Releases: jpadilla/pyjwt
Releases · jpadilla/pyjwt
2.10.1
Fixed
- Prevent partial matching of
issclaim. Thanks @fabianbadoi! (See: GHSA-75c5-xw7c-p5pm)
Full Changelog: 2.10.0...2.10.1
Contributors
fabianbadoi
Assets 2
0
Join discussion
2.10.0
What's Changed
- chore: use sequence for typing rather than list by @imnotjames in #970
- Add support for Python 3.13 by @hugovk in #972
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #971
- Add an RTD config file to resolve RTD build failures by @kurtmckee in #977
- docs: Update
iatexception docs by @pachewise in #974 - Remove algorithm requirement for JWT API by @luhn in #975
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #978
- Create SECURITY.md by @auvipy in #973
- docs fix: decode_complete scope and algorithms by @RbnRncn in #982
- fix doctest for docs/usage.rst by @pachewise in #986
- fix test_utils.py not to xfail by @pachewise in #987
- Correct jwt.decode audience param doc expression by @peter279k in #994
- Add PS256 encoding and decoding usage by @peter279k in #992
- Add API docs for PyJWK by @luhn in #980
- Refactor project configuration files from setup.cfg to pyproject.toml PEP-518 by @cleder in #995
- Add JWK support to JWT encode by @luhn in #979
- Update pre-commit hooks to lint pyproject.toml by @cleder in #1002
- Add EdDSA algorithm encoding/decoding usage by @peter279k in #993
- Ruff linter and formatter changes by @gagandeepp in #1001
- Validate
subandjticlaims for the token by @Divan009 in #1005 - Add ES256 usage by @Gautam-Hegde in #1003
- Encode EC keys with a fixed bit length by @way-dave in #990
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1000
- Drop support for Python 3.8 by @kkirsche in #1007
- Prepare 2.10.0 release by @benvdh in #1011
- Bump codecov/codecov-action from 4 to 5 by @dependabot in #1014
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1006
New Contributors
- @imnotjames made their first contribution in #970
- @kurtmckee made their first contribution in #977
- @pachewise made their first contribution in #974
- @RbnRncn made their first contribution in #982
- @peter279k made their first contribution in #994
- @cleder made their first contribution in #995
- @gagandeepp made their first contribution in #1001
- @Divan009 made their first contribution in #1005
- @Gautam-Hegde made their first contribution in #1003
- @way-dave made their first contribution in #990
Full Changelog: 2.9.0...2.10.0
2.9.0
What's Changed
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #905
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #909
- Add support for Python 3.12 by @hugovk in #910
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #911
- Fix an unnecessary str concat by @sirosen in #904
- Update jwt-api to accept either a string or list of strings for issuer validation by @mattpollak in #913
- Bump actions/checkout from 3 to 4 by @dependabot in #916
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #917
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #922
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #926
- Bump actions/setup-python from 4 to 5 by @dependabot in #931
- Bump hynek/build-and-inspect-python-package from 1 to 2 by @dependabot in #935
- docs/api: document strict_aud on decode_complete by @woodruffw in #923
- chore: fix docs step by @jpadilla in #950
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #953
- Add coverage and improve performance of is_ssh_key by @bdraco in #940
- Decode with PyJWK by @luhn in #886
- Remove an unused variable from an example code block by @kenkoooo in #958
- Handle load_pem_public_key ValueError by @CollinEMac in #952
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #960
- Raise exception when required cryptography dependency is missing by @tobloef in #963
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #965
- Add 2.9.0 changelog. Fixes #949 by @benvdh in #967
New Contributors
- @mattpollak made their first contribution in #913
- @bdraco made their first contribution in #940
- @luhn made their first contribution in #886
- @kenkoooo made their first contribution in #958
- @CollinEMac made their first contribution in #952
- @tobloef made their first contribution in #963
- @benvdh made their first contribution in #967
Full Changelog: 2.8.0...2.9.0
2.8.0
What's Changed
- Export PyJWKClientConnectionError class by @daviddavis in #887
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #889
- Patch 1 by @juur in #891
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #896
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #898
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #900
- Update python version by @auvipy in #895
- api_jwt: add a
strict_audoption by @woodruffw in #902
New Contributors
Full Changelog: 2.7.0...2.8.0
2.7.0
What's Changed
- Add classifier for Python 3.11 by @eseifert in #818
- Add
