Update Mend: high confidence minor and patch dependency updates

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
PyGitHub	==2.6.1 -> ==2.8.1
PyJWT	==2.3.0 -> ==2.10.1
blinker	==1.4 -> ==1.9.0
codespell	==2.2.1 -> ==2.4.1
distro	==1.7.0 -> ==1.9.0
grpcio (source)	==1.47.0 -> ==1.75.1
importlib-metadata	==4.6.4 -> ==4.13.0
more-itertools	==8.10.0 -> ==8.14.0
packaging	==24.1 -> ==24.2
pip (changelog)	==24.1.1 -> ==24.3.1
protobuf	==4.25.3 -> ==4.25.8
pyarrow	==18.0.0 -> ==18.1.0
pygithub	==1.43.5 -> ==1.59.1
requests (source, changelog)	==2.32.3 -> ==2.32.5
scipy	==1.12.0 -> ==1.16.2
six	==1.16.0 -> ==1.17.0
tabulate	==0.8.6 -> ==0.9.0
yamllint	==1.26.3 -> ==1.37.1

---

Release Notes

pygithub/pygithub (PyGitHub)

v2.8.1

Compare Source

What's Changed

Bug Fixes

• Use default type if known type is not supported by @​EnricoMi in PyGithub/PyGithub#3365

Full Changelog: PyGithub/PyGithub@v2.8.0...v2.8.1

v2.8.0

Compare Source

What's Changed

New Features

• Add self hosted runner management to Organization by @​billnapier in PyGithub/PyGithub#3203
• Add support to generate release notes by @​mball-agathos in PyGithub/PyGithub#3022

Improvements

• Fix connection pooling to improve connection performance by @​chriskuehl in PyGithub/PyGithub#3289
• Add Repository.get_automated_security_fixes method by @​zstyblik in PyGithub/PyGithub#3303
• Sync Issue class with API spec by @​EnricoMi in PyGithub/PyGithub#3338
• Return more union classes like NamedUser | Organization | Enterprise by @​EnricoMi in PyGithub/PyGithub#3224
• Sync Enterprise class with API spec by @​EnricoMi in PyGithub/PyGithub#3342
• Sync GitReleaseAsset class with API spec by @​EnricoMi in PyGithub/PyGithub#3343
• Sync many class with OpenAPI spec by @​EnricoMi in PyGithub/PyGithub#3344
• Point deprecation warnings to the caller code rather than inner class by @​xmo-odoo in PyGithub/PyGithub#3275
• Allow for repo strings in all Team repo methods by @​EnricoMi in PyGithub/PyGithub#3356

Bug Fixes

• Fix API path of Repository.get_git_ref by @​csalerno-asml in PyGithub/PyGithub#2992
• Rework redirection URL allowance check by @​EnricoMi in PyGithub/PyGithub#3329
• Fix GitRelease.name, deprecate GitRelease.title by @​EnricoMi in PyGithub/PyGithub#3346
• Remove "COMMENT" as the default event for create_review by @​eddie-santos in PyGithub/PyGithub#3078
• Add support for public release assets by @​aolieman in PyGithub/PyGithub#3339
• Fix GitHub breaking API change of maintainers in Organization.create_team by @​interifter in PyGithub/PyGithub#3291

