-
Notifications
You must be signed in to change notification settings - Fork 331
Commit b607690
![bors[bot]](https://avatars.githubusercontent.com/in/1847?v=4&size=40){kind=avatar}
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
Merge #4629
4629: Update pyjwt requirement from ~=2.4.0 to ~=2.5.0 r=jenshnielsen a=dependabot[bot]
Updates the requirements on [pyjwt](https://github.com/jpadilla/pyjwt) to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p>
<blockquote>
<h2>2.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li>
<li>Bump codecov/codecov-action from 1 to 3 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/757">jpadilla/pyjwt#757</a></li>
<li>Bump actions/setup-python from 2 to 3 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/756">jpadilla/pyjwt#756</a></li>
<li>adding support for compressed payloads by <a href="https://github.com/danieltmiles"><code>`@danieltmiles</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li>
<li>Revert "adding support for compressed payloads" by <a href="https://github.com/auvipy"><code>`@auvipy</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/761">jpadilla/pyjwt#761</a></li>
<li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li>
<li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>`@mgorny</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li>
<li>Adjust expected exceptions in option merging tests for PyPy3 by <a href="https://github.com/mgorny"><code>`@mgorny</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/763">jpadilla/pyjwt#763</a></li>
<li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li>
<li>Fixes for pyright on strict mode by <a href="https://github.com/brandon-leapyear"><code>`@brandon-leapyear</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li>
<li>Bump actions/setup-python from 3 to 4 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/769">jpadilla/pyjwt#769</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/770">jpadilla/pyjwt#770</a></li>
<li>docs: fix simple typo, iinstance -> isinstance by <a href="https://github.com/timgates42"><code>`@timgates42</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/774">jpadilla/pyjwt#774</a></li>
<li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li>
<li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/777">jpadilla/pyjwt#777</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/778">jpadilla/pyjwt#778</a></li>
<li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/776">jpadilla/pyjwt#776</a></li>
<li>Fix typo: priot -> prior by <a href="https://github.com/jdufresne"><code>`@jdufresne</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/780">jpadilla/pyjwt#780</a></li>
<li>Fix for headers disorder issue by <a href="https://github.com/kadabusha"><code>`@kadabusha</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li>
<li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li>
<li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/786">jpadilla/pyjwt#786</a></li>
<li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@kkirsche</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/784">jpadilla/pyjwt#784</a></li>
<li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/788">jpadilla/pyjwt#788</a></li>
<li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/787">jpadilla/pyjwt#787</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/791">jpadilla/pyjwt#791</a></li>
<li>Bump version to 2.5.0 by <a href="https://github.com/jpadilla"><code>`@jpadilla</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/801">jpadilla/pyjwt#801</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/dependabot"><code>`@dependabot</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li>
<li><a href="https://github.com/danieltmiles"><code>`@danieltmiles</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li>
<li><a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li>
<li><a href="https://github.com/mgorny"><code>`@mgorny</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li>
<li><a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li>
<li><a href="https://github.com/brandon-leapyear"><code>`@brandon-leapyear</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li>
<li><a href="https://github.com/sirosen"><code>`@sirosen</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li>
<li><a href="https://github.com/kadabusha"><code>`@kadabusha</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li>
<li><a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li>
<li><a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.5.0 <https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0></code>__</h2>
<p>Changed</p>
<pre><code>
- Skip keys with incompatible alg when loading JWKSet by `@DaGuich` in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__
- Remove support for python3.6 by `@sirosen` in `[#777](jpadilla/pyjwt#777) <https://github.com/jpadilla/pyjwt/pull/777>`__
- Emit a deprecation warning for unsupported kwargs by `@sirosen` in `[#776](jpadilla/pyjwt#776) <https://github.com/jpadilla/pyjwt/pull/776>`__
- Remove redundant wheel dep from pyproject.toml by `@mgorny` in `[#765](jpadilla/pyjwt#765) <https://github.com/jpadilla/pyjwt/pull/765>`__
