jwt 2.4.0 → 2.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e90965d0b77b09f9b095bde7df353186e72838b843940a92f1207d36c1d14afd
-  data.tar.gz: ac4538d631a35219a21150952325a19ffe6f83ea37d7e32664725a06e659816c
+  metadata.gz: 6e7f3474ee58d51ca5646f48ca28bf669b40a4b7676cbe7211597ca6ae69f672
+  data.tar.gz: 570e6930c9094afea40ea8e8a6a7c9b3293890b121893f5148914b0a8e7d11f8
 SHA512:
-  metadata.gz: b0981dc5c4cc9722514eff7eb1636dcb88bd6e634967380187df8f3555a7405bf2e807c0a996543447006f6cd24516957a11eb2320dcd7dfc2b6ac81aec671b5
-  data.tar.gz: fadc7972eb2ff5377d517fc6a9cf1dd2315745813e60ae041a100754770829f640f5953bb8c6afe8be76d3340ac531aa92e12326484c12ffb721d09f1aa498b0
+  metadata.gz: 3249529ec6bacc8e655e2830949af61c10e235a569f9dc67d3880335d5939b8afc56c180145d3e02dd09744288d50c31547338e105cf55ae4e0fbe237eb2a0e8
+  data.tar.gz: dd415314a7bd048d8b2b5b630d5b7011128932bf207dc785ac6154748aff68836a1c39e766dc176e225c643fc406fe9fdc5c510b36dc939e36722e327d8fe92f

data/.github/workflows/test.yml

@@ -17,7 +17,7 @@ jobs:
     - name: Set up Ruby
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: "2.7"
+        ruby-version: "3.0"
         bundler-cache: true
     - name: Run RuboCop
       run: bundle exec rubocop

data/.reek.yml

@@ -0,0 +1,22 @@
+---
+detectors:
+  TooManyStatements:
+    max_statements: 10
+  UtilityFunction:
+    enabled: false
+  LongParameterList:
+    enabled: false
+  DuplicateMethodCall:
+    max_calls: 2
+  IrresponsibleModule:
+    enabled: false
+  NestedIterators:
+    max_allowed_nesting: 2
+  UnusedParameters:
+    enabled: false
+  FeatureEnvy:
+    enabled: false
+  ControlParameter:
+    enabled: false
+  UnusedPrivateMethod:
+    enabled: false

data/.rubocop.yml

@@ -1,5 +1,3 @@
-inherit_from: .rubocop_todo.yml
-
 AllCops:
   TargetRubyVersion: 2.5
   NewCops: enable
@@ -21,43 +19,38 @@ Style/GuardClause:
 Style/IfUnlessModifier:
   Enabled: false
 
-Layout/SpaceInsideHashLiteralBraces:
-  Enabled: false
-
 Style/Lambda:
   Enabled: false
 
 Style/RaiseArgs:
   Enabled: false
 
-Style/SignalException:
-  Enabled: false
-
 Metrics/AbcSize:
   Max: 25
 
 Metrics/ClassLength:
-  Max: 103
+  Max: 105
 
 Metrics/ModuleLength:
   Max: 100
 
-Layout/LineLength:
-  Enabled: false
+Metrics/MethodLength:
+  Max: 20
 
 Metrics/BlockLength:
   Exclude:
     - spec/**/*_spec.rb
 
-Metrics/MethodLength:
-  Max: 15
-
-Style/SingleLineBlockParams:
+Layout/LineLength:
   Enabled: false
 
 Layout/EndAlignment:
   EnforcedStyleAlignWith: variable
 
+Layout/EmptyLineBetweenDefs:
+  Enabled: true
+  AllowAdjacentOneLineDefs: true
+
 Style/FormatString:
   Enabled: false
 
@@ -70,12 +63,5 @@ Layout/MultilineOperationIndentation:
 Style/WordArray:
   Enabled: false
 
-Style/RedundantSelf:
+Gemspec/RequireMFA:
   Enabled: false
-
-Layout/HashAlignment:
-  Enabled: true
-  EnforcedLastArgumentHashStyle: always_ignore
-
-Style/TrivialAccessors:
-  AllowPredicates: true

data/.sourcelevel.yml

@@ -1,4 +1,3 @@
-styleguide: excpt/linters
 engines:
   reek:
     enabled: true
@@ -6,13 +5,13 @@ engines:
     enabled: true
   rubocop:
     enabled: true
-    channel: rubocop-0-52
+    channel: latest
   duplication:
     config:
       languages:
       - ruby
     enabled: true
   remark-lint:
-    enabled: true
+    enabled: false
 exclude_paths:
-- spec
+  - spec

data/CHANGELOG.md

@@ -1,51 +1,31 @@
 # Changelog
+## [v2.4.1](https://github.com/jwt/ruby-jwt/tree/v2.4.1) (2022-06-07)
 