Maintenance

• Minor fix to release.yml by @​EnricoMi in PyGithub/PyGithub#3201
• Reduce test replay data by @​EnricoMi in PyGithub/PyGithub#3243
• Add check to OpenAPI script to check doc-string verbs by @​EnricoMi in PyGithub/PyGithub#3332
• Improve apply OpenAPI schemas by @​EnricoMi in PyGithub/PyGithub#3333
• Add config to OpenAPI script to ignore schemas by @​EnricoMi in PyGithub/PyGithub#3334
• Add suggest and create method feature to OpenAPI script by @​EnricoMi in PyGithub/PyGithub#3318
• Fix CI OpenApi apply command by @​EnricoMi in PyGithub/PyGithub#3341
• Improve OpenAPI scripts by @​EnricoMi in PyGithub/PyGithub#3340
• Improve OpenAPI CI by @​EnricoMi in PyGithub/PyGithub#3347
• Rework test framework by @​EnricoMi in PyGithub/PyGithub#3271
• Some minor fixes to OpenAPI scripts by @​EnricoMi in PyGithub/PyGithub#3350
• Add manual workflow to fix auto-fixable issues by @​EnricoMi in PyGithub/PyGithub#3351
• Bump actions/download-artifact from 4 to 5 by @​dependabot[bot] in PyGithub/PyGithub#3330
• Use default per-page const in PaginatedList by @​sam93210 in PyGithub/PyGithub#3039
• Bump actions/setup-python from 4 to 5 by @​dependabot[bot] in PyGithub/PyGithub#3283
• Bump actions/checkout from 3 to 5 by @​dependabot[bot] in PyGithub/PyGithub#3348
• Various minor OpenAPI scripts fixes by @​EnricoMi in PyGithub/PyGithub#3353
• Add union class support to OpenAPI script by @​EnricoMi in PyGithub/PyGithub#3354
• Add github_actions label to Maintenance section by @​EnricoMi in PyGithub/PyGithub#3357
• Upgrade docformatter pre-commit hook by @​EnricoMi in PyGithub/PyGithub#3359
• Add warning about Checks API in doc-strings by @​atodorov in PyGithub/PyGithub#3229
• Update docs on development by @​EnricoMi in PyGithub/PyGithub#3352

New Contributors

• @​chriskuehl made their first contribution in PyGithub/PyGithub#3289
• @​zstyblik made their first contribution in PyGithub/PyGithub#3303
• @​csalerno-asml made their first contribution in PyGithub/PyGithub#2992
• @​eddie-santos made their first contribution in PyGithub/PyGithub#3078
• @​aolieman made their first contribution in PyGithub/PyGithub#3339
• @​sam93210 made their first contribution in PyGithub/PyGithub#3039
• @​mball-agathos made their first contribution in PyGithub/PyGithub#3022
• @​atodorov made their first contribution in PyGithub/PyGithub#3229
• @​interifter made their first contribution in PyGithub/PyGithub#3291

Full Changelog: PyGithub/PyGithub@v2.7.0...v2.8.0

v2.7.0

Compare Source

What's Changed

Breaking Changes

• Method Github.get_rate_limit() now returns RateLimitOverview rather than RateLimit (PyGithub/PyGithub#3205).

Code like

gh.get_rate_limit().core.remaining

should be replaced with

gh.get_rate_limit().resources.core.remaining

• Method GitTag.verification now returns GitCommitVerification rather than dict[str, Any] (PyGithub/PyGithub#3226).

Code like

tag.verification["reason"]
tag.verification.get("reason")

should be replaced with

tag.verification.reason

New Features

• Add getting list of self-hosted runners of organization by @​climbfuji in PyGithub/PyGithub#3190
• Apply OpenAPI spec by @​EnricoMi in PyGithub/PyGithub#3317
• Add support for Sub-Issues by @​e7217 in PyGithub/PyGithub#3258

