python-djangorestframework-…/python-djangorestframework-simplejwt.changes

-------------------------------------------------------------------
Mon Nov  3 09:29:49 UTC 2025 - Markéta Machová <mmachova@suse.com>

- Update to 5.5.1 (CVE-2024-22513, bsc#1221568)
  * Changed string formatting in views
  * Enhance BlacklistMixin with Generic Type for Accurate Type Inference
  * Improve type of Token.for_user to allow subclasses
  * Fix the Null value of the OutstandingToken of the BlacklistMixin.blacklist
  * Add option to allow inactive user authentication and token generation
  * Add support for EdDSA and other algorithms in jwt.algorithms.requires_cryptography
  * Drop Django <4.2, DRF <3.14, Python <3.9. Note, many deprecated versions are only
    officially not supported but probably still work fine.
  * Add specific "token expired" exceptions
  * Fix user_id type mismatch when user claim is not pk
  * Caching signing key
  * fix: add missing migration for token_blacklist app
  * docs: Add warning in docs for for_user usage
  * feat: log warning if token is being created for inactive user
  * fix: always stringify user_id claim
- Drop fix-tests.patch, merged upstream

-------------------------------------------------------------------
Mon Nov 11 16:58:30 UTC 2024 - Markéta Machová <mmachova@suse.com>

- Add missing dependency

-------------------------------------------------------------------
Fri Jul 19 11:26:13 UTC 2024 - Markéta Machová <mmachova@suse.com>

- Add upstream patch fix-tests.patch to fix tests with Django 5

-------------------------------------------------------------------
Mon Jun 24 04:49:38 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>

- Switch back to PyPi tarball.
- Inject setuptools_scm so we install the correct version number.
- Switch to autosetup macro.
- No more greedy globs in %files.

-------------------------------------------------------------------
Tue Jun 18 14:02:32 UTC 2024 - Markéta Machová <mmachova@suse.com>

- Update to 5.3.1
  * Breaking: Set BLACKLIST_AFTER_ROTATION by default to False
  * Remove EOL Python, Django and DRF version support
  * Remove verify from jwt.decode to follow PyJWT v2.2.0
  * Add blacklist view to log out users
  * Add JWKS support
  * Add back support for PyJWT 1.7.1
  * Allow customizing token JSON encoding
  * Revoke access token if user password is changed
  * Declare support for type checking
  * Many more changes, see CHANGELOG.md
- Drop patch jwt2.patch, included upstream.

-------------------------------------------------------------------
Wed Mar 27 05:20:10 UTC 2024 - Max Lin <mlin@suse.com>

- Add %{?sle15_python_module_pythons}

-------------------------------------------------------------------
Wed Mar 31 14:25:07 UTC 2021 - Markéta Machová <mmachova@suse.com>

- Update to 4.6.0
  * Restored Python 3.7 support
  * Added Indonesian translations
  * Fixed Django 4.0 re_path deprecation
- Add patch jwt2.patch for PyJWT>=2.0.0 support

-------------------------------------------------------------------
Fri Jul 24 07:55:24 UTC 2020 - John Vandenberg <jayvdb@gmail.com>

- Update to v4.4.0
  * Added official support for Python 3.8 and Django 3.0.
  * Added settings for expected audience and issuer claims.
  * Documentation updates.
  * Updated package/python version support
  * Added Chilean Spanish language support.
  * Added Russian language support.

-------------------------------------------------------------------
Fri Sep 13 08:46:31 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>

- Update to 4.3.0:
  * Added JTI_CLAIM setting to allow storing token identifiers under a different claim.
  * We now return HTTP 401 for user not found or inactive.
  * Restricted setup.py config to Python 3 only.
  * Included translation files in release package.

-------------------------------------------------------------------
Tue Apr  9 02:39:36 PM UTC 2019 - John Vandenberg <jayvdb@gmail.com>

- Initial spec for v4.1.3