Algorithm.compute_hash_digestand use it to implement at_hash validation example by @sirosen in #775 - fix: use datetime.datetime.timestamp function to have a milliseconds by @daillouf in #821
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #825
- Custom header configuration in jwk client by @thundercat1 in #823
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #828
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #833
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #835
- Add PyJWT._{de,en}code_payload hooks by @akx in #829
- Add
sort_headersparameter toapi_jwt.encodeby @evroon in #832 - Make mypy configuration stricter and improve typing by @akx in #830
- Bump actions/stale from 6 to 7 by @dependabot in #840
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #838
- Add more types by @Viicos in #843
- Differentiate between two errors by @irdkwmnsb in #809
- Fix
_validate_iatvalidation by @Viicos in #847 - Improve error messages when cryptography isn't installed by @Viicos in #846
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #852
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #855
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #859
- Make
Algorithman abstract base class by @Viicos in #845 - docs: correct mistake in the changelog about verify param by @gbillig in #866
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #868
- Bump actions/stale from 7 to 8 by @dependabot in #872
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #874
- Add a timeout for PyJWKClient requests by @daviddavis in #875
- Add client connection error exception by @daviddavis in #876
- Add complete types to take all allowed keys into account by @Viicos in #873
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #878
- Build and upload PyPI package by @jpadilla in #884
- Fix for issue #862 - ignore invalid keys in a jwks. by @timw6n in #863
- Add
as_dictoption toAlgorithm.to_jwkby @fluxth in #881
New Contributors
- @eseifert made their first contribution in #818
- @daillouf made their first contribution in #821
- @thundercat1 made their first contribution in #823
- @evroon made their first contribution in #832
- @Viicos made their first contribution in #843
- @irdkwmnsb made their first contribution in #809
- @gbillig made their first contribution in #866
- @daviddavis made their first contribution in #875
- @timw6n made their first contribution in #863
- @fluxth made their first contribution in #881
Full Changelog: 2.6.0...2.7.0
Contributors
akx, jpadilla, and 13 other contributors
Assets 2
2.6.0
What's Changed
- fix: version 2.5.0 heading typo by @c0state in #803
- Remove
types-cryptographyfromcryptoextra by @lautat in #805 - bump up cryptography >= 3.4.0 by @jpadilla in #807
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #798
- Bump actions/stale from 5 to 6 by @dependabot in #808
- Invalidate exp when exp == now() by @wcedmisten-reify in #797
- Handling 'ImmatureSignatureError' for issued_at time by @sriharan16 in #794
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #810
- Bump version to 2.6.0 by @jpadilla in #813
New Contributors
- @c0state made their first contribution in #803
- @lautat made their first contribution in #805
- @wcedmisten-reify made their first contribution in #797
- @sriharan16 made their first contribution in #794
Full Changelog: 2.5.0...2.6.0
2.5.0
What's Changed
- Bump actions/checkout from 2 to 3 by @dependabot in #758
- Bump codecov/codecov-action from 1 to 3 by @dependabot in #757
- Bump actions/setup-python from 2 to 3 by @dependabot in #756
- adding support for compressed payloads by @danieltmiles in #753
- Revert "adding support for compressed payloads" by @auvipy in #761
- Add to_jwk static method to ECAlgorithm by @leonsmith in #732
- Remove redundant wheel dep from pyproject.toml by @mgorny in #765
- Adjust expected exceptions in option merging tests for PyPy3 by @mgorny in #763
- Do not fail when an unusable key occurs by @DaGuich in #762
- Fixes for pyright on strict mode by @brandon-leapyear in #747
- Bump actions/setup-python from 3 to 4 by @dependabot in #769
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #770
- docs: fix simple typo, iinstance -> isinstance by @timgates42 in #774
- Expose get_algorithm_by_name as new method by @sirosen in #773
- Remove support for python3.6 by @sirosen in #777
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #778
- Emit a deprecation warning for unsupported kwargs by @sirosen in #776
- Fix typo: priot -> prior by @jdufresne in #780
- Fix for headers disorder issue by @kadabusha in #721
- Update audience typing by @JulianMaurin in #782
- Improve PyJWKSet error accuracy by @JulianMaurin in #786
- Add type hints to jwt/help.py and add missing types dependency by @kkirsche in #784
- Add cacheing functionality for JWK set by @wuhaoyujerry in #781
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #788
