Upgrade: [dependabot] - bump pyjwt from 2.10.0 to 2.10.1 (#1109) · NHSDigital/eps-prescription-status-update-api@141531a

Commit

Upgrade: [dependabot] - bump pyjwt from 2.10.0 to 2.10.1 (#1109)

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.10.0 to 2.10.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jpadilla/pyjwt/releases">pyjwt's
releases</a>.</em></p>
<blockquote>
<h2>2.10.1</h2>
<h2>Fixed</h2>
<ul>
<li>Prevent partial matching of <code>iss</code> claim. Thanks <a
href="https://github.com/fabianbadoi"><code>@fabianbadoi</code></a>!
(See: <a
href="https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm">https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1">https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's
changelog</a>.</em></p>
<blockquote>
<h2><code>v2.10.1
&lt;https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1&gt;</code>__</h2>
<p>Fixed</p>
<pre><code>
- Prevent partial matching of `iss` claim by @fabianbadoi in
`GHSA-75c5-xw7c-p5pm
&lt;https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm&gt;`__
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jpadilla/pyjwt/commit/3ebbb22f30f2b1b41727b269a08b427e9a85d6bb"><code>3ebbb22</code></a>
fix lint</li>
<li><a
href="https://github.com/jpadilla/pyjwt/commit/37748dc1e328f120aa04ec98b2a71a0af6301a24"><code>37748dc</code></a>
update changelog</li>
<li><a
href="https://github.com/jpadilla/pyjwt/commit/33022c25525c1020869c71ce2a4109e44ae4ced1"><code>33022c2</code></a>
Merge commit from fork</li>
<li>See full diff in <a
href="https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.10.0&new-version=2.10.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: anthony-nhs <[email protected]>

Loading branch information

dependabot[bot] and anthony-nhs authored Nov 28, 2024

1 parent 6aeeb6c commit 141531a

poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

pyproject.toml

-Original file line number
+Diff line change
@@ Expand Up / @@ -37,7 +37,7 @@ argparse = "^1.4.0" @@
     pre-commit = "^4.0.1"
     pytest = "^8.3.3"
     cfn-lint = "^1.20.1"
-    pyjwt = {extras = ["crypto"], version = "^2.10.0"}
+    pyjwt = {extras = ["crypto"], version = "^2.10.1"}
     [tool.poetry.scripts]
@@ Expand Down @@

0 comments on commit `141531a`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `141531a`

Commit

There are no files selected for viewing

0 comments on commit 141531a

0 comments on commit `141531a`