[!WARNING]
Some dependencies could not be looked up. Check the warning logs for more information.
Release Notes
jpadilla/pyjwt (PyJWT)
### [`v2.8.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v280-httpsgithubcomjpadillapyjwtcompare270280)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.7.0...2.8.0)
Changed
```
- Update python version test matrix by @auvipy in `#895 `__
Fixed
~~~~~
Added
~~~~~
- Add ``strict_aud`` as an option to ``jwt.decode`` by @woodruffw in `#902 `__
- Export PyJWKClientConnectionError class by @daviddavis in `#887 `__
- Allows passing of ssl.SSLContext to PyJWKClient by @juur in `#891 `__
```
### [`v2.7.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#Unreleased-httpsgithubcomjpadillapyjwtcompare270HEAD)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.6.0...2.7.0)
Changed
```
Fixed
~~~~~
Added
~~~~~
```
### [`v2.6.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v270-httpsgithubcomjpadillapyjwtcompare260270)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.5.0...2.6.0)
Changed
```
- Changed the error message when the token audience doesn't match the expected audience by @irdkwmnsb `#809 `__
- Improve error messages when cryptography isn't installed by @Viicos in `#846 `__
- Make `Algorithm` an abstract base class by @Viicos in `#845 `__
- ignore invalid keys in a jwks by @timw6n in `#863 `__
Fixed
~~~~~
- Add classifier for Python 3.11 by @eseifert in `#818 `__
- Fix ``_validate_iat`` validation by @Viicos in `#847 `__
- fix: use datetime.datetime.timestamp function to have a milliseconds by @daillouf `#821 `__
- docs: correct mistake in the changelog about verify param by @gbillig in `#866 `__
Added
~~~~~
- Add ``compute_hash_digest`` as a method of ``Algorithm`` objects, which uses
the underlying hash algorithm to compute a digest. If there is no appropriate
hash algorithm, a ``NotImplementedError`` will be raised in `#775 `__
- Add optional ``headers`` argument to ``PyJWKClient``. If provided, the headers
will be included in requests that the client uses when fetching the JWK set by @thundercat1 in `#823 `__
- Add PyJWT._{de,en}code_payload hooks by @akx in `#829 `__
- Add `sort_headers` parameter to `api_jwt.encode` by @evroon in `#832 `__
- Make mypy configuration stricter and improve typing by @akx in `#830 `__
- Add more types by @Viicos in `#843 `__
- Add a timeout for PyJWKClient requests by @daviddavis in `#875 `__
- Add client connection error exception by @daviddavis in `#876 `__
- Add complete types to take all allowed keys into account by @Viicos in `#873 `__
- Add `as_dict` option to `Algorithm.to_jwk` by @fluxth in `#881 `__
```
### [`v2.5.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v260-httpsgithubcomjpadillapyjwtcompare250260)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.4.0...2.5.0)
Changed
```
- bump up cryptography >= 3.4.0 by @jpadilla in `#807 `_
- Remove `types-cryptography` from `crypto` extra by @lautat in `#805 `_
Fixed
~~~~~
- Invalidate token on the exact second the token expires `#797 `_
- fix: version 2.5.0 heading typo by @c0state in `#803 `_
Added
~~~~~
- Adding validation for `issued_at` when `iat > (now + leeway)` as `ImmatureSignatureError` by @sriharan16 in https://github.com/jpadilla/pyjwt/pull/794
```
### [`v2.4.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v250-httpsgithubcomjpadillapyjwtcompare240250)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.3.0...2.4.0)
Changed
```
- Skip keys with incompatible alg when loading JWKSet by @DaGuich in `#762 `__
- Remove support for python3.6 by @sirosen in `#777 `__
- Emit a deprecation warning for unsupported kwargs by @sirosen in `#776 `__
- Remove redundant wheel dep from pyproject.toml by @mgorny in `#765 `__
- Do not fail when an unusable key occurs by @DaGuich in `#762 `__
- Update audience typing by @JulianMaurin in `#782 `__
- Improve PyJWKSet error accuracy by @JulianMaurin in `#786 `__
- Mypy as pre-commit check + api_jws typing by @JulianMaurin in `#787 `__
Fixed
~~~~~
- Adjust expected exceptions in option merging tests for PyPy3 by @mgorny in `#763 `__
