Skip to content

build(deps): bump joserfc from 1.6.4 to 1.6.8 in /backend#6696

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/backend/joserfc-1.6.8
Open

build(deps): bump joserfc from 1.6.4 to 1.6.8 in /backend#6696
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/backend/joserfc-1.6.8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026
edited
Loading

Bumps joserfc from 1.6.4 to 1.6.8.

Release notes

Sourced from joserfc's releases.

1.6.8

  • Reject empty OctKey.

Full Changelog: authlib/joserfc@1.6.7...1.6.8

1.6.7

   🐞 Bug Fixes

    View changes on GitHub

1.6.5

No significant changes

    View changes on GitHub
Changelog

Sourced from joserfc's changelog.

1.6.8

Released on May 27, 2026

  • Reject empty OctKey.

1.6.7

Released on May 23, 2026

  • Update for type hints.

1.6.6

Released on May 18, 2026

  • JWS: validate payload size when b64=false.

1.6.5

Released on May 3, 2026

  • JWS: increase registry's payload max size.
Commits
  • ea1d9e3 chore: release 1.6.8
  • 86d0091 Reject empty oct key material and empty HMAC keys at sign/verify entry
  • 1e5b94d chore: release 1.6.7
  • 75d9f95 fix(typing): use cast for type hints
  • 6d24037 Merge pull request #98 from jonathangreen/algorithms-accept-collection
  • 102a7a7 fix(typing): accept any Collection for algorithms, not just list
  • 8b869e8 chore: release 1.6.6
  • 00d599b chore: update actions
  • 9186561 Merge pull request #97 from authlib/fix-b64
  • 4d4ea2e fix(jws): validate payload size for b64=false
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/uv/backend/joserfc-1.6.8 branch from 89ab76c to 814523f Compare June 1, 2026 23:58
@dependabot
build(deps): bump joserfc from 1.6.4 to 1.6.8 in /backend
b4b3a6d 
Bumps [joserfc](https://github.com/authlib/joserfc) from 1.6.4 to 1.6.8.
- [Release notes](https://github.com/authlib/joserfc/releases)
- [Changelog](https://github.com/authlib/joserfc/blob/1.6.8/docs/changelog.rst)
- [Commits](authlib/joserfc@1.6.4...1.6.8)

---
updated-dependencies:
- dependency-name: joserfc
  dependency-version: 1.6.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/backend/joserfc-1.6.8 branch from 814523f to b4b3a6d Compare June 2, 2026 08:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants