[PR #2356] [CLOSED] Bump django-otp from 1.0.6 to 1.1.1 #2533

New issue

Closed

opened 2026-02-27 12:11:30 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 12:11:30 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/modoboa/modoboa/pull/2356
Author: @dependabot[bot]
Created: 9/15/2021
Status: ❌ Closed

Base: master ← Head: dependabot/pip/django-otp-1.1.1

📝 Commits (1)

458b243 Bump django-otp from 1.0.6 to 1.1.1

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 requirements.txt (+1 -1)

📄 Description

Bumps django-otp from 1.0.6 to 1.1.1.

Changelog

Sourced from django-otp's changelog.

v1.1.1 - September 14, 2021 - Throttling message fix

[#87](https://github.com/django-otp/django-otp/issues/87)_: Fix locked_until key in throttling reason map.

.. _#87: django-otp/django-otp#87

v1.1.0 - September 13, 2021 - Concurrent verification

Where possible, all APIs now verify tokens atomically. This prevents race conditions that could result in a token being verified twice as well as closing gaps in throttling enforcement. Low-level integrators may still need to :ref:manage their own transactions <Low-Level API>.

Commits

d7980bf Version 1.1.1
77cbd5f fix verify_is_allowed locked_until
a7dd4e5 Version 1.1.0
b56f559 Concurrent verify (#86)
b565041 fix typo in document string
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/modoboa/modoboa/pull/2356 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/15/2021 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/pip/django-otp-1.1.1` --- ### 📝 Commits (1) - [`458b243`](https://github.com/modoboa/modoboa/commit/458b243a7d349f95ca00eea6fa5beaf0228594ab) Bump django-otp from 1.0.6 to 1.1.1 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `requirements.txt` (+1 -1) </details> ### 📄 Description Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.6 to 1.1.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/django-otp/django-otp/blob/master/CHANGES.rst">django-otp's changelog</a>.</em></p> <blockquote> <h2>v1.1.1 - September 14, 2021 - Throttling message fix</h2> <ul> <li><code>[#87](https://github.com/django-otp/django-otp/issues/87)</code>_: Fix <code>locked_until</code> key in throttling reason map.</li> </ul> <p>.. _<a href="https://github-redirect.dependabot.com/django-otp/django-otp/issues/87">#87</a>: <a href="https://github-redirect.dependabot.com/django-otp/django-otp/issues/87">django-otp/django-otp#87</a></p> <h2>v1.1.0 - September 13, 2021 - Concurrent verification</h2> <p>Where possible, all APIs now verify tokens atomically. This prevents race conditions that could result in a token being verified twice as well as closing gaps in throttling enforcement. Low-level integrators may still need to :ref:<code>manage their own transactions <Low-Level API></code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django-otp/django-otp/commit/d7980bf516018319158570cc75353c905375a3ab"><code>d7980bf</code></a> Version 1.1.1</li> <li><a href="https://github.com/django-otp/django-otp/commit/77cbd5fe28c1fde2940f618deb7aaaf6a6bf49c4"><code>77cbd5f</code></a> fix verify_is_allowed locked_until</li> <li><a href="https://github.com/django-otp/django-otp/commit/a7dd4e502e25ef15d314cebc72b16ba9a32947c4"><code>a7dd4e5</code></a> Version 1.1.0</li> <li><a href="https://github.com/django-otp/django-otp/commit/b56f5590f455ad021bbcd4076af367d813be59b0"><code>b56f559</code></a> Concurrent verify (<a href="https://github-redirect.dependabot.com/django-otp/django-otp/issues/86">#86</a>)</li> <li><a href="https://github.com/django-otp/django-otp/commit/b5650419a3610755aced5f3f32698ddffb0f19e1"><code>b565041</code></a> fix typo in document string</li> <li>See full diff in <a href="https://github.com/django-otp/django-otp/compare/v1.0.6...v1.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=django-otp&package-manager=pip&previous-version=1.0.6&new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>