Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-jwt for openSUSE:Factory checked in at 2022-02-07 23:37:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-jwt (Old) and /work/SRC/openSUSE:Factory/.rubygem-jwt.new.1898 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-jwt" Mon Feb 7 23:37:44 2022 rev:5 rq:949085 version:2.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-jwt/rubygem-jwt.changes 2021-07-02 13:28:37.492221594 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-jwt.new.1898/rubygem-jwt.changes 2022-02-07 23:38:46.402164058 +0100 @@ -1,0 +2,7 @@ +Tue Jan 25 07:07:43 UTC 2022 - Stephan Kulow <[email protected]> + +updated to version 2.3.0 + see installed CHANGELOG.md + + +------------------------------------------------------------------- Old: ---- jwt-2.2.3.gem New: ---- jwt-2.3.0.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-jwt.spec ++++++ --- /var/tmp/diff_new_pack.NccQSX/_old 2022-02-07 23:38:46.850160992 +0100 +++ /var/tmp/diff_new_pack.NccQSX/_new 2022-02-07 23:38:46.854160966 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-jwt # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-jwt -Version: 2.2.3 +Version: 2.3.0 Release: 0 %define mod_name jwt %define mod_full_name %{mod_name}-%{version} ++++++ jwt-2.2.3.gem -> jwt-2.3.0.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.github/workflows/test.yml new/.github/workflows/test.yml --- old/.github/workflows/test.yml 2021-04-20 01:27:31.000000000 +0200 +++ new/.github/workflows/test.yml 2021-10-04 00:10:25.000000000 +0200 @@ -31,7 +31,7 @@ - 2.5 - 2.6 - 2.7 - - 3.0 + - "3.0" gemfile: - gemfiles/standalone.gemfile - gemfiles/openssl.gemfile diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.rubocop_todo.yml new/.rubocop_todo.yml --- old/.rubocop_todo.yml 2021-04-20 01:27:31.000000000 +0200 +++ new/.rubocop_todo.yml 2021-10-04 00:10:25.000000000 +0200 @@ -136,12 +136,6 @@ # Offense count: 1 # Cop supports --auto-correct. -Style/MultilineIfModifier: - Exclude: - - 'spec/integration/readme_examples_spec.rb' - -# Offense count: 1 -# Cop supports --auto-correct. Style/MutableConstant: Exclude: - 'lib/jwt/version.rb' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AUTHORS new/AUTHORS --- old/AUTHORS 2021-04-20 01:27:31.000000000 +0200 +++ new/AUTHORS 2021-10-04 00:10:25.000000000 +0200 @@ -8,94 +8,105 @@ Egon Zemmer Zane Shannon Nikita Shatov -Oliver Paul Battley +Oliver blackanger Adam Michael +James Stonehill Ville Lautanala Tyler Pickett -James Stonehill Peter M. Goldstein Martin Emde -Richard Larocque Korstiaan de Ridder -Klaas Jan Wierenga -Antonis Berkakis -Steve Sloan -Yason Khaburzaniya +Richard Larocque +Andrew Davis Bill Mill +Yason Khaburzaniya +Steve Sloan +Nick Hammond +Antonis Berkakis +Klaas Jan Wierenga +yann ARMAND +Brian Flethcer +Erik Michaels-Ober +Jurriaan Pruis +Kevin Olbrich +Larry Lv +Rodrigo L??pez Dato +Simon Fish +Steven Davidovitz +Tom Wey jb08 lukas -Rodrigo L??pez Dato ojab sawyerzhang -Kevin Olbrich smudge wohlgejm -Tom Wey -yann ARMAND -Brian Flethcer -Erik Michaels-Ober -Steven Davidovitz -Jurriaan Pruis -Larry Lv +Julio Lopez +Katelyn Kasperowicz +fusagiko/takayamaki +Dorian Mari?? +rono23 +Leonardo Saraiva +Lowell Kirsh +Lucas Mazza +Makoto Chiba +Manuel Bustillo +Marco Adkins +Dave Grijalva +Micah Gates +Micha?? Begejowicz +Mike Eirih +Mike Pastore Mingan Mitch Birti +Dan Leyden Nicolas Leger +Brandon Keepers +Bouke van der Bijl +B +Pierre Michard +RahulBajaj +Austin Kabiru +Ritikesh Rob Wygand +Adam Greene Ryan Brushett Ryan McIlmoyl Ryan Metzler +Severin Schoepke +Shaun Guth +mai fujii +Artsiom Kuts Steve Teti +nycvotes-dev T.J. Schuck Taiki Sugawara Takehiro Adachi +Arnaud Mesureur Tobias Haar Toby Pinder +revodoge Tom?? Duarte Travis Hunter +Ariel Salomon +Aman Gupta +Alexandr Kostrikov Yuji Yaginuma +Alexander Boyd Zuzanna Stoli??ska aarongray -danielgrippi -nycvotes-dev -revodoge -rono23 -RahulBajaj -Adam Greene -Alexander Boyd -Alexandr Kostrikov -Aman Gupta -Ariel Salomon -Arnaud Mesureur -Artsiom Kuts -Austin Kabiru -B -Brandon Keepers -Dan Leyden -Dave Grijalva -Dorian Mari?? -Ernie Miller -Evgeni Golov -Ewoud Kohl van Wijngaarden HoneyryderChuck Igor Victor Ilyaaaaaaaaaaaaa Zhitomirskiy +Ewoud Kohl van Wijngaarden +Evgeni Golov Jens Hausherr Jeremiah Wuenschel +Ernie Miller John Downey Jordan Brough Josh Bodah JotaSe Juanito Fatas -Julio Lopez -Katelyn Kasperowicz -Lowell Kirsh -Lucas Mazza -Makoto Chiba -Manuel Bustillo -Marco Adkins -Micah Gates -Micha?? Begejowicz -Mike Eirih -Mike Pastore +danielgrippi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md 2021-04-20 01:27:31.000000000 +0200 +++ new/CHANGELOG.md 2021-10-04 00:10:25.000000000 +0200 @@ -1,8 +1,42 @@ # Changelog -## [2.2.3](https://github.com/jwt/ruby-jwt/tree/2.2.3) (2021-04-19) +## [v2.3.0](https://github.com/jwt/ruby-jwt/tree/v2.3.0) (2021-10-03) -[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.2...2.2.3) +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.3...v2.3.0) + +**Closed issues:** + +- \[SECURITY\] Algorithm Confusion Through kid Header [\#440](https://github.com/jwt/ruby-jwt/issues/440) +- JWT to memory [\#436](https://github.com/jwt/ruby-jwt/issues/436) +- ArgumentError: wrong number of arguments \(given 2, expected 1\) [\#429](https://github.com/jwt/ruby-jwt/issues/429) +- HMAC section of README outdated [\#421](https://github.com/jwt/ruby-jwt/issues/421) +- NoMethodError: undefined method `zero?' for nil:NilClass if JWT has no 'alg' field [\#410](https://github.com/jwt/ruby-jwt/issues/410) +- Release new version [\#409](https://github.com/jwt/ruby-jwt/issues/409) +- NameError: uninitialized constant JWT::JWK [\#403](https://github.com/jwt/ruby-jwt/issues/403) + +**Merged pull requests:** + +- Fix Style/MultilineIfModifier issues [\#447](https://github.com/jwt/ruby-jwt/pull/447) ([anakinj](https://github.com/anakinj)) +- feat\(EdDSA\): Accept EdDSA as algorithm header [\#446](https://github.com/jwt/ruby-jwt/pull/446) ([Pierre-Michard](https://github.com/Pierre-Michard)) +- Pass kid param through JWT::JWK.create\_from [\#445](https://github.com/jwt/ruby-jwt/pull/445) ([shaun-guth-allscripts](https://github.com/shaun-guth-allscripts)) +- fix document about passing JWKs as a simple Hash [\#443](https://github.com/jwt/ruby-jwt/pull/443) ([takayamaki](https://github.com/takayamaki)) +- Tests for mixing JWK keys with mismatching algorithms [\#441](https://github.com/jwt/ruby-jwt/pull/441) ([anakinj](https://github.com/anakinj)) +- verify\_claims test shouldnt be within the verify\_sub test [\#431](https://github.com/jwt/ruby-jwt/pull/431) ([andyjdavis](https://github.com/andyjdavis)) +- Allow decode options to specify required claims [\#430](https://github.com/jwt/ruby-jwt/pull/430) ([andyjdavis](https://github.com/andyjdavis)) +- Fix OpenSSL::PKey::EC public\_key handing in tests [\#427](https://github.com/jwt/ruby-jwt/pull/427) ([anakinj](https://github.com/anakinj)) +- Add