search

GehirnInc / python-jwt

JSON Web Token library for Python
https://pypi.python.org/pypi/jwt
Apache License 2.0
145 stars 30 forks source link

dependabot(deps): update cryptography requirement from <=3.3.1,>=3.1 to >=3.1,<3.4.5 #41

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Updates the requirements on cryptography to permit the latest version.

Changelog

Sourced from cryptography's changelog.

3.4.4 - 2021-02-09


* Added a ``py.typed`` file so that ``mypy`` will know to use our type
  annotations.
* Fixed an import cycle that could be triggered by certain import sequences.

.. _v3-4-3:


3.4.3 - 2021-02-08

  • Specify our supported Rust version (>=1.45.0) in our setup.py so users on older versions will get a clear error message.

.. _v3-4-2:

3.4.2 - 2021-02-08


* Improvements to make the rust transition a bit easier. This includes some
  better error messages and small dependency fixes. If you experience
  installation problems **Be sure to update pip** first, then check the
  :doc:`FAQ </faq>`.

.. _v3-4-1:


3.4.1 - 2021-02-07

  • Fixed a circular import issue.
  • Added additional debug output to assist users seeing installation errors due to outdated pip or missing rustc.

.. _v3-4:

3.4 - 2021-02-07


* **BACKWARDS INCOMPATIBLE:** Support for Python 2 has been removed.
* We now ship ``manylinux2014`` wheels and no longer ship ``manylinux1``
  wheels. Users should upgrade to the latest ``pip`` to ensure this doesn't
  cause issues downloading wheels on their platform.
* ``cryptography`` now incorporates Rust code. Users building ``cryptography``
  themselves will need to have the Rust toolchain installed. Users who use an
  officially produced wheel will not need to make any changes. The minimum
  supported Rust version is 1.45.0.
* ``cryptography`` now has :pep:`484` type hints on nearly all of of its public
  APIs. Users can begin using them to type check their code with ``mypy``.

</tr></table>

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 3 years ago

The following labels could not be found: dependencies.

coveralls commented 3 years ago

Coverage Status

Coverage remained the same at 95.455% when pulling e81a5d096d64da2bedd69c4cbe4e5261720edabe on dependabot/pip/cryptography-gte-3.1-and-lt-3.4.5 into 264fc8f3f75d88e5f0c021a97e08ad5edd2a6007 on master.

coveralls commented 3 years ago

Coverage Status

Coverage remained the same at 95.455% when pulling e81a5d096d64da2bedd69c4cbe4e5261720edabe on dependabot/pip/cryptography-gte-3.1-and-lt-3.4.5 into 264fc8f3f75d88e5f0c021a97e08ad5edd2a6007 on master.

dependabot[bot] commented 3 years ago

Superseded by #42.