- Update to 3.5.0

* Remove support for Python 3.8
  * Added support for Python 3.12 & 3.13
  * Upgrade to pyasn1 0.5.1+
  * Upgrade to pytest and other dependencies
  * Add RTD config file to silence emailed deprecation warnings
  * Remove get_random_bytes from cryptography backend
  * Do not use utc_now on module level
  * Remove key data (sensitive information) from JWKError exceptions
  * Added possibility to call jwk.construct() with a private RSA key

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python-jose?expand=0&rev=23

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

_multibuild

@@ -0,0 +1,4 @@
+<multibuild>
+  <flavor>test-backend-cryptography</flavor>
+  <flavor>test-backend-native</flavor>
+</multibuild>

python-python-jose.changes

@@ -0,0 +1,121 @@
+-------------------------------------------------------------------
+Wed Sep 10 12:29:34 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Update to 3.5.0
+  * Remove support for Python 3.8
+  * Added support for Python 3.12 & 3.13
+  * Upgrade to pyasn1 0.5.1+
+  * Upgrade to pytest and other dependencies
+  * Add RTD config file to silence emailed deprecation warnings
+  * Remove get_random_bytes from cryptography backend
+  * Do not use utc_now on module level
+  * Remove key data (sensitive information) from JWKError exceptions
+  * Added possibility to call jwk.construct() with a private RSA key
+
+-------------------------------------------------------------------
+Wed Jun 11 05:49:33 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Switch to pyproject macros.
+
+-------------------------------------------------------------------
+Tue May  6 17:27:12 UTC 2025 - Guang Yee <gyee@suse.com>
+
+- Update to 3.4.0
+  * Remove support for Python 3.6 and 3.7
+  * Added support for Python 3.10 and 3.11
+  * Updating CryptographyAESKey::encrypt to generate 96 bit IVs for
+    GCM block cipher mode
+  * Fix for PEM key comparisons caused by line lengths and new lines
+  * Fix for CVE-2024-33664 - JWE limited to 250KiB
+  * Fix for CVE-2024-33663 - signing JWT with public key is now forbidden
+  * Replace usage of deprecated datetime.utcnow() with datetime.now(UTC)
+- Removed patches CVE-2024-33663.patch,  CVE-2024-33664.patch,
+  fix-tests-ecdsa-019.patch, and unpin-deps.patch as they have been
+  incorporated into release 3.4.0
+
+-------------------------------------------------------------------
+Mon Jun  3 07:38:00 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Update CVE-2024-33664.patch with upstream
+  https://github.com/mpdavis/python-jose/pull/352
+  bsc#1223422
+
+-------------------------------------------------------------------
+Tue May  7 09:58:08 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Make python-pycryptodome dependency only required for Factory.
+
+-------------------------------------------------------------------
+Mon May  6 07:11:18 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Add upstream patches:
+   * CVE-2024-33663.patch, bsc#1223417, gh#mpdavis/python-jose#349
+   * CVE-2024-33664.patch, bsc#1223422, gh#mpdavis/python-jose#345
+   * fix-tests-ecdsa-019.patch, gh#mpdavis/python-jose#350
+
+-------------------------------------------------------------------
+Tue Jun 13 12:18:28 UTC 2023 - ecsos <ecsos@opensuse.org>
+
+- Add %{?sle15_python_module_pythons}
+
+-------------------------------------------------------------------
+Sun May 29 19:45:02 UTC 2022 - Ben Greiner <code@bnavigator.de>
+
+- Update to 3.3.0
+  * Remove support for python 2.7 & 3.5
+  * Add support for Python 3.9
+  * Remove PyCrypto backend
+  * Fix deprecation warning from cryptography backend
+- Add rpm subpackages for the extra backend selection.  The missing
+  requires were only discovered because other packages started to
+  fail.
+  * setup.py and README still mention pycrypto and pycryptodome, but
+    it was removed from the code.
+  * Test in flavors
+- Refresh unpin-deps.patch
+
+-------------------------------------------------------------------
+Wed Aug  5 12:58:25 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
+
+- Update to 3.2.0
+  * This will be the last release supporting Python 2.7, 3.5, and the PyCrypto
+    backend.
+  * Use hmac.compare_digest instead of our own constant_time_string_compare #163
+  * Fix `to_dict` output, which should always be JSON encodeable. #139 and #165
+    (fixes #127 and #137)
+  * Require setuptools >= 39.2.0 #167 (fixes #161)
+  * Emit a warning when verifying with a private key #168 (fixes #53 and #142)
+  * Avoid loading python-ecdsa when using the cryptography backend, and pinned
+    python-ecdsa dependency to <0.15 #178
+- Rebase patch unpin-deps.patch
+
+-------------------------------------------------------------------
+Tue Mar 10 09:47:42 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Update to 3.1.0:
+  * Improve JWT.decode() #76 (fixes #75)
+  * ort headers when serializing to allow for headless JWT #136 (fixes #80)
+  * djust dependency handling
+  * se PyCryptodome instead of PyCrypto #83
+  * pdate package dependencies #124 (fixes #158)
+  * void using deprecated methods #85
+  * upport X509 certificates #107
+  * solate and flesh out cryptographic backends to enable independent operation #129 (fixes #114)
+  * emove pyca/cryptography backend's dependency on python-ecdsa #117
+  * Remove pycrypto/dome backends' dependency on python-rsa #121
+  * Make pyca/cryptography backend the preferred backend if multiple backends are present #122
+- Rebase patch unpin-deps.patch
+
+-------------------------------------------------------------------
+Thu Apr 11 05:11:28 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
+
+- Activate test suite, using GitHub archive
+- Add unpin-deps.patch to fix broken installed egg-info,
+  and remove unused dependency on python-future
+- Remove undesirable < comparator in build and runtime dependencies,
+  and remove duplicated dependencies
+
+-------------------------------------------------------------------
+Thu Nov 15 00:12:07 UTC 2018 - Todd R <toddrme2178@gmail.com>
+
+- Initial version

