-
Notifications
You must be signed in to change notification settings - Fork 7
Commit 7e57295
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
Bump pyjwt from 2.1.0 to 2.2.0 (PR #3336)
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.1.0 to 2.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p>
<blockquote>
<h2>2.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Complete <code>jwt</code> documentation by <a href="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/johachi"><code>@johachi</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/654">jpadilla/pyjwt#654</a></li>
<li>Ignore coverage files generated during test runs by <a href="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/makusu2"><code>@makusu2</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/617">jpadilla/pyjwt#617</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/656">jpadilla/pyjwt#656</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/658">jpadilla/pyjwt#658</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/667">jpadilla/pyjwt#667</a></li>
<li>Fix aud validation to support {'aud': null} case. by <a href="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/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/670">jpadilla/pyjwt#670</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/678">jpadilla/pyjwt#678</a></li>
<li>Prefer headers['alg'] to algorithm parameter in encode(). by <a href="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/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/673">jpadilla/pyjwt#673</a></li>
<li>DOC: Clarify RSA encoding and decoding depend on the cryptography package by <a href="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/TPXP"><code>@TPXP</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/664">jpadilla/pyjwt#664</a></li>
<li>Make typ optional by <a href="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/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/644">jpadilla/pyjwt#644</a></li>
<li>Remove arbitrary kwargs. by <a href="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/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/657">jpadilla/pyjwt#657</a></li>
<li>Assume JWK is valid for signing if "use" is omitted by <a href="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/Klavionik"><code>@Klavionik</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/668">jpadilla/pyjwt#668</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/684">jpadilla/pyjwt#684</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/686">jpadilla/pyjwt#686</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="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/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/689">jpadilla/pyjwt#689</a></li>
<li>Remove upper bound on cryptography version by <a href="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/riconnon"><code>@riconnon</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/693">jpadilla/pyjwt#693</a></li>
<li>Add support for Ed448/EdDSA. by <a href="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/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/675">jpadilla/pyjwt#675</a></li>
<li>Chore: inline Variables that immediately Returned by <a href="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/yezz123"><code>@yezz123</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/690">jpadilla/pyjwt#690</a></li>
<li>Use timezone package as Python 3.5+ is required by <a href="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/kkirsche"><code>@kkirsche</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/694">jpadilla/pyjwt#694</a></li>
<li>Bump up version to v2.2.0 by <a href="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/jpadilla"><code>@jpadilla</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/697">jpadilla/pyjwt#697</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="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/TPXP"><code>@TPXP</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/664">jpadilla/pyjwt#664</a></li>
<li><a href="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/Klavionik"><code>@Klavionik</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/668">jpadilla/pyjwt#668</a></li>
<li><a href="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/riconnon"><code>@riconnon</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/693">jpadilla/pyjwt#693</a></li>
<li><a href="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/yezz123"><code>@yezz123</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/690">jpadilla/pyjwt#690</a></li>
<li><a href="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/kkirsche"><code>@kkirsche</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/694">jpadilla/pyjwt#694</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0">https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0></code>__</h2>
<p>Changed</p>
<pre><code>
- Remove arbitrary kwargs. `[#657](jpadilla/pyjwt#657) <https://github.com/jpadilla/pyjwt/pull/657>`__
- Use timezone package as Python 3.5+ is required. `[#694](jpadilla/pyjwt#694) <https://github.com/jpadilla/pyjwt/pull/694>`__
<p>Fixed</p>
<pre><code>- Assume JWK without the &quot;use&quot; claim is valid for signing as per RFC7517 `[#668](jpadilla/pyjwt#668) &lt;https://github.com/jpadilla/pyjwt/pull/668&gt;`__
- Prefer `headers[&quot;alg&quot;]` to `algorithm` in `jwt.encode()`. `[#673](jpadilla/pyjwt#673) &lt;https://github.com/jpadilla/pyjwt/pull/673&gt;`__
- Fix aud validation to support {'aud': null} case. `[#670](jpadilla/pyjwt#670) &lt;https://github.com/jpadilla/pyjwt/pull/670&gt;`__
- Make `typ` optional in JWT to be compliant with RFC7519. `[#644](jpadilla/pyjwt#644) &lt;https://github.com/jpadilla/pyjwt/pull/644&gt;`__
- Remove upper bound on cryptography version. `[#693](jpadilla/pyjwt#693) &lt;https://github.com/jpadilla/pyjwt/pull/693&gt;`__
Added
</code></pre>
<ul>
<li>Add support for Ed448/EdDSA. <code>[#675](jpadilla/pyjwt#675) &lt;https://github.com/jpadilla/pyjwt/pull/675&gt;</code>__
</code></pre></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/jpadilla/pyjwt/commit/6223ba13780a941a3f4c9dec62f282bdd9b5afb0"><code>6223ba1</code></a> Bump up version to v2.2.0 (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/697">#697</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/258d7bab0ecb86be91738ac1e23744429280acd1"><code>258d7ba</code></a> Use timezone package as Python 3.5+ is required (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/694">#694</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/a988e1a11e5abb5869dd641f3f4f6a5bb4e70fdf"><code>a988e1a</code></a> Chore: inline Variables that immediately Returned (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/690">#690</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/e7a6c022f3f2e5ba329cbadd242c788014926a7e"><code>e7a6c02</code></a> Add support for Ed448/EdDSA. (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/675">#675</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/19ce9c5ec7947428d35aaffd302eb2629210a697"><code>19ce9c5</code></a> Remove upper bound on cryptography version (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/693">#693</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/9249fc70b5aede04c3dcb86e4b6560ab7e032563"><code>9249fc7</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/689">#689</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/fbc0e636bfe70d186a6650be47664527568cc55c"><code>fbc0e63</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/686">#686</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/2032df71cd195db44dcdd253ace68990812f7705"><code>2032df7</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/684">#684</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/63673619e0321a0b58f29a0b2f6626b5b7c3d2ec"><code>6367361</code></a> Assume JWK is valid for signing if "use" is omitted (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/668">#668</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/5fe7f2b28ffcd27a3e520be750858944889112ef"><code>5fe7f2b</code></a> Remove arbitrary kwargs. (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/657">#657</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>1 parent 3af0d42 commit 7e57295Copy full SHA for 7e57295
File tree
Expand file treeCollapse file tree
2 files changed
+6
-1
lines changedFilter options
- changelogs/unreleased
Expand file treeCollapse file tree
2 files changed
+6
-1
lines changedCollapse file: changelogs/unreleased/3336-dependabot.yml
changelogs/unreleased/3336-dependabot.yml
Copy file name to clipboard+5Lines changed: 5 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
Collapse file: requirements.txt
+1-1Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
19 | | - | |
| 19 | + | |
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
| |||
0 commit comments