Bump pyjwt from 2.1.0 to 2.2.0 #3336

dependabot · 2021-10-07T16:03:32Z

Bumps pyjwt from 2.1.0 to 2.2.0.

Release notes

2.2.0

What's Changed

Complete jwt documentation by @johachi in jpadilla/pyjwt#654

Ignore coverage files generated during test runs by @makusu2 in jpadilla/pyjwt#617

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#656

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#658

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#667

Fix aud validation to support {'aud': null} case. by @dajiaji in jpadilla/pyjwt#670

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#678

Prefer headers['alg'] to algorithm parameter in encode(). by @dajiaji in jpadilla/pyjwt#673

DOC: Clarify RSA encoding and decoding depend on the cryptography package by @TPXP in jpadilla/pyjwt#664

Make typ optional by @dajiaji in jpadilla/pyjwt#644

Remove arbitrary kwargs. by @dajiaji in jpadilla/pyjwt#657

Assume JWK is valid for signing if "use" is omitted by @Klavionik in jpadilla/pyjwt#668

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#684

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#686

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#689

Remove upper bound on cryptography version by @riconnon in jpadilla/pyjwt#693

Add support for Ed448/EdDSA. by @dajiaji in jpadilla/pyjwt#675

Chore: inline Variables that immediately Returned by @yezz123 in jpadilla/pyjwt#690

Use timezone package as Python 3.5+ is required by @kkirsche in jpadilla/pyjwt#694

Bump up version to v2.2.0 by @jpadilla in jpadilla/pyjwt#697

New Contributors

@TPXP made their first contribution in jpadilla/pyjwt#664

@Klavionik made their first contribution in jpadilla/pyjwt#668

@riconnon made their first contribution in jpadilla/pyjwt#693

@yezz123 made their first contribution in jpadilla/pyjwt#690

@kkirsche made their first contribution in jpadilla/pyjwt#694

Full Changelog: jpadilla/pyjwt@2.1.0...2.2.0

Changelog

Sourced from pyjwt's changelog.

`v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0>`__

Changed


- Remove arbitrary kwargs. `[#657](https://github.com/jpadilla/pyjwt/issues/657) <https://github.com/jpadilla/pyjwt/pull/657>`__
- Use timezone package as Python 3.5+ is required. `[#694](https://github.com/jpadilla/pyjwt/issues/694) <https://github.com/jpadilla/pyjwt/pull/694>`__
Fixed
- Assume JWK without the &quot;use&quot; claim is valid for signing as per RFC7517 `[#668](https://github.com/jpadilla/pyjwt/issues/668) &lt;https://github.com/jpadilla/pyjwt/pull/668&gt;`__
- Prefer `headers[&quot;alg&quot;]` to `algorithm` in `jwt.encode()`. `[#673](https://github.com/jpadilla/pyjwt/issues/673) &lt;https://github.com/jpadilla/pyjwt/pull/673&gt;`__
- Fix aud validation to support {'aud': null} case. `[#670](https://github.com/jpadilla/pyjwt/issues/670) &lt;https://github.com/jpadilla/pyjwt/pull/670&gt;`__
- Make `typ` optional in JWT to be compliant with RFC7519. `[#644](https://github.com/jpadilla/pyjwt/issues/644) &lt;https://github.com/jpadilla/pyjwt/pull/644&gt;`__
-  Remove upper bound on cryptography version. `[#693](https://github.com/jpadilla/pyjwt/issues/693) &lt;https://github.com/jpadilla/pyjwt/pull/693&gt;`__
Added



Add support for Ed448/EdDSA. [#675](https://github.com/jpadilla/pyjwt/issues/675) &lt;https://github.com/jpadilla/pyjwt/pull/675&gt;__

Commits

6223ba1 Bump up version to v2.2.0 (#697)
258d7ba Use timezone package as Python 3.5+ is required (#694)
a988e1a Chore: inline Variables that immediately Returned (#690)
e7a6c02 Add support for Ed448/EdDSA. (#675)
19ce9c5 Remove upper bound on cryptography version (#693)
9249fc7 [pre-commit.ci] pre-commit autoupdate (#689)
fbc0e63 [pre-commit.ci] pre-commit autoupdate (#686)
2032df7 [pre-commit.ci] pre-commit autoupdate (#684)
6367361 Assume JWK is valid for signing if "use" is omitted (#668)
5fe7f2b Remove arbitrary kwargs. (#657)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.1.0...2.2.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

inmantaci · 2021-10-08T09:12:05Z

Processing this pull request

inmantaci · 2021-10-08T09:12:13Z

Merged into branches master in 7e57295

dependabot · 2021-10-08T09:12:15Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 7, 2021

inmantaci approved these changes Oct 8, 2021

View reviewed changes

Added change entry

004732e

inmantaci added the merge-tool-ready This ticket is ready to be merged in label Oct 8, 2021

inmantaci closed this Oct 8, 2021

inmantaci deleted the dependabot/pip/pyjwt-2.2.0 branch October 8, 2021 09:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump pyjwt from 2.1.0 to 2.2.0 #3336

Bump pyjwt from 2.1.0 to 2.2.0 #3336

dependabot bot commented on behalf of github Oct 7, 2021

inmantaci commented Oct 8, 2021

inmantaci commented Oct 8, 2021

dependabot bot commented on behalf of github Oct 8, 2021

Bump pyjwt from 2.1.0 to 2.2.0 #3336

Bump pyjwt from 2.1.0 to 2.2.0 #3336

Conversation

dependabot bot commented on behalf of github Oct 7, 2021

2.2.0

What's Changed

New Contributors

v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0>__

inmantaci commented Oct 8, 2021

inmantaci commented Oct 8, 2021

dependabot bot commented on behalf of github Oct 8, 2021

`v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0>`__