Sourced from pyjwt's releases.

2.10.1

Fixed

• Prevent partial matching of iss claim. Thanks @​fabianbadoi! (See: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm)

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1

2.10.0

What's Changed

• chore: use sequence for typing rather than list by @​imnotjames in jpadilla/pyjwt#970
• Add support for Python 3.13 by @​hugovk in jpadilla/pyjwt#972
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#971
• Add an RTD config file to resolve RTD build failures by @​kurtmckee in jpadilla/pyjwt#977
• docs: Update iat exception docs by @​pachewise in jpadilla/pyjwt#974
• Remove algorithm requirement for JWT API by @​luhn in jpadilla/pyjwt#975
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#978
• Create SECURITY.md by @​auvipy in jpadilla/pyjwt#973
• docs fix: decode_complete scope and algorithms by @​RbnRncn in jpadilla/pyjwt#982
• fix doctest for docs/usage.rst by @​pachewise in jpadilla/pyjwt#986
• fix test_utils.py not to xfail by @​pachewise in jpadilla/pyjwt#987
• Correct jwt.decode audience param doc expression by @​peter279k in jpadilla/pyjwt#994
• Add PS256 encoding and decoding usage by @​peter279k in jpadilla/pyjwt#992
• Add API docs for PyJWK by @​luhn in jpadilla/pyjwt#980
• Refactor project configuration files from setup.cfg to pyproject.toml PEP-518 by @​cleder in jpadilla/pyjwt#995
• Add JWK support to JWT encode by @​luhn in jpadilla/pyjwt#979
• Update pre-commit hooks to lint pyproject.toml by @​cleder in jpadilla/pyjwt#1002
• Add EdDSA algorithm encoding/decoding usage by @​peter279k in jpadilla/pyjwt#993
• Ruff linter and formatter changes by @​gagandeepp in jpadilla/pyjwt#1001
• Validate sub and jti claims for the token by @​Divan009 in jpadilla/pyjwt#1005
• Add ES256 usage by @​Gautam-Hegde in jpadilla/pyjwt#1003
• Encode EC keys with a fixed bit length by @​way-dave in jpadilla/pyjwt#990
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#1000
• Drop support for Python 3.8 by @​kkirsche in jpadilla/pyjwt#1007
• Prepare 2.10.0 release by @​benvdh in jpadilla/pyjwt#1011
• Bump codecov/codecov-action from 4 to 5 by @​dependabot in jpadilla/pyjwt#1014
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#1006

New Contributors

• @​imnotjames made their first contribution in jpadilla/pyjwt#970
• @​kurtmckee made their first contribution in jpadilla/pyjwt#977
• @​pachewise made their first contribution in jpadilla/pyjwt#974
• @​RbnRncn made their first contribution in jpadilla/pyjwt#982
• @​peter279k made their first contribution in jpadilla/pyjwt#994
• @​cleder made their first contribution in jpadilla/pyjwt#995
• @​gagandeepp made their first contribution in jpadilla/pyjwt#1001
• @​Divan009 made their first contribution in jpadilla/pyjwt#1005
• @​Gautam-Hegde made their first contribution in jpadilla/pyjwt#1003
• @​way-dave made their first contribution in jpadilla/pyjwt#990

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0

... (truncated)

Sourced from pyjwt's changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed

- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__
v2.10.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0&gt;__
Changed

• Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @​luhn in [#975](https://github.com/jpadilla/pyjwt/issues/975) <https://github.com/jpadilla/pyjwt/pull/975>__

• Use Sequence for parameter types rather than List where applicable by @​imnotjames in [#970](https://github.com/jpadilla/pyjwt/issues/970) <https://github.com/jpadilla/pyjwt/pull/970>__

• Add JWK support to JWT encode by @​luhn in [#979](https://github.com/jpadilla/pyjwt/issues/979) <https://github.com/jpadilla/pyjwt/pull/979>__

• Encoding and decoding payloads using the none algorithm by @​jpadilla in #c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>

  Before:

  .. code-block:: pycon

  import jwt jwt.encode({"payload": "abc"}, key=None, algorithm=None)

  After:

  .. code-block:: pycon

  import jwt jwt.encode({"payload": "abc"}, key=None, algorithm="none")

• Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @​Divan009 in [#1005](https://github.com/jpadilla/pyjwt/issues/1005) <https://github.com/jpadilla/pyjwt/pull/1005>__

• Refactor project configuration files from setup.cfg to pyproject.toml by @​cleder in [#995](https://github.com/jpadilla/pyjwt/issues/995) <https://github.com/jpadilla/pyjwt/pull/995>__

• Ruff linter and formatter changes by @​gagandeepp in [#1001](https://github.com/jpadilla/pyjwt/issues/1001) <https://github.com/jpadilla/pyjwt/pull/1001>__

• Drop support for Python 3.8 (EOL) by @​kkirsche in [#1007](https://github.com/jpadilla/pyjwt/issues/1007) <https://github.com/jpadilla/pyjwt/pull/1007>__

Fixed

- Encode EC keys with a fixed bit length by @etianen in `[#990](https://github.com/jpadilla/pyjwt/issues/990) <https://github.com/jpadilla/pyjwt/pull/990>`__
- Add an RTD config file to resolve Read the Docs build failures by @kurtmckee in `[#977](https://github.com/jpadilla/pyjwt/issues/977) <https://github.com/jpadilla/pyjwt/pull/977>`__
- Docs: Update ``iat`` exception docs by @pachewise in `[#974](https://github.com/jpadilla/pyjwt/issues/974) <https://github.com/jpadilla/pyjwt/pull/974>`__
- Docs: Fix ``decode_complete`` scope and algorithms by @RbnRncn in `[#982](https://github.com/jpadilla/pyjwt/issues/982) <https://github.com/jpadilla/pyjwt/pull/982>`__
- Fix doctest for ``docs/usage.rst`` by @pachewise in `[#986](https://github.com/jpadilla/pyjwt/issues/986) <https://github.com/jpadilla/pyjwt/pull/986>`__
</tr></table> 

... (truncated)

• 3ebbb22 fix lint
• 37748dc update changelog
• 33022c2 Merge commit from fork
• 783f324 [pre-commit.ci] pre-commit autoupdate (#1006)
• 0116fc6 Bump codecov/codecov-action from 4 to 5 (#1014)
• b032353 feat: surface jwt.decode_complete(...)
• a759c45 Prepare 2.10.0 release (#1011)
• b6b8bce Drop support for Python 3.8 (#1007)
• 189c256 Update index.rst
• 1900857 Update index.rst
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)