-## [v2.4.0](https://github.com/jwt/ruby-jwt/tree/v2.4.0) (2022-06-06)
-
-[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)
+**Fixes and enhancements:**
+- Raise JWT::DecodeError on invalid signature [\#484](https://github.com/jwt/ruby-jwt/pull/484) ([@freakyfelt!](https://github.com/freakyfelt!)).
 
-**Implemented enhancements:**
-
-- Ensure presence of claims [\#244](https://github.com/jwt/ruby-jwt/issues/244)
-- Support verifying signature signed using x5c header [\#59](https://github.com/jwt/ruby-jwt/issues/59)
-- Add x5c header key finder [\#338](https://github.com/jwt/ruby-jwt/pull/338) ([bdewater](https://github.com/bdewater))
-
-**Security fixes:**
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.4.0...v2.4.1)
 
-- Importing JWK then exporting results in different `kid` [\#313](https://github.com/jwt/ruby-jwt/issues/313)
-
-**Closed issues:**
-
-- Is there a way to decode a ES256 encoded JWT with a root certificate but without a public key or a private key? [\#471](https://github.com/jwt/ruby-jwt/issues/471)
-- Encode output with extra quote [\#469](https://github.com/jwt/ruby-jwt/issues/469)
-- Please release new gem version [\#444](https://github.com/jwt/ruby-jwt/issues/444)
-- HS512 signature verification fails for valid tokens [\#438](https://github.com/jwt/ruby-jwt/issues/438)
-- ArgumentError: invalid base64 while calling JWT::JWK.import\(hash\) [\#361](https://github.com/jwt/ruby-jwt/issues/361)
-- NoMethodError (undefined method `encode' for JsonWebToken:Module\) [\#329](https://github.com/jwt/ruby-jwt/issues/329)
+## [v2.4.0](https://github.com/jwt/ruby-jwt/tree/v2.4.0) (2022-06-06)
 
-**Merged pull requests:**
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)
 