Improvements

• Refactor search results into separate classes by @​EnricoMi in PyGithub/PyGithub#3204
• Add OrganizationInvitation by @​EnricoMi in PyGithub/PyGithub#3207
• Add and apply missing schemas by @​EnricoMi in PyGithub/PyGithub#3209
• Sync RepositoryAdvisory tests with OpenAPI spec by @​EnricoMi in PyGithub/PyGithub#3215
• Sync ProjectColumn and ProjectCard tests with OpenAPI spec by @​EnricoMi in PyGithub/PyGithub#3216
• Sync CopilotSeat class with API spec by @​EnricoMi in PyGithub/PyGithub#3232
• Sync HookDeliverySummary class with API spec by @​EnricoMi in PyGithub/PyGithub#3233
• Sync RequiredPullRequestReviews class with API spec by @​EnricoMi in PyGithub/PyGithub#3234
• Sync RequiredStatusChecks class with API spec by @​EnricoMi in PyGithub/PyGithub#3236
• Sync Team class with API spec by @​EnricoMi in PyGithub/PyGithub#3237
• Replace deprecated.deprecated() with typing_extensions.deprecated() by @​lazka in PyGithub/PyGithub#3255
• fix(CodeScanAlert): add missing attributes by @​ReenigneArcher in PyGithub/PyGithub#3274
• Allow SHAs when creating PR comments by @​tuchfarber in PyGithub/PyGithub#3248
• Get collaborator role name by @​jmgate in PyGithub/PyGithub#3295
• Adding prevent_self_review property to Repository.createEnvironment by @​gopidesupavan in PyGithub/PyGithub#3246
• Add PullRequest.get_issue_timeline method by @​kukarkinmm in PyGithub/PyGithub#3259
• Support built-in reversed() on PaginatedList by @​mfocko in PyGithub/PyGithub#3260
• Relax 404 condition in Requester exception handling by @​jsmolar in PyGithub/PyGithub#3299
• Add delete_self_hosted_runner to Organization by @​uncleDecart in PyGithub/PyGithub#3306

Bug Fixes

• Fix broken pickle support for Auth classes by @​EnricoMi in PyGithub/PyGithub#3211
• Remove schema from Deployment, remove message attribute by @​EnricoMi in PyGithub/PyGithub#3223
• Fix incorrect deprecated import by @​EnricoMi in PyGithub/PyGithub#3225
• Add CodeSecurityConfigRepository returned by get_repos_for_code_security_config by @​EnricoMi in PyGithub/PyGithub#3219
• Fix Branch.get_required_status_checks return type by @​EnricoMi in PyGithub/PyGithub#3235
• Adds multi_select and true_false options to CustomProperty.value_type by @​gfog-floqast in PyGithub/PyGithub#3173
• Fix url encoding of strings with slashes in URLs by @​OscarVanL in PyGithub/PyGithub#3263
• Fix side-effect when removing Authorization key from headers by @​alecglen in PyGithub/PyGithub#3313
• Make TimingData.run_duration_ms optional by @​LifeLex in PyGithub/PyGithub#3268
• Normalize App ID to String & Enhance JWT Issuer Verification by @​x612skm in PyGithub/PyGithub#3272

Dependencies

• Bump actions/checkout from 3 to 4 by @​dependabot[bot] in PyGithub/PyGithub#2754

Maintenance

• Mention removal of AppAuth.private_key in changelog by @​EnricoMi in PyGithub/PyGithub#3212
• Remove wrong schema from Repository by @​EnricoMi in PyGithub/PyGithub#3220
• Rename HookDeliveryRequest and …Response private headers fields by @​EnricoMi in PyGithub/PyGithub#3221
• Sort classes' functions by @​EnricoMi in PyGithub/PyGithub#3231
• Move all Python files to future annotations by @​EnricoMi in PyGithub/PyGithub#3241
• Fix return type of PaginatedList[int] by @​EnricoMi in PyGithub/PyGithub#3240
• Sync with OpenAPI spec by @​EnricoMi in PyGithub/PyGithub#3244
• Make token auth default in tests by @​EnricoMi in PyGithub/PyGithub#3242
• Add Organization.get_repos_for_code_security_config test by @​billnapier in PyGithub/PyGithub#3239
• Add Python 3.13 to CI by @​lazka in PyGithub/PyGithub#3253
• Enhance PyGithub webhook documentation by @​ssganesh035 in PyGithub/PyGithub#3267
• Create codeql.yml by @​JLLeitschuh in PyGithub/PyGithub#3277
• Add schema to TimingData by @​EnricoMi in PyGithub/PyGithub#3206
• Remove error schemas from classes by @​EnricoMi in PyGithub/PyGithub#3202

