jwt 2.2.3 → 2.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 52634c4d49dde601c2061590da9c75e1202c6f457d7e72f86081b9ff1ab4bd66
-  data.tar.gz: 9b6ce357479e71e5c04b390d2fcb03ae7bdde4f1fd028de2c59a988aca3aba9b
+  metadata.gz: e90965d0b77b09f9b095bde7df353186e72838b843940a92f1207d36c1d14afd
+  data.tar.gz: ac4538d631a35219a21150952325a19ffe6f83ea37d7e32664725a06e659816c
 SHA512:
-  metadata.gz: dd81e85c470265ae1f91bd263e52e1d4dc5448274fdfc3233f074fec75a9e4752699653244814bc6d4e7d1d0d15bd65daee70012d542165185486903fa52be76
-  data.tar.gz: 116dc782f864cfbfe742b85fc7a9a487df580540f50efe120841bc5576093f6f18f684e65dc3a0f107c45c11145ae8cb37ba77e3bd8fd2a1f70e44c331043382
+  metadata.gz: b0981dc5c4cc9722514eff7eb1636dcb88bd6e634967380187df8f3555a7405bf2e807c0a996543447006f6cd24516957a11eb2320dcd7dfc2b6ac81aec671b5
+  data.tar.gz: fadc7972eb2ff5377d517fc6a9cf1dd2315745813e60ae041a100754770829f640f5953bb8c6afe8be76d3340ac531aa92e12326484c12ffb721d09f1aa498b0

data/.codeclimate.yml

@@ -0,0 +1,8 @@
+plugins:
+  fixme:
+    enabled: true
+  shellcheck:
+    enabled: true
+  rubocop:
+    enabled: true
+    channel: rubocop-1-23-0

data/.github/workflows/coverage.yml

@@ -0,0 +1,27 @@
+---
+name: coverage
+on:
+  push:
+    branches:
+      - "master"
+jobs:
+ coverage:
+    name: coverage
+    runs-on: ubuntu-20.04
+    env:
+      BUNDLE_GEMFILE: 'gemfiles/rbnacl.gemfile'
+      CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install libsodium
+        run: |
+          sudo apt-get update -q
+          sudo apt-get install libsodium-dev -y
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: "2.7"
+          bundler-cache: true
+      - uses: paambaati/codeclimate-action@v3.0.0
+        with:
+          coverageCommand: bundle exec rspec

data/.github/workflows/test.yml

@@ -17,7 +17,7 @@ jobs:
     - name: Set up Ruby
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: "2.4"
+        ruby-version: "2.7"
         bundler-cache: true
     - name: Run RuboCop
       run: bundle exec rubocop
@@ -26,26 +26,18 @@ jobs:
       fail-fast: false
       matrix:
         ruby:
-          - 2.3
-          - 2.4
           - 2.5
           - 2.6
           - 2.7
-          - 3.0
+          - "3.0"
+          - 3.1
         gemfile:
           - gemfiles/standalone.gemfile
           - gemfiles/openssl.gemfile
           - gemfiles/rbnacl.gemfile
         experimental: [false]
         include:
-          - ruby: 2.1
-            gemfile: 'gemfiles/rbnacl.gemfile'
-            experimental: false
-          - ruby: 2.2
-            gemfile: 'gemfiles/rbnacl.gemfile'
-            experimental: false
           - ruby: 2.7
-            coverage: "true"
             gemfile: 'gemfiles/rbnacl.gemfile'
           - ruby: "ruby-head"
             experimental: true

data/.gitignore

@@ -9,3 +9,5 @@ coverage/
 .vscode/
 .bundle
 *gemfile.lock
+.byebug_history
+*.gem

data/.rubocop.yml

@@ -1,24 +1,12 @@
 inherit_from: .rubocop_todo.yml
 
 AllCops:
-  TargetRubyVersion: 2.1
-
-Layout/AlignParameters:
-  EnforcedStyle: with_fixed_indentation
-
-Layout/CaseIndentation:
-  EnforcedStyle: end
-
-Style/AsciiComments:
-  Enabled: false
-
-Layout/IndentHash:
-  Enabled: false
-
-Style/CollectionMethods:
-  Enabled: true
-  PreferredMethods:
-      inject: 'inject'
+  TargetRubyVersion: 2.5
+  NewCops: enable
+  SuggestExtensions: false
+  Exclude:
+    - 'gemfiles/*.gemfile'
+    - 'vendor/**/*'
 
 Style/Documentation:
   Enabled: false
@@ -27,10 +15,6 @@ Style/BlockDelimiters:
   Exclude:
     - spec/**/*_spec.rb
 
