From 03470f59d02ac872797761604c0d2fd36a9950d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Aug 2024 05:48:16 +0000 Subject: [PATCH] Bump pyjwt from 2.8.0 to 2.9.0 (#268) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.8.0 to 2.9.0.
Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0

Changelog

Sourced from pyjwt's changelog.

v2.9.0 <https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0>__

Changed


- Drop support for Python 3.7 (EOL) by @hugovk in
`[#910](https://github.com/jpadilla/pyjwt/issues/910)
<https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by
@mattpollak in `[#913](https://github.com/jpadilla/pyjwt/issues/913)
<https://github.com/jpadilla/pyjwt/pull/913>`__

Fixed



- Fix unnecessary string concatenation by @sirosen in
`[#904](https://github.com/jpadilla/pyjwt/issues/904)
&lt;https://github.com/jpadilla/pyjwt/pull/904&gt;`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option
by @woodruffw in `[#923](https://github.com/jpadilla/pyjwt/issues/923)
&lt;https://github.com/jpadilla/pyjwt/pull/923&gt;`__
- Fix docs step by @jpadilla in
`[#950](https://github.com/jpadilla/pyjwt/issues/950)
&lt;https://github.com/jpadilla/pyjwt/pull/950&gt;`__
- Fix: Remove an unused variable from example code block by @kenkoooo in
`[#958](https://github.com/jpadilla/pyjwt/issues/958)
&lt;https://github.com/jpadilla/pyjwt/pull/958&gt;`__

Added



    

  • Add support for Python 3.12 by @​hugovk in
[#910](https://github.com/jpadilla/pyjwt/issues/910)
&lt;https://github.com/jpadilla/pyjwt/pull/910&gt;__
    • 

  • Improve performance of is_ssh_key + add unit test by @​bdraco in
[#940](https://github.com/jpadilla/pyjwt/issues/940)
&lt;https://github.com/jpadilla/pyjwt/pull/940&gt;__
    • 

  • Allow jwt.decode() to accept a PyJWK object by @​luhn in
[#886](https://github.com/jpadilla/pyjwt/issues/886)
&lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
    • 

  • Make algorithm_name attribute available on PyJWK by @​luhn in
[#886](https://github.com/jpadilla/pyjwt/issues/886)
&lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
    • 

  • Raise InvalidKeyError on invalid PEM keys to be
compatible with cryptography 42.x.x by @​CollinEMac in
[#952](https://github.com/jpadilla/pyjwt/issues/952)
&lt;https://github.com/jpadilla/pyjwt/pull/952&gt;__
    • 

  • Raise an exception when required cryptography dependency is missing
by @​tobloef in
&lt;https://github.com/jpadilla/pyjwt/pull/963&gt;__
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.8.0&new-version=2.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Pipfile | 2 +- Pipfile.lock | 10 +++++----- requirements.txt | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Pipfile b/Pipfile index f3df3008..abfb2a48 100644 --- a/Pipfile +++ b/Pipfile @@ -30,7 +30,7 @@ minizinc = "==0.9.0" mysqlclient = "==2.2.4" pipenv = "*" pycparser = "==2.22" -pyjwt = "==2.8.0" +pyjwt = "==2.9.0" python-dateutil = "==2.9.0.post0" python-dotenv = "==1.0.1" python-editor = "==1.0.4" diff --git a/Pipfile.lock b/Pipfile.lock index f6af8e34..b18bb205 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "ab04b745e63ba0c3950e179f7b3ab6282d41425ba5a6eb000190af35b236edef" + "sha256": "19d2c44d5c01613f458a55c79e42cf7f0b76b9b85230b8bec6a3c1a8fe589bc1" }, "pipfile-spec": 6, "requires": { @@ -550,12 +550,12 @@ }, "pyjwt": { "hashes": [ - "sha256:57e28d156e3d5c10088e0c68abb90bfac3df82b40a71bd0daa20c65ccd5c23de", - "sha256:59127c392cc44c2da5bb3192169a91f429924e17aff6534d70fdc02ab3e04320" + "sha256:3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850", + "sha256:7e1e5b56cc735432a7369cbfa0efe50fa113ebecdc04ae6922deba8b84582d0c" ], "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==2.8.0" + "markers": "python_version >= '3.8'", + "version": "==2.9.0" }, "pytest": { "hashes": [ diff --git a/requirements.txt b/requirements.txt index 303aa649..5ef394ba 100644 --- a/requirements.txt +++ b/requirements.txt @@ -35,7 +35,7 @@ pipenv==2023.12.1; python_version >= '3.8' platformdirs==4.2.0; python_version >= '3.8' pluggy==1.5.0; python_version >= '3.8' pycparser==2.22; python_version >= '3.8' -pyjwt==2.8.0; python_version >= '3.7' +pyjwt==2.9.0; python_version >= '3.8' pytest==8.1.1; python_version >= '3.8' python-dateutil==2.9.0.post0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' python-dotenv==1.0.1; python_version >= '3.8' @@ -55,5 +55,5 @@ typing-extensions==4.12.2; python_version >= '3.8' urllib3==1.26.19; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' virtualenv==20.25.1; python_version >= '3.7' virtualenv-clone==0.5.7; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' -werkzeug==3.0.4; python_version >= '3.8' +werkzeug==3.0.3; python_version >= '3.8' zipp==3.20.0; python_version >= '3.8'