core: bump pyjwt from 2.9.0 to 2.10.0 #12063

dependabot · 2024-11-18T04:53:48Z

Bumps pyjwt from 2.9.0 to 2.10.0.

Release notes

2.10.0

What's Changed

chore: use sequence for typing rather than list by @imnotjames in jpadilla/pyjwt#970

Add support for Python 3.13 by @hugovk in jpadilla/pyjwt#972

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#971

Add an RTD config file to resolve RTD build failures by @kurtmckee in jpadilla/pyjwt#977

docs: Update iat exception docs by @pachewise in jpadilla/pyjwt#974

Remove algorithm requirement for JWT API by @luhn in jpadilla/pyjwt#975

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#978

Create SECURITY.md by @auvipy in jpadilla/pyjwt#973

docs fix: decode_complete scope and algorithms by @RbnRncn in jpadilla/pyjwt#982

fix doctest for docs/usage.rst by @pachewise in jpadilla/pyjwt#986

fix test_utils.py not to xfail by @pachewise in jpadilla/pyjwt#987

Correct jwt.decode audience param doc expression by @peter279k in jpadilla/pyjwt#994

Add PS256 encoding and decoding usage by @peter279k in jpadilla/pyjwt#992

Add API docs for PyJWK by @luhn in jpadilla/pyjwt#980

Refactor project configuration files from setup.cfg to pyproject.toml PEP-518 by @cleder in jpadilla/pyjwt#995

Add JWK support to JWT encode by @luhn in jpadilla/pyjwt#979

Update pre-commit hooks to lint pyproject.toml by @cleder in jpadilla/pyjwt#1002

Add EdDSA algorithm encoding/decoding usage by @peter279k in jpadilla/pyjwt#993

Ruff linter and formatter changes by @gagandeepp in jpadilla/pyjwt#1001

Validate sub and jti claims for the token by @Divan009 in jpadilla/pyjwt#1005

Add ES256 usage by @Gautam-Hegde in jpadilla/pyjwt#1003

Encode EC keys with a fixed bit length by @way-dave in jpadilla/pyjwt#990

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#1000

Drop support for Python 3.8 by @kkirsche in jpadilla/pyjwt#1007

Prepare 2.10.0 release by @benvdh in jpadilla/pyjwt#1011

Bump codecov/codecov-action from 4 to 5 by @dependabot in jpadilla/pyjwt#1014

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#1006

New Contributors

@imnotjames made their first contribution in jpadilla/pyjwt#970

@kurtmckee made their first contribution in jpadilla/pyjwt#977

@pachewise made their first contribution in jpadilla/pyjwt#974

@RbnRncn made their first contribution in jpadilla/pyjwt#982

@peter279k made their first contribution in jpadilla/pyjwt#994

@cleder made their first contribution in jpadilla/pyjwt#995

@gagandeepp made their first contribution in jpadilla/pyjwt#1001

@Divan009 made their first contribution in jpadilla/pyjwt#1005

@Gautam-Hegde made their first contribution in jpadilla/pyjwt#1003

@way-dave made their first contribution in jpadilla/pyjwt#990

Full Changelog: jpadilla/pyjwt@2.9.0...2.10.0

Changelog

Sourced from pyjwt's changelog.

`v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>`__

Changed


- Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @luhn in `[#975](https://github.com/jpadilla/pyjwt/issues/975) <https://github.com/jpadilla/pyjwt/pull/975>`__
- Use ``Sequence`` for parameter types rather than ``List`` where applicable by @imnotjames in `[#970](https://github.com/jpadilla/pyjwt/issues/970) <https://github.com/jpadilla/pyjwt/pull/970>`__
- Add JWK support to JWT encode by @luhn in `[#979](https://github.com/jpadilla/pyjwt/issues/979) <https://github.com/jpadilla/pyjwt/pull/979>`__
- Encoding and decoding payloads using the `none` algorithm by @jpadilla in `#c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>`
Before:
.. code-block:: pycon
>>> import jwt
>>> jwt.encode({"payload": "abc"}, key=None, algorithm=None)
After:
.. code-block:: pycon
>>> import jwt
>>> jwt.encode({"payload": "abc"}, key=None, algorithm="none")

Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @Divan009 in [#1005](https://github.com/jpadilla/pyjwt/issues/1005) &lt;https://github.com/jpadilla/pyjwt/pull/1005&gt;__
Refactor project configuration files from setup.cfg to pyproject.toml by @cleder in [#995](https://github.com/jpadilla/pyjwt/issues/995) &lt;https://github.com/jpadilla/pyjwt/pull/995&gt;__
Ruff linter and formatter changes by @gagandeepp in [#1001](https://github.com/jpadilla/pyjwt/issues/1001) &lt;https://github.com/jpadilla/pyjwt/pull/1001&gt;__
Drop support for Python 3.8 (EOL) by @kkirsche in [#1007](https://github.com/jpadilla/pyjwt/issues/1007) &lt;https://github.com/jpadilla/pyjwt/pull/1007&gt;__

Fixed

- Encode EC keys with a fixed bit length by @etianen in `[#990](https://github.com/jpadilla/pyjwt/issues/990) &lt;https://github.com/jpadilla/pyjwt/pull/990&gt;`__
- Add an RTD config file to resolve Read the Docs build failures by @kurtmckee in `[#977](https://github.com/jpadilla/pyjwt/issues/977) &lt;https://github.com/jpadilla/pyjwt/pull/977&gt;`__
- Docs: Update ``iat`` exception docs by @pachewise in `[#974](https://github.com/jpadilla/pyjwt/issues/974) &lt;https://github.com/jpadilla/pyjwt/pull/974&gt;`__
- Docs: Fix ``decode_complete`` scope and algorithms by @RbnRncn in `[#982](https://github.com/jpadilla/pyjwt/issues/982) &lt;https://github.com/jpadilla/pyjwt/pull/982&gt;`__
- Fix doctest for ``docs/usage.rst`` by @pachewise in `[#986](https://github.com/jpadilla/pyjwt/issues/986) &lt;https://github.com/jpadilla/pyjwt/pull/986&gt;`__
- Fix ``test_utils.py`` not to xfail by @pachewise in `[#987](https://github.com/jpadilla/pyjwt/issues/987) &lt;https://github.com/jpadilla/pyjwt/pull/987&gt;`__
- Docs: Correct `jwt.decode` audience param doc expression by @peter279k in `[#994](https://github.com/jpadilla/pyjwt/issues/994) &lt;https://github.com/jpadilla/pyjwt/pull/994&gt;`__
Added



Add support for python 3.13 by @hugovk in [#972](https://github.com/jpadilla/pyjwt/issues/972) &lt;https://github.com/jpadilla/pyjwt/pull/972&gt;__
Create SECURITY.md by @auvipy and @jpadilla in [#973](https://github.com/jpadilla/pyjwt/issues/973) &lt;https://github.com/jpadilla/pyjwt/pull/973&gt;__
Docs: Add PS256 encoding and decoding usage by @peter279k in [#992](https://github.com/jpadilla/pyjwt/issues/992) &lt;https://github.com/jpadilla/pyjwt/pull/992&gt;__
</tr></table>

... (truncated)

Commits

783f324 [pre-commit.ci] pre-commit autoupdate (#1006)
0116fc6 Bump codecov/codecov-action from 4 to 5 (#1014)
b032353 feat: surface jwt.decode_complete(...)
a759c45 Prepare 2.10.0 release (#1011)
b6b8bce Drop support for Python 3.8 (#1007)
189c256 Update index.rst
1900857 Update index.rst
8fe9eab Update README.rst
6f73f6f [pre-commit.ci] pre-commit autoupdate (#1000)
c2629f6 update changelog
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

netlify · 2024-11-18T04:54:04Z

✅ Deploy Preview for authentik-docs canceled.

