Skip to content
This repository was archived by the owner on Aug 22, 2025. It is now read-only.

chore(deps-dev): bump pyjwt from 2.10.0 to 2.10.1 #165

Merged
merged 1 commit into from
Nov 28, 2024
Merged

chore(deps-dev): bump pyjwt from 2.10.0 to 2.10.1 #165

merged 1 commit into from
Nov 28, 2024

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 28, 2024

Bumps pyjwt from 2.10.0 to 2.10.1.

Release notes

Sourced from pyjwt's releases.

2.10.1

Fixed

Full Changelog: jpadilla/pyjwt@2.10.0...2.10.1

Changelog

Sourced from pyjwt's changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed


- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump pyjwt from 2.10.0 to 2.10.1
4aa7054 
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.10.0 to 2.10.1.
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](jpadilla/pyjwt@2.10.0...2.10.1)

---
updated-dependencies:
- dependency-name: pyjwt
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from J0 as a code owner November 28, 2024 04:57
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 28, 2024
@dependabot dependabot bot requested a review from silentworks as a code owner November 28, 2024 04:57
@dependabot dependabot bot added the python Pull requests that update Python code label Nov 28, 2024
@silentworks silentworks merged commit 116ef03 into main Nov 28, 2024
10 checks passed
@silentworks silentworks deleted the dependabot/pip/main/pyjwt-2.10.1 branch November 28, 2024 22:11
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@J0 J0 Awaiting requested review from J0

1 more reviewer

@silentworks silentworks silentworks approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@silentworks