Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump authlib from 1.6.8 to 1.6.9

Closed
Number: #38
Type: Pull Request
State: Closed
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 1
Created: March 16, 2026 at 03:45 PM UTC
(3 months ago)
Updated: April 16, 2026 at 11:51 PM UTC
(2 months ago)
Closed: April 16, 2026 at 11:51 PM UTC
(2 months ago)
Time to Close: about 1 month
Labels:
dependencies python:uv
Description:

Bumps authlib from 1.6.8 to 1.6.9.

Release notes

Sourced from authlib's releases.

v1.6.9

Full Changelog: https://github.com/authlib/authlib/compare/v1.6.8...v1.6.9

Changes in jose module

  • Not using header's jwk automatically
  • Add ES256K into default jwt algorithms
  • Remove deprecated algorithm from default registry
  • Generate random cek when cek length doesn't match
Commits
  • 9266eaa chore: release 1.6.9
  • b9bb2b2 fix(oidc): fail close at validating c_hash and at_hash
  • 1b0a1d9 fix(jose): generate random cek when cek length doesn't match
  • 5be3c51 fix(jose): add ES256K into default jwt algorithms
  • 48b345f fix(jose): remove deprecated algorithm from default registry
  • a5d4b2d fix(jose): do not use header's jwk automatically
  • See full diff in compare view

Package Dependencies
Package:
authlib
Ecosystem:
pip
Version Change:
1.6.8 → 1.6.9
Update Type:
Patch
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 15353599
UUID: 4083282014
Node ID: PR_kwDORMKiH87K9pm8
Host: GitHub
Repository: Azure-Samples/python-agentframework-demos