Add cacheing functionality for JWK set #781
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(cherry picked from commit 479a7c1)
… signing key can be found from the cache
Add jwk set cache
for more information, see https://pre-commit.ci
auvipy
approved these changes
Jul 23, 2022
|
Hi @auvipy, this PR has been approved for a while. Any idea when it can be merged? Let me know if you have any questions. |
|
Thx for merging the PR @auvipy, do you have an estimation time on when the new release will be published? My team want to use some features in the master branch and kinda been blocked right now. |
|
Before releasing this I think we'd need an updated changelog and I think this probably deserves at least some docs. |
|
I can add some docs about this functionality |
|
Is there a timeline for when this feature will be released to production? |
bors bot
added a commit
to microsoft/Qcodes
that referenced
this pull request
Sep 19, 2022
4629: Update pyjwt requirement from ~=2.4.0 to ~=2.5.0 r=jenshnielsen a=dependabot[bot] Updates the requirements on [pyjwt](https://github.com/jpadilla/pyjwt) to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li> <li>Bump codecov/codecov-action from 1 to 3 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/757">jpadilla/pyjwt#757</a></li> <li>Bump actions/setup-python from 2 to 3 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/756">jpadilla/pyjwt#756</a></li> <li>adding support for compressed payloads by <a href="https://github.com/danieltmiles"><code>`@danieltmiles</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li> <li>Revert "adding support for compressed payloads" by <a href="https://github.com/auvipy"><code>`@auvipy</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/761">jpadilla/pyjwt#761</a></li> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li> <li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>`@mgorny</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li> <li>Adjust expected exceptions in option merging tests for PyPy3 by <a href="https://github.com/mgorny"><code>`@mgorny</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/763">jpadilla/pyjwt#763</a></li> <li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li> <li>Fixes for pyright on strict mode by <a href="https://github.com/brandon-leapyear"><code>`@brandon-leapyear</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li> <li>Bump actions/setup-python from 3 to 4 by <a href="https://github.com/dependabot"><code>`@dependabot</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/769">jpadilla/pyjwt#769</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/770">jpadilla/pyjwt#770</a></li> <li>docs: fix simple typo, iinstance -> isinstance by <a href="https://github.com/timgates42"><code>`@timgates42</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/774">jpadilla/pyjwt#774</a></li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li> <li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/777">jpadilla/pyjwt#777</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/778">jpadilla/pyjwt#778</a></li> <li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/776">jpadilla/pyjwt#776</a></li> <li>Fix typo: priot -> prior by <a href="https://github.com/jdufresne"><code>`@jdufresne</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/780">jpadilla/pyjwt#780</a></li> <li>Fix for headers disorder issue by <a href="https://github.com/kadabusha"><code>`@kadabusha</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li> <li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li> <li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/786">jpadilla/pyjwt#786</a></li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@kkirsche</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/784">jpadilla/pyjwt#784</a></li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/788">jpadilla/pyjwt#788</a></li> <li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/787">jpadilla/pyjwt#787</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>`@pre-commit-ci</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/791">jpadilla/pyjwt#791</a></li> <li>Bump version to 2.5.0 by <a href="https://github.com/jpadilla"><code>`@jpadilla</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/801">jpadilla/pyjwt#801</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dependabot"><code>`@dependabot</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li> <li><a href="https://github.com/danieltmiles"><code>`@danieltmiles</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li> <li><a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li> <li><a href="https://github.com/mgorny"><code>`@mgorny</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li> <li><a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li> <li><a href="https://github.com/brandon-leapyear"><code>`@brandon-leapyear</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li> <li><a href="https://github.com/sirosen"><code>`@sirosen</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li> <li><a href="https://github.com/kadabusha"><code>`@kadabusha</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li> <li><a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li> <li><a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.5.0 <https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0></code>__</h2> <p>Changed</p> <pre><code> - Skip keys with incompatible alg when loading JWKSet by `@DaGuich` in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__ - Remove support for python3.6 by `@sirosen` in `[#777](jpadilla/pyjwt#777) <https://github.com/jpadilla/pyjwt/pull/777>`__ - Emit a deprecation warning for unsupported kwargs by `@sirosen` in `[#776](jpadilla/pyjwt#776) <https://github.com/jpadilla/pyjwt/pull/776>`__ - Remove redundant wheel dep from pyproject.toml by `@mgorny` in `[#765](jpadilla/pyjwt#765) <https://github.com/jpadilla/pyjwt/pull/765>`__ - Do not fail when an unusable key occurs by `@DaGuich` in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__ - Update audience typing by `@JulianMaurin` in `[#782](jpadilla/pyjwt#782) <https://github.com/jpadilla/pyjwt/pull/782>`__ - Improve PyJWKSet error accuracy by `@JulianMaurin` in `[#786](jpadilla/pyjwt#786) <https://github.com/jpadilla/pyjwt/pull/786>`__ - Mypy as pre-commit check + api_jws typing by `@JulianMaurin` in `[#787](jpadilla/pyjwt#787) <https://github.com/jpadilla/pyjwt/pull/787>`__ <p>Fixed</p> <pre><code> - Adjust expected exceptions in option merging tests for PyPy3 by `@mgorny` in `[#763](jpadilla/pyjwt#763) &lt;https://github.com/jpadilla/pyjwt/pull/763&gt;`__ - Fixes for pyright on strict mode by `@brandon-leapyear` in `[#747](jpadilla/pyjwt#747) &lt;https://github.com/jpadilla/pyjwt/pull/747&gt;`__ - docs: fix simple typo, iinstance -&gt; isinstance by `@timgates42` in `[#774](jpadilla/pyjwt#774) &lt;https://github.com/jpadilla/pyjwt/pull/774&gt;`__ - Fix typo: priot -&gt; prior by `@jdufresne` in `[#780](jpadilla/pyjwt#780) &lt;https://github.com/jpadilla/pyjwt/pull/780&gt;`__ - Fix for headers disorder issue by `@kadabusha` in `[#721](jpadilla/pyjwt#721) &lt;https://github.com/jpadilla/pyjwt/pull/721&gt;`__ Added </code></pre> <ul> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` in <code>[#732](jpadilla/pyjwt#732) &lt;https://github.com/jpadilla/pyjwt/pull/732&gt;</code>__</li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#773](jpadilla/pyjwt#773) &lt;https://github.com/jpadilla/pyjwt/pull/773&gt;</code>__</li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@kkirsche</code></a>` in <code>[#784](jpadilla/pyjwt#784) &lt;https://github.com/jpadilla/pyjwt/pull/784&gt;</code>__</li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` in <code>[#781](jpadilla/pyjwt#781) &lt;https://github.com/jpadilla/pyjwt/pull/781&gt;</code>__</li> </ul> <h2><code>v2.4.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0&gt;</code>__</h2> <p>Security </code></pre></p> <ul> <li>[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. <a href="https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24">https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24</a></li> </ul> <p>Changed</p> <pre><code> - Explicit check the key for ECAlgorithm by `@estin` in jpadilla/pyjwt#713 - Raise DeprecationWarning for jwt.decode(verify=...) by `@akx` in jpadilla/pyjwt#742 <p>Fixed</p> <pre><code> - Don't use implicit optionals by `@rekyungmin` in jpadilla/pyjwt#705 &lt;/tr&gt;&lt;/table&gt; </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="jpadilla/pyjwt@c9006103b56359b3ad788bb2e380ef17dfe59b05"><code>c900610</code></a> Bump version to 2.5.0 (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/801">#801</a>)</li> <li><a href="jpadilla/pyjwt@5ecbafc366ebc4940ce4eac81350bc41887a4433"><code>5ecbafc</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/791">#791</a>)</li> <li><a href="jpadilla/pyjwt@f827be366cc2560266a412697b5194ee4782b510"><code>f827be3</code></a> Mypy as pre-commit check + api_jws typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/787">#787</a>)</li> <li><a href="jpadilla/pyjwt@e8780abdd561963e3b0ca49ecec8b8519a793f75"><code>e8780ab</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/788">#788</a>)</li> <li><a href="jpadilla/pyjwt@fc5b94eb3575254caba599218246616c75fecdc7"><code>fc5b94e</code></a> Add cacheing functionality for JWK set (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/781">#781</a>)</li> <li><a href="jpadilla/pyjwt@ae3da7469ff8c28b726e082cd671997e09b19d55"><code>ae3da74</code></a> Add type hints to jwt/help.py and add missing types dependency (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/784">#784</a>)</li> <li><a href="jpadilla/pyjwt@435e826da56a105da51176355a29cdc00420f4c1"><code>435e826</code></a> Improve PyJWKSet error accuracy (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/786">#786</a>)</li> <li><a href="jpadilla/pyjwt@98a5c1d61ee180f5b3574e142f5938d24146ee99"><code>98a5c1d</code></a> Update audience typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/782">#782</a>)</li> <li><a href="jpadilla/pyjwt@0bef0fbff5c245668578a43774d8620bdba4a6f7"><code>0bef0fb</code></a> Fix for headers disorder issue (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/721">#721</a>)</li> <li><a href="jpadilla/pyjwt@c8fda69f09bc293960c141288633fbd1399e0b2b"><code>c8fda69</code></a> Fix typo: priot -&gt; prior (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/780">#780</a>)</li> <li>Additional commits viewable in <a href="jpadilla/pyjwt@2.4.0...2.5.0">compare view</a></li> </ul> </details> <br /> </code></pre> You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
