Bump omniauth-facebook from 1.4.0 to 1.5.1

[dependabot]

Bumps omniauth-facebook from 1.4.0 to 1.5.1.

Release notes

Sourced from omniauth-facebook's releases.

v9.0.0 (defaults to FB Graph API 5.0)

What's Changed

• Replace Travis CI with GitHub Actions by @​olleolleolle in simi/omniauth-facebook#350
• addds ruby 3 to CI matrix by @​swiknaba in simi/omniauth-facebook#352
• Gemfile: Simplify away Ruby 2.2 workaround by @​olleolleolle in simi/omniauth-facebook#354
• Change secure_image_url default from false to true by @​swiknaba in simi/omniauth-facebook#346
• Bump Facebook Graph API to v5.0 by @​mstr03 in simi/omniauth-facebook#366

New Contributors

• @​swiknaba made their first contribution in simi/omniauth-facebook#352
• @​mstr03 made their first contribution in simi/omniauth-facebook#366

Full Changelog: simi/omniauth-facebook@v8.0.0...v9.0.0

v7.0.0 (defaults to FB Graph API 4.0)

bumped version of FB Graph API to v4.0

v6.0.0 (defaults to FB Graph API 3.0)

• bumped version of FB Graph API to v3.0

v5.0.0 (defaults to FB Graph API 2.10)

• bumped version of FB Graph API to v2.10

Changelog

Sourced from omniauth-facebook's changelog.

1.5.1 (2013-11-18)

Changes:

• don't use access_token in URL CVE-2013-4593 (@​homakov, @​mkdynamic, @​simi)

1.5.0 (2013-11-13)

Changes:

• remove state param to fix CSRF vulnerabilty CVE-2013-4562 (@​homakov, @​mkdynamic, @​simi)

1.4.1 (2012-07-07)

Changes:

• update to omniauth-oauth2 1.1.0 for csrf protection (@​mkdynamic)

Commits

• d2f099d bump 1.5.1
• a0270b8 remove references to state param in docs
• 115c0a7 this does not provide authentication, should not be used
• fd62381 remove now redundant per-request state from signed_request flow (it will fail...
• a3d5375 config travis to build all branches
• 92f3ceb trigger travis CI build
• ccfcc26 fix CSRF vulnerability. prepare 1.5.0 release
• 4845511 bump 1.4.1
• c07e228 update to omniauth-oauth2 1.1.0 for csrf protection
• 8441e6e switch to minitest, see how it goes
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.