| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: python3-PyJWT | Distribution: SUSE Linux Enterprise 15 |
| Version: 2.4.0 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150200.3.8.1 | Build date: Fri Feb 2 13:20:25 2024 |
| Group: Development/Languages/Python | Build host: h01-ch3d |
| Size: 174741 | Source RPM: python-PyJWT-2.4.0-150200.3.8.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://github.com/progrium/pyjwt | |
| Summary: JSON Web Token implementation in Python | |
A Python implementation of JSON Web Token draft 01.
MIT
* Thu Jul 21 2022 adrian.glaubitz@suse.com
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Drop CVE-2022-29217-non-blocked-pubkeys.patch since the issue
was fixed upstream in version 2.4.0
* Mon Jun 20 2022 mcepl@suse.com
- Add CVE-2022-29217-non-blocked-pubkeys.patch fixing
CVE-2022-29217 (bsc#1199756), which disallows use of blocked
pubkeys (heavily modified from upstream).
* Tue Jun 07 2022 mrueckert@suse.de
- Update to 2.4.0 (CVE-2022-29217 boo#1199756)
- Security
- [CVE-2022-29217] Prevent key confusion through
non-blocklisted public key formats. GHSA-ffqj-6fqr-9h24
- Other changes:
- Explicit check the key for ECAlgorithm by @estin in
https://github.com/jpadilla/pyjwt/pull/713
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx
in https://github.com/jpadilla/pyjwt/pull/742
- Don't use implicit optionals by @rekyungmin in
https://github.com/jpadilla/pyjwt/pull/705
- documentation fix: show correct scope for decode_complete()
by @sseering in https://github.com/jpadilla/pyjwt/pull/661
- fix: Update copyright information by @kkirsche in
https://github.com/jpadilla/pyjwt/pull/729
- Don't mutate options dictionary in .decode_complete() by @akx
in https://github.com/jpadilla/pyjwt/pull/743
- Add support for Python 3.10 by @hugovk in
https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in
https://github.com/jpadilla/pyjwt/pull/725
- Update usage.rst by @guneybilen in
https://github.com/jpadilla/pyjwt/pull/727
- Docs: mention performance reasons for reusing RSAPrivateKey
when encoding by @dmahr1 in
https://github.com/jpadilla/pyjwt/pull/734
- Fixed typo in usage.rst by @israelabraham in
https://github.com/jpadilla/pyjwt/pull/738
- Add detached payload support for JWS encoding and decoding by
@fviard in https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx
in https://github.com/jpadilla/pyjwt/pull/744
* Wed Nov 03 2021 adrian.glaubitz@suse.com
- Update to 2.3.0
* Revert "Remove arbitrary kwargs." (#701)
* Add exception chaining (#702)
- from version 2.2.0
* Remove arbitrary kwargs. (#657)
* Use timezone package as Python 3.5+ is required. (#694)
* Assume JWK without the "use" claim is valid for signing
as per RFC7517 (#668)
* Prefer `headers["alg"]` to `algorithm` in `jwt.encode()`. (#673)
* Fix aud validation to support {'aud': null} case. (#670)
* Make `typ` optional in JWT to be compliant with RFC7519. (#644)
* Remove upper bound on cryptography version. (#693)
* Add support for Ed448/EdDSA. (#675)
* Tue May 18 2021 dmueller@suse.com
- update to 2.1.0:
- Allow claims validation without making JWT signature validation mandatory. `
- Remove padding from JWK test data. `
- Make `kty` mandatory in JWK to be compliant with RFC7517. `
- Allow JWK without `alg` to be compliant with RFC7517. `
- Allow to verify with private key on ECAlgorithm, as well as on Ed25519Algorithm. `
- Add caching by default to PyJWKClient `
- Add missing exceptions.InvalidKeyError to jwt module __init__ imports `
- Add support for ES256K algorithm `
- Add `from_jwk()` to Ed25519Algorithm `
- Add `to_jwk()` to Ed25519Algorithm `
- Export `PyJWK` and `PyJWKSet`
* Fri Feb 26 2021 adrian.glaubitz@suse.com
- Update in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
* Mon Feb 01 2021 dmueller@suse.com
- update to 2.0.1:
* Drop support for Python 2 and Python 3.0-3.5
* Require cryptography >= 3
* Drop support for PyCrypto and ECDSA
* Drop CLI
* Improve typings
* Dropped deprecated errors
* Dropped deprecated ``verify_expiration`` param in ``jwt.decode(...)``
* Dropped deprecated ``verify`` param in ``jwt.decode(...)``
* Require explicit ``algorithms`` in ``jwt.decode(...)`` by default