inmantaci
pushed a commit
to inmanta/inmanta-core
that referenced
this pull request
Sep 19, 2022
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.4.0 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li> <li>Bump codecov/codecov-action from 1 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/757">jpadilla/pyjwt#757</a></li> <li>Bump actions/setup-python from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/756">jpadilla/pyjwt#756</a></li> <li>adding support for compressed payloads by <a href="https://github.com/danieltmiles"><code>@danieltmiles</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li> <li>Revert "adding support for compressed payloads" by <a href="https://github.com/auvipy"><code>@auvipy</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/761">jpadilla/pyjwt#761</a></li> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>@leonsmith</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li> <li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>@mgorny</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li> <li>Adjust expected exceptions in option merging tests for PyPy3 by <a href="https://github.com/mgorny"><code>@mgorny</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/763">jpadilla/pyjwt#763</a></li> <li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>@DaGuich</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li> <li>Fixes for pyright on strict mode by <a href="https://github.com/brandon-leapyear"><code>@brandon-leapyear</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li> <li>Bump actions/setup-python from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/769">jpadilla/pyjwt#769</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/770">jpadilla/pyjwt#770</a></li> <li>docs: fix simple typo, iinstance -> isinstance by <a href="https://github.com/timgates42"><code>@timgates42</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/774">jpadilla/pyjwt#774</a></li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li> <li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/777">jpadilla/pyjwt#777</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/778">jpadilla/pyjwt#778</a></li> <li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/776">jpadilla/pyjwt#776</a></li> <li>Fix typo: priot -> prior by <a href="https://github.com/jdufresne"><code>@jdufresne</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/780">jpadilla/pyjwt#780</a></li> <li>Fix for headers disorder issue by <a href="https://github.com/kadabusha"><code>@kadabusha</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li> <li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li> <li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/786">jpadilla/pyjwt#786</a></li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>@kkirsche</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/784">jpadilla/pyjwt#784</a></li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>@wuhaoyujerry</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/788">jpadilla/pyjwt#788</a></li> <li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/787">jpadilla/pyjwt#787</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/791">jpadilla/pyjwt#791</a></li> <li>Bump version to 2.5.0 by <a href="https://github.com/jpadilla"><code>@jpadilla</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/801">jpadilla/pyjwt#801</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li> <li><a href="https://github.com/danieltmiles"><code>@danieltmiles</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li> <li><a href="https://github.com/leonsmith"><code>@leonsmith</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li> <li><a href="https://github.com/mgorny"><code>@mgorny</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li> <li><a href="https://github.com/DaGuich"><code>@DaGuich</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li> <li><a href="https://github.com/brandon-leapyear"><code>@brandon-leapyear</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li> <li><a href="https://github.com/sirosen"><code>@sirosen</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li> <li><a href="https://github.com/kadabusha"><code>@kadabusha</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li> <li><a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li> <li><a href="https://github.com/wuhaoyujerry"><code>@wuhaoyujerry</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.5.0 <https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0></code>__</h2> <p>Changed</p> <pre><code> - Skip keys with incompatible alg when loading JWKSet by @DaGuich in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__ - Remove support for python3.6 by @sirosen in `[#777](jpadilla/pyjwt#777) <https://github.com/jpadilla/pyjwt/pull/777>`__ - Emit a deprecation warning for unsupported kwargs by @sirosen in `[#776](jpadilla/pyjwt#776) <https://github.com/jpadilla/pyjwt/pull/776>`__ - Remove redundant wheel dep from pyproject.toml by @mgorny in `[#765](jpadilla/pyjwt#765) <https://github.com/jpadilla/pyjwt/pull/765>`__ - Do not fail when an unusable key occurs by @DaGuich in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__ - Update audience typing by @JulianMaurin in `[#782](jpadilla/pyjwt#782) <https://github.com/jpadilla/pyjwt/pull/782>`__ - Improve PyJWKSet error accuracy by @JulianMaurin in `[#786](jpadilla/pyjwt#786) <https://github.com/jpadilla/pyjwt/pull/786>`__ - Mypy as pre-commit check + api_jws typing by @JulianMaurin in `[#787](jpadilla/pyjwt#787) <https://github.com/jpadilla/pyjwt/pull/787>`__ <p>Fixed</p> <pre><code> - Adjust expected exceptions in option merging tests for PyPy3 by @mgorny in `[#763](jpadilla/pyjwt#763) &lt;https://github.com/jpadilla/pyjwt/pull/763&gt;`__ - Fixes for pyright on strict mode by @brandon-leapyear in `[#747](jpadilla/pyjwt#747) &lt;https://github.com/jpadilla/pyjwt/pull/747&gt;`__ - docs: fix simple typo, iinstance -&gt; isinstance by @timgates42 in `[#774](jpadilla/pyjwt#774) &lt;https://github.com/jpadilla/pyjwt/pull/774&gt;`__ - Fix typo: priot -&gt; prior by @jdufresne in `[#780](jpadilla/pyjwt#780) &lt;https://github.com/jpadilla/pyjwt/pull/780&gt;`__ - Fix for headers disorder issue by @kadabusha in `[#721](jpadilla/pyjwt#721) &lt;https://github.com/jpadilla/pyjwt/pull/721&gt;`__ Added </code></pre> <ul> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>@leonsmith</code></a> in <code>[#732](jpadilla/pyjwt#732) &lt;https://github.com/jpadilla/pyjwt/pull/732&gt;</code>__</li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <code>[#773](jpadilla/pyjwt#773) &lt;https://github.com/jpadilla/pyjwt/pull/773&gt;</code>__</li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>@kkirsche</code></a> in <code>[#784](jpadilla/pyjwt#784) &lt;https://github.com/jpadilla/pyjwt/pull/784&gt;</code>__</li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>@wuhaoyujerry</code></a> in <code>[#781](jpadilla/pyjwt#781) &lt;https://github.com/jpadilla/pyjwt/pull/781&gt;</code>__ </code></pre></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jpadilla/pyjwt/commit/c9006103b56359b3ad788bb2e380ef17dfe59b05"><code>c900610</code></a> Bump version to 2.5.0 (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/801">#801</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/5ecbafc366ebc4940ce4eac81350bc41887a4433"><code>5ecbafc</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/791">#791</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/f827be366cc2560266a412697b5194ee4782b510"><code>f827be3</code></a> Mypy as pre-commit check + api_jws typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/787">#787</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/e8780abdd561963e3b0ca49ecec8b8519a793f75"><code>e8780ab</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/788">#788</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/fc5b94eb3575254caba599218246616c75fecdc7"><code>fc5b94e</code></a> Add cacheing functionality for JWK set (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/781">#781</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/ae3da7469ff8c28b726e082cd671997e09b19d55"><code>ae3da74</code></a> Add type hints to jwt/help.py and add missing types dependency (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/784">#784</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/435e826da56a105da51176355a29cdc00420f4c1"><code>435e826</code></a> Improve PyJWKSet error accuracy (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/786">#786</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/98a5c1d61ee180f5b3574e142f5938d24146ee99"><code>98a5c1d</code></a> Update audience typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/782">#782</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/0bef0fbff5c245668578a43774d8620bdba4a6f7"><code>0bef0fb</code></a> Fix for headers disorder issue (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/721">#721</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/c8fda69f09bc293960c141288633fbd1399e0b2b"><code>c8fda69</code></a> Fix typo: priot -> prior (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/780">#780</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
inmantaci
pushed a commit
to inmanta/inmanta-core
that referenced
this pull request
Sep 20, 2022
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.4.0 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li> <li>Bump codecov/codecov-action from 1 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/757">jpadilla/pyjwt#757</a></li> <li>Bump actions/setup-python from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/756">jpadilla/pyjwt#756</a></li> <li>adding support for compressed payloads by <a href="https://github.com/danieltmiles"><code>@danieltmiles</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li> <li>Revert "adding support for compressed payloads" by <a href="https://github.com/auvipy"><code>@auvipy</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/761">jpadilla/pyjwt#761</a></li> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>@leonsmith</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li> <li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>@mgorny</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li> <li>Adjust