New Contributors

• @​ssganesh035 made their first contribution in PyGithub/PyGithub#3267
• @​ReenigneArcher made their first contribution in PyGithub/PyGithub#3274
• @​climbfuji made their first contribution in PyGithub/PyGithub#3190
• @​tuchfarber made their first contribution in PyGithub/PyGithub#3248
• @​jmgate made their first contribution in PyGithub/PyGithub#3295
• @​gopidesupavan made their first contribution in PyGithub/PyGithub#3246
• @​kukarkinmm made their first contribution in PyGithub/PyGithub#3259
• @​mfocko made their first contribution in PyGithub/PyGithub#3260
• @​gfog-floqast made their first contribution in PyGithub/PyGithub#3173
• @​jsmolar made their first contribution in PyGithub/PyGithub#3299
• @​OscarVanL made their first contribution in PyGithub/PyGithub#3263
• @​alecglen made their first contribution in PyGithub/PyGithub#3313
• @​LifeLex made their first contribution in PyGithub/PyGithub#3268
• @​e7217 made their first contribution in PyGithub/PyGithub#3258
• @​x612skm made their first contribution in PyGithub/PyGithub#3272
• @​uncleDecart made their first contribution in PyGithub/PyGithub#3306

Full Changelog: PyGithub/PyGithub@v2.6.0...v2.7.0

jpadilla/pyjwt (PyJWT)

v2.10.1

Compare Source

Fixed

- Validate key against allowed types for Algorithm family in `#&#8203;964 <https://github.com/jpadilla/pyjwt/pull/964>`__
- Add iterator for JWKSet in `#&#8203;1041 <https://github.com/jpadilla/pyjwt/pull/1041>`__
- Validate `iss` claim is a string during encoding and decoding by @&#8203;pachewise in `#&#8203;1040 <https://github.com/jpadilla/pyjwt/pull/1040>`__
- Improve typing/logic for `options` in decode, decode_complete by @&#8203;pachewise in `#&#8203;1045 <https://github.com/jpadilla/pyjwt/pull/1045>`__
- Declare float supported type for lifespan and timeout by @&#8203;nikitagashkov in `#&#8203;1068 <https://github.com/jpadilla/pyjwt/pull/1068>`__

Added

• Docs: Add example of using leeway with nbf by @​djw8605 in #&#8203;1034 <https://github.com/jpadilla/pyjwt/pull/1034>__
• Docs: Refactored docs with autodoc; added PyJWS and jwt.algorithms docs by @​pachewise in #&#8203;1045 <https://github.com/jpadilla/pyjwt/pull/1045>__
• Docs: Documentation improvements for "sub" and "jti" claims by @​cleder in #&#8203;1088 <https://github.com/jpadilla/pyjwt/pull/1088>

v2.10.0

Compare Source

Fixed

- Prevent partial matching of `iss` claim by @&#8203;fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__

v2.9.0

Compare Source

Changed

- Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @&#8203;luhn in `#&#8203;975 <https://github.com/jpadilla/pyjwt/pull/975>`__
- Use ``Sequence`` for parameter types rather than ``List`` where applicable by @&#8203;imnotjames in `#&#8203;970 <https://github.com/jpadilla/pyjwt/pull/970>`__
- Add JWK support to JWT encode by @&#8203;luhn in `#&#8203;979 <https://github.com/jpadilla/pyjwt/pull/979>`__
- Encoding and decoding payloads using the `none` algorithm by @&#8203;jpadilla in `#c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>`

  Before:

  .. code-block:: pycon

   >>> import jwt
   >>> jwt.encode({"payload": "abc"}, key=None, algorithm=None)

  After:

  .. code-block:: pycon

   >>> import jwt
   >>> jwt.encode({"payload": "abc"}, key=None, algorithm="none")

- Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @&#8203;Divan009 in `#&#8203;1005 <https://github.com/jpadilla/pyjwt/pull/1005>`__
- Refactor project configuration files from ``setup.cfg`` to ``pyproject.toml`` by @&#8203;cleder in `#&#8203;995 <https://github.com/jpadilla/pyjwt/pull/995>`__
- Ruff linter and formatter changes by @&#8203;gagandeepp in `#&#8203;1001 <https://github.com/jpadilla/pyjwt/pull/1001>`__
- Drop support for Python 3.8 (EOL) by @&#8203;kkirsche in `#&#8203;1007 <https://github.com/jpadilla/pyjwt/pull/1007>`__

