From 122431ce9824f332acd7067a8a1b62f3b611b8a0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 20:16:05 +0200 Subject: [PATCH] Bump pyjwt from 2.8.0 to 2.9.0 (PR #7928) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.8.0 to 2.9.0.
Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0

Changelog

Sourced from pyjwt's changelog.

v2.9.0 <https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0>__

Changed


- Drop support for Python 3.7 (EOL) by @hugovk in `[#910](https://github.com/jpadilla/pyjwt/issues/910) <https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by @mattpollak in `[#913](https://github.com/jpadilla/pyjwt/issues/913) <https://github.com/jpadilla/pyjwt/pull/913>`__

Fixed



- Fix unnecessary string concatenation by @sirosen in `[#904](https://github.com/jpadilla/pyjwt/issues/904) &lt;https://github.com/jpadilla/pyjwt/pull/904&gt;`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option by @woodruffw in `[#923](https://github.com/jpadilla/pyjwt/issues/923) &lt;https://github.com/jpadilla/pyjwt/pull/923&gt;`__
- Fix docs step by @jpadilla in `[#950](https://github.com/jpadilla/pyjwt/issues/950) &lt;https://github.com/jpadilla/pyjwt/pull/950&gt;`__
- Fix: Remove an unused variable from example code block by @kenkoooo in `[#958](https://github.com/jpadilla/pyjwt/issues/958) &lt;https://github.com/jpadilla/pyjwt/pull/958&gt;`__

Added



    

  • Add support for Python 3.12 by @​hugovk in [#910](https://github.com/jpadilla/pyjwt/issues/910) &lt;https://github.com/jpadilla/pyjwt/pull/910&gt;__
    • 

  • Improve performance of is_ssh_key + add unit test by @​bdraco in [#940](https://github.com/jpadilla/pyjwt/issues/940) &lt;https://github.com/jpadilla/pyjwt/pull/940&gt;__
    • 

  • Allow jwt.decode() to accept a PyJWK object by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
    • 

  • Make algorithm_name attribute available on PyJWK by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
    • 

  • Raise InvalidKeyError on invalid PEM keys to be compatible with cryptography 42.x.x by @​CollinEMac in [#952](https://github.com/jpadilla/pyjwt/issues/952) &lt;https://github.com/jpadilla/pyjwt/pull/952&gt;__
    • 

  • Raise an exception when required cryptography dependency is missing by @​tobloef in &lt;https://github.com/jpadilla/pyjwt/pull/963&gt;__
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.8.0&new-version=2.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- changelogs/unreleased/7928-dependabot.yml | 5 +++++ requirements.txt | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 changelogs/unreleased/7928-dependabot.yml diff --git a/changelogs/unreleased/7928-dependabot.yml b/changelogs/unreleased/7928-dependabot.yml new file mode 100644 index 0000000000..db04ec0007 --- /dev/null +++ b/changelogs/unreleased/7928-dependabot.yml @@ -0,0 +1,5 @@ +change-type: patch +description: Bump pyjwt from 2.8.0 to 2.9.0 +destination-branches: +- master +sections: {} diff --git a/requirements.txt b/requirements.txt index e74cecc59b..56f9db42fc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -17,7 +17,7 @@ pip==24.2 ply==3.11 pydantic==2.8.2 pyformance==0.4 -PyJWT==2.8.0 +PyJWT==2.9.0 pynacl==1.5.0 python-dateutil==2.9.0.post0 pyyaml==6.0.1