-Style/BracesAroundHashParameters:
-  Exclude:
-    - spec/**/*_spec.rb
-
 Style/GuardClause:
   Enabled: false
 
@@ -50,15 +34,15 @@ Style/SignalException:
   Enabled: false
 
 Metrics/AbcSize:
-  Max: 20
+  Max: 25
 
 Metrics/ClassLength:
-  Max: 101
+  Max: 103
 
 Metrics/ModuleLength:
   Max: 100
 
-Metrics/LineLength:
+Layout/LineLength:
   Enabled: false
 
 Metrics/BlockLength:
@@ -71,7 +55,7 @@ Metrics/MethodLength:
 Style/SingleLineBlockParams:
   Enabled: false
 
-Lint/EndAlignment:
+Layout/EndAlignment:
   EnforcedStyleAlignWith: variable
 
 Style/FormatString:
@@ -89,9 +73,9 @@ Style/WordArray:
 Style/RedundantSelf:
   Enabled: false
 
-Layout/AlignHash:
+Layout/HashAlignment:
   Enabled: true
   EnforcedLastArgumentHashStyle: always_ignore
 
 Style/TrivialAccessors:
-  AllowPredicates: true
+  AllowPredicates: true

data/.rubocop_todo.yml

@@ -1,191 +1,22 @@
 # This configuration was generated by
-# `rubocop --auto-gen-config`
-# on 2020-12-21 23:11:43 +0200 using RuboCop version 0.52.1.
+# `rubocop --auto-gen-config --exclude-limit 1000000`
+# on 2021-12-27 06:53:55 UTC using RuboCop version 1.23.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 2
+# Offense count: 1
 # Cop supports --auto-correct.
-# Configuration parameters: Include, TreatCommentsAsGroupSeparators.
+# Configuration parameters: Include.
 # Include: **/*.gemspec
-Gemspec/OrderedDependencies:
+Gemspec/RequireMFA:
   Exclude:
     - 'ruby-jwt.gemspec'
 
 # Offense count: 1
-# Cop supports --auto-correct.
-Layout/EmptyLines:
-  Exclude:
-    - 'spec/integration/readme_examples_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: empty_lines, no_empty_lines
-Layout/EmptyLinesAroundBlockBody:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: AllowForAlignment, ForceEqualSignAlignment.
-Layout/ExtraSpacing:
-  Exclude:
-    - 'spec/jwk_spec.rb'
-
-# Offense count: 2
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: normal, rails
-Layout/IndentationConsistency:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: Width, IgnoredPatterns.
-Layout/IndentationWidth:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 3
-# Cop supports --auto-correct.
-Layout/SpaceAfterComma:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 2
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces.
-# SupportedStyles: space, no_space
-# SupportedStylesForEmptyBraces: space, no_space
-Layout/SpaceBeforeBlockBraces:
-  Exclude:
-    - 'spec/jwk/ec_spec.rb'
-    - 'spec/jwt/verify_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters.
-# SupportedStyles: space, no_space
-# SupportedStylesForEmptyBraces: space, no_space
-Layout/SpaceInsideBlockBraces:
-  Exclude:
-    - 'spec/jwt/verify_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: final_newline, final_blank_line
-Layout/TrailingBlankLines:
-  Exclude:
-    - 'bin/console.rb'
-
-# Offense count: 3
-# Cop supports --auto-correct.
-# Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
-Lint/UnusedBlockArgument:
-  Exclude:
-    - 'spec/jwk/decode_with_jwk_spec.rb'
-    - 'spec/jwk/ec_spec.rb'
-    - 'spec/jwt/verify_spec.rb'
-
-# Offense count: 2
-Metrics/CyclomaticComplexity:
-  Max: 7
-
-# Offense count: 1
-Metrics/PerceivedComplexity:
-  Max: 8
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: MaxKeyValuePairs.
-Performance/RedundantMerge:
+# Configuration parameters: AllowedMethods.
+# AllowedMethods: respond_to_missing?
+Style/OptionalBooleanParameter:
   Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/Encoding:
-  Exclude:
-    - 'lib/jwt/version.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: InverseMethods, InverseBlocks.
-Style/InverseMethods:
-  Exclude:
-    - 'spec/jwk/ec_spec.rb'
-
-# Offense count: 2
-# Cop supports --auto-correct.
-Style/MethodCallWithoutArgsParentheses:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 2
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: module_function, extend_self
-Style/ModuleFunction:
-  Exclude:
-    - 'lib/jwt/algos.rb'
-    - 'lib/jwt/signature.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/MultilineIfModifier:
-  Exclude:
-    - 'spec/integration/readme_examples_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/MutableConstant:
-  Exclude:
-    - 'lib/jwt/version.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: Strict.
-Style/NumericLiterals:
-  MinDigits: 6
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/ParallelAssignment:
-  Exclude:
-    - 'spec/integration/readme_examples_spec.rb'
-
-# Offense count: 11
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
-# SupportedStyles: single_quotes, double_quotes
-Style/StringLiterals:
-  Exclude:
-    - 'bin/console.rb'
-    - 'spec/jwk/ec_spec.rb'
-    - 'spec/jwk/rsa_spec.rb'
-    - 'spec/jwk_spec.rb'
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyleForMultiline.
-# SupportedStylesForMultiline: comma, consistent_comma, no_comma
-Style/TrailingCommaInArguments:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/UnlessElse:
-  Exclude:
-    - 'spec/jwt_spec.rb'
-
-# Offense count: 162
-# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
-# URISchemes: http, https
-Metrics/LineLength:
-  Max: 420
+    - 'lib/jwt.rb'

