Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove types-cryptography from crypto extra #805

Merged
merged 1 commit into from
Sep 19, 2022
Merged

Remove types-cryptography from crypto extra #805

merged 1 commit into from
Sep 19, 2022

Conversation

lautat
Copy link
Contributor

@lautat lautat commented Sep 19, 2022

This is not needed for using the project with cryptography. Also, the typing information is incorrect or incomplete for the latest version of cryptography.

Fixes #804

This is not needed for using the project with `cryptography`. Also, the
typing information is incorrect or incomplete for the latest version of
`cryptography`.

Fixes #804
@jpadilla jpadilla merged commit 049a695 into jpadilla:master Sep 19, 2022
@lautat lautat deleted the optional-types-cryptography branch September 20, 2022 06:41
@jeroenp
Copy link

jeroenp commented Oct 19, 2022

I'd love to see a new release for this so that I don't have to pull in the new dependency types-cryptography when updating to 2.5.0. Thanks.

bors bot added a commit to microsoft/Qcodes that referenced this pull request Oct 20, 2022
4745: Update pyjwt requirement from ~=2.5.0 to ~=2.6.0 r=jenshnielsen a=dependabot[bot]

Updates the requirements on [pyjwt](https://github.com/jpadilla/pyjwt) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.6.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0&gt;</code>__</h2>
<p>Changed</p>
<pre><code>
- bump up cryptography &gt;= 3.4.0 by `@jpadilla` in `[#807](jpadilla/pyjwt#807) &lt;https://github.com/jpadilla/pyjwt/pull/807&gt;`_
- Remove `types-cryptography` from `crypto` extra by `@lautat` in `[#805](jpadilla/pyjwt#805) &lt;https://github.com/jpadilla/pyjwt/pull/805&gt;`_
<p>Fixed</p>
<pre><code>
- Invalidate token on the exact second the token expires `[#797](jpadilla/pyjwt#797) &amp;lt;https://github.com/jpadilla/pyjwt/pull/797&amp;gt;`_
- fix: version 2.5.0 heading typo by `@c0state` in `[#803](jpadilla/pyjwt#803) &amp;lt;https://github.com/jpadilla/pyjwt/pull/803&amp;gt;`_

