Bump pyjwt from 2.5.0 to 2.6.0 (PR #5016)

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p>
<blockquote>
<h2><code>v2.6.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0&gt;</code>__</h2>
<p>Changed</p>
<pre><code>
- bump up cryptography &gt;= 3.4.0 by @jpadilla in `[#807](jpadilla/pyjwt#807) &lt;https://github.com/jpadilla/pyjwt/pull/807&gt;`_
- Remove `types-cryptography` from `crypto` extra by @lautat in `[#805](jpadilla/pyjwt#805) &lt;https://github.com/jpadilla/pyjwt/pull/805&gt;`_
<p>Fixed</p>
<pre><code>
- Invalidate token on the exact second the token expires `[#797](jpadilla/pyjwt#797) &amp;lt;https://github.com/jpadilla/pyjwt/pull/797&amp;gt;`_
- fix: version 2.5.0 heading typo by @c0state in `[#803](jpadilla/pyjwt#803) &amp;lt;https://github.com/jpadilla/pyjwt/pull/803&amp;gt;`_

Added
</code></pre>
<ul>
<li>Adding validation for <code>issued_at</code> when <code>iat &amp;gt; (now + leeway)</code> as <code>ImmatureSignatureError</code> by <a href="https://github.com/sriharan16"><code>@​sriharan16</code></a> in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/794">jpadilla/pyjwt#794</a>
</code></pre></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/jpadilla/pyjwt/commits">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.5.0&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

changelogs/unreleased/5016-dependabot.yml

@@ -0,0 +1,5 @@
+change-type: patch
+description: Bump pyjwt from 2.5.0 to 2.6.0
+destination-branches:
+- master
+sections: {}

requirements.txt

@@ -17,7 +17,7 @@ pip==22.3
 ply==3.11
 pydantic==1.10.2
 pyformance==0.4
-PyJWT==2.5.0
+PyJWT==2.6.0
 python-dateutil==2.8.2
 pyyaml==6.0
 setuptools==65.5.0