Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-djangorestframework-simplejwt
for openSUSE:Factory checked in at 2025-11-03 18:56:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-djangorestframework-simplejwt (Old)
and
/work/SRC/openSUSE:Factory/.python-djangorestframework-simplejwt.new.1980 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-djangorestframework-simplejwt"
Mon Nov 3 18:56:15 2025 rev:9 rq:1315319 version:5.5.1
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-djangorestframework-simplejwt/python-djangorestframework-simplejwt.changes
2024-11-12 19:22:53.171147956 +0100
+++
/work/SRC/openSUSE:Factory/.python-djangorestframework-simplejwt.new.1980/python-djangorestframework-simplejwt.changes
2025-11-03 18:56:34.985269352 +0100
@@ -1,0 +2,21 @@
+Mon Nov 3 09:29:49 UTC 2025 - Markéta Machová <[email protected]>
+
+- Update to 5.5.1 (CVE-2024-22513, bsc#1221568)
+ * Changed string formatting in views
+ * Enhance BlacklistMixin with Generic Type for Accurate Type Inference
+ * Improve type of Token.for_user to allow subclasses
+ * Fix the Null value of the OutstandingToken of the BlacklistMixin.blacklist
+ * Add option to allow inactive user authentication and token generation
+ * Add support for EdDSA and other algorithms in
jwt.algorithms.requires_cryptography
+ * Drop Django <4.2, DRF <3.14, Python <3.9. Note, many deprecated versions
are only
+ officially not supported but probably still work fine.
+ * Add specific "token expired" exceptions
+ * Fix user_id type mismatch when user claim is not pk
+ * Caching signing key
+ * fix: add missing migration for token_blacklist app
+ * docs: Add warning in docs for for_user usage
+ * feat: log warning if token is being created for inactive user
+ * fix: always stringify user_id claim
+- Drop fix-tests.patch, merged upstream
+
+-------------------------------------------------------------------
Old:
----
djangorestframework_simplejwt-5.3.1.tar.gz
fix-tests.patch
New:
----
djangorestframework_simplejwt-5.5.1.tar.gz
----------(Old B)----------
Old: * fix: always stringify user_id claim
- Drop fix-tests.patch, merged upstream
----------(Old E)----------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-djangorestframework-simplejwt.spec ++++++
--- /var/tmp/diff_new_pack.3LDrEg/_old 2025-11-03 18:56:35.537292380 +0100
+++ /var/tmp/diff_new_pack.3LDrEg/_new 2025-11-03 18:56:35.541292547 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-djangorestframework-simplejwt
#
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,14 +18,12 @@
%{?sle15_python_module_pythons}
Name: python-djangorestframework-simplejwt
-Version: 5.3.1
+Version: 5.5.1
Release: 0
Summary: JSON Web Token authentication for Django REST Framework
License: MIT
URL: https://github.com/davesque/django-rest-framework-simplejwt
Source:
https://files.pythonhosted.org/packages/source/d/djangorestframework-simplejwt/djangorestframework_simplejwt-%{version}.tar.gz
-# PATCH-FIX-UPSTREAM
https://github.com/jazzband/djangorestframework-simplejwt/pull/769 Fix tests
-Patch0: fix-tests.patch
BuildRequires: %{python_module Django}
BuildRequires: %{python_module PyJWT}
BuildRequires: %{python_module cryptography}
++++++ djangorestframework_simplejwt-5.3.1.tar.gz ->
djangorestframework_simplejwt-5.5.1.tar.gz ++++++
++++ 6096 lines of diff (skipped)
