From 40d767928e04691685a00711af8406d3c429deb8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 24 Jan 2023 14:38:34 +0000
Subject: [PATCH 1/2] Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1

Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect) from 0.10.0 to 0.10.1.
- [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags)
- [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1)

---
updated-dependencies:
- dependency-name: gitlab-omniauth-openid-connect
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index beb0b91893..5b1b156c93 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -322,7 +322,7 @@ GEM
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     geocoder (1.8.1)
-    gitlab-omniauth-openid-connect (0.10.0)
+    gitlab-omniauth-openid-connect (0.10.1)
       addressable (~> 2.7)
       omniauth (>= 1.9, < 3)
       openid_connect (~> 1.2)

From ef4c99bf49b2b62e4c4821f37306e8deab5c1b24 Mon Sep 17 00:00:00 2001
From: Jean-Baptiste Bellet <jb.bellet@gmail.com>
Date: Tue, 24 Jan 2023 15:45:38 +0100
Subject: [PATCH 2/2] Replace `gitlab-omniauth-openid-connect` by
 `omniauth_openid_connect`

```

All changes in this gem are now upstreamed in omniauth_openid_connect
gem v0.6.0 under the OmniAuth group: https://github.com/omniauth/omniauth_openid_connect.

In your Gemfile, replace the line:

gem 'gitlab-omniauth-openid-connect', '~> 0.10', require: 'omniauth_openid_connect'

With:

gem 'omniauth_openid_connect', '~> 0.6'

The gitlab-omniauth-openid-connect gem is no longer updated.
```

Allow upgrading omniauth_openid_connect gem

The pinned version is the most recent and I would be happy for
Dependabot to suggest newer versions when available.
---
 Gemfile      | 2 +-
 Gemfile.lock | 9 ++++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/Gemfile b/Gemfile
index 27db2936b0..b3c0033b04 100644
--- a/Gemfile
+++ b/Gemfile
@@ -69,7 +69,7 @@ gem 'pagy', '~> 5.1'
 gem 'rswag-api'
 gem 'rswag-ui'
 
-gem 'gitlab-omniauth-openid-connect', require: 'omniauth_openid_connect'
+gem 'omniauth_openid_connect'
 gem 'openid_connect', '~> 1.3'
 gem 'omniauth-rails_csrf_protection'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 5b1b156c93..24f034fbad 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -322,10 +322,6 @@ GEM
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     geocoder (1.8.1)
-    gitlab-omniauth-openid-connect (0.10.1)
-      addressable (~> 2.7)
-      omniauth (>= 1.9, < 3)
-      openid_connect (~> 1.2)
     globalid (1.0.1)
       activesupport (>= 5.0)
     gmaps4rails (2.1.2)
@@ -438,6 +434,9 @@ GEM
     omniauth-rails_csrf_protection (1.0.1)
       actionpack (>= 4.2)
       omniauth (~> 2.0)
+    omniauth_openid_connect (0.6.0)
+      omniauth (>= 1.9, < 3)
+      openid_connect (~> 1.1)
     openid_connect (1.4.2)
       activemodel
       attr_required (>= 1.0.0)
@@ -805,7 +804,6 @@ DEPENDENCIES
   foreman
   fuubar (~> 2.5.1)
   geocoder
-  gitlab-omniauth-openid-connect
   gmaps4rails
   good_migrations
   haml
@@ -832,6 +830,7 @@ DEPENDENCIES
   oauth2 (~> 1.4.7)
   ofn-qz!
   omniauth-rails_csrf_protection
+  omniauth_openid_connect
   openid_connect (~> 1.3)
   order_management!
   pagy (~> 5.1)