documentation for find\_key [\#426](https://github.com/jwt/ruby-jwt/pull/426) ([ritikesh](https://github.com/ritikesh)) +- Give ruby 3.0 as a string to avoid number formatting issues [\#424](https://github.com/jwt/ruby-jwt/pull/424) ([anakinj](https://github.com/anakinj)) +- Tests for iat verification behaviour [\#423](https://github.com/jwt/ruby-jwt/pull/423) ([anakinj](https://github.com/anakinj)) +- Remove HMAC with nil secret from documentation [\#422](https://github.com/jwt/ruby-jwt/pull/422) ([boardfish](https://github.com/boardfish)) +- Update broken link in README [\#420](https://github.com/jwt/ruby-jwt/pull/420) ([severin](https://github.com/severin)) +- Add metadata for RubyGems [\#418](https://github.com/jwt/ruby-jwt/pull/418) ([nickhammond](https://github.com/nickhammond)) +- Fixed a typo about class name [\#417](https://github.com/jwt/ruby-jwt/pull/417) ([mai-f](https://github.com/mai-f)) +- Fix references for v2.2.3 on CHANGELOG [\#416](https://github.com/jwt/ruby-jwt/pull/416) ([vyper](https://github.com/vyper)) +- Raise IncorrectAlgorithm if token has no alg header [\#411](https://github.com/jwt/ruby-jwt/pull/411) ([bouk](https://github.com/bouk)) + +## [v2.2.3](https://github.com/jwt/ruby-jwt/tree/v2.2.3) (2021-04-19) + +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.2...v2.2.3) **Implemented enhancements:** @@ -31,6 +65,7 @@ **Merged pull requests:** +- Prepare 2.2.3 release [\#415](https://github.com/jwt/ruby-jwt/pull/415) ([excpt](https://github.com/excpt)) - Remove codeclimate code coverage dev dependency [\#414](https://github.com/jwt/ruby-jwt/pull/414) ([excpt](https://github.com/excpt)) - Add forwardable dependency [\#408](https://github.com/jwt/ruby-jwt/pull/408) ([anakinj](https://github.com/anakinj)) - Ignore casing of algorithm [\#405](https://github.com/jwt/ruby-jwt/pull/405) ([johnnyshields](https://github.com/johnnyshields)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-04-20 01:27:31.000000000 +0200 +++ new/README.md 2021-10-04 00:10:25.000000000 +0200 @@ -38,7 +38,7 @@ ## Algorithms and Usage -The JWT spec supports NONE, HMAC, RSASSA, ECDSA and RSASSA-PSS algorithms for cryptographic signing. Currently the jwt gem supports NONE, HMAC, RSASSA and ECDSA. If you are using cryptographic signing, you need to specify the algorithm in the options hash whenever you call JWT.decode to ensure that an attacker [cannot bypass the algorithm verification step](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/). **It is strongly recommended that you hard code the algorithm, as you may leave yourself vulnerable by dynamically picking the algorithm** +The JWT spec supports NONE, HMAC, RSASSA, ECDSA and RSASSA-PSS algorithms for cryptographic signing. Currently the jwt gem supports NONE, HMAC, RSASSA and ECDSA. If you are using cryptographic signing, you need to specify the algorithm in the options hash whenever you call JWT.decode to ensure that an attacker [cannot bypass the algorithm verification step](https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/). **It is strongly recommended that you hard code the algorithm, as you may leave yourself vulnerable by dynamically picking the algorithm** See: [ JSON Web Algorithms (JWA) 3.1. "alg" (Algorithm) Header Parameter Values for JWS](https://tools.ietf.org/html/rfc7518#section-3.1) @@ -76,6 +76,7 @@ * HS512 - HMAC using SHA-512 hash algorithm ```ruby +# The secret must be a string. A JWT::DecodeError will be raised if it isn't provided. hmac_secret = 'my$ecretK3y' token = JWT.encode payload, hmac_secret, 'HS256' @@ -91,21 +92,6 @@ # {"alg"=>"HS256"} # header # ] puts decoded_token - -# Without secret key -token = JWT.encode payload, nil, 'HS256' - -# eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoidGVzdCJ9.pVzcY2dX8JNM3LzIYeP2B1e1Wcpt1K3TWVvIYSF4x-o -puts token - -decoded_token = JWT.decode token, nil, true, { algorithm: 'HS256' } - -# Array -# [ -# {"data"=>"test"}, # payload -# {"alg"=>"HS256"} # header -# ] -puts decoded_token ``` Note: If [RbNaCl](https://github.com/cryptosphere/rbnacl) is loadable, ruby-jwt will use it for HMAC-SHA256, HMAC-SHA512-256, and HMAC-SHA512. RbNaCl enforces a maximum key size of 32 bytes for these algorithms. @@ -474,12 +460,42 @@ end ``` +### Finding a Key + +To dynamically find the key for verifying the JWT signature, pass a block to the decode block. The block receives headers and the original payload as parameters. It should return with the key to verify the signature that was used to sign the JWT. + +```ruby +issuers = %w[My_Awesome_Company1 My_Awesome_Company2] +iss_payload = { data: 'data', iss: issuers.first } + +secrets = { issuers.first => hmac_secret, issuers.last => 'hmac_secret2' } + +token = JWT.encode iss_payload, hmac_secret, 'HS256' + +begin + # Add iss to the validation to check if the token has been manipulated + decoded_token = JWT.decode(token, nil, true, { iss: issuers, verify_iss: true, algorithm: 'HS256' }) do |_headers, payload| + secrets[payload['iss']] + end +rescue JWT::InvalidIssuerError + # Handle invalid token, e.g. logout user or deny access +end +``` + +### Required Claims + +You can specify claims that must be present for decoding to be successful. JWT::MissingRequiredClaim will be raised if any are missing +```ruby +# Will raise a JWT::ExpiredSignature error if the 'exp' claim is absent +JWT.decode token, hmac_secret, true, { required_claims: ['exp'], algorithm: 'HS256' } +``` + ### JSON Web Key (JWK) JWK is a JSON structure representing a cryptographic key. Currently only supports RSA public keys. ```ruby -jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048)) +jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), "optional-kid") payload, headers = { data: 'data' }, { kid: jwk.kid } token = JWT.encode(payload, jwk.keypair, 'RS512', headers) @@ -502,7 +518,7 @@ or by passing JWK as a simple Hash ``` -jwks = { keys: [{ ... }] } # keys needs to be Symbol +jwks = { keys: [{ ... }] } # keys accepts both of string and symbol JWT.decode(token, nil, true, { algorithms: ['RS512'], jwks: jwks}) ``` Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/algos/eddsa.rb new/lib/jwt/algos/eddsa.rb --- old/lib/jwt/algos/eddsa.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/algos/eddsa.rb 2021-10-04 00:10:25.000000000 +0200 @@ -3,18 +3,25 @@ module Eddsa module_function - SUPPORTED = %w[ED25519].freeze + SUPPORTED = %w[ED25519 EdDSA].freeze def sign(to_sign) algorithm, msg, key = to_sign.values - raise EncodeError, "Key given is a #{key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey" if key.class != RbNaCl::Signatures::Ed25519::SigningKey - raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key.primitive} signing key was provided" if algorithm.downcase.to_sym != key.primitive + if key.class != RbNaCl::Signatures::Ed25519::SigningKey + raise EncodeError, "Key given is a #{key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey" + end + unless SUPPORTED.map(&:downcase).map(&:to_sym).include?(algorithm.downcase.to_sym) + raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key.primitive} signing key was provided" + end + key.sign(msg) end def verify(to_verify) algorithm, public_key, signing_input, signature = to_verify.values - raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{public_key.primitive} verification key was provided" if algorithm.downcase.to_sym != public_key.primitive + unless SUPPORTED.map(&:downcase).map(&:to_sym).include?(algorithm.downcase.to_sym) + raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key.primitive} signing key was provided" + end raise DecodeError, "key given is a #{public_key.class} but has to be a RbNaCl::Signatures::Ed25519::VerifyKey" if public_key.class != RbNaCl::Signatures::Ed25519::VerifyKey public_key.verify(signature, signing_input) end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/decode.rb new/lib/jwt/decode.rb --- old/lib/jwt/decode.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/decode.rb 2021-10-04 00:10:25.000000000 +0200 @@ -34,6 +34,7 @@ def verify_signature raise(JWT::IncorrectAlgorithm, 'An algorithm must be specified') if allowed_algorithms.empty? + raise(JWT::IncorrectAlgorithm, 'Token is missing alg header') unless header['alg'] raise(JWT::IncorrectAlgorithm, 'Expected a different algorithm') unless options_includes_algo_in_header? @key = find_key(&@keyfinder) if @keyfinder @@ -70,6 +71,7 @@ def verify_claims Verify.verify_claims(payload, @options) + Verify.verify_required_claims(payload, @options) end def validate_segment_count! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/default_options.rb new/lib/jwt/default_options.rb --- old/lib/jwt/default_options.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/default_options.rb 2021-10-04 00:10:25.000000000 +0200 @@ -9,7 +9,8 @@ verify_aud: false, verify_sub: false, leeway: 0, - algorithms: ['HS256'] + algorithms: ['HS256'], + required_claims: [] }.freeze end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/error.rb new/lib/jwt/error.rb --- old/lib/jwt/error.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/error.rb 2021-10-04 00:10:25.000000000 +0200 @@ -15,6 +15,7 @@ class InvalidSubError < DecodeError; end class InvalidJtiError < DecodeError; end class InvalidPayload < DecodeError; end + class MissingRequiredClaim < DecodeError; end class JWKError < DecodeError; end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/jwk/ec.rb new/lib/jwt/jwk/ec.rb --- old/lib/jwt/jwk/ec.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/jwk/ec.rb 2021-10-04 00:10:25.000000000 +0200 @@ -66,7 +66,7 @@ crv = 'P-521' x_octets, y_octets = encoded_point.unpack('xa66a66') else - raise Jwt::JWKError, "Unsupported curve '#{ec_keypair.group.curve_name}'" + raise JWT::JWKError, "Unsupported curve '#{ec_keypair.group.curve_name}'" end [crv, x_octets, y_octets] end @@ -85,7 +85,7 @@ # explanation of the relevant parameters. jwk_crv, jwk_x, jwk_y, jwk_d, jwk_kid = jwk_attrs(jwk_data, %i[crv x y d kid]) - raise Jwt::JWKError, 'Key format is invalid for EC' unless jwk_crv && jwk_x && jwk_y + raise JWT::JWKError, 'Key format is invalid for EC' unless jwk_crv && jwk_x && jwk_y new(ec_pkey(jwk_crv, jwk_x, jwk_y, jwk_d), jwk_kid) end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/jwk.rb new/lib/jwt/jwk.rb --- old/lib/jwt/jwk.