Skip to content

Commit

Permalink
Merge #4629
Browse files Browse the repository at this point in the history
4629: Update pyjwt requirement from ~=2.4.0 to ~=2.5.0 r=jenshnielsen a=dependabot[bot]

Updates the requirements on [pyjwt](https://github.com/jpadilla/pyjwt) to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p>
<blockquote>
<h2>2.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>`@​dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li>
<li>Bump codecov/codecov-action from 1 to 3 by <a href="https://github.com/dependabot"><code>`@​dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/757">jpadilla/pyjwt#757</a></li>
<li>Bump actions/setup-python from 2 to 3 by <a href="https://github.com/dependabot"><code>`@​dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/756">jpadilla/pyjwt#756</a></li>
<li>adding support for compressed payloads by <a href="https://github.com/danieltmiles"><code>`@​danieltmiles</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li>
<li>Revert &quot;adding support for compressed payloads&quot; by <a href="https://github.com/auvipy"><code>`@​auvipy</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/761">jpadilla/pyjwt#761</a></li>
<li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@​leonsmith</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li>
<li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>`@​mgorny</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li>
<li>Adjust expected exceptions in option merging tests for PyPy3 by <a href="https://github.com/mgorny"><code>`@​mgorny</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/763">jpadilla/pyjwt#763</a></li>
<li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>`@​DaGuich</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li>
<li>Fixes for pyright on strict mode by <a href="https://github.com/brandon-leapyear"><code>`@​brandon-leapyear</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li>
<li>Bump actions/setup-python from 3 to 4 by <a href="https://github.com/dependabot"><code>`@​dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/769">jpadilla/pyjwt#769</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@​pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/770">jpadilla/pyjwt#770</a></li>
<li>docs: fix simple typo, iinstance -&gt; isinstance by <a href="https://github.com/timgates42"><code>`@​timgates42</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/774">jpadilla/pyjwt#774</a></li>
<li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li>
<li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/777">jpadilla/pyjwt#777</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@​pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/778">jpadilla/pyjwt#778</a></li>
<li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/776">jpadilla/pyjwt#776</a></li>
<li>Fix typo: priot -&gt; prior by <a href="https://github.com/jdufresne"><code>`@​jdufresne</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/780">jpadilla/pyjwt#780</a></li>
<li>Fix for headers disorder issue by <a href="https://github.com/kadabusha"><code>`@​kadabusha</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li>
<li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li>
<li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/786">jpadilla/pyjwt#786</a></li>
<li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@​kkirsche</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/784">jpadilla/pyjwt#784</a></li>
<li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@​wuhaoyujerry</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@​pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/788">jpadilla/pyjwt#788</a></li>
<li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/787">jpadilla/pyjwt#787</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@​pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/791">jpadilla/pyjwt#791</a></li>
<li>Bump version to 2.5.0 by <a href="https://github.com/jpadilla"><code>`@​jpadilla</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/801">jpadilla/pyjwt#801</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/dependabot"><code>`@​dependabot</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li>
<li><a href="https://github.com/danieltmiles"><code>`@​danieltmiles</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li>
<li><a href="https://github.com/leonsmith"><code>`@​leonsmith</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li>
<li><a href="https://github.com/mgorny"><code>`@​mgorny</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li>
<li><a href="https://github.com/DaGuich"><code>`@​DaGuich</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li>
<li><a href="https://github.com/brandon-leapyear"><code>`@​brandon-leapyear</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li>
<li><a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li>
<li><a href="https://github.com/kadabusha"><code>`@​kadabusha</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li>
<li><a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li>
<li><a href="https://github.com/wuhaoyujerry"><code>`@​wuhaoyujerry</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.5.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0&gt;</code>__</h2>
<p>Changed</p>
<pre><code>
- Skip keys with incompatible alg when loading JWKSet by `@DaGuich` in `[#762](jpadilla/pyjwt#762) &lt;https://github.com/jpadilla/pyjwt/pull/762&gt;`__
- Remove support for python3.6 by `@sirosen` in `[#777](jpadilla/pyjwt#777) &lt;https://github.com/jpadilla/pyjwt/pull/777&gt;`__
- Emit a deprecation warning for unsupported kwargs by `@sirosen` in `[#776](jpadilla/pyjwt#776) &lt;https://github.com/jpadilla/pyjwt/pull/776&gt;`__
- Remove redundant wheel dep from pyproject.toml by `@mgorny` in `[#765](jpadilla/pyjwt#765) &lt;https://github.com/jpadilla/pyjwt/pull/765&gt;`__
- Do not fail when an unusable key occurs by `@DaGuich` in `[#762](jpadilla/pyjwt#762) &lt;https://github.com/jpadilla/pyjwt/pull/762&gt;`__
- Update audience typing by `@JulianMaurin` in `[#782](jpadilla/pyjwt#782) &lt;https://github.com/jpadilla/pyjwt/pull/782&gt;`__
- Improve PyJWKSet error accuracy by `@JulianMaurin` in `[#786](jpadilla/pyjwt#786) &lt;https://github.com/jpadilla/pyjwt/pull/786&gt;`__
- Mypy as pre-commit check + api_jws typing by `@JulianMaurin` in `[#787](jpadilla/pyjwt#787) &lt;https://github.com/jpadilla/pyjwt/pull/787&gt;`__
<p>Fixed</p>
<pre><code>
- Adjust expected exceptions in option merging tests for PyPy3 by `@mgorny` in `[#763](jpadilla/pyjwt#763) &amp;lt;https://github.com/jpadilla/pyjwt/pull/763&amp;gt;`__
- Fixes for pyright on strict mode by `@brandon-leapyear` in `[#747](jpadilla/pyjwt#747) &amp;lt;https://github.com/jpadilla/pyjwt/pull/747&amp;gt;`__
- docs: fix simple typo, iinstance -&amp;gt; isinstance by `@timgates42` in `[#774](jpadilla/pyjwt#774) &amp;lt;https://github.com/jpadilla/pyjwt/pull/774&amp;gt;`__
- Fix typo: priot -&amp;gt; prior by `@jdufresne` in `[#780](jpadilla/pyjwt#780) &amp;lt;https://github.com/jpadilla/pyjwt/pull/780&amp;gt;`__
- Fix for headers disorder issue by `@kadabusha` in `[#721](jpadilla/pyjwt#721) &amp;lt;https://github.com/jpadilla/pyjwt/pull/721&amp;gt;`__

