shellany (0.0.1) shotgun (0.9.2) rack (>= 1.0) @@ -136,26 +156,28 @@ GEM simplecov-cobertura (2.1.0) rexml simplecov (~> 0.19) - simplecov-html (0.12.3) + simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) - sinatra (3.0.6) + sinatra (3.2.0) mustermann (~> 3.0) rack (~> 2.2, >= 2.2.4) - rack-protection (= 3.0.6) + rack-protection (= 3.2.0) tilt (~> 2.0) - snaky_hash (2.0.1) - hashie - version_gem (~> 1.1, >= 1.1.1) + snaky_hash (2.0.3) + hashie (>= 0.1.0, < 6) + version_gem (>= 1.1.8, < 3) thin (1.8.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) - thor (1.2.2) - tilt (2.2.0) - unicode-display_width (2.4.2) + thor (1.5.0) + tilt (2.7.0) + unicode-display_width (3.2.0) + unicode-emoji (~> 4.1) + unicode-emoji (4.2.0) uri (1.1.1) - version_gem (1.1.3) - webmock (3.18.1) + version_gem (1.1.9) + webmock (3.26.2) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) @@ -165,6 +187,7 @@ PLATFORMS arm64-darwin-21 arm64-darwin-22 arm64-darwin-23 + arm64-darwin-25 x86_64-darwin-22 x86_64-linux diff --git a/lib/omniauth-auth0/version.rb b/lib/omniauth-auth0/version.rb index afc7afb..50e694c 100644 --- a/lib/omniauth-auth0/version.rb +++ b/lib/omniauth-auth0/version.rb @@ -1,5 +1,5 @@ module OmniAuth module Auth0 - VERSION = '3.1.1'.freeze + VERSION = '3.2.0'.freeze end end From f484dbc4c42d967e1edb27d1df1b0f731cd47919 Mon Sep 17 00:00:00 2001 From: arpit-jain_atko Date: Thu, 28 May 2026 11:05:24 +0530 Subject: [PATCH 2/6] ci: Use bundle update to avoid RubyGems CDN inconsistency with lockfile-pinned versions --- .github/actions/setup/action.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index 5c45715..8209684 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -10,10 +10,6 @@ inputs: description: The path to the bundle cache required: false default: vendor/bundle - bundler-cache: - description: Whether to use the bundler cache - required: false - default: true runs: using: composite @@ -23,10 +19,10 @@ runs: uses: ruby/setup-ruby@v1 with: ruby-version: ${{ inputs.ruby }} - bundler-cache: ${{ inputs.bundle-cache }} + bundler-cache: false - name: Install dependencies - run: bundle check || bundle install + run: bundle update || bundle install shell: bash env: BUNDLE_PATH: ${{ inputs.bundle-path }} From afb8214d7852d8ac05849373d9a90741ae0afadf Mon Sep 17 00:00:00 2001 From: arpit-jain_atko Date: Thu, 28 May 2026 11:11:07 +0530 Subject: [PATCH 3/6] fix: Add missing require cgi for Ruby 3.0 compatibility in tests --- spec/omniauth/strategies/auth0_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/omniauth/strategies/auth0_spec.rb b/spec/omniauth/strategies/auth0_spec.rb index 4d47adf..60482fe 100644 --- a/spec/omniauth/strategies/auth0_spec.rb +++ b/spec/omniauth/strategies/auth0_spec.rb @@ -3,6 +3,7 @@ require 'spec_helper' require 'jwt' require 'multi_json' +require 'cgi' OmniAuth.config.allowed_request_methods = [:get, :post] From aeac2d5f2437d5ab266473629218d9e7a5d0c799 Mon Sep 17 00:00:00 2001 From: arpit-jain_atko Date: Thu, 28 May 2026 12:41:11 +0530 Subject: [PATCH 4/6] fix: Bump simplecov-cobertura to ~> 3.0 to fix rexml 3.4.4 compatibility crash in CI --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 78f32a4..92041bb 100644 --- a/Gemfile +++ b/Gemfile @@ -19,7 +19,7 @@ group :test do gem 'listen', '~> 3' gem 'rack-test', '~> 2', '>= 2.0.2' gem 'rspec', '~> 3' - gem 'simplecov-cobertura', '~> 2' + gem 'simplecov-cobertura', '~> 3.0' gem 'webmock', '~> 3' gem 'multi_json', '~> 1' end diff --git a/Gemfile.lock b/Gemfile.lock index 5e70b44..47100a4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -153,7 +153,7 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-cobertura (2.1.0) + simplecov-cobertura (3.1.0) rexml simplecov (~> 0.19) simplecov-html (0.13.2) @@ -205,7 +205,7 @@ DEPENDENCIES rspec (~> 3) rubocop (~> 1) shotgun (~> 0, >= 0.9.2) - simplecov-cobertura (~> 2) + simplecov-cobertura (~> 3.0) sinatra (~> 3) thin (~> 1) webmock (~> 3) From 25279e3350dd1ab69a60076067727cb60fde95d4 Mon Sep 17 00:00:00 2001 From: arpit-jain_atko Date: Thu, 28 May 2026 12:53:03 +0530 Subject: [PATCH 5/6] docs: Remove phantom v3.2.0 changelog entry that was never published and consolidate into v3.1.1 --- CHANGELOG.