Name	Link
🔨 Latest commit	`383aac7`
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/673b3079db9b6e0008145452

netlify · 2024-11-18T04:54:04Z

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	`383aac7`
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/673b3079a2cb5a000846d2a3

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.9.0 to 2.10.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.9.0...2.10.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

* main: (28 commits) providers/scim: accept string and int for SCIM IDs (#12093) website: bump the docusaurus group in /website with 9 updates (#12086) core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#12079) scripts: remove read_replicas from generated dev config (#12078) core: bump geoip2 from 4.8.0 to 4.8.1 (#12071) core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2 (#12072) core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0 (#12073) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12074) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12075) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12076) translate: Updates for file web/xliff/en.xlf in zh_CN (#12077) web/admin: auto-prefill user path for new users based on selected path (#12070) core: bump aiohttp from 3.10.2 to 3.10.11 (#12069) web/admin: fix brand title not respected in application list (#12068) core: bump pyjwt from 2.9.0 to 2.10.0 (#12063) web: add italian locale (#11958) web/admin: better footer links (#12004) core, web: update translations (#12052) core: bump twilio from 9.3.6 to 9.3.7 (#12061) ...

* dev: (38 commits) providers/scim: accept string and int for SCIM IDs (#12093) website: bump the docusaurus group in /website with 9 updates (#12086) core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#12079) scripts: remove read_replicas from generated dev config (#12078) core: bump geoip2 from 4.8.0 to 4.8.1 (#12071) core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2 (#12072) core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0 (#12073) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12074) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12075) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12076) translate: Updates for file web/xliff/en.xlf in zh_CN (#12077) web/admin: auto-prefill user path for new users based on selected path (#12070) core: bump aiohttp from 3.10.2 to 3.10.11 (#12069) web/admin: fix brand title not respected in application list (#12068) core: bump pyjwt from 2.9.0 to 2.10.0 (#12063) web: add italian locale (#11958) web/admin: better footer links (#12004) core, web: update translations (#12052) core: bump twilio from 9.3.6 to 9.3.7 (#12061) ...

dependabot bot added the dependencies Pull requests that update a dependency file label Nov 18, 2024

dependabot bot requested a review from a team as a code owner November 18, 2024 04:53

dependabot bot force-pushed the dependabot/pip/pyjwt-2.10.0 branch from db71b71 to 475e05a Compare November 18, 2024 12:16

dependabot bot force-pushed the dependabot/pip/pyjwt-2.10.0 branch from 475e05a to 383aac7 Compare November 18, 2024 12:17

BeryJu merged commit fbba672 into main Nov 18, 2024
63 checks passed

BeryJu deleted the dependabot/pip/pyjwt-2.10.0 branch November 18, 2024 13:57

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

core: bump pyjwt from 2.9.0 to 2.10.0 #12063

core: bump pyjwt from 2.9.0 to 2.10.0 #12063

dependabot bot commented on behalf of github Nov 18, 2024 •

edited

Loading

netlify bot commented Nov 18, 2024 •

edited

Loading

netlify bot commented Nov 18, 2024 •

edited

Loading

core: bump pyjwt from 2.9.0 to 2.10.0 #12063

core: bump pyjwt from 2.9.0 to 2.10.0 #12063

Conversation

dependabot bot commented on behalf of github Nov 18, 2024 • edited Loading

2.10.0

What's Changed

New Contributors

v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>__

netlify bot commented Nov 18, 2024 • edited Loading

✅ Deploy Preview for authentik-docs canceled.

netlify bot commented Nov 18, 2024 • edited Loading

✅ Deploy Preview for authentik-storybook canceled.

dependabot bot commented on behalf of github Nov 18, 2024 •

edited

Loading

`v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>`__

netlify bot commented Nov 18, 2024 •

edited

Loading

netlify bot commented Nov 18, 2024 •

edited

Loading