Added
</code></pre>
<ul>
<li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@​leonsmith</code></a>` in <code>[#732](jpadilla/pyjwt#732) &amp;lt;https://github.com/jpadilla/pyjwt/pull/732&amp;gt;</code>__</li>
<li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <code>[#773](jpadilla/pyjwt#773) &amp;lt;https://github.com/jpadilla/pyjwt/pull/773&amp;gt;</code>__</li>
<li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@​kkirsche</code></a>` in <code>[#784](jpadilla/pyjwt#784) &amp;lt;https://github.com/jpadilla/pyjwt/pull/784&amp;gt;</code>__</li>
<li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@​wuhaoyujerry</code></a>` in <code>[#781](jpadilla/pyjwt#781) &amp;lt;https://github.com/jpadilla/pyjwt/pull/781&amp;gt;</code>__</li>
</ul>
<h2><code>v2.4.0 &amp;lt;https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0&amp;gt;</code>__</h2>
<p>Security
</code></pre></p>
<ul>
<li>[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. <a href="https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24">https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24</a></li>
</ul>
<p>Changed</p>
<pre><code>
- Explicit check the key for ECAlgorithm by `@estin` in jpadilla/pyjwt#713
- Raise DeprecationWarning for jwt.decode(verify=...) by `@akx` in jpadilla/pyjwt#742
<p>Fixed</p>
<pre><code>
- Don't use implicit optionals by `@rekyungmin` in jpadilla/pyjwt#705
&amp;lt;/tr&amp;gt;&amp;lt;/table&amp;gt; 
&lt;/code&gt;&lt;/pre&gt;
&lt;/blockquote&gt;
&lt;p&gt;... (truncated)&lt;/p&gt;
&lt;/details&gt;
&lt;details&gt;
&lt;summary&gt;Commits&lt;/summary&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@c9006103b56359b3ad788bb2e380ef17dfe59b05&quot;&gt;&lt;code&gt;c900610&lt;/code&gt;&lt;/a&gt; Bump version to 2.5.0 (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/801&quot;&gt;#801&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@5ecbafc366ebc4940ce4eac81350bc41887a4433&quot;&gt;&lt;code&gt;5ecbafc&lt;/code&gt;&lt;/a&gt; [pre-commit.ci] pre-commit autoupdate (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/791&quot;&gt;#791&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@f827be366cc2560266a412697b5194ee4782b510&quot;&gt;&lt;code&gt;f827be3&lt;/code&gt;&lt;/a&gt; Mypy as pre-commit check + api_jws typing (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/787&quot;&gt;#787&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@e8780abdd561963e3b0ca49ecec8b8519a793f75&quot;&gt;&lt;code&gt;e8780ab&lt;/code&gt;&lt;/a&gt; [pre-commit.ci] pre-commit autoupdate (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/788&quot;&gt;#788&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@fc5b94eb3575254caba599218246616c75fecdc7&quot;&gt;&lt;code&gt;fc5b94e&lt;/code&gt;&lt;/a&gt; Add cacheing functionality for JWK set (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/781&quot;&gt;#781&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@ae3da7469ff8c28b726e082cd671997e09b19d55&quot;&gt;&lt;code&gt;ae3da74&lt;/code&gt;&lt;/a&gt; Add type hints to jwt/help.py and add missing types dependency (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/784&quot;&gt;#784&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@435e826da56a105da51176355a29cdc00420f4c1&quot;&gt;&lt;code&gt;435e826&lt;/code&gt;&lt;/a&gt; Improve PyJWKSet error accuracy (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/786&quot;&gt;#786&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@98a5c1d61ee180f5b3574e142f5938d24146ee99&quot;&gt;&lt;code&gt;98a5c1d&lt;/code&gt;&lt;/a&gt; Update audience typing (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/782&quot;&gt;#782&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@0bef0fbff5c245668578a43774d8620bdba4a6f7&quot;&gt;&lt;code&gt;0bef0fb&lt;/code&gt;&lt;/a&gt; Fix for headers disorder issue (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/721&quot;&gt;#721&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;jpadilla/pyjwt@c8fda69f09bc293960c141288633fbd1399e0b2b&quot;&gt;&lt;code&gt;c8fda69&lt;/code&gt;&lt;/a&gt; Fix typo: priot -&amp;gt; prior (&lt;a href=&quot;https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/780&quot;&gt;#780&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;Additional commits viewable in &lt;a href=&quot;jpadilla/pyjwt@2.4.0...2.5.0&quot;&gt;compare view&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/details&gt;

&lt;br /&gt;
</code></pre>


You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
bors[bot] and dependabot[bot] authored Sep 19, 2022
2 parents 4de907b + f10fa34 commit b607690
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ pyasn1~=0.4.8
pyasn1-modules~=0.2.8
pycparser~=2.21
Pygments~=2.13.0
PyJWT~=2.4.0
PyJWT~=2.5.0
pyparsing~=3.0.9
PyQt5~=5.15.7
PyQt5-Qt5~=5.15.2
Expand Down

0 comments on commit b607690

Please sign in to comment.