-- Fix RuboCop TODOs [\#476](https://github.com/jwt/ruby-jwt/pull/476) ([typhoon2099](https://github.com/typhoon2099))
-- Update note about supported JWK types [\#475](https://github.com/jwt/ruby-jwt/pull/475) ([dpashkevich](https://github.com/dpashkevich))
-- Make specific algorithms in README linkable [\#472](https://github.com/jwt/ruby-jwt/pull/472) ([milieu](https://github.com/milieu))
-- Add tests for keyfinder logic to ensure the argument count does not matter [\#467](https://github.com/jwt/ruby-jwt/pull/467) ([anakinj](https://github.com/anakinj))
-- More tests for none token [\#466](https://github.com/jwt/ruby-jwt/pull/466) ([anakinj](https://github.com/anakinj))
-- Improve non algorithm tests [\#465](https://github.com/jwt/ruby-jwt/pull/465) ([anakinj](https://github.com/anakinj))
-- Bring back Ruby 2.5 support and CodeClimate coverage reports [\#464](https://github.com/jwt/ruby-jwt/pull/464) ([anakinj](https://github.com/anakinj))
-- Fix a little RuboCop issue [\#462](https://github.com/jwt/ruby-jwt/pull/462) ([anakinj](https://github.com/anakinj))
-- Fixes with latest RuboCop [\#459](https://github.com/jwt/ruby-jwt/pull/459) ([anakinj](https://github.com/anakinj))
-- Removed bundler-audit from codeclimate config [\#458](https://github.com/jwt/ruby-jwt/pull/458) ([anakinj](https://github.com/anakinj))
-- Updated rubocop to 1.23.0 [\#457](https://github.com/jwt/ruby-jwt/pull/457) ([anakinj](https://github.com/anakinj))
-- Add Ruby 3.1 to test matrix [\#456](https://github.com/jwt/ruby-jwt/pull/456) ([anakinj](https://github.com/anakinj))
-- Use Ruby built-in url-safe base64 methods [\#454](https://github.com/jwt/ruby-jwt/pull/454) ([bdewater](https://github.com/bdewater))
-- Stop running tests on EOL rubies. [\#453](https://github.com/jwt/ruby-jwt/pull/453) ([anakinj](https://github.com/anakinj))
-- Fix openssl gem version check to support versons greater than 3 [\#452](https://github.com/jwt/ruby-jwt/pull/452) ([anakinj](https://github.com/anakinj))
-- Readme: Typo fix re MissingRequiredClaim [\#451](https://github.com/jwt/ruby-jwt/pull/451) ([antonmorant](https://github.com/antonmorant))
-- Fix for exception after mergeing \#385 [\#450](https://github.com/jwt/ruby-jwt/pull/450) ([anakinj](https://github.com/anakinj))
-- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5))
-- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten))
-- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh))
-- Define the secp256r1 curve [\#385](https://github.com/jwt/ruby-jwt/pull/385) ([anakinj](https://github.com/anakinj))
+**Features:**
+
+- Dropped support for Ruby 2.5 and older [#453](https://github.com/jwt/ruby-jwt/pull/453) - [@anakinj](https://github.com/anakinj).
+- Use Ruby built-in url-safe base64 methods [#454](https://github.com/jwt/ruby-jwt/pull/454) - [@bdewater](https://github.com/bdewater).
+- Updated rubocop to 1.23.0 [#457](https://github.com/jwt/ruby-jwt/pull/457) - [@anakinj](https://github.com/anakinj).
+- Add x5c header key finder [#338](https://github.com/jwt/ruby-jwt/pull/338) - [@bdewater](https://github.com/bdewater).
+- Author driven changelog process [#463](https://github.com/jwt/ruby-jwt/pull/463) - [@anakinj](https://github.com/anakinj).
+- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten)).
+- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh)).
+
+**Fixes and enhancements:**
+- Readme: Typo fix re MissingRequiredClaim [\#451](https://github.com/jwt/ruby-jwt/pull/451) ([antonmorant](https://github.com/antonmorant)).
+- Fix RuboCop TODOs [\#476](https://github.com/jwt/ruby-jwt/pull/476) ([typhoon2099](https://github.com/typhoon2099)).
+- Make specific algorithms in README linkable [\#472](https://github.com/jwt/ruby-jwt/pull/472) ([milieu](https://github.com/milieu)).
+- Update note about supported JWK types [\#475](https://github.com/jwt/ruby-jwt/pull/475) ([dpashkevich](https://github.com/dpashkevich)).
+- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5)).
 
 ## [v2.3.0](https://github.com/jwt/ruby-jwt/tree/v2.3.0) (2021-10-03)
 

data/CONTRIBUTING.md

@@ -0,0 +1,99 @@
+# Contributing to [ruby-jwt](https://github.com/jwt/ruby-jwt)
+
+## Forking the project
+
+Fork the project on GitHub and clone your own fork. Instuctions on forking can be found from the [GitHub Docs](https://docs.github.com/en/get-started/quickstart/fork-a-repo)
+
+```
+git clone git@github.com:you/ruby-jwt.git
+cd ruby-jwt
+git remote add upstream https://github.com/jwt/ruby-jwt
+```
+
+## Create a branch for your implementation
+
+Make sure you have the latest upstream master branch of the project.
+
+```
+git fetch --all
+git checkout master
+git rebase upstream/master
+git push origin master
+git checkout -b fix-a-little-problem
+```
+
+## Running the tests and linter
+
+Before you start with your implementation make sure you are able to get a succesful test run with the current revision.
+
+The tests are written with rspec and [Appraisal](https://github.com/thoughtbot/appraisal) is used to ensure compatibility with 3rd party dependencies providing cryptographic features.
+
+[Rubocop](https://github.com/rubocop/rubocop) is used to enforce the Ruby style.
+
+To run the complete set of tests and linter run the following
+
+```bash
+bundle install
+bundle exec appraisal rake test
+bundle exec rubocop
+```
+
+## Implement your feature
+
+Implement tests and your change. Don't be shy adding a little something in the [README](README.md).
+Add a short description of the change in either the `Features` or `Fixes` section in the [CHANGELOG](CHANGELOG.md) file.
+
+The form of the row (You need to return to the row when you know the pull request id)
+```
+- Fix a little problem [#123](https://github.com/jwt/ruby-jwt/pull/123) - [@you](https://github.com/you).
+```
+
+## Push your branch and create a pull request
+
+Before pushing make sure the tests pass and RuboCop is happy.
+
+```
+bundle exec appraisal rake test
+bundle exec rubocop
+git push origin fix-a-little-problem
+```
+
+Make a new pull request on the [ruby-jwt project](https://github.com/jwt/ruby-jwt/pulls) with a description what the change is about.
+
+## Update the CHANGELOG, again
+
+Update the [CHANGELOG](CHANGELOG.md) with the pull request id from the previous step.
+
+You can ammend the previous commit with the updated changelog change and force push your branch. The PR will get automatically updated.
+
+```
+git add CHANGELOG.md
+git commit --amend --no-edit
+git push origin fix-a-little-problem -f
+```
+
+## Keep an eye on your pull request
+
+A maintainer will review and probably merge you changes when time allows, be patient.
+
+## Keeping your branch up-to-date
+
+It's recommended that you keep your branch up-to-date by rebasing to the upstream master.
+
+```
+git fetch upstream
+git checkout fix-a-little-problem
+git rebase upstream/master
+git push origin fix-a-little-problem -f
+```
+
+# Releasing a new version
+
+The version is using the [Semantic Versioning](http://semver.org/) and the version is located in the [version.rb](lib/jwt/version.rb) file.
+Also update the [CHANGELOG](CHANGELOG.md) to reflect the upcoming version release.
+
+```bash
+rake release
+```
+
+**If you want a release cut with your PR, please include a version bump according to **

