Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump pyjwt from 2.1.0 to 2.2.0 (PR #3336)
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.1.0 to 2.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.2.0</h2> <h2>What's Changed</h2> <ul> <li>Complete <code>jwt</code> documentation by <a href="https://github.com/johachi"><code>@johachi</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/654">jpadilla/pyjwt#654</a></li> <li>Ignore coverage files generated during test runs by <a href="https://github.com/makusu2"><code>@makusu2</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/617">jpadilla/pyjwt#617</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/656">jpadilla/pyjwt#656</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/658">jpadilla/pyjwt#658</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/667">jpadilla/pyjwt#667</a></li> <li>Fix aud validation to support {'aud': null} case. by <a href="https://github.com/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/670">jpadilla/pyjwt#670</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/678">jpadilla/pyjwt#678</a></li> <li>Prefer headers['alg'] to algorithm parameter in encode(). by <a href="https://github.com/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/673">jpadilla/pyjwt#673</a></li> <li>DOC: Clarify RSA encoding and decoding depend on the cryptography package by <a href="https://github.com/TPXP"><code>@TPXP</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/664">jpadilla/pyjwt#664</a></li> <li>Make typ optional by <a href="https://github.com/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/644">jpadilla/pyjwt#644</a></li> <li>Remove arbitrary kwargs. by <a href="https://github.com/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/657">jpadilla/pyjwt#657</a></li> <li>Assume JWK is valid for signing if "use" is omitted by <a href="https://github.com/Klavionik"><code>@Klavionik</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/668">jpadilla/pyjwt#668</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/684">jpadilla/pyjwt#684</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/686">jpadilla/pyjwt#686</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/689">jpadilla/pyjwt#689</a></li> <li>Remove upper bound on cryptography version by <a href="https://github.com/riconnon"><code>@riconnon</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/693">jpadilla/pyjwt#693</a></li> <li>Add support for Ed448/EdDSA. by <a href="https://github.com/dajiaji"><code>@dajiaji</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/675">jpadilla/pyjwt#675</a></li> <li>Chore: inline Variables that immediately Returned by <a href="https://github.com/yezz123"><code>@yezz123</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/690">jpadilla/pyjwt#690</a></li> <li>Use timezone package as Python 3.5+ is required by <a href="https://github.com/kkirsche"><code>@kkirsche</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/694">jpadilla/pyjwt#694</a></li> <li>Bump up version to v2.2.0 by <a href="https://github.com/jpadilla"><code>@jpadilla</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/697">jpadilla/pyjwt#697</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/TPXP"><code>@TPXP</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/664">jpadilla/pyjwt#664</a></li> <li><a href="https://github.com/Klavionik"><code>@Klavionik</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/668">jpadilla/pyjwt#668</a></li> <li><a href="https://github.com/riconnon"><code>@riconnon</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/693">jpadilla/pyjwt#693</a></li> <li><a href="https://github.com/yezz123"><code>@yezz123</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/690">jpadilla/pyjwt#690</a></li> <li><a href="https://github.com/kkirsche"><code>@kkirsche</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/694">jpadilla/pyjwt#694</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0">https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0></code>__</h2> <p>Changed</p> <pre><code> - Remove arbitrary kwargs. `[#657](jpadilla/pyjwt#657) <https://github.com/jpadilla/pyjwt/pull/657>`__ - Use timezone package as Python 3.5+ is required. `[#694](jpadilla/pyjwt#694) <https://github.com/jpadilla/pyjwt/pull/694>`__ <p>Fixed</p> <pre><code>- Assume JWK without the &quot;use&quot; claim is valid for signing as per RFC7517 `[#668](jpadilla/pyjwt#668) &lt;https://github.com/jpadilla/pyjwt/pull/668&gt;`__ - Prefer `headers[&quot;alg&quot;]` to `algorithm` in `jwt.encode()`. `[#673](jpadilla/pyjwt#673) &lt;https://github.com/jpadilla/pyjwt/pull/673&gt;`__ - Fix aud validation to support {'aud': null} case. `[#670](jpadilla/pyjwt#670) &lt;https://github.com/jpadilla/pyjwt/pull/670&gt;`__ - Make `typ` optional in JWT to be compliant with RFC7519. `[#644](jpadilla/pyjwt#644) &lt;https://github.com/jpadilla/pyjwt/pull/644&gt;`__ - Remove upper bound on cryptography version. `[#693](jpadilla/pyjwt#693) &lt;https://github.com/jpadilla/pyjwt/pull/693&gt;`__ Added </code></pre> <ul> <li>Add support for Ed448/EdDSA. <code>[#675](jpadilla/pyjwt#675) &lt;https://github.com/jpadilla/pyjwt/pull/675&gt;</code>__ </code></pre></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jpadilla/pyjwt/commit/6223ba13780a941a3f4c9dec62f282bdd9b5afb0"><code>6223ba1</code></a> Bump up version to v2.2.0 (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/697">#697</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/258d7bab0ecb86be91738ac1e23744429280acd1"><code>258d7ba</code></a> Use timezone package as Python 3.5+ is required (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/694">#694</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/a988e1a11e5abb5869dd641f3f4f6a5bb4e70fdf"><code>a988e1a</code></a> Chore: inline Variables that immediately Returned (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/690">#690</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/e7a6c022f3f2e5ba329cbadd242c788014926a7e"><code>e7a6c02</code></a> Add support for Ed448/EdDSA. (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/675">#675</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/19ce9c5ec7947428d35aaffd302eb2629210a697"><code>19ce9c5</code></a> Remove upper bound on cryptography version (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/693">#693</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/9249fc70b5aede04c3dcb86e4b6560ab7e032563"><code>9249fc7</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/689">#689</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/fbc0e636bfe70d186a6650be47664527568cc55c"><code>fbc0e63</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/686">#686</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/2032df71cd195db44dcdd253ace68990812f7705"><code>2032df7</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/684">#684</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/63673619e0321a0b58f29a0b2f6626b5b7c3d2ec"><code>6367361</code></a> Assume JWK is valid for signing if "use" is omitted (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/668">#668</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/5fe7f2b28ffcd27a3e520be750858944889112ef"><code>5fe7f2b</code></a> Remove arbitrary kwargs. (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/657">#657</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.1.0&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
- Loading branch information