- Do not fail when an unusable key occurs by `@DaGuich` in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__
- Update audience typing by `@JulianMaurin` in `[#782](jpadilla/pyjwt#782) <https://github.com/jpadilla/pyjwt/pull/782>`__
- Improve PyJWKSet error accuracy by `@JulianMaurin` in `[#786](jpadilla/pyjwt#786) <https://github.com/jpadilla/pyjwt/pull/786>`__
- Mypy as pre-commit check + api_jws typing by `@JulianMaurin` in `[#787](jpadilla/pyjwt#787) <https://github.com/jpadilla/pyjwt/pull/787>`__
<p>Fixed</p>
<pre><code>
- Adjust expected exceptions in option merging tests for PyPy3 by `@mgorny` in `[#763](jpadilla/pyjwt#763) &lt;https://github.com/jpadilla/pyjwt/pull/763&gt;`__
- Fixes for pyright on strict mode by `@brandon-leapyear` in `[#747](jpadilla/pyjwt#747) &lt;https://github.com/jpadilla/pyjwt/pull/747&gt;`__
- docs: fix simple typo, iinstance -&gt; isinstance by `@timgates42` in `[#774](jpadilla/pyjwt#774) &lt;https://github.com/jpadilla/pyjwt/pull/774&gt;`__
- Fix typo: priot -&gt; prior by `@jdufresne` in `[#780](jpadilla/pyjwt#780) &lt;https://github.com/jpadilla/pyjwt/pull/780&gt;`__
- Fix for headers disorder issue by `@kadabusha` in `[#721](jpadilla/pyjwt#721) &lt;https://github.com/jpadilla/pyjwt/pull/721&gt;`__
Added
</code></pre>
<ul>
<li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` in <code>[#732](jpadilla/pyjwt#732) &lt;https://github.com/jpadilla/pyjwt/pull/732&gt;</code>__</li>
<li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#773](jpadilla/pyjwt#773) &lt;https://github.com/jpadilla/pyjwt/pull/773&gt;</code>__</li>
<li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@kkirsche</code></a>` in <code>[#784](jpadilla/pyjwt#784) &lt;https://github.com/jpadilla/pyjwt/pull/784&gt;</code>__</li>
<li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` in <code>[#781](jpadilla/pyjwt#781) &lt;https://github.com/jpadilla/pyjwt/pull/781&gt;</code>__</li>
</ul>
<h2><code>v2.4.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0&gt;</code>__</h2>
<p>Security
</code></pre></p>
<ul>
<li>[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. <a href="https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24">https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24</a></li>
</ul>
<p>Changed</p>
<pre><code>
- Explicit check the key for ECAlgorithm by `@estin` in jpadilla/pyjwt#713
- Raise DeprecationWarning for jwt.decode(verify=...) by `@akx` in jpadilla/pyjwt#742
<p>Fixed</p>
<pre><code>
- Don't use implicit optionals by `@rekyungmin` in jpadilla/pyjwt#705
&lt;/tr&gt;&lt;/table&gt;
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="jpadilla/pyjwt@c9006103b56359b3ad788bb2e380ef17dfe59b05"><code>c900610</code></a> Bump version to 2.5.0 (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/801">#801</a>)</li>
<li><a href="jpadilla/pyjwt@5ecbafc366ebc4940ce4eac81350bc41887a4433"><code>5ecbafc</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/791">#791</a>)</li>
<li><a href="jpadilla/pyjwt@f827be366cc2560266a412697b5194ee4782b510"><code>f827be3</code></a> Mypy as pre-commit check + api_jws typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/787">#787</a>)</li>
<li><a href="jpadilla/pyjwt@e8780abdd561963e3b0ca49ecec8b8519a793f75"><code>e8780ab</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/788">#788</a>)</li>
<li><a href="jpadilla/pyjwt@fc5b94eb3575254caba599218246616c75fecdc7"><code>fc5b94e</code></a> Add cacheing functionality for JWK set (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/781">#781</a>)</li>
<li><a href="jpadilla/pyjwt@ae3da7469ff8c28b726e082cd671997e09b19d55"><code>ae3da74</code></a> Add type hints to jwt/help.py and add missing types dependency (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/784">#784</a>)</li>
<li><a href="jpadilla/pyjwt@435e826da56a105da51176355a29cdc00420f4c1"><code>435e826</code></a> Improve PyJWKSet error accuracy (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/786">#786</a>)</li>
<li><a href="jpadilla/pyjwt@98a5c1d61ee180f5b3574e142f5938d24146ee99"><code>98a5c1d</code></a> Update audience typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/782">#782</a>)</li>
<li><a href="jpadilla/pyjwt@0bef0fbff5c245668578a43774d8620bdba4a6f7"><code>0bef0fb</code></a> Fix for headers disorder issue (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/721">#721</a>)</li>
<li><a href="jpadilla/pyjwt@c8fda69f09bc293960c141288633fbd1399e0b2b"><code>c8fda69</code></a> Fix typo: priot -&gt; prior (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/780">#780</a>)</li>
<li>Additional commits viewable in <a href="jpadilla/pyjwt@2.4.0...2.5.0">compare view</a></li>
</ul>
</details>
<br />
</code></pre>
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>File tree
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedFilter options
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changed+1-1Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
101 | 101 | | |
102 | 102 | | |
103 | 103 | | |
104 | | - | |
| 104 | + | |
105 | 105 | | |
106 | 106 | | |
107 | 107 | | |
| |||
0 commit comments