data/AUTHORS

@@ -1,6 +1,6 @@
 Tim Rudat
-Jeff Lindsay
 Joakim Antman
+Jeff Lindsay
 A.B
 shields
 Bob Aman
@@ -8,44 +8,53 @@ Emilio Cristalli
 Egon Zemmer
 Zane Shannon
 Nikita Shatov
-Oliver
 Paul Battley
+Oliver
 blackanger
-Adam Michael
 Ville Lautanala
 Tyler Pickett
 James Stonehill
-Peter M. Goldstein
+Adam Michael
 Martin Emde
-Richard Larocque
+Saverio Trioni
+Peter M. Goldstein
 Korstiaan de Ridder
+Richard Larocque
+Andrew Davis
+Yason Khaburzaniya
 Klaas Jan Wierenga
-Antonis Berkakis
+Nick Hammond
+Bart de Water
 Steve Sloan
-Yason Khaburzaniya
+Antonis Berkakis
 Bill Mill
+Kevin Olbrich
+Simon Fish
 jb08
 lukas
 Rodrigo López Dato
 ojab
+Ritikesh
 sawyerzhang
-Kevin Olbrich
+Larry Lv
 smudge
 wohlgejm
 Tom Wey
 yann ARMAND
 Brian Flethcer
+Jurriaan Pruis
 Erik Michaels-Ober
+Matthew Simpson
 Steven Davidovitz
-Jurriaan Pruis
-Larry Lv
-Mingan
-Mitch Birti
 Nicolas Leger
+Pierre Michard
+RahulBajaj
 Rob Wygand
 Ryan Brushett
 Ryan McIlmoyl
 Ryan Metzler
+Severin Schoepke
+Shaun Guth
 Steve Teti
 T.J. Schuck
 Taiki Sugawara
@@ -58,10 +67,12 @@ Yuji Yaginuma
 Zuzanna Stolińska
 aarongray
 danielgrippi
+fusagiko/takayamaki
+mai fujii
 nycvotes-dev
 revodoge
 rono23
-RahulBajaj
+antonmorant
 Adam Greene
 Alexander Boyd
 Alexandr Kostrikov
@@ -71,9 +82,11 @@ Arnaud Mesureur
 Artsiom Kuts
 Austin Kabiru
 B
+Bouke van der Bijl
 Brandon Keepers
 Dan Leyden
 Dave Grijalva
+Dmitry Pashkevich
 Dorian Marié
 Ernie Miller
 Evgeni Golov
@@ -90,12 +103,17 @@ JotaSe
 Juanito Fatas
 Julio Lopez
 Katelyn Kasperowicz
+Leonardo Saraiva
 Lowell Kirsh
+Loïc Lengrand
 Lucas Mazza
 Makoto Chiba
 Manuel Bustillo
 Marco Adkins
+Meredith Leu
 Micah Gates
 Michał Begejowicz
 Mike Eirih
 Mike Pastore
+Mingan
+Mitch Birti

data/Appraisals

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
+
 appraise 'standalone' do
+  # No additions
 end
 
 appraise 'openssl' do

data/CHANGELOG.md

@@ -1,8 +1,90 @@
 # Changelog
 
-## [2.2.3](https://github.com/jwt/ruby-jwt/tree/2.2.3) (2021-04-19)
+## [v2.4.0](https://github.com/jwt/ruby-jwt/tree/v2.4.0) (2022-06-06)
 