Added
</code></pre>
<ul>
<li>Adding validation for <code>issued_at</code> when <code>iat &amp;gt; (now + leeway)</code> as <code>ImmatureSignatureError</code> by <a href="https://github.com/sriharan16"><code>`@​sriharan16</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/794">jpadilla/pyjwt#794</a></li>
</ul>
<h2><code>v2.5.0 &amp;lt;https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0&amp;gt;</code>__</h2>
<p>Changed
</code></pre></p>
<ul>
<li>Skip keys with incompatible alg when loading JWKSet by <a href="https://github.com/DaGuich"><code>`@​DaGuich</code></a>` in <code>[#762](jpadilla/pyjwt#762) &lt;https://github.com/jpadilla/pyjwt/pull/762&gt;</code>__</li>
<li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <code>[#777](jpadilla/pyjwt#777) &lt;https://github.com/jpadilla/pyjwt/pull/777&gt;</code>__</li>
<li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <code>[#776](jpadilla/pyjwt#776) &lt;https://github.com/jpadilla/pyjwt/pull/776&gt;</code>__</li>
<li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>`@​mgorny</code></a>` in <code>[#765](jpadilla/pyjwt#765) &lt;https://github.com/jpadilla/pyjwt/pull/765&gt;</code>__</li>
<li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>`@​DaGuich</code></a>` in <code>[#762](jpadilla/pyjwt#762) &lt;https://github.com/jpadilla/pyjwt/pull/762&gt;</code>__</li>
<li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` in <code>[#782](jpadilla/pyjwt#782) &lt;https://github.com/jpadilla/pyjwt/pull/782&gt;</code>__</li>
<li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` in <code>[#786](jpadilla/pyjwt#786) &lt;https://github.com/jpadilla/pyjwt/pull/786&gt;</code>__</li>
<li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>`@​JulianMaurin</code></a>` in <code>[#787](jpadilla/pyjwt#787) &lt;https://github.com/jpadilla/pyjwt/pull/787&gt;</code>__</li>
</ul>
<p>Fixed</p>
<pre><code>
- Adjust expected exceptions in option merging tests for PyPy3 by `@mgorny` in `[#763](jpadilla/pyjwt#763) &lt;https://github.com/jpadilla/pyjwt/pull/763&gt;`__
- Fixes for pyright on strict mode by `@brandon-leapyear` in `[#747](jpadilla/pyjwt#747) &lt;https://github.com/jpadilla/pyjwt/pull/747&gt;`__
- docs: fix simple typo, iinstance -&gt; isinstance by `@timgates42` in `[#774](jpadilla/pyjwt#774) &lt;https://github.com/jpadilla/pyjwt/pull/774&gt;`__
- Fix typo: priot -&gt; prior by `@jdufresne` in `[#780](jpadilla/pyjwt#780) &lt;https://github.com/jpadilla/pyjwt/pull/780&gt;`__
- Fix for headers disorder issue by `@kadabusha` in `[#721](jpadilla/pyjwt#721) &lt;https://github.com/jpadilla/pyjwt/pull/721&gt;`__
<p>Added
</code></pre></p>
<ul>
<li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@​leonsmith</code></a>` in <code>[#732](jpadilla/pyjwt#732) &lt;https://github.com/jpadilla/pyjwt/pull/732&gt;</code>__</li>
<li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@​sirosen</code></a>` in <code>[#773](jpadilla/pyjwt#773) &lt;https://github.com/jpadilla/pyjwt/pull/773&gt;</code>__</li>
<li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@​kkirsche</code></a>` in <code>[#784](jpadilla/pyjwt#784) &lt;https://github.com/jpadilla/pyjwt/pull/784&gt;</code>__</li>
<li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@​wuhaoyujerry</code></a>` in <code>[#781](jpadilla/pyjwt#781) &lt;https://github.com/jpadilla/pyjwt/pull/781&gt;</code>__</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/jpadilla/pyjwt/commits">compare view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

4746: Update pandas requirement from ~=1.5.0 to ~=1.5.1 r=jenshnielsen a=dependabot[bot]

Updates the requirements on [pandas](https://github.com/pandas-dev/pandas) to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/pandas-dev/pandas/releases">pandas's releases</a>.</em></p>
<blockquote>
<h2>Pandas 1.5.1</h2>
<p>This is a patch release in the 1.5.x series and includes some regression and bug fixes. We recommend that all users upgrade to this version.</p>
<p>See the <a href="https://pandas.pydata.org/pandas-docs/version/1.5.1/whatsnew/v1.5.1.html">full whatsnew</a> for a list of all the changes.</p>
<p>The release will be available on the defaults and conda-forge channels:</p>
<pre><code>conda install pandas
</code></pre>
<p>Or via PyPI:</p>
<pre><code>python3 -m pip install --upgrade pandas
</code></pre>
<p>Please report any issues with the release on the <a href="https://github.com/pandas-dev/pandas/issues">pandas issue tracker</a>.</p>
<p>Thanks to all the contributors who made this release possible.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pandas-dev/pandas/commit/91111fd99898d9dcaa6bf6bedb662db4108da6e6"><code>91111fd</code></a> RLS: 1.5.1</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/72863856504a4e906fc603f9e4624f251b614828"><code>7286385</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49162">#49162</a> on branch 1.5.x (PERF: Fix performance regression for isin...</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/8429c50a279ba953514d1ca4d4a2bcef5e23ecc9"><code>8429c50</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49140">#49140</a> on branch 1.5.x (Revert &quot;PERF: faster corrwith method for ...</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/5b036c1c35890c44531f796f5dca92796276b2b5"><code>5b036c1</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49137">#49137</a> on branch 1.5.x (WEB/DOC: Fix typo in OVH name) (<a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49138">#49138</a>)</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/ea971acb948d16e284a38292cd615a5eb7c055ab"><code>ea971ac</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/48770">#48770</a> on branch 1.5.x (added sytle in stylesheet for &lt;blockquote...</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/27717a20061aaedda0d3e5de8461835e952c49f3"><code>27717a2</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49080">#49080</a> on branch 1.5.x (REGR: midx.values resetting freq of under...</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/c58f2057b8c8a7fa79654c45a83c963c013a3aa3"><code>c58f205</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/48457">#48457</a> on branch 1.5.x (TST: Fix unsigned pyarrow types in SIGNED...</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/072402b58cbd87c2106413a37213c0b6020e34b1"><code>072402b</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49053">#49053</a> on branch 1.5.x (REVERT caching in find_stack_level) (<a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49079">#49079</a>)</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/f9eebaf9de23aa9c5debdd86524615b22c23025f"><code>f9eebaf</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49072">#49072</a> on branch 1.5.x (BUG: redirect from meeting to community w...</li>
<li><a href="https://github.com/pandas-dev/pandas/commit/b8d2f461767e1e2124a08c17be69bf0f847c882e"><code>b8d2f46</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49070">#49070</a> on branch 1.5.x (CI: Fix DeprecationWarning of numpy dev) ...</li>
<li>Additional commits viewable in <a href="https://github.com/pandas-dev/pandas/compare/v1.5.0...v1.5.1">compare view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