Fixed
~~~~~

- Encode EC keys with a fixed bit length by @&#8203;etianen in `#&#8203;990 <https://github.com/jpadilla/pyjwt/pull/990>`__
- Add an RTD config file to resolve Read the Docs build failures by @&#8203;kurtmckee in `#&#8203;977 <https://github.com/jpadilla/pyjwt/pull/977>`__
- Docs: Update ``iat`` exception docs by @&#8203;pachewise in `#&#8203;974 <https://github.com/jpadilla/pyjwt/pull/974>`__
- Docs: Fix ``decode_complete`` scope and algorithms by @&#8203;RbnRncn in `#&#8203;982 <https://github.com/jpadilla/pyjwt/pull/982>`__
- Fix doctest for ``docs/usage.rst`` by @&#8203;pachewise in `#&#8203;986 <https://github.com/jpadilla/pyjwt/pull/986>`__
- Fix ``test_utils.py`` not to xfail by @&#8203;pachewise in `#&#8203;987 <https://github.com/jpadilla/pyjwt/pull/987>`__
- Docs: Correct `jwt.decode` audience param doc expression by @&#8203;peter279k in `#&#8203;994 <https://github.com/jpadilla/pyjwt/pull/994>`__

Added
~~~~~

- Add support for python 3.13 by @&#8203;hugovk in `#&#8203;972 <https://github.com/jpadilla/pyjwt/pull/972>`__
- Create SECURITY.md by @&#8203;auvipy and @&#8203;jpadilla in `#&#8203;973 <https://github.com/jpadilla/pyjwt/pull/973>`__
- Docs: Add PS256 encoding and decoding usage by @&#8203;peter279k in `#&#8203;992 <https://github.com/jpadilla/pyjwt/pull/992>`__
- Docs: Add API docs for PyJWK by @&#8203;luhn in `#&#8203;980 <https://github.com/jpadilla/pyjwt/pull/980>`__
- Docs: Add EdDSA algorithm encoding/decoding usage by @&#8203;peter279k in `#&#8203;993 <https://github.com/jpadilla/pyjwt/pull/993>`__
- Include checkers and linters for ``pyproject.toml`` in ``pre-commit`` by @&#8203;cleder in `#&#8203;1002 <https://github.com/jpadilla/pyjwt/pull/1002>`__
- Docs: Add ES256 decoding usage by @&#8203;Gautam-Hegde in `#&#8203;1003 <https://github.com/jpadilla/pyjwt/pull/1003>`

v2.8.0

Compare Source

Changed

- Drop support for Python 3.7 (EOL) by @&#8203;hugovk in `#&#8203;910 <https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by @&#8203;mattpollak in `#&#8203;913 <https://github.com/jpadilla/pyjwt/pull/913>`__

Fixed
~~~~~

- Fix unnecessary string concatenation by @&#8203;sirosen in `#&#8203;904 <https://github.com/jpadilla/pyjwt/pull/904>`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option by @&#8203;woodruffw in `#&#8203;923 <https://github.com/jpadilla/pyjwt/pull/923>`__
- Fix docs step by @&#8203;jpadilla in `#&#8203;950 <https://github.com/jpadilla/pyjwt/pull/950>`__
- Fix: Remove an unused variable from example code block by @&#8203;kenkoooo in `#&#8203;958 <https://github.com/jpadilla/pyjwt/pull/958>`__

Added
~~~~~

- Add support for Python 3.12 by @&#8203;hugovk in `#&#8203;910 <https://github.com/jpadilla/pyjwt/pull/910>`__
- Improve performance of ``is_ssh_key`` + add unit test by @&#8203;bdraco in `#&#8203;940 <https://github.com/jpadilla/pyjwt/pull/940>`__
- Allow ``jwt.decode()`` to accept a PyJWK object by @&#8203;luhn in `#&#8203;886 <https://github.com/jpadilla/pyjwt/pull/886>`__
- Make ``algorithm_name`` attribute available on PyJWK by @&#8203;luhn in `#&#8203;886 <https://github.com/jpadilla/pyjwt/pull/886>`__
- Raise ``InvalidKeyError`` on invalid PEM keys to be compatible with cryptography 42.x.x by @&#8203;CollinEMac in `#&#8203;952 <https://github.com/jpadilla/pyjwt/pull/952>`__
- Raise an exception when required cryptography dependency is missing by @&#8203;tobloef in `<https://github.com/jpadilla/pyjwt/pull/963>`__

v2.7.0

Compare Source

Changed

- Update python version test matrix by @&#8203;auvipy in `#&#8203;895 <https://github.com/jpadilla/pyjwt/pull/895>`__

