Bump jwt from 2.9.3 to 2.10.1 #1600

2025-01-06T15:06:56+08:00

dependabot[bot] commented

2025-01-06 15:06:56 +08:00

(Migrated from github.com)

Bumps jwt from 2.9.3 to 2.10.1.

Changelog

v2.10.1 (2024-12-26)

Full Changelog

Fixes and enhancements:

Make version constants public again #646 (@anakinj)

v2.10.0 (2024-12-25)

Full Changelog

Features:

JWT::Token and JWT::EncodedToken for signing and verifying tokens #621 (@anakinj)

Detached payload support for JWT::Token and JWT::EncodedToken #630 (@anakinj)

Skip decoding payload if b64 header is present and false #631 (@anakinj)

Remove a few custom Rubocop configs #638 (@anakinj)

Fixes and enhancements:

Deprecation warnings for deprecated methods and classes #629 (@anakinj)

Improved documentation for public apis #629 (@anakinj)

Use correct methods when raising error during signing/verification with EdDSA #633

Fix JWT::EncodedToken behavior with empty string as token #640 (@ragalie)

Deprecation warnings for rbnacl backed functionality #641 (@anakinj)

Commits

6e59d26 Make version constants public
a490892 Start the 3.0 iteration
d09d63b Prepare 2.10.0
3f38be0 Generate CNAME entry
2f15937 Fix markdown generation
7d0f617 Deprecation warnings for Rbnacl backed functionality
b006395 Handle empty string as token value
cc0a876 Fix badge url
98e1d30 Documentation for modules and classes
7ea4a36 Reduce rubocop custom rules
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.9.3 to 2.10.1. <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md">jwt's changelog</a>. <blockquote> <h2><a href="https://github.com/jwt/ruby-jwt/tree/v2.10.1">v2.10.1</a> (2024-12-26)</h2> <a href="https://github.com/jwt/ruby-jwt/compare/v2.10.0...v2.10.1">Full Changelog</a> Fixes and enhancements: <ul> <li>Make version constants public again <a href="https://redirect.github.com/jwt/ruby-jwt/pull/646">#646</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> </ul> <h2><a href="https://github.com/jwt/ruby-jwt/tree/v2.10.0">v2.10.0</a> (2024-12-25)</h2> <a href="https://github.com/jwt/ruby-jwt/compare/v2.9.3...v2.10.0">Full Changelog</a> Features: <ul> <li>JWT::Token and JWT::EncodedToken for signing and verifying tokens <a href="https://redirect.github.com/jwt/ruby-jwt/pull/621">#621</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> <li>Detached payload support for JWT::Token and JWT::EncodedToken <a href="https://redirect.github.com/jwt/ruby-jwt/pull/630">#630</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> <li>Skip decoding payload if b64 header is present and false <a href="https://redirect.github.com/jwt/ruby-jwt/pull/631">#631</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> <li>Remove a few custom Rubocop configs <a href="https://redirect.github.com/jwt/ruby-jwt/pull/638">#638</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> </ul> Fixes and enhancements: <ul> <li>Deprecation warnings for deprecated methods and classes <a href="https://redirect.github.com/jwt/ruby-jwt/pull/629">#629</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> <li>Improved documentation for public apis <a href="https://redirect.github.com/jwt/ruby-jwt/pull/629">#629</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> <li>Use correct methods when raising error during signing/verification with EdDSA <a href="https://redirect.github.com/jwt/ruby-jwt/pull/633">#633</a></li> <li>Fix JWT::EncodedToken behavior with empty string as token <a href="https://redirect.github.com/jwt/ruby-jwt/pull/640">#640</a> (<a href="https://github.com/ragalie"><code>@ragalie</code></a>)</li> <li>Deprecation warnings for rbnacl backed functionality <a href="https://redirect.github.com/jwt/ruby-jwt/pull/641">#641</a> (<a href="https://github.com/anakinj"><code>@anakinj</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jwt/ruby-jwt/commit/6e59d2620fd098e307fd671a3283be29fb95cdc3"><code>6e59d26</code></a> Make version constants public</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/a490892dc8016d2ddde9c852fbc9a762dd34ea40"><code>a490892</code></a> Start the 3.0 iteration</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/d09d63b2b195822736df2ba2c19de896f7791e55"><code>d09d63b</code></a> Prepare 2.10.0</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/3f38be053e71bad5f4eae27b3a34d151798ac4ec"><code>3f38be0</code></a> Generate CNAME entry</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/2f1593721c26b3233dbcd2dd54f5db0c436d4434"><code>2f15937</code></a> Fix markdown generation</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/7d0f617c5636c82a0446e624b7b99d6b3524ab50"><code>7d0f617</code></a> Deprecation warnings for Rbnacl backed functionality</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/b006395d85f6f9a86b9df21a4dbcbda023e47431"><code>b006395</code></a> Handle empty string as token value</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/cc0a876f7830d297e4fa719d183c3155e6d01853"><code>cc0a876</code></a> Fix badge url</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/98e1d302ff17b67cc6789b7269f307caba0f69da"><code>98e1d30</code></a> Documentation for modules and classes</li> <li><a href="https://github.com/jwt/ruby-jwt/commit/7ea4a366a8a5e36dede46b8ada969052c9f0dead"><code>7ea4a36</code></a> Reduce rubocop custom rules</li> <li>Additional commits viewable in <a href="https://github.com/jwt/ruby-jwt/compare/v2.9.3...v2.10.1">compare view</a></li> </ul> </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jwt&package-manager=bundler&previous-version=2.9.3&new-version=2.10.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: gavin/maybe#1600