expected exceptions in option merging tests for PyPy3 by <a href="https://github.com/mgorny"><code>@mgorny</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/763">jpadilla/pyjwt#763</a></li> <li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>@DaGuich</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li> <li>Fixes for pyright on strict mode by <a href="https://github.com/brandon-leapyear"><code>@brandon-leapyear</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li> <li>Bump actions/setup-python from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/769">jpadilla/pyjwt#769</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/770">jpadilla/pyjwt#770</a></li> <li>docs: fix simple typo, iinstance -> isinstance by <a href="https://github.com/timgates42"><code>@timgates42</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/774">jpadilla/pyjwt#774</a></li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li> <li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/777">jpadilla/pyjwt#777</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/778">jpadilla/pyjwt#778</a></li> <li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/776">jpadilla/pyjwt#776</a></li> <li>Fix typo: priot -> prior by <a href="https://github.com/jdufresne"><code>@jdufresne</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/780">jpadilla/pyjwt#780</a></li> <li>Fix for headers disorder issue by <a href="https://github.com/kadabusha"><code>@kadabusha</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li> <li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li> <li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/786">jpadilla/pyjwt#786</a></li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>@kkirsche</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/784">jpadilla/pyjwt#784</a></li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>@wuhaoyujerry</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/788">jpadilla/pyjwt#788</a></li> <li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/787">jpadilla/pyjwt#787</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/791">jpadilla/pyjwt#791</a></li> <li>Bump version to 2.5.0 by <a href="https://github.com/jpadilla"><code>@jpadilla</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/801">jpadilla/pyjwt#801</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/758">jpadilla/pyjwt#758</a></li> <li><a href="https://github.com/danieltmiles"><code>@danieltmiles</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/753">jpadilla/pyjwt#753</a></li> <li><a href="https://github.com/leonsmith"><code>@leonsmith</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/732">jpadilla/pyjwt#732</a></li> <li><a href="https://github.com/mgorny"><code>@mgorny</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/765">jpadilla/pyjwt#765</a></li> <li><a href="https://github.com/DaGuich"><code>@DaGuich</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/762">jpadilla/pyjwt#762</a></li> <li><a href="https://github.com/brandon-leapyear"><code>@brandon-leapyear</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/747">jpadilla/pyjwt#747</a></li> <li><a href="https://github.com/sirosen"><code>@sirosen</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/773">jpadilla/pyjwt#773</a></li> <li><a href="https://github.com/kadabusha"><code>@kadabusha</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/721">jpadilla/pyjwt#721</a></li> <li><a href="https://github.com/JulianMaurin"><code>@JulianMaurin</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/782">jpadilla/pyjwt#782</a></li> <li><a href="https://github.com/wuhaoyujerry"><code>@wuhaoyujerry</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/781">jpadilla/pyjwt#781</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.5.0 <https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0></code>__</h2> <p>Changed</p> <pre><code> - Skip keys with incompatible alg when loading JWKSet by @DaGuich in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__ - Remove support for python3.6 by @sirosen in `[#777](jpadilla/pyjwt#777) <https://github.com/jpadilla/pyjwt/pull/777>`__ - Emit a deprecation warning for unsupported kwargs by @sirosen in `[#776](jpadilla/pyjwt#776) <https://github.com/jpadilla/pyjwt/pull/776>`__ - Remove redundant wheel dep from pyproject.toml by @mgorny in `[#765](jpadilla/pyjwt#765) <https://github.com/jpadilla/pyjwt/pull/765>`__ - Do not fail when an unusable key occurs by @DaGuich in `[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762>`__ - Update audience typing by @JulianMaurin in `[#782](jpadilla/pyjwt#782) <https://github.com/jpadilla/pyjwt/pull/782>`__ - Improve PyJWKSet error accuracy by @JulianMaurin in `[#786](jpadilla/pyjwt#786) <https://github.com/jpadilla/pyjwt/pull/786>`__ - Mypy as pre-commit check + api_jws typing by @JulianMaurin in `[#787](jpadilla/pyjwt#787) <https://github.com/jpadilla/pyjwt/pull/787>`__ <p>Fixed</p> <pre><code> - Adjust expected exceptions in option merging tests for