- Fixes for pyright on strict mode by @brandon-leapyear in `#747 `__
- docs: fix simple typo, iinstance -> isinstance by @timgates42 in `#774 `__
- Fix typo: priot -> prior by @jdufresne in `#780 `__
- Fix for headers disorder issue by @kadabusha in `#721 `__
Added
~~~~~
- Add to_jwk static method to ECAlgorithm by @leonsmith in `#732 `__
- Expose get_algorithm_by_name as new method by @sirosen in `#773 `__
- Add type hints to jwt/help.py and add missing types dependency by @kkirsche in `#784 `__
- Add cacheing functionality for JWK set by @wuhaoyujerry in `#781 `__
```
### [`v2.3.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v240-httpsgithubcomjpadillapyjwtcompare230240)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.2.0...2.3.0)
Security
```
- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
Changed
~~~~~~~
- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742
Fixed
~~~~~
- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705
- documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661
- fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729
- Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743
Added
~~~~~
- Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725
- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727
- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734
- Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738
- Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744
- Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751
```
### [`v2.2.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v230-httpsgithubcomjpadillapyjwtcompare220230)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.1.0...2.2.0)
Fixed
```
- Revert "Remove arbitrary kwargs." `#701 `__
Added
```
- Add exception chaining `#702 `\__
### [`v2.1.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v220-httpsgithubcomjpadillapyjwtcompare210220)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.0.1...2.1.0)
Changed
```
- Remove arbitrary kwargs. `#657 `__
- Use timezone package as Python 3.5+ is required. `#694 `__
Fixed
~~~~~
- Assume JWK without the "use" claim is valid for signing as per RFC7517 `#668 `__
- Prefer `headers["alg"]` to `algorithm` in `jwt.encode()`. `#673 `__
- Fix aud validation to support {'aud': null} case. `#670 `__
- Make `typ` optional in JWT to be compliant with RFC7519. `#644 `__
- Remove upper bound on cryptography version. `#693 `__
Added
~~~~~
- Add support for Ed448/EdDSA. `#675 `__
```
### [`v2.0.1`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v210-httpsgithubcomjpadillapyjwtcompare201210)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.0.0...2.0.1)
Changed
```
- Allow claims validation without making JWT signature validation mandatory. `#608 `__
Fixed
~~~~~
- Remove padding from JWK test data. `#628 `__
- Make `kty` mandatory in JWK to be compliant with RFC7517. `#624 `__
- Allow JWK without `alg` to be compliant with RFC7517. `#624 `__
- Allow to verify with private key on ECAlgorithm, as well as on Ed25519Algorithm. `#645 `__
Added
~~~~~
- Add caching by default to PyJWKClient `#611 `__
- Add missing exceptions.InvalidKeyError to jwt module __init__ imports `#620 `__
- Add support for ES256K algorithm `#629 `__
- Add `from_jwk()` to Ed25519Algorithm `#621 `__
- Add `to_jwk()` to Ed25519Algorithm `#643 `__
- Export `PyJWK` and `PyJWKSet` `#652 `__
```
### [`v2.0.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v201-httpsgithubcomjpadillapyjwtcompare200201)
[Compare Source](https://togithub.com/jpadilla/pyjwt/compare/1.7.1...2.0.0)
Changed
```
- Rename CHANGELOG.md to CHANGELOG.rst and include in docs `#597 `__
Fixed
~~~~~
- Fix `from_jwk()` for all algorithms `#598 `__
Added
~~~~~
```
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
==1.7.1->==2.8.0Release Notes
jpadilla/pyjwt (PyJWT)
### [`v2.8.0`](https://togithub.com/jpadilla/pyjwt/blob/HEAD/CHANGELOG.rst#v280-httpsgithubcomjpadillapyjwtcompare270280) [Compare Source](https://togithub.com/jpadilla/pyjwt/compare/2.7.0...2.8.0) Changed ``` - Update python version test matrix by @auvipy in `#895Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.