Jan 2023 Jazz Master merge

.github/dependabot.yaml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    assignees:
+      - "djangorestframework-simplejwt"
+    labels:
+      - "dependencies"

.github/workflows/i18n.yml

@@ -0,0 +1,48 @@
+name: Update locale files
+
+on:
+  push:
+    branches:
+      - main
+      - master
+
+jobs:
+  locale-updater:
+    permissions:
+      pull-requests: write
+      contents: write
+    if: github.repository == 'jazzband/djangorestframework-simplejwt'
+    name: Locale updater
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Checkout Repository
+        uses: actions/checkout@v5
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+          cache: 'pip'
+          cache-dependency-path: setup.py
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get install -y gettext 
+          python -m pip install --upgrade pip wheel setuptools
+          pip install -e .[dev]
+
+      - name: Run locale Update Script
+        working-directory:
+          rest_framework_simplejwt
+        run: python ../scripts/i18n_updater.py
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v7
+        with:
+          branch: i18n-auto-update
+          title: "[i18n] Update"
+          body: "Updated locale files on trunk"
+          commit-message: "Update locale files"
+          add-paths: rest_framework_simplejwt/locale/**
+          delete-branch: true

.github/workflows/release.yml

@@ -11,19 +11,28 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
       - name: Set up Python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
-          python-version: 3.8
+          python-version: '3.9'
 
       - name: Install dependencies
         run: |
+          sudo apt-get install -y gettext 
           python -m pip install -U pip
           python -m pip install -U setuptools twine wheel
+          pip install -e .[dev]
+
+      - name: Check locale
+        working-directory: rest_framework_simplejwt
+        run: |
+          echo "Checking if locale files need updating. If they do, cd rest_framework_simplejwt && run python ../scripts/i18n_updater.py"
+          python ../scripts/i18n_updater.py
+          git diff --exit-code
 
       - name: Build package
         run: |
@@ -33,7 +42,7 @@ jobs:
 
       - name: Upload packages to Jazzband
         if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
-        uses: pypa/gh-action-pypi-publish@master
+        uses: pypa/gh-action-pypi-publish@release/v1
         with:
           user: jazzband
           password: ${{ secrets.JAZZBAND_RELEASE_KEY }}

.github/workflows/test.yml

@@ -15,26 +15,20 @@ jobs:
       fail-fast: false
       max-parallel: 5
       matrix:
-        python-version: ['3.7', '3.8', '3.9', '3.10']
-        django-version: ['2.2', '3.1', '3.2', 'main']
-        drf-version: ['3.10', '3.11', '3.12']
+        python-version: ['3.9', '3.10', '3.11', '3.12', '3.13']
+        django-version: ['4.2', '5.0', '5.1', '5.2']
+        drf-version: ['3.14', '3.15']
         exclude:
-          - python-version: '3.7'
-            django-version: 'main'
-          - python-version: '3.8'
-            django-version: 'main'
-          - django-version: '3.1'
-            drf-version: '3.10'
-          - python-version: '3.10'
-            django-version: '2.2'
-          - python-version: '3.10'
-            django-version: '3.1'
+          - drf-version: '3.14'
+            django-version: '5.0'
+          - drf-version: '3.14'
+            django-version: '5.1'
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v5
 
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v2
+      uses: actions/setup-python@v5
       with:
         python-version: ${{ matrix.python-version }}
 
@@ -44,7 +38,7 @@ jobs:
         echo "::set-output name=dir::$(pip cache dir)"
 
     - name: Cache
-      uses: actions/cache@v2
+      uses: actions/cache@v4
       with:
         path: ${{ steps.pip-cache.outputs.dir }}
         key:
@@ -65,6 +59,6 @@ jobs:
         DRF: ${{ matrix.drf-version }}
 
     - name: Upload coverage
-      uses: codecov/codecov-action@v1
+      uses: codecov/codecov-action@v5
       with:
         name: Python ${{ matrix.python-version }}