python-python-jose.spec

@@ -0,0 +1,124 @@
+#
+# spec file for package python-python-jose
+#
+# Copyright (c) 2025 SUSE LLC and contributors
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%global flavor @BUILD_FLAVOR@%{nil}
+%if "%{flavor}" == "test-backend-cryptography"
+%define psuffix -%{flavor}
+%bcond_without test
+%bcond_without testcryptography
+%bcond_with    testnative
+%endif
+%if "%{flavor}" == "test-backend-native"
+%define psuffix -%{flavor}
+%bcond_without test
+%bcond_with    testcryptography
+%bcond_without testnative
+%endif
+%if "%{flavor}" == ""
+%define psuffix %{nil}
+%bcond_with    test
+%bcond_with    testcryptography
+%bcond_with    testnative
+%endif
+
+%{?sle15_python_module_pythons}
+Name:           python-python-jose%{psuffix}
+Version:        3.5.0
+Release:        0
+Summary:        JOSE implementation in Python
+License:        MIT
+URL:            https://github.com/mpdavis/python-jose
+Source:         https://files.pythonhosted.org/packages/source/p/python-jose/python_jose-%{version}.tar.gz
+BuildRequires:  %{python_module pip}
+BuildRequires:  %{python_module setuptools >= 39.2.0}
+BuildRequires:  %{python_module wheel}
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
+Requires:       python-ecdsa >= 0.16
+Requires:       python-pyasn1
+Requires:       python-rsa
+BuildArch:      noarch
+%if %{with test}
+# pycryptodome is needed just for one test added in CVE-2024-33663.
+# This package is not in Leap, so do not require for other versions.
+%if 0%{?suse_version} > 1600
+BuildRequires:  %{python_module pycryptodome}
+%endif
+BuildRequires:  %{python_module pytest}
+%if %{with testcryptography}
+BuildRequires:  %{python_module python-jose-cryptography = %{version}}
+%endif
+%if %{with testnative}
+BuildRequires:  %{python_module python-jose = %{version}}
+%endif
+%endif
+# /SECTION
+%python_subpackages
+
+%description
+A JavaScript Object Signing and Encryption (JOSE) technologies
+implementation in Python.
+
+python-jose implements different cryptographic backends.
+Consuming python packages must select the backend as an extra
+when installing python-jose. RPM packages must select the
+corresponding rpm subpackage. If no backend is selected, the
+main package uses the native-python backend.
+
+%package cryptography
+Summary:        JOSE implementation in Python, cryptography extra
+Requires:       %{name} = %{version}-%{release}
+Requires:       python-cryptography >= 3.4.0
+
+%description cryptography
+A JavaScript Object Signing and Encryption (JOSE) technologies
+implementation in Python.
+
+python-jose implements three different cryptographic backends.
+This package provides the python-jose[cryptography] extra.
+
+%prep
+%autosetup -p1 -n python_jose-%{version}
+
+%if ! %{with test}
+%build
+%pyproject_wheel
+
+%install
+%pyproject_install
+%python_expand %fdupes %{buildroot}%{$python_sitelib}
+%endif
+
+%if %{with test}
+%check
+%pytest -rsEf
+%endif
+
+%if ! %{with test}
+%files %{python_files}
+%doc README.rst
+%license LICENSE
+%{python_sitelib}/python_jose-%{version}.dist-info
+%{python_sitelib}/jose
+
+%files %{python_files cryptography}
+%doc README.rst
+%license LICENSE
+%endif
+
+%changelog

python_jose-3.5.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fb4eaa44dbeb1c26dcc69e4bd7ec54a1cb8dd64d3b4d81ef08d90ff453f2b01b
+size 92726