-[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.2...2.2.3)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)
+
+**Implemented enhancements:**
+
+- Ensure presence of claims [\#244](https://github.com/jwt/ruby-jwt/issues/244)
+- Support verifying signature signed using x5c header [\#59](https://github.com/jwt/ruby-jwt/issues/59)
+- Add x5c header key finder [\#338](https://github.com/jwt/ruby-jwt/pull/338) ([bdewater](https://github.com/bdewater))
+
+**Security fixes:**
+
+- Importing JWK then exporting results in different `kid` [\#313](https://github.com/jwt/ruby-jwt/issues/313)
+
+**Closed issues:**
+
+- Is there a way to decode a ES256 encoded JWT with a root certificate but without a public key or a private key? [\#471](https://github.com/jwt/ruby-jwt/issues/471)
+- Encode output with extra quote [\#469](https://github.com/jwt/ruby-jwt/issues/469)
+- Please release new gem version [\#444](https://github.com/jwt/ruby-jwt/issues/444)
+- HS512 signature verification fails for valid tokens [\#438](https://github.com/jwt/ruby-jwt/issues/438)
+- ArgumentError: invalid base64 while calling JWT::JWK.import\(hash\) [\#361](https://github.com/jwt/ruby-jwt/issues/361)
+- NoMethodError (undefined method `encode' for JsonWebToken:Module\) [\#329](https://github.com/jwt/ruby-jwt/issues/329)
+
+**Merged pull requests:**
+
+- Fix RuboCop TODOs [\#476](https://github.com/jwt/ruby-jwt/pull/476) ([typhoon2099](https://github.com/typhoon2099))
+- Update note about supported JWK types [\#475](https://github.com/jwt/ruby-jwt/pull/475) ([dpashkevich](https://github.com/dpashkevich))
+- Make specific algorithms in README linkable [\#472](https://github.com/jwt/ruby-jwt/pull/472) ([milieu](https://github.com/milieu))
+- Add tests for keyfinder logic to ensure the argument count does not matter [\#467](https://github.com/jwt/ruby-jwt/pull/467) ([anakinj](https://github.com/anakinj))
+- More tests for none token [\#466](https://github.com/jwt/ruby-jwt/pull/466) ([anakinj](https://github.com/anakinj))
+- Improve non algorithm tests [\#465](https://github.com/jwt/ruby-jwt/pull/465) ([anakinj](https://github.com/anakinj))
+- Bring back Ruby 2.5 support and CodeClimate coverage reports [\#464](https://github.com/jwt/ruby-jwt/pull/464) ([anakinj](https://github.com/anakinj))
+- Fix a little RuboCop issue [\#462](https://github.com/jwt/ruby-jwt/pull/462) ([anakinj](https://github.com/anakinj))
+- Fixes with latest RuboCop [\#459](https://github.com/jwt/ruby-jwt/pull/459) ([anakinj](https://github.com/anakinj))
+- Removed bundler-audit from codeclimate config [\#458](https://github.com/jwt/ruby-jwt/pull/458) ([anakinj](https://github.com/anakinj))
+- Updated rubocop to 1.23.0 [\#457](https://github.com/jwt/ruby-jwt/pull/457) ([anakinj](https://github.com/anakinj))
+- Add Ruby 3.1 to test matrix [\#456](https://github.com/jwt/ruby-jwt/pull/456) ([anakinj](https://github.com/anakinj))
+- Use Ruby built-in url-safe base64 methods [\#454](https://github.com/jwt/ruby-jwt/pull/454) ([bdewater](https://github.com/bdewater))
+- Stop running tests on EOL rubies. [\#453](https://github.com/jwt/ruby-jwt/pull/453) ([anakinj](https://github.com/anakinj))
+- Fix openssl gem version check to support versons greater than 3 [\#452](https://github.com/jwt/ruby-jwt/pull/452) ([anakinj](https://github.com/anakinj))
+- Readme: Typo fix re MissingRequiredClaim [\#451](https://github.com/jwt/ruby-jwt/pull/451) ([antonmorant](https://github.com/antonmorant))
+- Fix for exception after mergeing \#385 [\#450](https://github.com/jwt/ruby-jwt/pull/450) ([anakinj](https://github.com/anakinj))
+- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5))
+- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten))
+- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh))
+- Define the secp256r1 curve [\#385](https://github.com/jwt/ruby-jwt/pull/385) ([anakinj](https://github.com/anakinj))
+
+## [v2.3.0](https://github.com/jwt/ruby-jwt/tree/v2.3.0) (2021-10-03)
+