PyPy3 by @mgorny in `[#763](jpadilla/pyjwt#763) &lt;https://github.com/jpadilla/pyjwt/pull/763&gt;`__ - Fixes for pyright on strict mode by @brandon-leapyear in `[#747](jpadilla/pyjwt#747) &lt;https://github.com/jpadilla/pyjwt/pull/747&gt;`__ - docs: fix simple typo, iinstance -&gt; isinstance by @timgates42 in `[#774](jpadilla/pyjwt#774) &lt;https://github.com/jpadilla/pyjwt/pull/774&gt;`__ - Fix typo: priot -&gt; prior by @jdufresne in `[#780](jpadilla/pyjwt#780) &lt;https://github.com/jpadilla/pyjwt/pull/780&gt;`__ - Fix for headers disorder issue by @kadabusha in `[#721](jpadilla/pyjwt#721) &lt;https://github.com/jpadilla/pyjwt/pull/721&gt;`__ Added </code></pre> <ul> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>@leonsmith</code></a> in <code>[#732](jpadilla/pyjwt#732) &lt;https://github.com/jpadilla/pyjwt/pull/732&gt;</code>__</li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <code>[#773](jpadilla/pyjwt#773) &lt;https://github.com/jpadilla/pyjwt/pull/773&gt;</code>__</li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>@kkirsche</code></a> in <code>[#784](jpadilla/pyjwt#784) &lt;https://github.com/jpadilla/pyjwt/pull/784&gt;</code>__</li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>@wuhaoyujerry</code></a> in <code>[#781](jpadilla/pyjwt#781) &lt;https://github.com/jpadilla/pyjwt/pull/781&gt;</code>__ </code></pre></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jpadilla/pyjwt/commit/c9006103b56359b3ad788bb2e380ef17dfe59b05"><code>c900610</code></a> Bump version to 2.5.0 (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/801">#801</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/5ecbafc366ebc4940ce4eac81350bc41887a4433"><code>5ecbafc</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/791">#791</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/f827be366cc2560266a412697b5194ee4782b510"><code>f827be3</code></a> Mypy as pre-commit check + api_jws typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/787">#787</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/e8780abdd561963e3b0ca49ecec8b8519a793f75"><code>e8780ab</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/788">#788</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/fc5b94eb3575254caba599218246616c75fecdc7"><code>fc5b94e</code></a> Add cacheing functionality for JWK set (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/781">#781</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/ae3da7469ff8c28b726e082cd671997e09b19d55"><code>ae3da74</code></a> Add type hints to jwt/help.py and add missing types dependency (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/784">#784</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/435e826da56a105da51176355a29cdc00420f4c1"><code>435e826</code></a> Improve PyJWKSet error accuracy (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/786">#786</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/98a5c1d61ee180f5b3574e142f5938d24146ee99"><code>98a5c1d</code></a> Update audience typing (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/782">#782</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/0bef0fbff5c245668578a43774d8620bdba4a6f7"><code>0bef0fb</code></a> Fix for headers disorder issue (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/721">#721</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/c8fda69f09bc293960c141288633fbd1399e0b2b"><code>c8fda69</code></a> Fix typo: priot -> prior (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/780">#780</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
bors bot
added a commit
to microsoft/Qcodes
that referenced
this pull request
Oct 20, 2022
4745: Update pyjwt requirement from ~=2.5.0 to ~=2.6.0 r=jenshnielsen a=dependabot[bot] Updates the requirements on [pyjwt](https://github.com/jpadilla/pyjwt) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.6.0 <https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0></code>__</h2> <p>Changed</p> <pre><code> - bump up cryptography >= 3.4.0 by `@jpadilla` in `[#807](jpadilla/pyjwt#807) <https://github.com/jpadilla/pyjwt/pull/807>`_ - Remove `types-cryptography` from `crypto` extra by `@lautat` in `[#805](jpadilla/pyjwt#805) <https://github.com/jpadilla/pyjwt/pull/805>`_ <p>Fixed</p> <pre><code> - Invalidate token on the exact second the token expires `[#797](jpadilla/pyjwt#797) &lt;https://github.com/jpadilla/pyjwt/pull/797&gt;`_ - fix: version 2.5.0 heading typo by `@c0state` in `[#803](jpadilla/pyjwt#803) &lt;https://github.com/jpadilla/pyjwt/pull/803&gt;`_ Added </code></pre> <ul> <li>Adding validation for <code>issued_at</code> when <code>iat &gt; (now + leeway)</code> as <code>ImmatureSignatureError</code> by <a href="https://github.com/sriharan16"><code>`@sriharan16</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/794">jpadilla/pyjwt#794</a></li> </ul> <h2><code>v2.5.