alphagov / govuk-related-links-recommender

Machine learning model to recommend related content
MIT License
19 stars 4 forks source link

Bump pyjwt from 1.5.3 to 2.8.0 #201

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps pyjwt from 1.5.3 to 2.8.0.

Release notes

Sourced from pyjwt's releases.

2.8.0

What's Changed

New Contributors

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.7.0...2.8.0

2.7.0

What's Changed

... (truncated)

Changelog

Sourced from pyjwt's changelog.

v2.8.0 <https://github.com/jpadilla/pyjwt/compare/2.7.0...2.8.0>__

Changed


- Update python version test matrix by @auvipy in `[#895](https://github.com/jpadilla/pyjwt/issues/895) <https://github.com/jpadilla/pyjwt/pull/895>`__

Fixed


Added
  • Add strict_aud as an option to jwt.decode by @​woodruffw in [#902](https://github.com/jpadilla/pyjwt/issues/902) &lt;https://github.com/jpadilla/pyjwt/pull/902&gt;__
  • Export PyJWKClientConnectionError class by @​daviddavis in [#887](https://github.com/jpadilla/pyjwt/issues/887) &lt;https://github.com/jpadilla/pyjwt/pull/887&gt;__
  • Allows passing of ssl.SSLContext to PyJWKClient by @​juur in [#891](https://github.com/jpadilla/pyjwt/issues/891) &lt;https://github.com/jpadilla/pyjwt/pull/891&gt;__

v2.7.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0&gt;__

Changed

  • Changed the error message when the token audience doesn't match the expected audience by @​irdkwmnsb [#809](https://github.com/jpadilla/pyjwt/issues/809) <https://github.com/jpadilla/pyjwt/pull/809>__
  • Improve error messages when cryptography isn't installed by @​Viicos in [#846](https://github.com/jpadilla/pyjwt/issues/846) <https://github.com/jpadilla/pyjwt/pull/846>__
  • Make Algorithm an abstract base class by @​Viicos in [#845](https://github.com/jpadilla/pyjwt/issues/845) <https://github.com/jpadilla/pyjwt/pull/845>__
  • ignore invalid keys in a jwks by @​timw6n in [#863](https://github.com/jpadilla/pyjwt/issues/863) <https://github.com/jpadilla/pyjwt/pull/863>__

Fixed


- Add classifier for Python 3.11 by @eseifert in `[#818](https://github.com/jpadilla/pyjwt/issues/818) <https://github.com/jpadilla/pyjwt/pull/818>`__
- Fix ``_validate_iat`` validation by @Viicos in `[#847](https://github.com/jpadilla/pyjwt/issues/847) <https://github.com/jpadilla/pyjwt/pull/847>`__
- fix: use datetime.datetime.timestamp function to have a milliseconds by @daillouf `[#821](https://github.com/jpadilla/pyjwt/issues/821) <https://github.com/jpadilla/pyjwt/pull/821>`__
- docs: correct mistake in the changelog about verify param by @gbillig in `[#866](https://github.com/jpadilla/pyjwt/issues/866) <https://github.com/jpadilla/pyjwt/pull/866>`__

Added

  • Add compute_hash_digest as a method of Algorithm objects, which uses the underlying hash algorithm to compute a digest. If there is no appropriate hash algorithm, a NotImplementedError will be raised in [#775](https://github.com/jpadilla/pyjwt/issues/775) <https://github.com/jpadilla/pyjwt/pull/775>__
  • Add optional headers argument to PyJWKClient. If provided, the headers will be included in requests that the client uses when fetching the JWK set by @​thundercat1 in [#823](https://github.com/jpadilla/pyjwt/issues/823) <https://github.com/jpadilla/pyjwt/pull/823>__
  • Add PyJWT._{de,en}code_payload hooks by @​akx in [#829](https://github.com/jpadilla/pyjwt/issues/829) <https://github.com/jpadilla/pyjwt/pull/829>__
  • Add sort_headers parameter to api_jwt.encode by @​evroon in [#832](https://github.com/jpadilla/pyjwt/issues/832) <https://github.com/jpadilla/pyjwt/pull/832>__
  • Make mypy configuration stricter and improve typing by @​akx in [#830](https://github.com/jpadilla/pyjwt/issues/830) <https://github.com/jpadilla/pyjwt/pull/830>__
  • Add more types by @​Viicos in [#843](https://github.com/jpadilla/pyjwt/issues/843) <https://github.com/jpadilla/pyjwt/pull/843>__
  • Add a timeout for PyJWKClient requests by @​daviddavis in [#875](https://github.com/jpadilla/pyjwt/issues/875) <https://github.com/jpadilla/pyjwt/pull/875>__

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.