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.3...v2.3.0)
+
+**Closed issues:**
+
+- \[SECURITY\] Algorithm Confusion Through kid Header [\#440](https://github.com/jwt/ruby-jwt/issues/440)
+- JWT to memory [\#436](https://github.com/jwt/ruby-jwt/issues/436)
+- ArgumentError: wrong number of arguments \(given 2, expected 1\) [\#429](https://github.com/jwt/ruby-jwt/issues/429)
+- HMAC section of README outdated [\#421](https://github.com/jwt/ruby-jwt/issues/421)
+- NoMethodError: undefined method `zero?' for nil:NilClass if JWT has no 'alg' field [\#410](https://github.com/jwt/ruby-jwt/issues/410)
+- Release new version [\#409](https://github.com/jwt/ruby-jwt/issues/409)
+- NameError: uninitialized constant JWT::JWK [\#403](https://github.com/jwt/ruby-jwt/issues/403)
+
+**Merged pull requests:**
+
+- Release 2.3.0 [\#448](https://github.com/jwt/ruby-jwt/pull/448) ([excpt](https://github.com/excpt))
+- Fix Style/MultilineIfModifier issues [\#447](https://github.com/jwt/ruby-jwt/pull/447) ([anakinj](https://github.com/anakinj))
+- feat\(EdDSA\): Accept EdDSA as algorithm header [\#446](https://github.com/jwt/ruby-jwt/pull/446) ([Pierre-Michard](https://github.com/Pierre-Michard))
+- Pass kid param through JWT::JWK.create\_from [\#445](https://github.com/jwt/ruby-jwt/pull/445) ([shaun-guth-allscripts](https://github.com/shaun-guth-allscripts))
+- fix document about passing JWKs as a simple Hash [\#443](https://github.com/jwt/ruby-jwt/pull/443) ([takayamaki](https://github.com/takayamaki))
+- Tests for mixing JWK keys with mismatching algorithms [\#441](https://github.com/jwt/ruby-jwt/pull/441) ([anakinj](https://github.com/anakinj))
+- verify\_claims test shouldnt be within the verify\_sub test [\#431](https://github.com/jwt/ruby-jwt/pull/431) ([andyjdavis](https://github.com/andyjdavis))
+- Allow decode options to specify required claims [\#430](https://github.com/jwt/ruby-jwt/pull/430) ([andyjdavis](https://github.com/andyjdavis))
+- Fix OpenSSL::PKey::EC public\_key handing in tests [\#427](https://github.com/jwt/ruby-jwt/pull/427) ([anakinj](https://github.com/anakinj))
+- Add documentation for find\_key [\#426](https://github.com/jwt/ruby-jwt/pull/426) ([ritikesh](https://github.com/ritikesh))
+- Give ruby 3.0 as a string to avoid number formatting issues [\#424](https://github.com/jwt/ruby-jwt/pull/424) ([anakinj](https://github.com/anakinj))
+- Tests for iat verification behaviour [\#423](https://github.com/jwt/ruby-jwt/pull/423) ([anakinj](https://github.com/anakinj))
+- Remove HMAC with nil secret from documentation [\#422](https://github.com/jwt/ruby-jwt/pull/422) ([boardfish](https://github.com/boardfish))
+- Update broken link in README [\#420](https://github.com/jwt/ruby-jwt/pull/420) ([severin](https://github.com/severin))
+- Add metadata for RubyGems [\#418](https://github.com/jwt/ruby-jwt/pull/418) ([nickhammond](https://github.com/nickhammond))
+- Fixed a typo about class name  [\#417](https://github.com/jwt/ruby-jwt/pull/417) ([mai-f](https://github.com/mai-f))
+- Fix references for v2.2.3 on CHANGELOG [\#416](https://github.com/jwt/ruby-jwt/pull/416) ([vyper](https://github.com/vyper))
+- Raise IncorrectAlgorithm if token has no alg header [\#411](https://github.com/jwt/ruby-jwt/pull/411) ([bouk](https://github.com/bouk))
+
+## [v2.2.3](https://github.com/jwt/ruby-jwt/tree/v2.2.3) (2021-04-19)
+
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.2...v2.2.3)
 
 **Implemented enhancements:**
 
@@ -31,6 +113,7 @@
 
 **Merged pull requests:**
 
+- Prepare 2.2.3 release [\#415](https://github.com/jwt/ruby-jwt/pull/415) ([excpt](https://github.com/excpt))
 - Remove codeclimate code coverage dev dependency [\#414](https://github.com/jwt/ruby-jwt/pull/414) ([excpt](https://github.com/excpt))
 - Add forwardable dependency [\#408](https://github.com/jwt/ruby-jwt/pull/408) ([anakinj](https://github.com/anakinj))
 - Ignore casing of algorithm [\#405](https://github.com/jwt/ruby-jwt/pull/405) ([johnnyshields](https://github.com/johnnyshields))