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0&gt;</code>__</h2> <p>Changed </code></pre></p> <ul> <li>Skip keys with incompatible alg when loading JWKSet by <a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` in <code>[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762></code>__</li> <li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#777](jpadilla/pyjwt#777) <https://github.com/jpadilla/pyjwt/pull/777></code>__</li> <li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#776](jpadilla/pyjwt#776) <https://github.com/jpadilla/pyjwt/pull/776></code>__</li> <li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>`@mgorny</code></a>` in <code>[#765](jpadilla/pyjwt#765) <https://github.com/jpadilla/pyjwt/pull/765></code>__</li> <li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` in <code>[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762></code>__</li> <li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <code>[#782](jpadilla/pyjwt#782) <https://github.com/jpadilla/pyjwt/pull/782></code>__</li> <li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <code>[#786](jpadilla/pyjwt#786) <https://github.com/jpadilla/pyjwt/pull/786></code>__</li> <li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <code>[#787](jpadilla/pyjwt#787) <https://github.com/jpadilla/pyjwt/pull/787></code>__</li> </ul> <p>Fixed</p> <pre><code> - Adjust expected exceptions in option merging tests for PyPy3 by `@mgorny` in `[#763](jpadilla/pyjwt#763) <https://github.com/jpadilla/pyjwt/pull/763>`__ - Fixes for pyright on strict mode by `@brandon-leapyear` in `[#747](jpadilla/pyjwt#747) <https://github.com/jpadilla/pyjwt/pull/747>`__ - docs: fix simple typo, iinstance -> isinstance by `@timgates42` in `[#774](jpadilla/pyjwt#774) <https://github.com/jpadilla/pyjwt/pull/774>`__ - Fix typo: priot -> prior by `@jdufresne` in `[#780](jpadilla/pyjwt#780) <https://github.com/jpadilla/pyjwt/pull/780>`__ - Fix for headers disorder issue by `@kadabusha` in `[#721](jpadilla/pyjwt#721) <https://github.com/jpadilla/pyjwt/pull/721>`__ <p>Added </code></pre></p> <ul> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` in <code>[#732](jpadilla/pyjwt#732) <https://github.com/jpadilla/pyjwt/pull/732></code>__</li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#773](jpadilla/pyjwt#773) <https://github.com/jpadilla/pyjwt/pull/773></code>__</li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@kkirsche</code></a>` in <code>[#784](jpadilla/pyjwt#784) <https://github.com/jpadilla/pyjwt/pull/784></code>__</li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` in <code>[#781](jpadilla/pyjwt#781) <https://github.com/jpadilla/pyjwt/pull/781></code>__</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jpadilla/pyjwt/commits">compare view</a></li> </ul> </details> <br /> You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 4746: Update pandas requirement from ~=1.5.0 to ~=1.5.1 r=jenshnielsen a=dependabot[bot] Updates the requirements on [pandas](https://github.com/pandas-dev/pandas) to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pandas-dev/pandas/releases">pandas's releases</a>.</em></p> <blockquote> <h2>Pandas 1.5.1</h2> <p>This is a patch release in the 1.5.x series and includes some regression and bug fixes. We recommend that all users upgrade to this version.</p> <p>See the <a href="https://pandas.pydata.org/pandas-docs/version/1.5.1/whatsnew/v1.5.1.html">full whatsnew</a> for a list of all the changes.</p> <p>The release will be available on the defaults and conda-forge channels:</p> <pre><code>conda install pandas </code></pre> <p>Or via PyPI:</p> <pre><code>python3 -m pip install --upgrade pandas </code></pre> <p>Please report any issues with the release on the <a href="https://github.com/pandas-dev/pandas/issues">pandas issue tracker</a>.</p> <p>Thanks to all the contributors who made this release possible.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pandas-dev/pandas/commit/91111fd99898d9dcaa6bf6bedb662db4108da6e6"><code>91111fd</code></a> RLS: 1.5.1</li> <li><a href="https://github.com/pandas-dev/pandas/commit/72863856504a4e906fc603f9e4624f251b614828"><code>7286385</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49162">#49162</a> on branch 1.5.x (PERF: Fix performance regression for isin...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/8429c50a279ba953514d1ca4d4a2bcef5e23ecc9"><code>8429c50</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49140">#49140</a> on branch 1.5.x (Revert "PERF: faster corrwith method for ...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/5b036c1c35890c44531f796f5dca92796276b2b5"><code>5b036c1</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49137">#49137</a> on branch 1.5.x (WEB/DOC: Fix typo in OVH name) (<a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49138">#49138</a>)</li> <li><a href="https://github.com/pandas-dev/pandas/commit/ea971acb948d16e284a38292cd615a5eb7c055ab"><code>ea971ac</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/48770">#48770</a> on branch 1.5.x (added sytle in stylesheet for <blockquote...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/27717a20061aaedda0d3e5de8461835e952c49f3"><code>27717a2</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49080">#49080</a> on branch 1.5.x (REGR: midx.values resetting freq of under...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/c58f2057b8c8a7fa79654c45a83c963c013a3aa3"><code>c58f205</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/48457">#48457</a> on branch 1.5.x (TST: Fix unsigned pyarrow types in SIGNED...