Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-jwt for openSUSE:Factory checked in at 2024-11-07 16:27:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-jwt (Old) and /work/SRC/openSUSE:Factory/.rubygem-jwt.new.2020 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-jwt" Thu Nov 7 16:27:18 2024 rev:10 rq:1221862 version:2.9.3 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-jwt/rubygem-jwt.changes 2024-06-24 20:57:04.616580051 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-jwt.new.2020/rubygem-jwt.changes 2024-11-07 16:27:52.574868468 +0100 @@ -1,0 +2,70 @@ +Mon Nov 4 16:58:48 UTC 2024 - Dan Äermák <dan.cer...@posteo.net> + +- ## Upcoming breaking changes + +Notable changes in the upcoming **version 3.0**: + +- The indirect dependency to [rbnacl](https://github.com/RubyCrypto/rbnacl) will be removed: + - Support for the nonstandard SHA512256 algorithm will be removed. + - Support for Ed25519 will be moved to a [separate gem](https://github.com/anakinj/jwt-eddsa) for better dependency handling. + +- Base64 decoding will no longer fallback on the looser RFC 2045. + +- Claim verification has been [split into separate classes](https://github.com/jwt/ruby-jwt/pull/605) and has [a new api](https://github.com/jwt/ruby-jwt/pull/626) and lead to the following deprecations: + - The `::JWT::ClaimsValidator` class will be removed in favor of the functionality provided by `::JWT::Claims`. + - The `::JWT::Claims::verify!` method will be removed in favor of `::JWT::Claims::verify_payload!`. + - The `::JWT::JWA.create` method will be removed. No recommended alternatives. + - The `::JWT::Verify` class will be removed in favor of the functionality provided by `::JWT::Claims`. + - Calling `::JWT::Claims::Numeric.new` with a payload will be removed in favor of `::JWT::Claims::verify_payload!(payload, :numeric)`. + - Calling `::JWT::Claims::Numeric.verify!` with a payload will be removed in favor of `::JWT::Claims::verify_payload!(payload, :numeric)`. + +- The internal algorithms were [restructured](https://github.com/jwt/ruby-jwt/pull/607) to support extensions from separate libraries. The changes lead to a few deprecations and new requirements: + - The `sign` and `verify` static methods on all the algorithms (`::JWT::JWA`) will be removed. + - Custom algorithms are expected to include the `JWT::JWA::SigningAlgorithm` module. + +## [v2.9.3](https://github.com/jwt/ruby-jwt/tree/v2.9.3) (2024-10-03) + +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.2...v2.9.3) + +**Fixes and enhancements:** + +- Return truthy value for `::JWT::ClaimsValidator#validate!` and `::JWT::Verify.verify_claims` [#628](https://github.com/jwt/ruby-jwt/pull/628) ([@anakinj](https://github.com/anakinj)) + +## [v2.9.2](https://github.com/jwt/ruby-jwt/tree/v2.9.2) (2024-10-03) + +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.1...v2.9.2) + +**Features:** + +- Standalone claim verification interface [#626](https://github.com/jwt/ruby-jwt/pull/626) ([@anakinj](https://github.com/anakinj)) + +**Fixes and enhancements:** + +- Updated README to correctly document `OpenSSL::HMAC` documentation [#617](https://github.com/jwt/ruby-jwt/pull/617) ([@aedryan](https://github.com/aedryan)) +- Verify JWT header format [#622](https://github.com/jwt/ruby-jwt/pull/622) ([@304](https://github.com/304)) +- Bring back `::JWT::ClaimsValidator`, `::JWT::Verify` and a few other removed interfaces for preserved backwards compatibility [#624](https://github.com/jwt/ruby-jwt/pull/624) ([@anakinj](https://github.com/anakinj)) + +## [v2.9.1](https://github.com/jwt/ruby-jwt/tree/v2.9.1) (2024-09-23) + +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.0...v2.9.1) + +**Fixes and enhancements:** + +- Fix regression in `iss` and `aud` claim validation [#619](https://github.com/jwt/ruby-jwt/pull/619) ([@anakinj](https://github.com/anakinj)) + +## [v2.9.0](https://github.com/jwt/ruby-jwt/tree/v2.9.0) (2024-09-15) + +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.8.2...v2.9.0) + +**Features:** + +- Build and push gem using a GH action [#612](https://github.com/jwt/ruby-jwt/pull/612) ([@anakinj](https://github.com/anakinj)) + +**Fixes and enhancements:** + +- Refactor claim validators into their own classes [#605](https://github.com/jwt/ruby-jwt/pull/605) ([@anakinj](https://github.com/anakinj), [@MatteoPierro](https://github.com/MatteoPierro)) +- Allow extending available algorithms [#607](https://github.com/jwt/ruby-jwt/pull/607) ([@anakinj](https://github.com/anakinj)) +- Do not include the EdDSA algorithm if rbnacl not available [#613](https://github.com/jwt/ruby-jwt/pull/613) ([@anakinj](https://github.com/anakinj)) + + +------------------------------------------------------------------- Old: ---- jwt-2.8.2.gem New: ---- jwt-2.9.3.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-jwt.spec ++++++ --- /var/tmp/diff_new_pack.NSqwtb/_old 2024-11-07 16:27:53.930924890 +0100 +++ /var/tmp/diff_new_pack.NSqwtb/_new 2024-11-07 16:27:53.930924890 +0100 @@ -24,7 +24,7 @@ # Name: rubygem-jwt -Version: 2.8.2 +Version: 2.9.3 Release: 0 %define mod_name jwt %define mod_full_name %{mod_name}-%{version} ++++++ jwt-2.8.2.gem -> jwt-2.9.3.gem ++++++ ++++ 1779 lines of diff (skipped)