data/README.md

@@ -12,10 +12,12 @@ A ruby implementation of the [RFC 7519 OAuth JSON Web Token (JWT)](https://tools
 If you have further questions related to development or usage, join us: [ruby-jwt google group](https://groups.google.com/forum/#!forum/ruby-jwt).
 
 ## Announcements
-
+* Ruby 2.4 support is going to be dropped in version 2.4.0
 * Ruby 1.9.3 support was dropped at December 31st, 2016.
 * Version 1.5.3 yanked. See: [#132](https://github.com/jwt/ruby-jwt/issues/132) and [#133](https://github.com/jwt/ruby-jwt/issues/133)
 
+See [CHANGELOG.md](CHANGELOG.md) for a complete set of changes.
+
 ## Sponsors
 
 |Logo|Message|
@@ -130,6 +132,7 @@ puts decoded_token
 * ES256 - ECDSA using P-256 and SHA-256
 * ES384 - ECDSA using P-384 and SHA-384
 * ES512 - ECDSA using P-521 and SHA-512
+* ES256K - ECDSA using P-256K and SHA-256
 
 ```ruby
 ecdsa_key = OpenSSL::PKey::EC.new 'prime256v1'
@@ -575,7 +578,7 @@ JWT.decode(token, nil, true, { algorithms: ['RS512'], jwks: jwks})
 
 ### Importing and exporting JSON Web Keys
 
-The ::JWT::JWK class can be used to import and export both the public key (default behaviour) and the private key. To include the private key in the export pass the  `include_private` parameter to the export method.
+The ::JWT::JWK class can be used to import and export both the public key (default behaviour) and the private key. To include the private key in the export pass the `include_private` parameter to the export method.
 