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/jwk.rb 2021-10-04 00:10:25.000000000 +0200 @@ -14,10 +14,10 @@ end.import(jwk_data) end - def create_from(keypair) + def create_from(keypair, kid = nil) mappings.fetch(keypair.class) do |klass| raise JWT::JWKError, "Cannot create JWK from a #{klass.name}" - end.new(keypair) + end.new(keypair, kid) end def classes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/verify.rb new/lib/jwt/verify.rb --- old/lib/jwt/verify.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/verify.rb 2021-10-04 00:10:25.000000000 +0200 @@ -10,7 +10,7 @@ }.freeze class << self - %w[verify_aud verify_expiration verify_iat verify_iss verify_jti verify_not_before verify_sub].each do |method_name| + %w[verify_aud verify_expiration verify_iat verify_iss verify_jti verify_not_before verify_sub verify_required_claims].each do |method_name| define_method method_name do |payload, options| new(payload, options).send(method_name) end @@ -81,6 +81,13 @@ raise(JWT::InvalidSubError, "Invalid subject. Expected #{options_sub}, received #{sub || '<none>'}") unless sub.to_s == options_sub.to_s end + def verify_required_claims + return unless (options_required_claims = @options[:required_claims]) + options_required_claims.each do |required_claim| + raise(JWT::MissingRequiredClaim, "Missing required claim #{required_claim}") unless @payload.include?(required_claim) + end + end + private def global_leeway diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/jwt/version.rb new/lib/jwt/version.rb --- old/lib/jwt/version.rb 2021-04-20 01:27:31.000000000 +0200 +++ new/lib/jwt/version.rb 2021-10-04 00:10:25.000000000 +0200 @@ -12,9 +12,9 @@ # major version MAJOR = 2 # minor version - MINOR = 2 + MINOR = 3 # tiny version - TINY = 3 + TINY = 0 # alpha, beta, etc. tag PRE = nil diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2021-04-20 01:27:31.000000000 +0200 +++ new/metadata 2021-10-04 00:10:25.000000000 +0200 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: jwt version: !ruby/object:Gem::Version - version: 2.2.3 + version: 2.3.0 platform: ruby authors: - Tim Rudat autorequire: bindir: bin cert_chain: [] -date: 2021-04-19 00:00:00.000000000 Z +date: 2021-10-03 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: appraisal @@ -130,7 +130,9 @@ homepage: https://github.com/jwt/ruby-jwt licenses: - MIT -metadata: {} +metadata: + bug_tracker_uri: https://github.com/jwt/ruby-jwt/issues + changelog_uri: https://github.com/jwt/ruby-jwt/blob/v2.3.0/CHANGELOG.md post_install_message: rdoc_options: [] require_paths: @@ -146,7 +148,7 @@ - !ruby/object:Gem::Version version: '0' requirements: [] -rubygems_version: 3.2.16 +rubygems_version: 3.2.19 signing_key: specification_version: 4 summary: JSON Web Token implementation in Ruby diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ruby-jwt.gemspec new/ruby-jwt.gemspec --- old/ruby-jwt.gemspec 2021-04-20 01:27:31.000000000 +0200 +++ new/ruby-jwt.gemspec 2021-10-04 00:10:25.000000000 +0200 @@ -14,6 +14,10 @@ spec.homepage = 'https://github.com/jwt/ruby-jwt' spec.license = 'MIT' spec.required_ruby_version = '>= 2.1' + spec.metadata = { + 'bug_tracker_uri' => 'https://github.com/jwt/ruby-jwt/issues', + 'changelog_uri' => "https://github.com/jwt/ruby-jwt/blob/v#{JWT.gem_version}/CHANGELOG.md"; + } spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(spec|gemfiles|coverage|bin)/}) } spec.executables = []
