Skip to content

chore(deps): bump jwt from 2.10.2 to 3.2.0#1

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/jwt-3.2.0
Open

chore(deps): bump jwt from 2.10.2 to 3.2.0#1
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/jwt-3.2.0

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 18, 2026
edited
Loading

Bumps jwt from 2.10.2 to 3.2.0.

Changelog

Sourced from jwt's changelog.

v3.2.0 (2026-05-13)

Full Changelog

Features:

  • Add enforce_hmac_key_length configuration option #716 - (@​304)

Fixes and enhancements:

v3.1.2 (2025-06-28)

Full Changelog

Fixes and enhancements:

  • Avoid using the same digest across calls in JWT::JWA::Ecdsa and JWT::JWA::Rsa #697
  • Fix signing with a EC JWK #699 (@​anakinj)

v3.1.1 (2025-06-24)

Full Changelog

Fixes and enhancements:

  • Require the algorithm to be provided when signing and verifying tokens using JWKs #695 (@​anakinj)

v3.1.0 (2025-06-23)

Full Changelog

Features:

  • Add support for x5t header parameter for X.509 certificate thumbprint verification #669 (@​hieuk09)
  • Raise an error if the ECDSA signing or verification key is not an instance of OpenSSL::PKey::EC #688 (@​anakinj)
  • Allow OpenSSL::PKey::EC::Point to be used as the verification key in ECDSA #689 (@​anakinj)
  • Require claims to have been verified before accessing the JWT::EncodedToken#payload #690 (@​anakinj)
  • Support signing and verifying tokens using a JWK #692 (@​anakinj)

v3.0.0 (2025-06-14)

Full Changelog

Breaking changes:

... (truncated)

Commits
  • db560b7 Merge commit from fork
  • ffef4f2 Bump actions/download-artifact from 7 to 8 (#719)
  • 69a343d Bump actions/upload-artifact from 6 to 7 (#718)
  • 78e7ed2 Fix Style/PredicateWithKind RuboCop issue (#720)
  • 1a1d877 Extract context classes into separate files for better organization (#717)
  • d3e52e9 Add enforce_hmac_key_length configuration option (#716)
  • 24ec3d8 Fix type error when header is not a JSON object (#715)
  • 8c655d4 Fix typo in "Rubocop" to use correct casing "RuboCop" (#714)
  • 7af2ac0 Bump actions/download-artifact from 4 to 7 (#708)
  • efd5e6f Bump actions/upload-artifact from 4 to 6 (#709)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels May 18, 2026
@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented May 18, 2026
edited
Loading

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results
Complexity 0
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@dependabot dependabot Bot force-pushed the dependabot/bundler/jwt-3.2.0 branch from 9aeda31 to 1cfe587 Compare May 22, 2026 10:49
@dependabot
chore(deps): bump jwt from 2.10.2 to 3.2.0
1398b5c 
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.10.2 to 3.2.0.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](jwt/ruby-jwt@v2.10.2...v3.2.0)

---
updated-dependencies:
- dependency-name: jwt
  dependency-version: 3.2.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/jwt-3.2.0 branch from 1cfe587 to 1398b5c Compare May 22, 2026 12:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants