RPM Search

Changelog for python3-PyJWT-2.4.0-150200.3.8.1.noarch.rpm :

* Thu Jul 21 2022 adrian.glaubitzAATTsuse.com- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)- Drop CVE-2022-29217-non-blocked-pubkeys.patch since the issue was fixed upstream in version 2.4.0
* Mon Jun 20 2022 mceplAATTsuse.com- Add CVE-2022-29217-non-blocked-pubkeys.patch fixing CVE-2022-29217 (bsc#1199756), which disallows use of blocked pubkeys (heavily modified from upstream).
* Tue Jun 07 2022 mrueckertAATTsuse.de- Update to 2.4.0 (CVE-2022-29217 boo#1199756) - Security - [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. GHSA-ffqj-6fqr-9h24 - Other changes: - Explicit check the key for ECAlgorithm by AATTestin in https://github.com/jpadilla/pyjwt/pull/713 - Raise DeprecationWarning for jwt.decode(verify=...) by AATTakx in https://github.com/jpadilla/pyjwt/pull/742 - Don\'t use implicit optionals by AATTrekyungmin in https://github.com/jpadilla/pyjwt/pull/705 - documentation fix: show correct scope for decode_complete() by AATTsseering in https://github.com/jpadilla/pyjwt/pull/661 - fix: Update copyright information by AATTkkirsche in https://github.com/jpadilla/pyjwt/pull/729 - Don\'t mutate options dictionary in .decode_complete() by AATTakx in https://github.com/jpadilla/pyjwt/pull/743 - Add support for Python 3.10 by AATThugovk in https://github.com/jpadilla/pyjwt/pull/699 - api_jwk: Add PyJWKSet.__getitem__ by AATTwoodruffw in https://github.com/jpadilla/pyjwt/pull/725 - Update usage.rst by AATTguneybilen in https://github.com/jpadilla/pyjwt/pull/727 - Docs: mention performance reasons for reusing RSAPrivateKey when encoding by AATTdmahr1 in https://github.com/jpadilla/pyjwt/pull/734 - Fixed typo in usage.rst by AATTisraelabraham in https://github.com/jpadilla/pyjwt/pull/738 - Add detached payload support for JWS encoding and decoding by AATTfviard in https://github.com/jpadilla/pyjwt/pull/723 - Replace various string interpolations with f-strings by AATTakx in https://github.com/jpadilla/pyjwt/pull/744
* Wed Nov 03 2021 adrian.glaubitzAATTsuse.com- Update to 2.3.0
* Revert \"Remove arbitrary kwargs.\" (#701)
* Add exception chaining (#702)- from version 2.2.0
* Remove arbitrary kwargs. (#657)
* Use timezone package as Python 3.5+ is required. (#694)
* Assume JWK without the \"use\" claim is valid for signing as per RFC7517 (#668)
* Prefer `headers[\"alg\"]` to `algorithm` in `jwt.encode()`. (#673)
* Fix aud validation to support {\'aud\': null} case. (#670)
* Make `typ` optional in JWT to be compliant with RFC7519. (#644)
* Remove upper bound on cryptography version. (#693)
* Add support for Ed448/EdDSA. (#675)
* Tue May 18 2021 dmuellerAATTsuse.com- update to 2.1.0: - Allow claims validation without making JWT signature validation mandatory. ` - Remove padding from JWK test data. ` - Make `kty` mandatory in JWK to be compliant with RFC7517. ` - Allow JWK without `alg` to be compliant with RFC7517. ` - Allow to verify with private key on ECAlgorithm, as well as on Ed25519Algorithm. ` - Add caching by default to PyJWKClient ` - Add missing exceptions.InvalidKeyError to jwt module __init__ imports ` - Add support for ES256K algorithm ` - Add `from_jwk()` to Ed25519Algorithm ` - Add `to_jwk()` to Ed25519Algorithm ` - Export `PyJWK` and `PyJWKSet`
* Fri Feb 26 2021 adrian.glaubitzAATTsuse.com- Update in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
* Mon Feb 01 2021 dmuellerAATTsuse.com- update to 2.0.1:
* Drop support for Python 2 and Python 3.0-3.5
* Require cryptography >= 3
* Drop support for PyCrypto and ECDSA
* Drop CLI
* Improve typings
* Dropped deprecated errors
* Dropped deprecated ``verify_expiration`` param in ``jwt.decode(...)``
* Dropped deprecated ``verify`` param in ``jwt.decode(...)``
* Require explicit ``algorithms`` in ``jwt.decode(...)`` by default
* Dropped deprecated ``require_
*`` options in ``jwt.decode(...)``
* Introduce better experience for JWKs
* further details see included CHANGELOG.rst- drop 0001-Catch-BadSignatureError-raised-by-ecdsa-0.13.3.patch (obsolete)