Fixed
~~~~~

Added
~~~~~

- Add ``strict_aud`` as an option to ``jwt.decode`` by @&#8203;woodruffw in `#&#8203;902 <https://github.com/jpadilla/pyjwt/pull/902>`__
- Export PyJWKClientConnectionError class by @&#8203;daviddavis in `#&#8203;887 <https://github.com/jpadilla/pyjwt/pull/887>`__
- Allows passing of ssl.SSLContext to PyJWKClient by @&#8203;juur in `#&#8203;891 <https://github.com/jpadilla/pyjwt/pull/891>`__

v2.6.0

Compare Source

Changed

- Changed the error message when the token audience doesn't match the expected audience by @&#8203;irdkwmnsb `#&#8203;809 <https://github.com/jpadilla/pyjwt/pull/809>`__
- Improve error messages when cryptography isn't installed by @&#8203;Viicos in `#&#8203;846 <https://github.com/jpadilla/pyjwt/pull/846>`__
- Make `Algorithm` an abstract base class by @&#8203;Viicos in `#&#8203;845 <https://github.com/jpadilla/pyjwt/pull/845>`__
- ignore invalid keys in a jwks by @&#8203;timw6n in `#&#8203;863 <https://github.com/jpadilla/pyjwt/pull/863>`__

Fixed
~~~~~

- Add classifier for Python 3.11 by @&#8203;eseifert in `#&#8203;818 <https://github.com/jpadilla/pyjwt/pull/818>`__
- Fix ``_validate_iat`` validation by @&#8203;Viicos in `#&#8203;847 <https://github.com/jpadilla/pyjwt/pull/847>`__
- fix: use datetime.datetime.timestamp function to have a milliseconds by @&#8203;daillouf `#&#8203;821 <https://github.com/jpadilla/pyjwt/pull/821>`__
- docs: correct mistake in the changelog about verify param by @&#8203;gbillig in `#&#8203;866 <https://github.com/jpadilla/pyjwt/pull/866>`__

Added
~~~~~

- Add ``compute_hash_digest`` as a method of ``Algorithm`` objects, which uses
  the underlying hash algorithm to compute a digest. If there is no appropriate
  hash algorithm, a ``NotImplementedError`` will be raised in `#&#8203;775 <https://github.com/jpadilla/pyjwt/pull/775>`__
- Add optional ``headers`` argument to ``PyJWKClient``. If provided, the headers
  will be included in requests that the client uses when fetching the JWK set by @&#8203;thundercat1 in `#&#8203;823 <https://github.com/jpadilla/pyjwt/pull/823>`__
- Add PyJWT._{de,en}code_payload hooks by @&#8203;akx in `#&#8203;829 <https://github.com/jpadilla/pyjwt/pull/829>`__
- Add `sort_headers` parameter to `api_jwt.encode` by @&#8203;evroon in `#&#8203;832 <https://github.com/jpadilla/pyjwt/pull/832>`__
- Make mypy configuration stricter and improve typing by @&#8203;akx in `#&#8203;830 <https://github.com/jpadilla/pyjwt/pull/830>`__
- Add more types by @&#8203;Viicos in `#&#8203;843 <https://github.com/jpadilla/pyjwt/pull/843>`__
- Add a timeout for PyJWKClient requests by @&#8203;daviddavis in `#&#8203;875 <https://github.com/jpadilla/pyjwt/pull/875>`__
- Add client connection error exception by @&#8203;daviddavis in `#&#8203;876 <https://github.com/jpadilla/pyjwt/pull/876>`__
- Add complete types to take all allowed keys into account by @&#8203;Viicos in `#&#8203;873 <https://github.com/jpadilla/pyjwt/pull/873>`__
- Add `as_dict` option to `Algorithm.to_jwk` by @&#8203;fluxth in `#&#8203;881 <https://github.com/jpadilla/pyjwt/pull/881>`__

