Bump jsonwebtoken from 7.2.0 to 8.0.0

[dependabot]

Bumps jsonwebtoken from 7.2.0 to 8.0.0.

Changelog

Sourced from jsonwebtoken's changelog.

8.0.0 (2022-02-02)

• Add EdDSA algorithm
• sign/verify now takes a &[u8] instead of &str to be more flexible
• DecodingKey now own its data
• Remove deprecated dangerous_unsafe_decode
• Validation::iss is now a HashSet instead of a single value
• decode will now error if Validation::algorithms is empty
• Add JWKs types for easy interop with various Oauth provider, see examples/auth0.rs for an example
• Removed decode_* functions in favour of using the Validation struct
• Allow float values for exp and nbf, yes it's in the spec... floats will be rounded and converted to u64
• Error now implements Clone/Eq
• Change default leeway from 0s to 60s
• Add Validation::require_spec_claims to validate presence of the spec claims
• Add default feature for pem decoding named use_pem that can be disabled to avoid 2 dependencies

Commits

• af684c1 Get ready for release
• 03927bf reduced default double allocation to one (#232)
• 75b9f8a More update to MSRV
• 5162b63 Update pinned ci version
• 1a46cfa Add default feature use_pem
• 5486f96 Remove iat mention
• 4598ba0 Beta 7
• 255c740 Add required_spec_claims (#225)
• 356fac0 Fix validation for issuers
• 5ed8af4 Rename set_iss to be in line with set_audience
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #1748 (2d91f52) into master (09d3ff3) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #1748   +/-   ##
=======================================
  Coverage   38.88%   38.88%           
=======================================
  Files           8        8           
  Lines         252      252           
=======================================
  Hits           98       98           
  Misses        154      154           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 09d3ff3...2d91f52. Read the comment docs.

[dependabot]

Superseded by #1749.