* Fri Oct 18 2019 stefan.bruensAATTrwth-aachen.de- Fix build with ecdsa >= 0.13.3, #447
* 0001-Catch-BadSignatureError-raised-by-ecdsa-0.13.3.patch
* Thu Mar 07 2019 tchvatalAATTsuse.com- Fix fdupes and test calls
* Mon Feb 04 2019 hpjAATTurpla.net- update to version 1.7.1:
* Update test dependencies with pinned ranges
* Fix pytest deprecation warnings- update to version v1.7.0:
* Remove CRLF line endings #353
* Update usage.rst #360
* Support for Python 3.7 #375 #379 #384- removed pyjwt-pytest390.patch (fixed upstream)- removed pyjwt-python37.patch (fixed upstream)- removed dos2unix conversion of jwt/__main__.py (fixed upstream)- add test build conditional
* Tue Dec 04 2018 mceplAATTsuse.com- Remove superfluous devel dependency for noarch package
* Tue Nov 27 2018 adrian.glaubitzAATTsuse.com- Add patch to fix testsuite with pytest 3.9.0:
* pyjwt-pytest390.patch
* Wed Nov 14 2018 tchvatalAATTsuse.com- Add patch to build with python 3.7:
* pyjwt-python37.patch
* Sat Jul 07 2018 arunAATTgmx.de- update to version 1.6.4:
* Reverse an unintentional breaking API change to .decode() #352
* Wed May 23 2018 tchvatalAATTsuse.com- Version update to 1.6.3:
* Dropped support for python 2.6 and 3.3 #301
* An invalid signature now raises an InvalidSignatureError instead of DecodeError #316
* Fix over-eager fallback to stdin #304
* Audience parameter throws InvalidAudienceError when application does not specify an audience, but the token does. #336
* All exceptions inherit from PyJWTError #340
* Add type hints #344
* Add help module 7ca41e5- Drop pointless _service file
* Fri Feb 23 2018 tbechtoldAATTsuse.com- Avoid not needed python-pytest-cov and python-pytest-runner BuildRequires. There is no need todo a coverage run during package build.
* Thu Nov 02 2017 arunAATTgmx.de- update to version 1.5.3:
* Changed + Increase required version of the cryptography package to >=1.4.0.
* Fixed + Remove uses of deprecated functions from the cryptography package. + Warn about missing algorithms param to decode() only when verify param is True #281
* Mon Aug 21 2017 tbechtoldAATTsuse.com- update to 1.5.2: - Ensure correct arguments order in decode super call [7c1e61d][7c1e61d] - Change optparse for argparse. [#238][238] - Guard against PKCS1 PEM encododed public keys [#277][277] - Add deprecation warning when decoding without specifying `algorithms` [#277][277] - Improve deprecation messages [#270][270] - PyJWT.decode: move verify param into options [#271][271] - Support for Python 3.6 [#262][262] - Expose jwt.InvalidAlgorithmError [#264][264] - Add support for ECDSA public keys in RFC 4253 (OpenSSH) format [#244][244] - Renamed commandline script `jwt` to `jwt-cli` to avoid issues with the script clobbering the `jwt` module in some circumstances. [#187][187] - Better error messages when using an algorithm that requires the cryptography package, but it isn\'t available [#230][230] - Tokens with future \'iat\' values are no longer rejected [#190][190] - Non-numeric \'iat\' values now raise InvalidIssuedAtError instead of DecodeError - Remove rejection of future \'iat\' claims [#252][252] - Add back \'ES512\' for backward compatibility (for now) [#225][225] - Fix incorrectly named ECDSA algorithm [#219][219] - Fix rpm build [#196][196] - Add JWK support for HMAC and RSA keys [#202][202]
* Fri Apr 28 2017 pousaduarteAATTgmail.com- Restore runtime dependency python-ecdsa
* Wed Apr 26 2017 pousaduarteAATTgmail.com- Convert to singlespec- Remove unneeded dependency python-ecdsa- Use \"download_files\" in _service file to automate source fetching
* Fri Mar 17 2017 rjschweiAATTsuse.com- Drop pycrypto as dependency, we only need cryptography
* Fri Mar 10 2017 alarrosaAATTsuse.com- Use update-alternatives so it can be co-installable with python3-PyJWT- Use dos2unix on jwt/__init__.py- updated source url to files.pythonhosted.org- Run the spec file through spec-cleaner- Drop PyJWT-1.1.0.diff which was only used on rhel (?)