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c241fef..43f5222 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,8 +11,8 @@ - Bump rack from 2.2.7 to 2.2.23 [\#217](https://github.com/auth0/omniauth-auth0/pull/217) ([dependabot[bot]](https://github.com/apps/dependabot)) - chore: Bump rexml from 3.2.5 to 3.3.9 [\#206](https://github.com/auth0/omniauth-auth0/pull/206) ([arpit-jn](https://github.com/arpit-jn)) -## [v3.2.0](https://github.com/auth0/omniauth-auth0/tree/v3.2.0) (2023-07-14) -[Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.0...v3.2.0) +## [v3.1.1](https://github.com/auth0/omniauth-auth0/tree/v3.1.1) (2023-03-01) +[Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.0...v3.1.1) **Added** - [SDK-4410] Support Organization Name in JWT validation [\#184](https://github.com/auth0/omniauth-auth0/pull/184) ([stevehobbsdev](https://github.com/stevehobbsdev)) @@ -20,12 +20,6 @@ **Fixed** - fix: upgrade to Sinatra 3 and use Rack::Session::Cookie in tests [\#165](https://github.com/auth0/omniauth-auth0/pull/165) ([stevehobbsdev](https://github.com/stevehobbsdev)) -## [v3.1.1](https://github.com/auth0/omniauth-auth0/tree/v3.1.1) (2023-03-01) -[Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.0...v3.1.1) - -**Fixed** -- fix: upgrade to Sinatra 3 and use Rack::Session::Cookie in tests [\#165](https://github.com/auth0/omniauth-auth0/pull/165) ([stevehobbsdev](https://github.com/stevehobbsdev)) - ## [v3.1.0](https://github.com/auth0/omniauth-auth0/tree/v3.1.0) (2022-11-04) [Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.0.0...v3.1.0) From 4eb8a378a16835c9efd523e4e90c9dfb0791cb1f Mon Sep 17 00:00:00 2001 From: arpit-jain_atko Date: Thu, 28 May 2026 13:01:12 +0530 Subject: [PATCH 6/6] docs: Update release date to today and rename Security section to Dependency Bumps --- CHANGELOG.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 43f5222..49a2464 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,15 +1,15 @@ # Change Log -## [v3.2.0](https://github.com/auth0/omniauth-auth0/tree/v3.2.0) (2026-05-12) +## [v3.2.0](https://github.com/auth0/omniauth-auth0/tree/v3.2.0) (2026-05-27) [Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.1...v3.2.0) **Added** - Add support for client assertion signing key authentication [\#203](https://github.com/auth0/omniauth-auth0/pull/203) ([kaczowkad](https://github.com/kaczowkad)) -**Security** +**Dependency Bumps** - Bump faraday from 2.7.10 to 2.14.1 [\#215](https://github.com/auth0/omniauth-auth0/pull/215) ([dependabot[bot]](https://github.com/apps/dependabot)) - Bump rack from 2.2.7 to 2.2.23 [\#217](https://github.com/auth0/omniauth-auth0/pull/217) ([dependabot[bot]](https://github.com/apps/dependabot)) -- chore: Bump rexml from 3.2.5 to 3.3.9 [\#206](https://github.com/auth0/omniauth-auth0/pull/206) ([arpit-jn](https://github.com/arpit-jn)) +- Bump rexml from 3.2.5 to 3.3.9 [\#206](https://github.com/auth0/omniauth-auth0/pull/206) ([arpit-jn](https://github.com/arpit-jn)) ## [v3.1.1](https://github.com/auth0/omniauth-auth0/tree/v3.1.1) (2023-03-01) [Full Changelog](https://github.com/auth0/omniauth-auth0/compare/v3.1.0...v3.1.1)