4748: Bump scipy from 1.9.2 to 1.9.3 r=jenshnielsen a=dependabot[bot]

Bumps [scipy](https://github.com/scipy/scipy) from 1.9.2 to 1.9.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/scipy/scipy/releases">scipy's releases</a>.</em></p>
<blockquote>
<h1>SciPy 1.9.3 Release Notes</h1>
<p>SciPy <code>1.9.3</code> is a bug-fix release with no new features
compared to <code>1.9.2</code>.</p>
<h1>Authors</h1>
<ul>
<li>Jelle Aalbers (1)</li>
<li>Peter Bell (1)</li>
<li>Jake Bowhay (3)</li>
<li>Matthew Brett (3)</li>
<li>Evgeni Burovski (5)</li>
<li>drpeteb (1) +</li>
<li>Sebastian Ehlert (1) +</li>
<li>GavinZhang (1) +</li>
<li>Ralf Gommers (2)</li>
<li>Matt Haberland (15)</li>
<li>Lakshaya Inani (1) +</li>
<li>Joseph T. Iosue (1)</li>
<li>Nathan Jacobi (1) +</li>
<li>jmkuebler (1) +</li>
<li>Nikita Karetnikov (1) +</li>
<li>Lechnio (1) +</li>
<li>Nicholas McKibben (1)</li>
<li>Andrew Nelson (1)</li>
<li>o-alexandre-felipe (1) +</li>
<li>Tirth Patel (1)</li>
<li>Tyler Reddy (51)</li>
<li>Martin Reinecke (1)</li>
<li>Marie Roald (1) +</li>
<li>Pamphile Roy (2)</li>
<li>Eli Schwartz (1)</li>
<li>serge-sans-paille (1)</li>
<li>ehsan shirvanian (1) +</li>
<li>Mamoru TASAKA (1) +</li>
<li>Samuel Wallan (1)</li>
<li>Warren Weckesser (7)</li>
<li>Gavin Zhang (1) +</li>
</ul>
<p>A total of 31 people contributed to this release.
People with a &quot;+&quot; by their names contributed a patch for the first time.
This list of names is automatically generated, and may not be fully complete.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/scipy/scipy/commit/de80faf9d3480b9dbb9b888568b64499e0e70c19"><code>de80faf</code></a> REL: set 1.9.3 released [wheel build]</li>
<li><a href="https://github.com/scipy/scipy/commit/25e6b901077646cbdaf0a022ff63d55b2c40b114"><code>25e6b90</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17239">#17239</a> from tylerjereddy/treddy_backport_193</li>
<li><a href="https://github.com/scipy/scipy/commit/ba33e438f948d5e147755aff0e63f6a01f5bc676"><code>ba33e43</code></a> DOC: update 1.9.3 relnotes</li>
<li><a href="https://github.com/scipy/scipy/commit/92d892efaf689c1be970370cd9b33678482fb1fd"><code>92d892e</code></a> MAINT: Handle numpy's deprecation of accepting out-of-bound integers.</li>
<li><a href="https://github.com/scipy/scipy/commit/ba5f6daa1d855f43f9f0d19f51386285b2835ce8"><code>ba5f6da</code></a> MAINT: PR 17239 revisions</li>
<li><a href="https://github.com/scipy/scipy/commit/381089e753b42c26faf3fb689fc82f7a5c34c422"><code>381089e</code></a> DOC: update 1.9.3 relnotes</li>
<li><a href="https://github.com/scipy/scipy/commit/2db3440cfd768009847fb355f3da53fc8c562ea3"><code>2db3440</code></a> BLD: fix invalid shebang for build helper script</li>
<li><a href="https://github.com/scipy/scipy/commit/a9a6582a38e23f178ddaed874d1bc65de3313cb2"><code>a9a6582</code></a> DOC: stats.mode: add versionadded tag and correct order of keepdims descripti...</li>
<li><a href="https://github.com/scipy/scipy/commit/f4738889bd34d294cfcbd4aaed8c914fe961a0fd"><code>f473888</code></a> BLD: fix issue with incomplete threads dependency handling (<a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17200">#17200</a>)</li>
<li><a href="https://github.com/scipy/scipy/commit/5370f15752eef1f62773236704d6339fa4d4e99c"><code>5370f15</code></a> MAINT: update meson.build to make it work on IBM i system (<a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17193">#17193</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/scipy/scipy/compare/v1.9.2...v1.9.3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=scipy&package-manager=pip&previous-version=1.9.2&new-version=1.9.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this pull request Oct 21, 2022
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.6.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0&gt;</code>__</h2>
<p>Changed</p>
<pre><code>
- bump up cryptography &gt;= 3.4.0 by @jpadilla in `[#807](jpadilla/pyjwt#807) &lt;https://github.com/jpadilla/pyjwt/pull/807&gt;`_
- Remove `types-cryptography` from `crypto` extra by @lautat in `[#805](jpadilla/pyjwt#805) &lt;https://github.com/jpadilla/pyjwt/pull/805&gt;`_
<p>Fixed</p>
<pre><code>
- Invalidate token on the exact second the token expires `[#797](jpadilla/pyjwt#797) &amp;lt;https://github.com/jpadilla/pyjwt/pull/797&amp;gt;`_
- fix: version 2.5.0 heading typo by @c0state in `[#803](jpadilla/pyjwt#803) &amp;lt;https://github.com/jpadilla/pyjwt/pull/803&amp;gt;`_

