chore(deps): update dependency cryptography to v45.0.7

fix: catch PyJWKSetError in JWT verification fallback
PyJWKSetError is not a subclass of PyJWKClientError — they are siblings under PyJWTError. The empty JWKS key set error was not being caught. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 09:02:05 +00:00 · 2026-03-22 09:56:58 +01:00
2 changed files with 4 additions and 2 deletions
--- a/backend/pyproject.toml
+++ b/backend/pyproject.toml
@@ -14,7 +14,7 @@ dependencies = [
    "asyncpg==0.31.0",
    "alembic==1.18.4",
    "PyJWT==2.12.1",
-    "cryptography==45.0.3",
+    "cryptography==45.0.7",
 ]
 [project.optional-dependencies]
--- a/backend/src/app/core/auth.py
+++ b/backend/src/app/core/auth.py
@@ -3,7 +3,7 @@ from uuid import UUID
 import jwt
 from fastapi import Depends, HTTPException, Request, status
-from jwt import PyJWKClient, PyJWKClientError
+from jwt import PyJWKClient, PyJWKClientError, PyJWKSetError
 from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession
@@ -75,6 +75,8 @@ def _verify_jwt(token: str) -> dict | None:
            pass
        except PyJWKClientError:
            pass
        except PyJWKSetError:
            pass
    return _verify_jwt_hs256(token)
Author	SHA1	Message	Date
Renovate Bot	c896075ead	chore(deps): update dependency cryptography to v45.0.7 Some checks failed renovate/artifacts Artifact file update failure CI / backend-tests (pull_request) Failing after 46s Details CI / frontend-tests (pull_request) Successful in 33s Details	2026-03-22 09:02:05 +00:00
Julian Tabel	ac0a04e71f	fix: catch PyJWKSetError in JWT verification fallback All checks were successful CI / backend-tests (push) Successful in 29s Details CI / frontend-tests (push) Successful in 28s Details PyJWKSetError is not a subclass of PyJWKClientError — they are siblings under PyJWTError. The empty JWKS key set error was not being caught. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-22 09:56:58 +01:00