Skip to content

Update dependency pyjwt to v2.10.1 #306

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency pyjwt to v2.10.1 #306

wants to merge 1 commit into from
+6 −6

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 1, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
pyjwt 2.8.0 -> 2.10.1 age confidence

Release Notes

jpadilla/pyjwt (pyjwt)

v2.10.1

Compare Source

Fixed

- Validate key against allowed types for Algorithm family in `#&#8203;964 <https://github.com/jpadilla/pyjwt/pull/964>`__
- Add iterator for JWKSet in `#&#8203;1041 <https://github.com/jpadilla/pyjwt/pull/1041>`__
- Validate `iss` claim is a string during encoding and decoding by @&#8203;pachewise in `#&#8203;1040 <https://github.com/jpadilla/pyjwt/pull/1040>`__
- Improve typing/logic for `options` in decode, decode_complete by @&#8203;pachewise in `#&#8203;1045 <https://github.com/jpadilla/pyjwt/pull/1045>`__
- Declare float supported type for lifespan and timeout by @&#8203;nikitagashkov in `#&#8203;1068 <https://github.com/jpadilla/pyjwt/pull/1068>`__

Added
  • Docs: Add example of using leeway with nbf by @​djw8605 in #&#8203;1034 <https://github.com/jpadilla/pyjwt/pull/1034>__
  • Docs: Refactored docs with autodoc; added PyJWS and jwt.algorithms docs by @​pachewise in #&#8203;1045 <https://github.com/jpadilla/pyjwt/pull/1045>__

v2.10.0

Compare Source

Fixed


- Prevent partial matching of `iss` claim by @&#8203;fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__

v2.9.0

Compare Source

Changed


- Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @&#8203;luhn in `#&#8203;975 <https://github.com/jpadilla/pyjwt/pull/975>`__
- Use ``Sequence`` for parameter types rather than ``List`` where applicable by @&#8203;imnotjames in `#&#8203;970 <https://github.com/jpadilla/pyjwt/pull/970>`__
- Add JWK support to JWT encode by @&#8203;luhn in `#&#8203;979 <https://github.com/jpadilla/pyjwt/pull/979>`__
- Encoding and decoding payloads using the `none` algorithm by @&#8203;jpadilla in `#c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>`

  Before:

  .. code-block:: pycon

   >>> import jwt
   >>> jwt.encode({"payload": "abc"}, key=None, algorithm=None)

  After:

  .. code-block:: pycon

   >>> import jwt
   >>> jwt.encode({"payload": "abc"}, key=None, algorithm="none")

- Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @&#8203;Divan009 in `#&#8203;1005 <https://github.com/jpadilla/pyjwt/pull/1005>`__
- Refactor project configuration files from ``setup.cfg`` to ``pyproject.toml`` by @&#8203;cleder in `#&#8203;995 <https://github.com/jpadilla/pyjwt/pull/995>`__
- Ruff linter and formatter changes by @&#8203;gagandeepp in `#&#8203;1001 <https://github.com/jpadilla/pyjwt/pull/1001>`__
- Drop support for Python 3.8 (EOL) by @&#8203;kkirsche in `#&#8203;1007 <https://github.com/jpadilla/pyjwt/pull/1007>`__

Fixed
~~~~~

- Encode EC keys with a fixed bit length by @&#8203;etianen in `#&#8203;990 <https://github.com/jpadilla/pyjwt/pull/990>`__
- Add an RTD config file to resolve Read the Docs build failures by @&#8203;kurtmckee in `#&#8203;977 <https://github.com/jpadilla/pyjwt/pull/977>`__
- Docs: Update ``iat`` exception docs by @&#8203;pachewise in `#&#8203;974 <https://github.com/jpadilla/pyjwt/pull/974>`__
- Docs: Fix ``decode_complete`` scope and algorithms by @&#8203;RbnRncn in `#&#8203;982 <https://github.com/jpadilla/pyjwt/pull/982>`__
- Fix doctest for ``docs/usage.rst`` by @&#8203;pachewise in `#&#8203;986 <https://github.com/jpadilla/pyjwt/pull/986>`__
- Fix ``test_utils.py`` not to xfail by @&#8203;pachewise in `#&#8203;987 <https://github.com/jpadilla/pyjwt/pull/987>`__
- Docs: Correct `jwt.decode` audience param doc expression by @&#8203;peter279k in `#&#8203;994 <https://github.com/jpadilla/pyjwt/pull/994>`__

Added
~~~~~

- Add support for python 3.13 by @&#8203;hugovk in `#&#8203;972 <https://github.com/jpadilla/pyjwt/pull/972>`__
- Create SECURITY.md by @&#8203;auvipy and @&#8203;jpadilla in `#&#8203;973 <https://github.com/jpadilla/pyjwt/pull/973>`__
- Docs: Add PS256 encoding and decoding usage by @&#8203;peter279k in `#&#8203;992 <https://github.com/jpadilla/pyjwt/pull/992>`__
- Docs: Add API docs for PyJWK by @&#8203;luhn in `#&#8203;980 <https://github.com/jpadilla/pyjwt/pull/980>`__
- Docs: Add EdDSA algorithm encoding/decoding usage by @&#8203;peter279k in `#&#8203;993 <https://github.com/jpadilla/pyjwt/pull/993>`__
- Include checkers and linters for ``pyproject.toml`` in ``pre-commit`` by @&#8203;cleder in `#&#8203;1002 <https://github.com/jpadilla/pyjwt/pull/1002>`__
- Docs: Add ES256 decoding usage by @&#8203;Gautam-Hegde in `#&#8203;1003 <https://github.com/jpadilla/pyjwt/pull/1003>`

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from ks129 as a code owner August 1, 2024 15:19
@renovate renovate bot changed the title Update dependency pyjwt to v2.9.0 Update dependency pyjwt to v2.10.0 Nov 17, 2024
@renovate renovate bot force-pushed the renovate/pyjwt-2.x-lockfile branch from 10d1b21 to 6a86d8b Compare November 17, 2024 12:14
@renovate renovate bot force-pushed the renovate/pyjwt-2.x-lockfile branch from 6a86d8b to c92df30 Compare November 28, 2024 07:27
@renovate renovate bot changed the title Update dependency pyjwt to v2.10.0 Update dependency pyjwt to v2.10.1 Nov 28, 2024
@renovate renovate bot force-pushed the renovate/pyjwt-2.x-lockfile branch 2 times, most recently from 42cee47 to bcca4e2 Compare June 6, 2025 02:34
@renovate
Update dependency pyjwt to v2.10.1
a26d08f 
| datasource | package | from  | to     |
| ---------- | ------- | ----- | ------ |
| pypi       | pyjwt   | 2.8.0 | 2.10.1 |
@renovate renovate bot force-pushed the renovate/pyjwt-2.x-lockfile branch from bcca4e2 to a26d08f Compare July 22, 2025 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ks129 ks129 Awaiting requested review from ks129 ks129 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants