Bump OpenIddict to 5.6.0 #16054
Bump OpenIddict to 5.6.0 #16054
Conversation
kevinchalet
added
OpenId
dependencies
|
Does this fix something important/regression since 1.8, or why the 2.0 milestone? |
It indeed includes a few fixes (nothing "critical", tho').
I simply opted for the earliest release: since only the latest OpenIddict minor version is supported, it's always a good idea to reference it to ensure end users are not accidentally using an old version. That said, if you prefer postponing that to the next release, no problem. |
|
@kevinchalet I don't think we should tag with 2.0 unless we want to hold the release of 2.0 due to this PR. However, I see no reason not to merge this. I changed the tag to 2.x but this should be merged unless @Piedone sees an issue that I am missing. |
|
OK, thanks. Just that it's unusual for a PR to have a milestone, but when it's for the upcoming concrete release then that means we really want it to have in it. So, I was confused. I'm OK with it if Kévin you also tested it and it doesn't break anything obvious and if this point doesn't affect us. |
Haha, I do that with all my PRs (not just here, but basically everywhere), as it's a very easy way for users to know when the change(s) introduced by a PR ship(s) (otherwise they have to look at the merged commit to see if it's included in a specific tag, which isn't something most users are familiar with). (in the same vein, I always try to add the relevant tags to my PRs, so they are easier to find by users who're interested in a specific area).
As a user, I personally find "2.x" milestones very confusing, specially when applied to PRs: okay, the change landed in a 2.x release... but which one? 🤣
I tested the good old authorization code flow with PKCE with Postman it worked fine 👍🏻 https://github.com/search?q=repo%3AOrchardCMS%2FOrchardCore%20GetClaims&type=code |
|
OK, thanks! |
https://github.com/openiddict/openiddict-core/releases/tag/5.6.0