Upgrade: [dependabot] - bump authlib from 1.6.9 to 1.6.11 in the pip group across 1 directory by dependabot[bot] · Pull Request #258 · NHSDigital/eligibility-signposting-api-regression-tests

dependabot · 2026-04-17T00:40:59Z

Bumps the pip group with 1 update in the / directory: authlib.

Updates authlib from 1.6.9 to 1.6.11

Release notes

v1.6.11

Full Changelog: authlib/authlib@v1.6.10...v1.6.11

Fix CSRF issue with starlette client

v1.6.10

Full Changelog: authlib/authlib@v1.6.9...v1.6.10

Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.

Changelog

Sourced from authlib's changelog.

Version 1.6.11

Released on Apr 16, 2026

Fix CSRF vulnerability in the Starlette OAuth client when a cache is configured.

Version 1.6.10

Released on Apr 13, 2026

Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.

Commits

0dc0e5b chore: bump to 1.6.11
aa7b8e4 Merge commit from fork
401a770 fix: CSRF issue with starlette client
ef09aeb chore: release 1.6.10
3be0846 fix: redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError
See full diff in compare view

github-actions

I'm approving this pull request because it includes a patch or minor update

Bumps the pip group with 1 update in the / directory: [authlib](https://github.com/authlib/authlib). Updates `authlib` from 1.6.9 to 1.6.11 - [Release notes](https://github.com/authlib/authlib/releases) - [Changelog](https://github.com/authlib/authlib/blob/v1.6.11/docs/changelog.rst) - [Commits](authlib/authlib@v1.6.9...v1.6.11) --- updated-dependencies: - dependency-name: authlib dependency-version: 1.6.11 dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions

I'm approving this pull request because it includes a patch or minor update

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 17, 2026

dependabot Bot requested a review from a team as a code owner April 17, 2026 00:41

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 17, 2026

dependabot Bot had a problem deploying to dev April 17, 2026 00:41 Failure

github-actions Bot approved these changes Apr 17, 2026

View reviewed changes

github-actions Bot enabled auto-merge (squash) April 17, 2026 00:41

dependabot Bot force-pushed the dependabot/pip/pip-6f760ee6d8 branch from c2fcf14 to d5483af Compare April 17, 2026 11:22

dependabot Bot temporarily deployed to dev April 17, 2026 11:22 Inactive

github-actions Bot approved these changes Apr 17, 2026

View reviewed changes

github-actions Bot merged commit 6f4c4f7 into main Apr 17, 2026
11 checks passed

github-actions Bot deleted the dependabot/pip/pip-6f760ee6d8 branch April 17, 2026 11:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade: [dependabot] - bump authlib from 1.6.9 to 1.6.11 in the pip group across 1 directory#258

Upgrade: [dependabot] - bump authlib from 1.6.9 to 1.6.11 in the pip group across 1 directory#258
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/pip-6f760ee6d8

dependabot Bot commented on behalf of github Apr 17, 2026 •

edited

Loading

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.6.11

v1.6.10

Version 1.6.11

Version 1.6.10

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 17, 2026 •

edited

Loading