Bump pyjwt from 2.11.0 to 2.12.0 by dependabot[bot] · Pull Request #277 · oda-hub/nb2workflow

dependabot · 2026-03-14T02:54:24Z

Bumps pyjwt from 2.11.0 to 2.12.0.

Release notes

2.12.0

Security

Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @dmbs335 in GHSA-752w-5fwx-jx9f

What's Changed

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in jpadilla/pyjwt#1132

chore(docs): fix docs build by @tamird in jpadilla/pyjwt#1137

Annotate PyJWKSet.keys for pyright by @tamird in jpadilla/pyjwt#1134

fix: close HTTPError to prevent ResourceWarning on Python 3.14 by @veeceey in jpadilla/pyjwt#1133

chore: remove superfluous constants by @tamird in jpadilla/pyjwt#1136

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in jpadilla/pyjwt#1135

chore(tests): enable mypy by @tamird in jpadilla/pyjwt#1138

Bump actions/download-artifact from 7 to 8 by @dependabot[bot] in jpadilla/pyjwt#1142

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in jpadilla/pyjwt#1141

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in jpadilla/pyjwt#1145

fix: do not store reference to algorithms dict on PyJWK by @akx in jpadilla/pyjwt#1143

Use PyJWK algorithm when encoding without explicit algorithm by @jpadilla in jpadilla/pyjwt#1148

New Contributors

@tamird made their first contribution in jpadilla/pyjwt#1137

@veeceey made their first contribution in jpadilla/pyjwt#1133

Full Changelog: jpadilla/pyjwt@2.11.0...2.12.0

Changelog

Sourced from pyjwt's changelog.

`v2.12.0 <https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0>`__

Fixed


- Annotate PyJWKSet.keys for pyright by @tamird in `[#1134](https://github.com/jpadilla/pyjwt/issues/1134) <https://github.com/jpadilla/pyjwt/pull/1134>`__
- Close ``HTTPError`` response to prevent ``ResourceWarning`` on Python 3.14 by @veeceey in `[#1133](https://github.com/jpadilla/pyjwt/issues/1133) <https://github.com/jpadilla/pyjwt/pull/1133>`__
- Do not keep ``algorithms`` dict in PyJWK instances by @akx in `[#1143](https://github.com/jpadilla/pyjwt/issues/1143) <https://github.com/jpadilla/pyjwt/pull/1143>`__
- Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @dmbs335 in `GHSA-752w-5fwx-jx9f <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f>`__
- Use PyJWK algorithm when encoding without explicit algorithm in `[#1148](https://github.com/jpadilla/pyjwt/issues/1148) <https://github.com/jpadilla/pyjwt/pull/1148>`__
Added

Docs: Add PyJWKClient API reference and document the two-tier caching system (JWK Set cache and signing key LRU cache).

Commits

bd9700c Use PyJWK algorithm when encoding without explicit algorithm (#1148)
051ea34 Merge commit from fork
1451d70 fix: do not store reference to algorithms dict on PyJWK (#1143)
f3ba74c [pre-commit.ci] pre-commit autoupdate (#1145)
0318ffa [pre-commit.ci] pre-commit autoupdate (#1141)
a52753d Bump actions/download-artifact from 7 to 8 (#1142)
b85050f chore(tests): enable mypy (#1138)
1272b26 [pre-commit.ci] pre-commit autoupdate (#1135)
99a8728 chore: remove superfluous constants (#1136)
412cb67 fix: close HTTPError to prevent ResourceWarning on Python 3.14 (#1133)
Additional commits viewable in compare view

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.11.0 to 2.12.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.11.0...2.12.0) --- updated-dependencies: - dependency-name: pyjwt dependency-version: 2.12.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Mar 14, 2026

dependabot Bot force-pushed the dependabot/uv/pyjwt-2.12.0 branch from c16d147 to 1891cf0 Compare March 17, 2026 20:55

dependabot Bot force-pushed the dependabot/uv/pyjwt-2.12.0 branch from 1891cf0 to 26e6576 Compare March 31, 2026 17:30

dependabot Bot force-pushed the dependabot/uv/pyjwt-2.12.0 branch from 26e6576 to 05372dc Compare March 31, 2026 17:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump pyjwt from 2.11.0 to 2.12.0#277

Bump pyjwt from 2.11.0 to 2.12.0#277
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/pyjwt-2.12.0

dependabot Bot commented on behalf of github Mar 14, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Mar 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

2.12.0

Security

What's Changed

New Contributors

v2.12.0 <https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0>__

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Mar 14, 2026 •

edited

Loading

`v2.12.0 <https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0>`__