Bump pyjwt from 2.9.0 to 2.10.0 #5009

dependabot · 2024-11-18T16:43:26Z

Bumps pyjwt from 2.9.0 to 2.10.0.

Release notes

2.10.0

What's Changed

chore: use sequence for typing rather than list by @imnotjames in jpadilla/pyjwt#970

Add support for Python 3.13 by @hugovk in jpadilla/pyjwt#972

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#971

Add an RTD config file to resolve RTD build failures by @kurtmckee in jpadilla/pyjwt#977

docs: Update iat exception docs by @pachewise in jpadilla/pyjwt#974

Remove algorithm requirement for JWT API by @luhn in jpadilla/pyjwt#975

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#978

Create SECURITY.md by @auvipy in jpadilla/pyjwt#973

docs fix: decode_complete scope and algorithms by @RbnRncn in jpadilla/pyjwt#982

fix doctest for docs/usage.rst by @pachewise in jpadilla/pyjwt#986

fix test_utils.py not to xfail by @pachewise in jpadilla/pyjwt#987

Correct jwt.decode audience param doc expression by @peter279k in jpadilla/pyjwt#994

Add PS256 encoding and decoding usage by @peter279k in jpadilla/pyjwt#992

Add API docs for PyJWK by @luhn in jpadilla/pyjwt#980

Refactor project configuration files from setup.cfg to pyproject.toml PEP-518 by @cleder in jpadilla/pyjwt#995

Add JWK support to JWT encode by @luhn in jpadilla/pyjwt#979

Update pre-commit hooks to lint pyproject.toml by @cleder in jpadilla/pyjwt#1002

Add EdDSA algorithm encoding/decoding usage by @peter279k in jpadilla/pyjwt#993

Ruff linter and formatter changes by @gagandeepp in jpadilla/pyjwt#1001

Validate sub and jti claims for the token by @Divan009 in jpadilla/pyjwt#1005

Add ES256 usage by @Gautam-Hegde in jpadilla/pyjwt#1003

Encode EC keys with a fixed bit length by @way-dave in jpadilla/pyjwt#990

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#1000

Drop support for Python 3.8 by @kkirsche in jpadilla/pyjwt#1007

Prepare 2.10.0 release by @benvdh in jpadilla/pyjwt#1011

Bump codecov/codecov-action from 4 to 5 by @dependabot in jpadilla/pyjwt#1014

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#1006

New Contributors

@imnotjames made their first contribution in jpadilla/pyjwt#970

@kurtmckee made their first contribution in jpadilla/pyjwt#977

@pachewise made their first contribution in jpadilla/pyjwt#974

@RbnRncn made their first contribution in jpadilla/pyjwt#982

@peter279k made their first contribution in jpadilla/pyjwt#994

@cleder made their first contribution in jpadilla/pyjwt#995

@gagandeepp made their first contribution in jpadilla/pyjwt#1001

@Divan009 made their first contribution in jpadilla/pyjwt#1005

@Gautam-Hegde made their first contribution in jpadilla/pyjwt#1003

@way-dave made their first contribution in jpadilla/pyjwt#990

Full Changelog: jpadilla/pyjwt@2.9.0...2.10.0

Changelog

Sourced from pyjwt's changelog.

`v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>`__

Changed


- Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @luhn in `[#975](https://github.com/jpadilla/pyjwt/issues/975) <https://github.com/jpadilla/pyjwt/pull/975>`__
- Use ``Sequence`` for parameter types rather than ``List`` where applicable by @imnotjames in `[#970](https://github.com/jpadilla/pyjwt/issues/970) <https://github.com/jpadilla/pyjwt/pull/970>`__
- Add JWK support to JWT encode by @luhn in `[#979](https://github.com/jpadilla/pyjwt/issues/979) <https://github.com/jpadilla/pyjwt/pull/979>`__
- Encoding and decoding payloads using the `none` algorithm by @jpadilla in `#c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>`
Before:
.. code-block:: pycon
>>> import jwt
>>> jwt.encode({"payload": "abc"}, key=None, algorithm=None)
After:
.. code-block:: pycon
>>> import jwt
>>> jwt.encode({"payload": "abc"}, key=None, algorithm="none")

Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @Divan009 in [#1005](https://github.com/jpadilla/pyjwt/issues/1005) &lt;https://github.com/jpadilla/pyjwt/pull/1005&gt;__
Refactor project configuration files from setup.cfg to pyproject.toml by @cleder in [#995](https://github.com/jpadilla/pyjwt/issues/995) &lt;https://github.com/jpadilla/pyjwt/pull/995&gt;__
Ruff linter and formatter changes by @gagandeepp in [#1001](https://github.com/jpadilla/pyjwt/issues/1001) &lt;https://github.com/jpadilla/pyjwt/pull/1001&gt;__
Drop support for Python 3.8 (EOL) by @kkirsche in [#1007](https://github.com/jpadilla/pyjwt/issues/1007) &lt;https://github.com/jpadilla/pyjwt/pull/1007&gt;__

Fixed

- Encode EC keys with a fixed bit length by @etianen in `[#990](https://github.com/jpadilla/pyjwt/issues/990) &lt;https://github.com/jpadilla/pyjwt/pull/990&gt;`__
- Add an RTD config file to resolve Read the Docs build failures by @kurtmckee in `[#977](https://github.com/jpadilla/pyjwt/issues/977) &lt;https://github.com/jpadilla/pyjwt/pull/977&gt;`__
- Docs: Update ``iat`` exception docs by @pachewise in `[#974](https://github.com/jpadilla/pyjwt/issues/974) &lt;https://github.com/jpadilla/pyjwt/pull/974&gt;`__
- Docs: Fix ``decode_complete`` scope and algorithms by @RbnRncn in `[#982](https://github.com/jpadilla/pyjwt/issues/982) &lt;https://github.com/jpadilla/pyjwt/pull/982&gt;`__
- Fix doctest for ``docs/usage.rst`` by @pachewise in `[#986](https://github.com/jpadilla/pyjwt/issues/986) &lt;https://github.com/jpadilla/pyjwt/pull/986&gt;`__
- Fix ``test_utils.py`` not to xfail by @pachewise in `[#987](https://github.com/jpadilla/pyjwt/issues/987) &lt;https://github.com/jpadilla/pyjwt/pull/987&gt;`__
- Docs: Correct `jwt.decode` audience param doc expression by @peter279k in `[#994](https://github.com/jpadilla/pyjwt/issues/994) &lt;https://github.com/jpadilla/pyjwt/pull/994&gt;`__
Added



Add support for python 3.13 by @hugovk in [#972](https://github.com/jpadilla/pyjwt/issues/972) &lt;https://github.com/jpadilla/pyjwt/pull/972&gt;__
Create SECURITY.md by @auvipy and @jpadilla in [#973](https://github.com/jpadilla/pyjwt/issues/973) &lt;https://github.com/jpadilla/pyjwt/pull/973&gt;__
Docs: Add PS256 encoding and decoding usage by @peter279k in [#992](https://github.com/jpadilla/pyjwt/issues/992) &lt;https://github.com/jpadilla/pyjwt/pull/992&gt;__
</tr></table>

... (truncated)

Commits

783f324 [pre-commit.ci] pre-commit autoupdate (#1006)
0116fc6 Bump codecov/codecov-action from 4 to 5 (#1014)
b032353 feat: surface jwt.decode_complete(...)
a759c45 Prepare 2.10.0 release (#1011)
b6b8bce Drop support for Python 3.8 (#1007)
189c256 Update index.rst
1900857 Update index.rst
8fe9eab Update README.rst
6f73f6f [pre-commit.ci] pre-commit autoupdate (#1000)
c2629f6 update changelog
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.9.0 to 2.10.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.9.0...2.10.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot requested a review from hosseinsh as a code owner November 18, 2024 16:43

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 18, 2024

dependabot bot requested review from charhate, jtschladen, douglasc-nflx and jmcrawford45 as code owners November 18, 2024 16:43