From b5e1a283deb86e7418320a99ee1cecfdf40f217a Mon Sep 17 00:00:00 2001 From: adam Date: Wed, 25 May 2022 12:20:55 +0000 Subject: [PATCH] py-JWT: updated to 2.4.0 v2.4.0 Security - [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24 Changed - Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713 - Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742 Fixed - Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705 - documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661 - fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729 - Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743 Added - Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699 - api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725 - Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727 - Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734 - Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738 - Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723 - Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744 - Update CHANGELOG.rst --- textproc/py-JWT/Makefile | 7 +++---- textproc/py-JWT/distinfo | 8 ++++---- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/textproc/py-JWT/Makefile b/textproc/py-JWT/Makefile index 4872fe536e41..c92c327f90d6 100644 --- a/textproc/py-JWT/Makefile +++ b/textproc/py-JWT/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.18 2022/01/04 20:54:51 wiz Exp $ +# $NetBSD: Makefile,v 1.19 2022/05/25 12:20:55 adam Exp $ -DISTNAME= PyJWT-2.3.0 +DISTNAME= PyJWT-2.4.0 PKGNAME= ${PYPKGPREFIX}-${DISTNAME:S/Py//} -PKGREVISION= 1 CATEGORIES= textproc python MASTER_SITES= ${MASTER_SITE_PYPI:=P/PyJWT/} @@ -19,7 +18,7 @@ USE_LANGUAGES= # none PYTHON_VERSIONS_INCOMPATIBLE= 27 do-test: - cd ${WRKSRC} && pytest-${PYVERSSUFFIX} tests + cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX} tests .include "../../lang/python/egg.mk" .include "../../mk/bsd.pkg.mk" diff --git a/textproc/py-JWT/distinfo b/textproc/py-JWT/distinfo index 06bf1d3008f6..15a3b4106c51 100644 --- a/textproc/py-JWT/distinfo +++ b/textproc/py-JWT/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.16 2021/10/26 11:22:59 nia Exp $ +$NetBSD: distinfo,v 1.17 2022/05/25 12:20:55 adam Exp $ -BLAKE2s (PyJWT-2.3.0.tar.gz) = 7801b7db39f2bcf9baa18466879ccea78a5be16ee8ab84905dba9754b8d4834e -SHA512 (PyJWT-2.3.0.tar.gz) = c6a1d8c3ce87d2122aa4ce4e19c5d2683aeffae6fb29b20fa17e2dfb1a07faf721beb8ca390d3acdeb85a1476025ca5af4fcdb1019f84c8c1bf229246a7aafe3 -Size (PyJWT-2.3.0.tar.gz) = 62279 bytes +BLAKE2s (PyJWT-2.4.0.tar.gz) = 270cd5bd9d0ff384dedd4762780aecd4b18495f054f7895fb28748e5034e3f1b +SHA512 (PyJWT-2.4.0.tar.gz) = 6c60afe62f9341c0fd889be227cd9e44260bc88696a93d0c3398547e159001f04e402d207d2230641f0f3d37cfd7e6f9e50a42dadfb011d7087c32a864c792a4 +Size (PyJWT-2.4.0.tar.gz) = 66327 bytes