.pre-commit-config.yaml

@@ -1,24 +1,24 @@
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: 'v4.0.1'
+  rev: 'v5.0.0'
   hooks:
   - id: check-merge-conflict
+- repo: https://github.com/astral-sh/ruff-pre-commit
+  rev: v0.12.4
+  hooks:
+  - id: ruff
+    types_or: [ python, pyi ]
+    args: [--select, I, --fix,]
+    files: "^tests/|^rest_framework_simplejwt/"
+  - id: ruff-format
+    types_or: [python, pyi]
+    files: "^tests/|^rest_framework_simplejwt/"
 - repo: https://github.com/asottile/yesqa
-  rev: v1.2.3
+  rev: v1.5.0
   hooks:
   - id: yesqa
-- repo: https://github.com/pycqa/isort
-  rev: '5.9.3'
-  hooks:
-  - id: isort
-    args: ["--profile", "black"]
-- repo: https://github.com/psf/black
-  rev: '21.9b0'
-  hooks:
-  - id: black
-    language_version: python3 # Should be a command that runs python3.6+
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: 'v4.0.1'
+  rev: 'v5.0.0'
   hooks:
   - id: end-of-file-fixer
     exclude: >-
@@ -48,12 +48,12 @@ repos:
   - id: detect-private-key
     exclude: ^tests/
 - repo: https://github.com/asottile/pyupgrade
-  rev: 'v2.28.0'
+  rev: 'v3.20.0'
   hooks:
   - id: pyupgrade
-    args: ['--py37-plus', '--keep-mock']
+    args: ['--py39-plus', '--keep-mock']
 
-- repo: git://github.com/Lucas-C/pre-commit-hooks-markup
+- repo: https://github.com/Lucas-C/pre-commit-hooks-markup
   rev: v1.0.1
   hooks:
   - id: rst-linter

.readthedocs.yml

@@ -2,15 +2,17 @@ version: 2
 
 # Set the version of Python and other tools you might need
 build:
-  os: ubuntu-20.04
+  os: ubuntu-22.04
   tools:
-    python: "3.9"
+    python: "3.12"
 
 python:
   install:
   # Install dependencies from setup.py .
-    - method: setuptools
+    - method: pip
       path: .
+      extra_requirements:
+        - dev
 
