build(deps): bump jwt from 2.2.3 to 2.3.0

[dependabot[bot]]

Bumps jwt from 2.2.3 to 2.3.0.

Changelog

Sourced from jwt's changelog.

v2.3.0 (2021-10-03)

Full Changelog

Closed issues:

• [SECURITY] Algorithm Confusion Through kid Header #440
• JWT to memory #436
• ArgumentError: wrong number of arguments (given 2, expected 1) #429
• HMAC section of README outdated #421
• NoMethodError: undefined method `zero?' for nil:NilClass if JWT has no 'alg' field #410
• Release new version #409
• NameError: uninitialized constant JWT::JWK #403

Merged pull requests:

• Fix Style/MultilineIfModifier issues #447 (anakinj)
• feat(EdDSA): Accept EdDSA as algorithm header #446 (Pierre-Michard)
• Pass kid param through JWT::JWK.create_from #445 (shaun-guth-allscripts)
• fix document about passing JWKs as a simple Hash #443 (takayamaki)
• Tests for mixing JWK keys with mismatching algorithms #441 (anakinj)
• verify_claims test shouldnt be within the verify_sub test #431 (andyjdavis)
• Allow decode options to specify required claims #430 (andyjdavis)
• Fix OpenSSL::PKey::EC public_key handing in tests #427 (anakinj)
• Add documentation for find_key #426 (ritikesh)
• Give ruby 3.0 as a string to avoid number formatting issues #424 (anakinj)
• Tests for iat verification behaviour #423 (anakinj)
• Remove HMAC with nil secret from documentation #422 (boardfish)
• Update broken link in README #420 (severin)
• Add metadata for RubyGems #418 (nickhammond)
• Fixed a typo about class name #417 (mai-f)
• Fix references for v2.2.3 on CHANGELOG #416 (vyper)
• Raise IncorrectAlgorithm if token has no alg header #411 (bouk)

Commits

• 1fd5b7a Bump version to 2.3.0
• cf7848c Update AUTHORS
• 60a89d0 Update CHANGELOG
• 06812af Fix Style/MultilineIfModifier issues
• a4270e8 Pass kid param through JWT::JWK.create_from
• ffad2de feat(EdDSA): Accept EdDSA as algorithm header
• 1a4e401 fix document about passing JWKs as a simple Hash
• 744933b Tests for mixing JWK keys with mismatching algorithms
• 3b4a1ab Fixing some rubocop warnings
• 97dfc64 integration test for required_claims
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)