* Thu Sep 15 2016 rjschweiAATTsuse.com- Include in SLES 12 (FATE#321371, bsc#998103)
* Thu Sep 01 2016 tbechtoldAATTsuse.com- Use https for Source url
* Thu Sep 01 2016 tbechtoldAATTsuse.com- update to 1.4.2: - A PEM-formatted key encoded as bytes could cause a `TypeError` to be raised [#213][213] - Newer versions of Pytest could not detect warnings properly [#182][182] - Non-string \'kid\' value now raises `InvalidTokenError` [#174][174] - `jwt.decode(None)` now gracefully fails with `InvalidTokenError` [#183][183]
* Tue Jan 05 2016 bwiedemannAATTsuse.com- BuildRequire python-pytest-cov >= 1.7
* Thu Nov 05 2015 toddrme2178AATTgmail.com- Update to 1.4.0 + Fixed
* Exclude Python cache files from PyPI releases. + Added
* Added new options to require certain claims (require_nbf, require_iat, require_exp) and raise `MissingRequiredClaimError` if they are not present.
* If `audience=` or `issuer=` is specified but the claim is not present, `MissingRequiredClaimError` is now raised instead of `InvalidAudienceError` and `InvalidIssuerError`- Update to 1.3.0 + Fixed
* ECDSA (ES256, ES384, ES512) signatures are now being properly serialized [#158][158]
* RSA-PSS (PS256, PS384, PS512) signatures now use the proper salt length for PSS padding. [#163][163] + Added
* Added a new `jwt.get_unverified_header()` to parse and return the header portion of a token prior to signature verification. + Removed
* Python 3.2 is no longer a supported platform. This version of Python is rarely used. Users affected by this should upgrade to 3.3+.- Update to 1.2.0 + Fixed
* Added back `verify_expiration=` argument to `jwt.decode()` that was erroneously removed in [v1.1.0][1.1.0]. + Changed
* Refactored JWS-specific logic out of PyJWT and into PyJWS superclass. [#141][141] + Deprecated
* `verify_expiration=` argument to `jwt.decode()` is now deprecated and will be removed in a future version. Use the `option=` argument instead.- Rebase PyJWT-1.1.0.diff
* Mon Aug 10 2015 seife+obsAATTb1-systems.com- apply PyJWT-1.1.0.diff only on RHEL/CentOS
* Thu Jul 09 2015 seife+obsAATTb1-systems.com- fix build on RHEL7, add PyJWT-1.1.0.diff
* Wed Apr 22 2015 mciharAATTsuse.cz- Include pycrypto and ecdsa in BuildRequires for complete test coverage- Use setup.py test to execute testsuite
* Wed Apr 22 2015 mciharAATTsuse.cz- Simplify dependencies (only python-cryptography is needed, pycrypto and ecdsa are just fallbacks whet is is not)
* Mon Apr 20 2015 mciharAATTsuse.cz- Enable testsuite during build
* Mon Apr 20 2015 mciharAATTsuse.cz- Update to 1.1.0
* Thu Nov 06 2014 mciharAATTsuse.cz- Update to 0.3.0