 # Build documentation in the docs/ directory with Sphinx
 sphinx:

CHANGELOG.md

@@ -1,4 +1,127 @@
-## Unreleased
+## 5.5.1
+
+Missing Migration for rest_framework_simplejwt.token_blacklist app. A previously missing migration (0013_blacklist) has now been added. This issue arose because the migration file was mistakenly not generated earlier. This migration was never part of an official release, but users following the latest master branch may have encountered it.
+
+**Notes for Users**
+If you previously ran makemigrations in production and have a 0013_blacklist migration in your django_migrations table, follow these steps before upgrading:
+
+1. Roll back to the last known migration:
+```bash
+python manage.py migrate rest_framework_simplejwt.token_blacklist 0012
+```
+2. Upgrade djangorestframework-simplejwt to the latest version.
+3. Apply the migrations correctly:
+```bash
+python manage.py migrate
+```
+**Important**: If other migrations depend on 0013_blacklist, be cautious when removing it. You may need to adjust or regenerate dependent migrations to ensure database integrity.
+
+* fix:  add missing migration for token_blacklist app by @juanbailon in https://github.com/jazzband/djangorestframework-simplejwt/pull/894
+* :globe_with_meridians: Fix typos and improve clarity in es_AR translations by @fabianfalon in https://github.com/jazzband/djangorestframework-simplejwt/pull/876
+* docs: Add warning in docs for `for_user` usage by @vgrozdanic in https://github.com/jazzband/djangorestframework-simplejwt/pull/872
+* feat: log warning if token is being created for inactive user by @vgrozdanic in https://github.com/jazzband/djangorestframework-simplejwt/pull/873
+* ref: full tracebacks on exceptions by @vgrozdanic in https://github.com/jazzband/djangorestframework-simplejwt/pull/870
+* #858 New i18n messages by @Cloves23 in https://github.com/jazzband/djangorestframework-simplejwt/pull/879
+* Repair the type annotations in the TokenViewBase class. by @triplepoint in https://github.com/jazzband/djangorestframework-simplejwt/pull/880
+* fix: Token.outstand forces users to install blacklist app by @Andrew-Chen-Wang in https://github.com/jazzband/djangorestframework-simplejwt/pull/884
+* fix: PytestConfigWarning Unknown config option: python_paths by @vgrozdanic in https://github.com/jazzband/djangorestframework-simplejwt/pull/886
+* fix: Do not copy `iat` claim from refresh token by @vgrozdanic in https://github.com/jazzband/djangorestframework-simplejwt/pull/888
+* fix:  add missing migration for token_blacklist app by @juanbailon in https://github.com/jazzband/djangorestframework-simplejwt/pull/894
+* Update Persian translations (fa, fa_IR) for Django application by @mahdirahimi1999 in https://github.com/jazzband/djangorestframework-simplejwt/pull/897
+* fix: always stringify user_id claim ([#887](https://github.com/jazzband/djangorestframework-simplejwt/pull/897))
+
+## 5.5.0
+* Cap PyJWT version to <2.10.0 to avoid incompatibility with subject claim type requirement by @grayver in https://github.com/jazzband/djangorestframework-simplejwt/pull/843
+* Add specific "token expired" exceptions by @vainu-arto in https://github.com/jazzband/djangorestframework-simplejwt/pull/830
+* Fix user_id type mismatch when user claim is not pk by @jdg-journeyfront in https://github.com/jazzband/djangorestframework-simplejwt/pull/851
+* Caching signing key by @henryfool91 in https://github.com/jazzband/djangorestframework-simplejwt/pull/859
+* Adds new refresh tokens to OutstandingToken db. by @thecarpetjasp in https://github.com/jazzband/djangorestframework-simplejwt/pull/866
+
+## 5.4.0
+* Changed string formatting in views by @Egor-oop in https://github.com/jazzband/djangorestframework-simplejwt/pull/750
+* Enhance BlacklistMixin with Generic Type for Accurate Type Inference by @Dresdn in https://github.com/jazzband/djangorestframework-simplejwt/pull/768
+* Improve type of `Token.for_user` to allow subclasses by @sterliakov in https://github.com/jazzband/djangorestframework-simplejwt/pull/776
+* Fix the `Null` value of the `OutstandingToken` of the `BlacklistMixin.blacklist` by @JaeHyuckSa in https://github.com/jazzband/djangorestframework-simplejwt/pull/806
+* Fix: Disable refresh token for inactive user. by @ajay09 in https://github.com/jazzband/djangorestframework-simplejwt/pull/814
+* Add option to allow inactive user authentication and token generation by @zxkeyy in https://github.com/jazzband/djangorestframework-simplejwt/pull/834
+* Drop Django <4.2, DRF <3.14, Python <3.9 by @Andrew-Chen-Wang in https://github.com/jazzband/djangorestframework-simplejwt/pull/839
+  * Note, many deprecated versions are only officially not supported but probably still work fine.
+* Add support for EdDSA and other algorithms in jwt.algorithms.requires_cryptography (#822) https://github.com/jazzband/djangorestframework-simplejwt/pull/823
+
+## 5.3.1
+
+## What's Changed
+* Remove EOL Python, Django and DRF version support by @KOliver94 in [#754](https://github.com/jazzband/djangorestframework-simplejwt/pull/754)
+* Declare support for type checking (closes #664) by @PedroPerpetua in [#760](https://github.com/jazzband/djangorestframework-simplejwt/pull/760)
