Skip to content

Bump jwt from 2.10.3 to 3.2.0#260

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/jwt-3.2.0
Closed

Bump jwt from 2.10.3 to 3.2.0#260
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/jwt-3.2.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026
edited
Loading

Bumps jwt from 2.10.3 to 3.2.0.

Changelog

Sourced from jwt's changelog.

v3.2.0 (2026-05-13)

Full Changelog

Features:

  • Add enforce_hmac_key_length configuration option #716 - (@​304)

Fixes and enhancements:

v3.1.2 (2025-06-28)

Full Changelog

Fixes and enhancements:

  • Avoid using the same digest across calls in JWT::JWA::Ecdsa and JWT::JWA::Rsa #697
  • Fix signing with a EC JWK #699 (@​anakinj)

v3.1.1 (2025-06-24)

Full Changelog

Fixes and enhancements:

  • Require the algorithm to be provided when signing and verifying tokens using JWKs #695 (@​anakinj)

v3.1.0 (2025-06-23)

Full Changelog

Features:

  • Add support for x5t header parameter for X.509 certificate thumbprint verification #669 (@​hieuk09)
  • Raise an error if the ECDSA signing or verification key is not an instance of OpenSSL::PKey::EC #688 (@​anakinj)
  • Allow OpenSSL::PKey::EC::Point to be used as the verification key in ECDSA #689 (@​anakinj)
  • Require claims to have been verified before accessing the JWT::EncodedToken#payload #690 (@​anakinj)
  • Support signing and verifying tokens using a JWK #692 (@​anakinj)

v3.0.0 (2025-06-14)

Full Changelog

Breaking changes:

... (truncated)

Commits
  • db560b7 Merge commit from fork
  • ffef4f2 Bump actions/download-artifact from 7 to 8 (#719)
  • 69a343d Bump actions/upload-artifact from 6 to 7 (#718)
  • 78e7ed2 Fix Style/PredicateWithKind RuboCop issue (#720)
  • 1a1d877 Extract context classes into separate files for better organization (#717)
  • d3e52e9 Add enforce_hmac_key_length configuration option (#716)
  • 24ec3d8 Fix type error when header is not a JSON object (#715)
  • 8c655d4 Fix typo in "Rubocop" to use correct casing "RuboCop" (#714)
  • 7af2ac0 Bump actions/download-artifact from 4 to 7 (#708)
  • efd5e6f Bump actions/upload-artifact from 4 to 6 (#709)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels May 18, 2026
@andyatkinson
Copy link
Copy Markdown
Owner

andyatkinson commented May 27, 2026

@dependabot rebase

@dependabot
Bump jwt from 2.10.3 to 3.2.0
e6d6e19 
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.10.3 to 3.2.0.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](jwt/ruby-jwt@v2.10.3...v3.2.0)

---
updated-dependencies:
- dependency-name: jwt
  dependency-version: 3.2.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump jwt from 2.10.2 to 3.2.0 Bump jwt from 2.10.3 to 3.2.0 May 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/bundler/jwt-3.2.0 branch from 015870b to e6d6e19 Compare May 27, 2026 03:29
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 27, 2026

Looks like jwt is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this May 27, 2026
@dependabot dependabot Bot deleted the dependabot/bundler/jwt-3.2.0 branch May 27, 2026 03:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@andyatkinson