* Dropped deprecated ``require_*`` options in ``jwt.decode(...)``
* Introduce better experience for JWKs
* further details see included CHANGELOG.rst
- drop 0001-Catch-BadSignatureError-raised-by-ecdsa-0.13.3.patch (obsolete)
* Fri Oct 18 2019 stefan.bruens@rwth-aachen.de
- Fix build with ecdsa >= 0.13.3, #447
* 0001-Catch-BadSignatureError-raised-by-ecdsa-0.13.3.patch
* Thu Mar 07 2019 tchvatal@suse.com
- Fix fdupes and test calls
* Mon Feb 04 2019 hpj@urpla.net
- update to version 1.7.1:
* Update test dependencies with pinned ranges
* Fix pytest deprecation warnings
- update to version v1.7.0:
* Remove CRLF line endings #353
* Update usage.rst #360
* Support for Python 3.7 #375 #379 #384
- removed pyjwt-pytest390.patch (fixed upstream)
- removed pyjwt-python37.patch (fixed upstream)
- removed dos2unix conversion of jwt/__main__.py (fixed upstream)
- add test build conditional
* Tue Dec 04 2018 mcepl@suse.com
- Remove superfluous devel dependency for noarch package
* Tue Nov 27 2018 adrian.glaubitz@suse.com
- Add patch to fix testsuite with pytest 3.9.0:
* pyjwt-pytest390.patch
* Wed Nov 14 2018 tchvatal@suse.com
- Add patch to build with python 3.7:
* pyjwt-python37.patch
* Sat Jul 07 2018 arun@gmx.de
- update to version 1.6.4:
* Reverse an unintentional breaking API change to .decode() #352
* Wed May 23 2018 tchvatal@suse.com
- Version update to 1.6.3:
* Dropped support for python 2.6 and 3.3 #301
* An invalid signature now raises an InvalidSignatureError instead of DecodeError #316
* Fix over-eager fallback to stdin #304
* Audience parameter throws InvalidAudienceError when application does not specify an audience, but the token does. #336
* All exceptions inherit from PyJWTError #340
* Add type hints #344
* Add help module 7ca41e5
- Drop pointless _service file
* Fri Feb 23 2018 tbechtold@suse.com
- Avoid not needed python-pytest-cov and python-pytest-runner
BuildRequires. There is no need todo a coverage run during
package build.
* Thu Nov 02 2017 arun@gmx.de
- update to version 1.5.3:
* Changed
+ Increase required version of the cryptography package to
>=1.4.0.
* Fixed
+ Remove uses of deprecated functions from the cryptography
package.
+ Warn about missing algorithms param to decode() only when verify
param is True #281
* Mon Aug 21 2017 tbechtold@suse.com
- update to 1.5.2:
- Ensure correct arguments order in decode super call [7c1e61d][7c1e61d]
- Change optparse for argparse. [#238][238]
- Guard against PKCS1 PEM encododed public keys [#277][277]
- Add deprecation warning when decoding without specifying `algorithms` [#277][277]
- Improve deprecation messages [#270][270]
- PyJWT.decode: move verify param into options [#271][271]
- Support for Python 3.6 [#262][262]
- Expose jwt.InvalidAlgorithmError [#264][264]
- Add support for ECDSA public keys in RFC 4253 (OpenSSH) format [#244][244]
- Renamed commandline script `jwt` to `jwt-cli` to avoid issues with the script clobbering the `jwt` module in some circumstances. [#187][187]
- Better error messages when using an algorithm that requires the cryptography package, but it isn't available [#230][230]
- Tokens with future 'iat' values are no longer rejected [#190][190]
- Non-numeric 'iat' values now raise InvalidIssuedAtError instead of DecodeError
- Remove rejection of future 'iat' claims [#252][252]
- Add back 'ES512' for backward compatibility (for now) [#225][225]
- Fix incorrectly named ECDSA algorithm [#219][219]
- Fix rpm build [#196][196]
- Add JWK support for HMAC and RSA keys [#202][202]
* Fri Apr 28 2017 pousaduarte@gmail.com
- Restore runtime dependency python-ecdsa
* Wed Apr 26 2017 pousaduarte@gmail.com
- Convert to singlespec
- Remove unneeded dependency python-ecdsa
- Use "download_files" in _service file to automate source fetching
* Fri Mar 17 2017 rjschwei@suse.com
- Drop pycrypto as dependency, we only need cryptography
* Fri Mar 10 2017 alarrosa@suse.com
- Use update-alternatives so it can be co-installable with python3-PyJWT
- Use dos2unix on jwt/__init__.py
- updated source url to files.pythonhosted.org
- Run the spec file through spec-cleaner
- Drop PyJWT-1.1.0.diff which was only used on rhel (?)
* Thu Sep 15 2016 rjschwei@suse.com
- Include in SLES 12 (FATE#321371, bsc#998103)
* Thu Sep 01 2016 tbechtold@suse.com
- Use https for Source url
* Thu Sep 01 2016 tbechtold@suse.com
- update to 1.4.2:
- A PEM-formatted key encoded as bytes could cause a `TypeError` to be raised [#213][213]
- Newer versions of Pytest could not detect warnings properly [#182][182]
- Non-string 'kid' value now raises `InvalidTokenError` [#174][174]
- `jwt.decode(None)` now gracefully fails with `InvalidTokenError` [#183][183]
* Tue Jan 05 2016 bwiedemann@suse.com
- BuildRequire python-pytest-cov >= 1.7
* Thu Nov 05 2015 toddrme2178@gmail.com
- Update to 1.4.0
+ Fixed
* Exclude Python cache files from PyPI releases.
+ Added
* Added new options to require certain claims
(require_nbf, require_iat, require_exp) and raise `MissingRequiredClaimError`
if they are not present.
* If `audience=` or `issuer=` is specified but the claim is not present,
`MissingRequiredClaimError` is now raised instead of `InvalidAudienceError`
and `InvalidIssuerError`
- Update to 1.3.0
+ Fixed
* ECDSA (ES256, ES384, ES512) signatures are now being properly serialized [#158][158]
* RSA-PSS (PS256, PS384, PS512) signatures now use the proper salt length for PSS padding. [#163][163]
+ Added
* Added a new `jwt.get_unverified_header()` to parse and return the header portion of a token prior to signature verification.
+ Removed
* Python 3.2 is no longer a supported platform. This version of Python is
rarely used. Users affected by this should upgrade to 3.3+.
- Update to 1.2.0
+ Fixed
* Added back `verify_expiration=` argument to `jwt.decode()` that was erroneously removed in [v1.1.0][1.1.0].
+ Changed
* Refactored JWS-specific logic out of PyJWT and into PyJWS superclass. [#141][141]
+ Deprecated
* `verify_expiration=` argument to `jwt.decode()` is now deprecated and will be removed in a future version. Use the `option=` argument instead.
- Rebase PyJWT-1.1.0.diff
* Mon Aug 10 2015 seife+obs@b1-systems.com
- apply PyJWT-1.1.0.diff only on RHEL/CentOS
* Thu Jul 09 2015 seife+obs@b1-systems.com
- fix build on RHEL7, add PyJWT-1.1.0.diff
* Wed Apr 22 2015 mcihar@suse.cz
- Include pycrypto and ecdsa in BuildRequires for complete test coverage
- Use setup.py test to execute testsuite
* Wed Apr 22 2015 mcihar@suse.cz
- Simplify dependencies (only python-cryptography is needed, pycrypto and ecdsa
are just fallbacks whet is is not)
* Mon Apr 20 2015 mcihar@suse.cz
- Enable testsuite during build
* Mon Apr 20 2015 mcihar@suse.cz
- Update to 1.1.0
* Thu Nov 06 2014 mcihar@suse.cz
- Update to 0.3.0
/usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info /usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info/PKG-INFO /usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info/SOURCES.txt /usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info/dependency_links.txt /usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info/not-zip-safe /usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info/requires.txt /usr/lib/python3.6/site-packages/PyJWT-2.4.0-py3.6.egg-info/top_level.txt /usr/lib/python3.6/site-packages/jwt /usr/lib/python3.6/site-packages/jwt/__init__.py /usr/lib/python3.6/site-packages/jwt/__pycache__ /usr/lib/python3.6/site-packages/jwt/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/algorithms.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/algorithms.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/api_jwk.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/api_jwk.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/api_jws.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/api_jws.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/api_jwt.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/api_jwt.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/exceptions.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/exceptions.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/help.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/help.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/jwks_client.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/jwks_client.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/utils.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/jwt/__pycache__/utils.cpython-36.pyc /usr/lib/python3.6/site-packages/jwt/algorithms.py /usr/lib/python3.6/site-packages/jwt/api_jwk.py /usr/lib/python3.6/site-packages/jwt/api_jws.py /usr/lib/python3.6/site-packages/jwt/api_jwt.py /usr/lib/python3.6/site-packages/jwt/exceptions.py /usr/lib/python3.6/site-packages/jwt/help.py /usr/lib/python3.6/site-packages/jwt/jwks_client.py /usr/lib/python3.6/site-packages/jwt/py.typed /usr/lib/python3.6/site-packages/jwt/utils.py /usr/share/doc/packages/python3-PyJWT /usr/share/doc/packages/python3-PyJWT/AUTHORS.rst /usr/share/doc/packages/python3-PyJWT/CHANGELOG.rst /usr/share/doc/packages/python3-PyJWT/README.rst /usr/share/licenses/python3-PyJWT /usr/share/licenses/python3-PyJWT/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri May 3 23:33:27 2024