+* Remove usages of deprecated datetime.utcnow() and datetime.utcfromtimestamp() in [#765](https://github.com/jazzband/djangorestframework-simplejwt/pull/765)
+
+#### Translation Updates:
+* Update Korean translations by @TGoddessana in https://github.com/jazzband/djangorestframework-simplejwt/pull/753
+
+## 5.3.0
+
+#### Notable Changes:
+* Added support for Python 3.11 by @joshuadavidthomas [#636](https://github.com/jazzband/djangorestframework-simplejwt/pull/636)
+* Added support for Django 4.2 by @johnthagen [#711](https://github.com/jazzband/djangorestframework-simplejwt/pull/711)
+* Added support for DRF 3.14 by @Andrew-Chen-Wang [#623](https://github.com/jazzband/djangorestframework-simplejwt/pull/623)
+* Added Inlang to facilitate community translations by @jannesblobel [#662](https://github.com/jazzband/djangorestframework-simplejwt/pull/662)
+* Revoke access token if user password is changed by @mahdirahimi1999 [#719](https://github.com/jazzband/djangorestframework-simplejwt/pull/719)
+* Added type hints by @abczzz13 [#683](https://github.com/jazzband/djangorestframework-simplejwt/pull/683)
+* Improved testing by @kiraware [#688](https://github.com/jazzband/djangorestframework-simplejwt/pull/688)
+* Removed support for Django 2.2 by @kiraware [#688](https://github.com/jazzband/djangorestframework-simplejwt/pull/688)
+
+#### Documentation:
+* Added write_only=True to TokenBlacklistSerializer's refresh field for better doc generation by @Yaser-Amiri [#699](https://github.com/jazzband/djangorestframework-simplejwt/pull/699)
+* Updated docs on serializer customization by @2ykwang [#668](https://github.com/jazzband/djangorestframework-simplejwt/pull/668)
+
+#### Translation Updates:
+* Updated translations for Persian (fa) language by @mahdirahimi1999 [#723](https://github.com/jazzband/djangorestframework-simplejwt/pull/723) and https://github.com/jazzband/djangorestframework-simplejwt/pull/708
+* Updated translations for Indonesian (id) language by @kiraware [#685](https://github.com/jazzband/djangorestframework-simplejwt/pull/685)
+* Added Arabic language translations by @iamjazzar [#690](https://github.com/jazzband/djangorestframework-simplejwt/pull/690)
+* Added Hebrew language translations by @elam91 [#679](https://github.com/jazzband/djangorestframework-simplejwt/pull/679)
+* Added Slovenian language translations by @banDeveloper [#645](https://github.com/jazzband/djangorestframework-simplejwt/pull/645)
+
+## Version 5.2.2
+
+Major security release
+
+* Revert #605 [#629](https://github.com/jazzband/djangorestframework-simplejwt/pull/629)
+* Fix typo in blacklist_app.rst by @cbscsm [#593](https://github.com/jazzband/djangorestframework-simplejwt/pull/593)
+
+## Version 5.2.1
+
+* Add Swedish translations by @PasinduPrabhashitha [#579](https://github.com/jazzband/djangorestframework-simplejwt/pull/579)
+* Fixed issue #543 by @armenak-baburyan [#586](https://github.com/jazzband/djangorestframework-simplejwt/pull/586)
+* Fix uncaught exception with JWK by @jerr0328 [#600](https://github.com/jazzband/djangorestframework-simplejwt/pull/600)
+* Test on Django 4.1 by @2ykwang [#604](https://github.com/jazzband/djangorestframework-simplejwt/pull/604)
+
+## Version 5.2.0
+
+* Remove the JWTTokenUserAuthentication from the Experimental Features #546 by @byrpatrick [#547](https://github.com/jazzband/djangorestframework-simplejwt/pull/547)
+* Fix leeway type error by @2ykwang [#554](https://github.com/jazzband/djangorestframework-simplejwt/pull/554)
+* Add info on TokenBlacklistView to the docs by @inti7ary [#558](https://github.com/jazzband/djangorestframework-simplejwt/pull/558)
+* Update JWTStatelessUserAuthentication docs by @2ykwang [#561](https://github.com/jazzband/djangorestframework-simplejwt/pull/561)
+* Allow none jti claim token type claim by @denniskeends [#567](https://github.com/jazzband/djangorestframework-simplejwt/pull/567)
+* Allow customizing token JSON encoding by @vainu-arto [#568](https://github.com/jazzband/djangorestframework-simplejwt/pull/568)
+
+## Version 5.1.0
+
+* Add back support for PyJWT 1.7.1 ([#536](https://github.com/jazzband/djangorestframework-simplejwt/pull/536))
+* Make the token serializer configurable ([#521](https://github.com/jazzband/djangorestframework-simplejwt/pull/521))
+* Simplify using custom token classes in serializers ([#517](https://github.com/jazzband/djangorestframework-simplejwt/pull/517))
+* Fix default_app_config deprecation ([#415](https://github.com/jazzband/djangorestframework-simplejwt/pull/415))
+* Add missing integration instructions for drf-yasg ([#505](https://github.com/jazzband/djangorestframework-simplejwt/pull/505))
+* Add blacklist view to log out users ([#306](https://github.com/jazzband/djangorestframework-simplejwt/pull/306))
+* Set default verifying key to empty str ([#487](https://github.com/jazzband/djangorestframework-simplejwt/pull/487))
+* Add docs about TOKEN_USER_CLASS ([#455](https://github.com/jazzband/djangorestframework-simplejwt/pull/440))
+
+Meta:
+* Add auto locale updater ([#456](https://github.com/jazzband/djangorestframework-simplejwt/pull/456))
+
+Translations:
+
+* Added Korean translations ([#501](https://github.com/jazzband/djangorestframework-simplejwt/pull/501))
+* Added Turkish translations ([#508](https://github.com/jazzband/djangorestframework-simplejwt/pull/508))
 