Added
</code></pre>
<ul>
<li>Adding validation for <code>issued_at</code> when <code>iat &amp;gt; (now + leeway)</code> as <code>ImmatureSignatureError</code> by <a href="https://github.com/sriharan16"><code>@​sriharan16</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/794">jpadilla/pyjwt#794</a>
</code></pre></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/jpadilla/pyjwt/commits">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.5.0&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this pull request Oct 21, 2022
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.6.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0&gt;</code>__</h2>
<p>Changed</p>
<pre><code>
- bump up cryptography &gt;= 3.4.0 by @jpadilla in `[#807](jpadilla/pyjwt#807) &lt;https://github.com/jpadilla/pyjwt/pull/807&gt;`_
- Remove `types-cryptography` from `crypto` extra by @lautat in `[#805](jpadilla/pyjwt#805) &lt;https://github.com/jpadilla/pyjwt/pull/805&gt;`_
<p>Fixed</p>
<pre><code>
- Invalidate token on the exact second the token expires `[#797](jpadilla/pyjwt#797) &amp;lt;https://github.com/jpadilla/pyjwt/pull/797&amp;gt;`_
- fix: version 2.5.0 heading typo by @c0state in `[#803](jpadilla/pyjwt#803) &amp;lt;https://github.com/jpadilla/pyjwt/pull/803&amp;gt;`_

Added
</code></pre>
<ul>
<li>Adding validation for <code>issued_at</code> when <code>iat &amp;gt; (now + leeway)</code> as <code>ImmatureSignatureError</code> by <a href="https://github.com/sriharan16"><code>@​sriharan16</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/794">jpadilla/pyjwt#794</a>
</code></pre></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/jpadilla/pyjwt/commits">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.5.0&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

crypto extra requires outdated types-cryptography type annotation stubs
3 participants