./textproc/py-JWT, JSON Web Token implementation in Python

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.9.0, Package name: py311-JWT-2.9.0, Maintainer: pkgsrc-users

A Python implementation of JSON Web Token draft 32.


Required to run:
[security/py-cryptography] [lang/python310]

Master sites:

Filesize: 76.978 KB

Version history: (Expand)

CVS history: (Expand)


   2023-07-19 10:35:33 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-JWT: updated to 2.8.0

v2.8.0

Changed
- Update python version test matrix

Added
- Add ``strict_aud`` as an option to ``jwt.decode``
- Export PyJWKClientConnectionError class
- Allows passing of ssl.SSLContext to PyJWKClient
   2023-05-10 11:55:38 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-JWT: updated to 2.7.0

v2.7.0

Changed
- Changed the error message when the token audience doesn't match the expected \ 
audience
- Improve error messages when cryptography isn't installed
- Make `Algorithm` an abstract base class
- ignore invalid keys in a jwks

Fixed
- Add classifier for Python 3.11
- Fix ``_validate_iat`` validation
- fix: use datetime.datetime.timestamp function to have a milliseconds
- docs: correct mistake in the changelog about verify param

Added
- Add ``compute_hash_digest`` as a method of ``Algorithm`` objects, which uses
  the underlying hash algorithm to compute a digest. If there is no appropriate
  hash algorithm, a ``NotImplementedError`` will be raised
- Add optional ``headers`` argument to ``PyJWKClient``. If provided, the headers
  will be included in requests that the client uses when fetching the JWK set
- Add PyJWT._{de,en}code_payload hooks
- Add `sort_headers` parameter to `api_jwt.encode`
- Make mypy configuration stricter and improve typing
- Add more types
- Add a timeout for PyJWKClient requests
- Add client connection error exception
- Add complete types to take all allowed keys into account
- Add `as_dict` option to `Algorithm.to_jwk`
   2022-10-25 09:25:13 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-JWT: updated to 2.6.0

v2.6.0

Changed
~~~~~~~
- bump up cryptography >= 3.4.0
- Remove `types-cryptography` from `crypto` extra

Fixed
~~~~~
- Invalidate token on the exact second the token expires
- fix: version 2.5.0 heading typo

Added
~~~~~
- Adding validation for `issued_at` when `iat > (now + leeway)` as \ 
`ImmatureSignatureError`
   2022-10-19 15:56:34 by Nia Alarie | Files touched by this commit (26) 
Log message:
fighting a losing battle against py-cryptography rustification, part 2

Switch users to versioned_dependencies.mk.
   2022-09-19 09:55:23 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-JWT: updated to 2.5.0

v2.5.0

Changed

Skip keys with incompatible alg when loading JWKSet
Remove support for python3.6
Emit a deprecation warning for unsupported kwargs
Remove redundant wheel dep from pyproject.toml
Do not fail when an unusable key occurs
Update audience typing
Improve PyJWKSet error accuracy
Mypy as pre-commit check + api_jws typing

Fixed

Adjust expected exceptions in option merging tests for PyPy3
Fixes for pyright on strict mode
docs: fix simple typo, iinstance -> isinstance
Fix typo: priot -> prior
Fix for headers disorder issue

Added

Add to_jwk static method to ECAlgorithm
Expose get_algorithm_by_name as new method
Add type hints to jwt/help.py and add missing types dependency
Add cacheing functionality for JWK set
   2022-05-25 14:20:55 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-JWT: updated to 2.4.0

v2.4.0

Security
- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key \ 
formats. \ 
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24

Changed
- Explicit check the key for ECAlgorithm by @estin in \ 
https://github.com/jpadilla/pyjwt/pull/713
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in \ 
https://github.com/jpadilla/pyjwt/pull/742

Fixed
- Don't use implicit optionals by @rekyungmin in \ 
https://github.com/jpadilla/pyjwt/pull/705
- documentation fix: show correct scope for decode_complete() by @sseering in \ 
https://github.com/jpadilla/pyjwt/pull/661
- fix: Update copyright information by @kkirsche in \ 
https://github.com/jpadilla/pyjwt/pull/729
- Don't mutate options dictionary in .decode_complete() by @akx in \ 
https://github.com/jpadilla/pyjwt/pull/743

Added
- Add support for Python 3.10 by @hugovk in \ 
https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in \ 
https://github.com/jpadilla/pyjwt/pull/725
- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727
- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by \ 
@dmahr1 in https://github.com/jpadilla/pyjwt/pull/734
- Fixed typo in usage.rst by @israelabraham in \ 
https://github.com/jpadilla/pyjwt/pull/738
- Add detached payload support for JWS encoding and decoding by @fviard in \ 
https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx in \ 
https://github.com/jpadilla/pyjwt/pull/744
- Update CHANGELOG.rst
   2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595) 
Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS
   2021-10-26 13:23:42 by Nia Alarie | Files touched by this commit (1161) 
Log message:
textproc: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./textproc/convertlit/distinfo clit18src.zip