- Mypy as pre-commit check + api_jws typing by @JulianMaurin in #787
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #791
- Bump version to 2.5.0 by @jpadilla in #801
New Contributors
- @dependabot made their first contribution in #758
- @danieltmiles made their first contribution in #753
- @leonsmith made their first contribution in #732
- @mgorny made their first contribution in #765
- @DaGuich made their first contribution in #762
- @brandon-leapyear made their first contribution in #747
- @sirosen made their first contribution in #773
- @kadabusha made their first contribution in #721
- @JulianMaurin made their first contribution in #782
- @wuhaoyujerry made their first contribution in #781
Full Changelog: 2.4.0...2.5.0
Contributors
jpadilla, mgorny, and 14 other contributors
Assets 2
2.4.0
Security
- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. GHSA-ffqj-6fqr-9h24
What's Changed
- Add support for Python 3.10 by @hugovk in #699
- Don't use implicit optionals by @rekyungmin in #705
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #708
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #710
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #711
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #712
- documentation fix: show correct scope for decode_complete() by @sseering in #661
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #716
- Explicit check the key for ECAlgorithm by @estin in #713
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #720
- api_jwk: Add PyJWKSet.getitem by @woodruffw in #725
- Update usage.rst by @guneybilen in #727
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #728
- fix: Update copyright information by @kkirsche in #729
- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in #734
- Fixed typo in usage.rst by @israelabraham in #738
- Add detached payload support for JWS encoding and decoding by @fviard in #723
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #740
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in #742
- Don't mutate options dictionary in .decode_complete() by @akx in #743
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #748
- Replace various string interpolations with f-strings by @akx in #744
- Update CHANGELOG.rst by @hipertracker in #751
New Contributors
- @hugovk made their first contribution in #699
- @rekyungmin made their first contribution in #705
- @sseering made their first contribution in #661
- @estin made their first contribution in #713
- @woodruffw made their first contribution in #725
- @guneybilen made their first contribution in #727
- @dmahr1 made their first contribution in #734
- @israelabraham made their first contribution in #738
- @fviard made their first contribution in #723
- @akx made their first contribution in #742
- @hipertracker made their first contribution in #751
Full Changelog: 2.3.0...2.4.0
Contributors
hipertracker, akx, and 11 other contributors
Assets 2
2.3.0
What's Changed
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #700
- Add exception chaining by @ehdgua01 in #702
- Revert "Remove arbitrary kwargs." by @auvipy in #701
- Bump up version to v2.3.0 by @jpadilla in #703
New Contributors
Full Changelog: 2.2.0...2.3.0
Contributors
jpadilla, auvipy, and 2 other contributors
Assets 2
2.2.0
What's Changed
- Complete
jwtdocumentation by @johachi in #654 - Ignore coverage files generated during test runs by @makusu2 in #617
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #656
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #658
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #667
- Fix aud validation to support {'aud': null} case. by @dajiaji in #670
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #678
- Prefer headers['alg'] to algorithm parameter in encode(). by @dajiaji in #673
- DOC: Clarify RSA encoding and decoding depend on the cryptography package by @TPXP in #664
- Make typ optional by @dajiaji in #644
- Remove arbitrary kwargs. by @dajiaji in #657
- Assume JWK is valid for signing if "use" is omitted by @Klavionik in #668
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #684
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #686
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #689
- Remove upper bound on cryptography version by @riconnon in #693
- Add support for Ed448/EdDSA. by @dajiaji in #675
- Chore: inline Variables that immediately Returned by @yezz123 in #690
- Use timezone package as Python 3.5+ is required by @kkirsche in #694
- Bump up version to v2.2.0 by @jpadilla in #697
New Contributors
- @TPXP made their first contribution in #664
- @Klavionik made their first contribution in #668
- @riconnon made their first contribution in #693
- @yezz123 made their first contribution in #690
- @kkirsche made their first contribution in #694
Full Changelog: 2.1.0...2.2.0
Contributors
jpadilla, kkirsche, and 8 other contributors