From 0036d5f4e0e632e7ee757b6d1de8410ceee6f31f Mon Sep 17 00:00:00 2001
From: nbloomf <nathan.bloomfield@automattic.com>
Date: Tue, 7 Jul 2020 23:50:23 -0500
Subject: [PATCH] Bump version bounds for dependency hoauth2

We're about to replace the call to `fetchAccessToken` from hoauth2 by `fetchAccessToken2`, which was introduced in 1.7.0 and amended in 1.11.0, to allow for oauth2 implementations that expect POST token payloads. Either the initial or the amended version of `fetchAccessToken2` would work for this, but here we've chosen the most conservative working version bump.
---
 package.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.yaml b/package.yaml
index 552f81a..d31f6ca 100644
--- a/package.yaml
+++ b/package.yaml
@@ -25,7 +25,7 @@ library:
     - aeson >=0.6 && <1.5
     - bytestring >=0.9.1.4
     - errors
-    - hoauth2 >=1.3.0 && <1.9
+    - hoauth2 >=1.7.0 && <1.11
     - http-client >=0.4.0 && <0.7
     - http-conduit >=2.0 && <3.0
     - http-types >=0.8 && <0.13