v2.5.0

Compare Source

Changed

- bump up cryptography >= 3.4.0 by @&#8203;jpadilla in `#&#8203;807 <https://github.com/jpadilla/pyjwt/pull/807>`_
- Remove `types-cryptography` from `crypto` extra by @&#8203;lautat in `#&#8203;805 <https://github.com/jpadilla/pyjwt/pull/805>`_

Fixed
~~~~~

- Invalidate token on the exact second the token expires `#&#8203;797 <https://github.com/jpadilla/pyjwt/pull/797>`_
- fix: version 2.5.0 heading typo by @&#8203;c0state in `#&#8203;803 <https://github.com/jpadilla/pyjwt/pull/803>`_

Added
~~~~~
- Adding validation for `issued_at` when `iat > (now + leeway)` as `ImmatureSignatureError` by @&#8203;sriharan16 in https://github.com/jpadilla/pyjwt/pull/794

v2.4.0

Compare Source

Changed

- Skip keys with incompatible alg when loading JWKSet by @&#8203;DaGuich in `#&#8203;762 <https://github.com/jpadilla/pyjwt/pull/762>`__
- Remove support for python3.6 by @&#8203;sirosen in `#&#8203;777 <https://github.com/jpadilla/pyjwt/pull/777>`__
- Emit a deprecation warning for unsupported kwargs by @&#8203;sirosen in `#&#8203;776 <https://github.com/jpadilla/pyjwt/pull/776>`__
- Remove redundant wheel dep from pyproject.toml by @&#8203;mgorny in `#&#8203;765 <https://github.com/jpadilla/pyjwt/pull/765>`__
- Do not fail when an unusable key occurs by @&#8203;DaGuich in `#&#8203;762 <https://github.com/jpadilla/pyjwt/pull/762>`__
- Update audience typing by @&#8203;JulianMaurin in `#&#8203;782 <https://github.com/jpadilla/pyjwt/pull/782>`__
- Improve PyJWKSet error accuracy by @&#8203;JulianMaurin in `#&#8203;786 <https://github.com/jpadilla/pyjwt/pull/786>`__
- Mypy as pre-commit check + api_jws typing by @&#8203;JulianMaurin in `#&#8203;787 <https://github.com/jpadilla/pyjwt/pull/787>`__

Fixed
~~~~~

- Adjust expected exceptions in option merging tests for PyPy3 by @&#8203;mgorny in `#&#8203;763 <https://github.com/jpadilla/pyjwt/pull/763>`__
- Fixes for pyright on strict mode by @&#8203;brandon-leapyear in `#&#8203;747 <https://github.com/jpadilla/pyjwt/pull/747>`__
- docs: fix simple typo, iinstance -> isinstance by @&#8203;timgates42 in `#&#8203;774 <https://github.com/jpadilla/pyjwt/pull/774>`__
- Fix typo: priot -> prior by @&#8203;jdufresne in `#&#8203;780 <https://github.com/jpadilla/pyjwt/pull/780>`__
- Fix for headers disorder issue by @&#8203;kadabusha in `#&#8203;721 <https://github.com/jpadilla/pyjwt/pull/721>`__

Added
~~~~~

