Update jwt requirement from >= 2.2.3, < 2.8.0 to >= 2.2.3, < 2.9.0

[dependabot[bot]]

Updates the requirements on jwt to permit the latest version.

Changelog

Sourced from jwt's changelog.

v2.8.0 (2024-02-17)

Full Changelog

Features:

• Updated rubocop to 1.56 #573 (@​anakinj)
• Run CI on Ruby 3.3 #577 (@​anakinj)
• Deprecation warning added for the HMAC algorithm HS512256 (HMAC-SHA-512 truncated to 256-bits) #575 (@​anakinj)
• Stop using RbNaCl for standard HMAC algorithms #575 (@​anakinj)

Fixes and enhancements:

• Fix signature has expired error if payload is a string #555 (@​GobinathAL)
• Fix key base equality and spaceship operators #569 (@​magneland)
• Remove explicit base64 require from x5c_key_finder #580 (@​anakinj)
• Performance improvements and cleanup of tests #581 (@​anakinj)
• Repair EC x/y coordinates when importing JWK #585 (@​julik)
• Explicit dependency to the base64 gem #582 (@​anakinj)
• Deprecation warning for decoding content not compliant with RFC 4648 #582 (@​anakinj)
• Algorithms moved under the ::JWT::JWA module (@​anakinj)

v2.7.1 (2023-06-09)

Full Changelog

Fixes and enhancements:

• Handle invalid algorithm when decoding JWT #559 (@​nataliastanko)
• Do not raise error when verifying bad HMAC signature #563 (@​hieuk09)

v2.7.0 (2023-02-01)

Full Changelog

Features:

• Support OKP (Ed25519) keys for JWKs #540 (@​anakinj)
• JWK Sets can now be used for tokens with nil kid #543 (@​bellebaum)

Fixes and enhancements:

• Fix issue with multiple keys returned by keyfinder and multiple allowed algorithms #545 (@​mpospelov)
• Non-string kid header values are now rejected #543 (@​bellebaum)

v2.6.0 (2022-12-22)

Full Changelog

Features:

... (truncated)

Commits

• 956fa1b Version 2.8.0
• d9352e8 Adjust to changed exception message
• 13dd333 Algorithm cleanup.
• 39aa57a Deprecate the loose base64 decoding.
• 9090e78 Relocate changelog entry
• 6af6de5 Relocate into constant
• 1ec2e7f Update changelog
• 2076574 Remove unused method
• 0c6445c Apply Rubocop
• 296898c Add a good explainer
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[bastelfreak]

@justinstoller can you please take a look as well and merge this one?

[bastelfreak]

@dependabot rebase

[dependabot[bot]]

Sorry, only users with push access can use that command.

[justinstoller]

@dependabot rebase

[dependabot[bot]]

Looks like jwt is no longer updatable, so this is no longer needed.