File python-PyJWT.changes of Package python-PyJWT.26294

-------------------------------------------------------------------
Mon Jun 20 23:05:09 UTC 2022 - Matej Cepl <mcepl@suse.com>

- Add CVE-2022-29217-non-blocked-pubkeys.patch fixing
  CVE-2022-29217 (bsc#1199756), which disallows use of blocked
  pubkeys (heavily modified from upstream).

-------------------------------------------------------------------
Thu Nov  2 02:05:49 UTC 2017 - arun@gmx.de

- update to version 1.5.3:
  * Changed
    + Increase required version of the cryptography package to
      >=1.4.0.
  * Fixed
    + Remove uses of deprecated functions from the cryptography
      package.
    + Warn about missing algorithms param to decode() only when verify
      param is True #281

-------------------------------------------------------------------
Mon Aug 21 15:51:40 UTC 2017 - tbechtold@suse.com

- update to 1.5.2:
  - Ensure correct arguments order in decode super call [7c1e61d][7c1e61d]
  - Change optparse for argparse. [#238][238]
  - Guard against PKCS1 PEM encododed public keys [#277][277]
  - Add deprecation warning when decoding without specifying `algorithms` [#277][277]
  - Improve deprecation messages [#270][270]
  - PyJWT.decode: move verify param into options [#271][271]
  - Support for Python 3.6 [#262][262]
  - Expose jwt.InvalidAlgorithmError [#264][264]
  - Add support for ECDSA public keys in RFC 4253 (OpenSSH) format [#244][244]
  - Renamed commandline script `jwt` to `jwt-cli` to avoid issues with the script clobbering the `jwt` module in some circumstances. [#187][187]
  - Better error messages when using an algorithm that requires the cryptography package, but it isn't available [#230][230]
  - Tokens with future 'iat' values are no longer rejected [#190][190]
  - Non-numeric 'iat' values now raise InvalidIssuedAtError instead of DecodeError
  - Remove rejection of future 'iat' claims [#252][252]
  - Add back 'ES512' for backward compatibility (for now) [#225][225]
  - Fix incorrectly named ECDSA algorithm [#219][219]
  - Fix rpm build [#196][196]
  - Add JWK support for HMAC and RSA keys [#202][202]

-------------------------------------------------------------------
Fri Apr 28 12:25:53 UTC 2017 - pousaduarte@gmail.com

- Restore runtime dependency python-ecdsa

-------------------------------------------------------------------
Wed Apr 26 18:03:53 UTC 2017 - pousaduarte@gmail.com

- Convert to singlespec
- Remove unneeded dependency python-ecdsa
- Use "download_files" in _service file to automate source fetching

-------------------------------------------------------------------
Fri Mar 17 18:58:52 UTC 2017 - rjschwei@suse.com

- Drop pycrypto as dependency, we only need cryptography

-------------------------------------------------------------------
Fri Mar 10 08:52:47 UTC 2017 - alarrosa@suse.com

- Use update-alternatives so it can be co-installable with python3-PyJWT
- Use dos2unix on jwt/__init__.py
- updated source url to files.pythonhosted.org
- Run the spec file through spec-cleaner
- Drop PyJWT-1.1.0.diff which was only used on rhel (?)

-------------------------------------------------------------------
Thu Sep 15 13:52:58 UTC 2016 - rjschwei@suse.com

- Include in SLES 12 (FATE#321371, bsc#998103)

-------------------------------------------------------------------
Thu Sep  1 12:36:06 UTC 2016 - tbechtold@suse.com

- Use https for Source url

-------------------------------------------------------------------
Thu Sep  1 05:41:26 UTC 2016 - tbechtold@suse.com

- update to 1.4.2:
  - A PEM-formatted key encoded as bytes could cause a `TypeError` to be raised [#213][213]
  - Newer versions of Pytest could not detect warnings properly [#182][182]
  - Non-string 'kid' value now raises `InvalidTokenError` [#174][174]
  - `jwt.decode(None)` now gracefully fails with `InvalidTokenError` [#183][183]

-------------------------------------------------------------------
Tue Jan  5 09:38:01 UTC 2016 - bwiedemann@suse.com

- BuildRequire python-pytest-cov >= 1.7

-------------------------------------------------------------------
Thu Nov  5 10:38:45 UTC 2015 - toddrme2178@gmail.com

- Update to 1.4.0
  + Fixed
    * Exclude Python cache files from PyPI releases.
  + Added
    * Added new options to require certain claims
      (require_nbf, require_iat, require_exp) and raise `MissingRequiredClaimError`
      if they are not present.
    * If `audience=` or `issuer=` is specified but the claim is not present,
      `MissingRequiredClaimError` is now raised instead of `InvalidAudienceError`
      and `InvalidIssuerError`
- Update to 1.3.0
  + Fixed
    * ECDSA (ES256, ES384, ES512) signatures are now being properly serialized [#158][158]
    * RSA-PSS (PS256, PS384, PS512) signatures now use the proper salt length for PSS padding. [#163][163]
  + Added
    * Added a new `jwt.get_unverified_header()` to parse and return the header portion of a token prior to signature verification.
  + Removed
    * Python 3.2 is no longer a supported platform. This version of Python is
      rarely used. Users affected by this should upgrade to 3.3+.
- Update to 1.2.0
  + Fixed
    * Added back `verify_expiration=` argument to `jwt.decode()` that was erroneously removed in [v1.1.0][1.1.0].
  + Changed
    * Refactored JWS-specific logic out of PyJWT and into PyJWS superclass. [#141][141]
  + Deprecated
    * `verify_expiration=` argument to `jwt.decode()` is now deprecated and will be removed in a future version. Use the `option=` argument instead.
- Rebase PyJWT-1.1.0.diff

-------------------------------------------------------------------
Mon Aug 10 09:20:26 UTC 2015 - seife+obs@b1-systems.com

- apply PyJWT-1.1.0.diff only on RHEL/CentOS

-------------------------------------------------------------------
Thu Jul  9 16:43:37 UTC 2015 - seife+obs@b1-systems.com

- fix build on RHEL7, add PyJWT-1.1.0.diff

-------------------------------------------------------------------
Wed Apr 22 14:01:31 UTC 2015 - mcihar@suse.cz

- Include pycrypto and ecdsa in BuildRequires for complete test coverage
- Use setup.py test to execute testsuite

-------------------------------------------------------------------
Wed Apr 22 11:14:42 UTC 2015 - mcihar@suse.cz

- Simplify dependencies (only python-cryptography is needed, pycrypto and ecdsa
  are just fallbacks whet is is not)

-------------------------------------------------------------------
Mon Apr 20 11:56:59 UTC 2015 - mcihar@suse.cz

- Enable testsuite during build

-------------------------------------------------------------------
Mon Apr 20 11:55:52 UTC 2015 - mcihar@suse.cz

- Update to 1.1.0

-------------------------------------------------------------------
Thu Nov  6 09:08:37 UTC 2014 - mcihar@suse.cz

- Update to 0.3.0

-------------------------------------------------------------------
Wed Jul 23 13:28:19 UTC 2014 - mcihar@suse.cz

- initial packaging