- Add to_jwk static method to ECAlgorithm by @&#8203;leonsmith in `#&#8203;732 <https://github.com/jpadilla/pyjwt/pull/732>`__
- Expose get_algorithm_by_name as new method by @&#8203;sirosen in `#&#8203;773 <https://github.com/jpadilla/pyjwt/pull/773>`__
- Add type hints to jwt/help.py and add missing types dependency by @&#8203;kkirsche in `#&#8203;784 <https://github.com/jpadilla/pyjwt/pull/784>`__
- Add cacheing functionality for JWK set by @&#8203;wuhaoyujerry in `#&#8203;781 <https://github.com/jpadilla/pyjwt/pull/781>`__

pallets-eco/blinker (blinker)

v1.9.0

Compare Source

Released 2024-11-08

• Drop support for Python 3.8. :pr:175
• Remove previously deprecated __version__, receiver_connected,
  Signal.temporarily_connected_to and WeakNamespace. :pr:172
• Skip weakref signal cleanup if the interpreter is shutting down.
  :issue:173

v1.8.2

Compare Source

Released 2024-05-06

• Simplify type for _async_wrapper and _sync_wrapper arguments.
  :pr:156

v1.8.1

Compare Source

Released 2024-04-28

• Restore identity handling for str and int senders. :pr:148
• Fix deprecated blinker.base.WeakNamespace import. :pr:149
• Fix deprecated blinker.base.receiver_connected import. :pr:153
• Use types from collections.abc instead of typing. :pr:150
• Fully specify exported types as reported by pyright. :pr:152

v1.8.0

Compare Source

Released 2024-04-27

• Deprecate the __version__ attribute. Use feature detection, or
  importlib.metadata.version("blinker"), instead. :issue:128
• Specify that the deprecated temporarily_connected_to will be removed in
  the next version.
• Show a deprecation warning for the deprecated global receiver_connected
  signal and specify that it will be removed in the next version.
• Show a deprecation warning for the deprecated WeakNamespace and specify
  that it will be removed in the next version.
• Greatly simplify how the library uses weakrefs. This is a significant change
  internally but should not affect any public API. :pr:144
• Expose the namespace used by signal() as default_namespace.
  :pr:145

v1.7.0

Compare Source

Released 2023-11-01

• Fixed messages printed to standard error about unraisable exceptions during
  signal cleanup, typically during interpreter shutdown. :pr:123
• Allow the Signal set_class to be customised, to allow calling of
  receivers in registration order. :pr:116.
• Drop Python 3.7 and support Python 3.12. :pr:126

v1.6.3

Compare Source

Released 2023-09-23

• Fix SyncWrapperType and AsyncWrapperType :pr:108
• Fixed issue where connected_to would not disconnect the receiver if an
  instance of BaseException was raised. :pr:114

v1.6.2

Compare Source

Released 2023-04-12

• Type annotations are not evaluated at runtime. typing-extensions is not a
  runtime dependency. :pr:94

v1.6.1

Compare Source

Released 2023-04-09

• Ensure that py.typed is present in the distributions (to enable other
  projects to use Blinker's typing).
• Require typing-extensions > 4.2 to ensure it includes ParamSpec.
  :issue:90

v1.6

Compare Source

Released 2023-09-23

• Fix SyncWrapperType and AsyncWrapperType :pr:108
• Fixed issue where connected_to would not disconnect the receiver if an
  instance of BaseException was raised. :pr:114

v1.5

Released 2022-07-17

• Support Python >= 3.7 and PyPy. Python 2, Python < 3.7, and Jython
  may continue to work, but the next release will make incompatible
  changes.

codespell-project/codespell (codespell)

v2.4.1

Compare Source

What's Changed

• Revert hep->heap, help, in dictionary_rare.txt from #​3461 by @​jpivarski in #​3624

New Contributors

• @​jpivarski made their first contribution in #​3624

Full Changelog: codespell-project/codespell@v2.4.0...v2.4.1

v2.4.0

Compare Source

What's Changed

• Exclude bots from generated release notes by @​hugovk in #​3432
• Refactor: Move some code to new files for reuse by @​nthykier in #​3434
• Add equipmnet->equipment by @​korverdev in #​3438
• Set better project description by @​mtelka in #​3435
• Additional en-GB → en-US entries by @​DimitriPapadopoulos in #​3058
• Consistent error messages by @​DimitriPapadopoulos in #​3440
• Add 'driven' as 'drivin' variant by @​korverdev in #​3441
• More typos by @​DimitriPapadopoulos in #​3439
• Add reusing misspelling and variants by @​korverdev in [#​3445](https://redirect.github.com/cod

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box