 ## Version 5.0.0
 
@@ -12,8 +135,7 @@
 * Updated import list ([#459](https://github.com/jazzband/djangorestframework-simplejwt/pull/459))
 * Repair generation of OpenAPI with Spectacular ([#452](https://github.com/jazzband/djangorestframework-simplejwt/pull/452))
 * Add "iat" claim to token ([#192](https://github.com/jazzband/djangorestframework-simplejwt/pull/192))
-* Add blacklist view to log out users ([#306](https://github.com/jazzband/djangorestframework-simplejwt/pull/306))
-* updated import list in docs ([#459](https://github.com/jazzband/djangorestframework-simplejwt/pull/459))
+* Add blacklist view to log out users ([#306](https://github.com/jazzband/djangorestframework-simplejwt/pull/306)) 
 
 ## Version 4.8.0
 
@@ -36,6 +158,7 @@
 * Fix invalid syntax in docs for `INSTALLED_APPS` ([#416](https://github.com/jazzband/django-rest-framework-simplejwt/pull/416))
 
 Translations:
+
 * Added Dutch translations ([#422](https://github.com/jazzband/django-rest-framework-simplejwt/pull/422))
 * Added Ukrainian translations ([#423](https://github.com/jazzband/django-rest-framework-simplejwt/pull/423))
 * Added Simplified Chinese translations ([#427](https://github.com/jazzband/django-rest-framework-simplejwt/pull/427))

MANIFEST.in

@@ -1,5 +1,6 @@
 include README.rst
 include LICENSE.txt
+include rest_framework_simplejwt/py.typed
 recursive-include rest_framework_simplejwt/locale *.mo
 recursive-include rest_framework_simplejwt/locale *.po
 recursive-exclude * __pycache__

Makefile

@@ -38,7 +38,6 @@ build-docs:
 		tests/* \
 		rest_framework_simplejwt/token_blacklist/* \
 		rest_framework_simplejwt/backends.py \
-		rest_framework_simplejwt/compat.py \
 		rest_framework_simplejwt/exceptions.py \
 		rest_framework_simplejwt/settings.py \
 		rest_framework_simplejwt/state.py