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/072402b58cbd87c2106413a37213c0b6020e34b1"><code>072402b</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49053">#49053</a> on branch 1.5.x (REVERT caching in find_stack_level) (<a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49079">#49079</a>)</li> <li><a href="https://github.com/pandas-dev/pandas/commit/f9eebaf9de23aa9c5debdd86524615b22c23025f"><code>f9eebaf</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49072">#49072</a> on branch 1.5.x (BUG: redirect from meeting to community w...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/b8d2f461767e1e2124a08c17be69bf0f847c882e"><code>b8d2f46</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49070">#49070</a> on branch 1.5.x (CI: Fix DeprecationWarning of numpy dev) ...</li> <li>Additional commits viewable in <a href="https://github.com/pandas-dev/pandas/compare/v1.5.0...v1.5.1">compare view</a></li> </ul> </details> <br /> You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 4748: Bump scipy from 1.9.2 to 1.9.3 r=jenshnielsen a=dependabot[bot] Bumps [scipy](https://github.com/scipy/scipy) from 1.9.2 to 1.9.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/scipy/scipy/releases">scipy's releases</a>.</em></p> <blockquote> <h1>SciPy 1.9.3 Release Notes</h1> <p>SciPy <code>1.9.3</code> is a bug-fix release with no new features compared to <code>1.9.2</code>.</p> <h1>Authors</h1> <ul> <li>Jelle Aalbers (1)</li> <li>Peter Bell (1)</li> <li>Jake Bowhay (3)</li> <li>Matthew Brett (3)</li> <li>Evgeni Burovski (5)</li> <li>drpeteb (1) +</li> <li>Sebastian Ehlert (1) +</li> <li>GavinZhang (1) +</li> <li>Ralf Gommers (2)</li> <li>Matt Haberland (15)</li> <li>Lakshaya Inani (1) +</li> <li>Joseph T. Iosue (1)</li> <li>Nathan Jacobi (1) +</li> <li>jmkuebler (1) +</li> <li>Nikita Karetnikov (1) +</li> <li>Lechnio (1) +</li> <li>Nicholas McKibben (1)</li> <li>Andrew Nelson (1)</li> <li>o-alexandre-felipe (1) +</li> <li>Tirth Patel (1)</li> <li>Tyler Reddy (51)</li> <li>Martin Reinecke (1)</li> <li>Marie Roald (1) +</li> <li>Pamphile Roy (2)</li> <li>Eli Schwartz (1)</li> <li>serge-sans-paille (1)</li> <li>ehsan shirvanian (1) +</li> <li>Mamoru TASAKA (1) +</li> <li>Samuel Wallan (1)</li> <li>Warren Weckesser (7)</li> <li>Gavin Zhang (1) +</li> </ul> <p>A total of 31 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/scipy/scipy/commit/de80faf9d3480b9dbb9b888568b64499e0e70c19"><code>de80faf</code></a> REL: set 1.9.3 released [wheel build]</li> <li><a href="https://github.com/scipy/scipy/commit/25e6b901077646cbdaf0a022ff63d55b2c40b114"><code>25e6b90</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17239">#17239</a> from tylerjereddy/treddy_backport_193</li> <li><a href="https://github.com/scipy/scipy/commit/ba33e438f948d5e147755aff0e63f6a01f5bc676"><code>ba33e43</code></a> DOC: update 1.9.3 relnotes</li> <li><a href="https://github.com/scipy/scipy/commit/92d892efaf689c1be970370cd9b33678482fb1fd"><code>92d892e</code></a> MAINT: Handle numpy's deprecation of accepting out-of-bound integers.</li> <li><a href="https://github.com/scipy/scipy/commit/ba5f6daa1d855f43f9f0d19f51386285b2835ce8"><code>ba5f6da</code></a> MAINT: PR 17239 revisions</li> <li><a href="https://github.com/scipy/scipy/commit/381089e753b42c26faf3fb689fc82f7a5c34c422"><code>381089e</code></a> DOC: update 1.9.3 relnotes</li> <li><a href="https://github.com/scipy/scipy/commit/2db3440cfd768009847fb355f3da53fc8c562ea3"><code>2db3440</code></a> BLD: fix invalid shebang for build helper script</li> <li><a href="https://github.com/scipy/scipy/commit/a9a6582a38e23f178ddaed874d1bc65de3313cb2"><code>a9a6582</code></a> DOC: stats.mode: add versionadded tag and correct order of keepdims descripti...</li> <li><a href="https://github.com/scipy/scipy/commit/f4738889bd34d294cfcbd4aaed8c914fe961a0fd"><code>f473888</code></a> BLD: fix issue with incomplete threads dependency handling (<a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17200">#17200</a>)</li> <li><a href="https://github.com/scipy/scipy/commit/5370f15752eef1f62773236704d6339fa4d4e99c"><code>5370f15</code></a> MAINT: update meson.build to make it work on IBM i system (<a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17193">#17193</a>)</li> <li>Additional commits viewable in <a href="https://github.com/scipy/scipy/compare/v1.9.2...v1.9.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Where can the docs be found? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
The current PyJWT library only support caching of single signing key. Ref to #611
Even though it avoids the network call when the services periodically calling
get_signing_keywith samekid, the current implementation doesn't have any TTL, so the cache is stored forever. Also, it still makes network call when differentkidis provided.Solution & Implantation
JWKSetCacheobject that stores jwk set with current timestampkidfrom the jwk set, it will make a new network call to get a new jwk set and check again in new set. Raise error if still cannot find the signing key with matching kid.get_signing_keyby default as suggested from this comment Cache signing keys #611 (comment)