 ```ruby
 jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048))
@@ -584,27 +587,14 @@ jwk_hash = jwk.export
 jwk_hash_with_private_key = jwk.export(include_private: true)
 ```
 
-# Development and Tests
-
-We depend on [Bundler](http://rubygems.org/gems/bundler) for defining gemspec and performing releases to rubygems.org, which can be done with
-
-```bash
-rake release
-```
-
-The tests are written with rspec. [Appraisal](https://github.com/thoughtbot/appraisal) is used to ensure compatibility with 3rd party dependencies providing cryptographic features.
-
-```bash
-bundle install
-bundle exec appraisal rake test
-```
+## How to contribute
 
-**If you want a release cut with your PR, please include a version bump according to [Semantic Versioning](http://semver.org/)**
+See [CONTRIBUTING](CONTRIBUTING.md).
 
 ## Contributors
 
-See `AUTHORS` file.
+See [AUTHORS](AUTHORS).
 
 ## License
 
-See `LICENSE` file.
+See [LICENSE](LICENSE).

data/lib/jwt/algos/ecdsa.rb

@@ -6,13 +6,29 @@ module JWT
       module_function
 
       NAMED_CURVES = {
-        'prime256v1' => 'ES256',
-        'secp256r1' => 'ES256', # alias for prime256v1
-        'secp384r1' => 'ES384',
-        'secp521r1' => 'ES512'
+        'prime256v1' => {
+          algorithm: 'ES256',
+          digest: 'sha256'
+        },
+        'secp256r1' => { # alias for prime256v1
+          algorithm: 'ES256',
+          digest: 'sha256'
+        },
+        'secp384r1' => {
+          algorithm: 'ES384',
+          digest: 'sha384'
+        },
+        'secp521r1' => {
+          algorithm: 'ES512',
+          digest: 'sha512'
+        },
+        'secp256k1' => {
+          algorithm: 'ES256K',
+          digest: 'sha256'
+        }
       }.freeze
 
-      SUPPORTED = NAMED_CURVES.values.uniq.freeze
+      SUPPORTED = NAMED_CURVES.map { |_, c| c[:algorithm] }.uniq.freeze
 
       def sign(to_sign)
         algorithm, msg, key = to_sign.values
@@ -39,14 +55,9 @@ module JWT
       end
 
       def curve_by_name(name)
-        algorithm = NAMED_CURVES.fetch(name) do
+        NAMED_CURVES.fetch(name) do
           raise UnsupportedEcdsaCurve, "The ECDSA curve '#{name}' is not supported"
         end
-
-        {
-          algorithm: algorithm,
-          digest: algorithm.sub('ES', 'sha')
-        }
       end
     end
   end

data/lib/jwt/decode.rb

@@ -118,6 +118,8 @@ module JWT
 
     def decode_crypto
       @signature = Base64.urlsafe_decode64(@segments[2] || '')
+    rescue ArgumentError
+      raise(JWT::DecodeError, 'Invalid segment encoding')
     end
 
     def algorithm

data/lib/jwt/jwk/ec.rb

@@ -59,6 +59,9 @@ module JWT
         when 'prime256v1'
           crv = 'P-256'
           x_octets, y_octets = encoded_point.unpack('xa32a32')
+        when 'secp256k1'
+          crv = 'P-256K'
+          x_octets, y_octets = encoded_point.unpack('xa32a32')
         when 'secp384r1'
           crv = 'P-384'
           x_octets, y_octets = encoded_point.unpack('xa48a48')
@@ -98,6 +101,7 @@ module JWT
           when 'P-256' then 'prime256v1'
           when 'P-384' then 'secp384r1'
           when 'P-521' then 'secp521r1'
+          when 'P-256K' then 'secp256k1'
           else raise JWT::JWKError, 'Invalid curve provided'
           end
         end

data/lib/jwt/jwk/hmac.rb

@@ -50,7 +50,7 @@ module JWT
 
           raise JWT::JWKError, 'Key format is invalid for HMAC' unless jwk_k
 
-          self.new(jwk_k, jwk_kid)
+          new(jwk_k, jwk_kid)
         end
       end
     end

data/lib/jwt/jwk/rsa.rb

@@ -64,7 +64,7 @@ module JWT
             decode_open_ssl_bn(value)
           end
           kid = jwk_attributes(jwk_data, :kid)[:kid]
-          self.new(rsa_pkey(pkey_params), kid)
+          new(rsa_pkey(pkey_params), kid)
         end
 
         private

data/lib/jwt/version.rb

@@ -13,7 +13,7 @@ module JWT
     # minor version
     MINOR = 4
     # tiny version
-    TINY  = 0
+    TINY  = 1
     # alpha, beta, etc. tag
     PRE   = nil
 

data/lib/jwt.rb

@@ -24,7 +24,7 @@ module JWT
                headers: header_fields).segments
   end
 
-  def decode(jwt, key = nil, verify = true, options = {}, &keyfinder)
+  def decode(jwt, key = nil, verify = true, options = {}, &keyfinder) # rubocop:disable Style/OptionalBooleanParameter
     Decode.new(jwt, key, verify, DEFAULT_OPTIONS.merge(options), &keyfinder).decode_segments
   end
 end

data/ruby-jwt.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = '>= 2.5'
   spec.metadata = {
     'bug_tracker_uri' => 'https://github.com/jwt/ruby-jwt/issues',
-    'changelog_uri'   => "https://github.com/jwt/ruby-jwt/blob/v#{JWT.gem_version}/CHANGELOG.md"
+    'changelog_uri' => "https://github.com/jwt/ruby-jwt/blob/v#{JWT.gem_version}/CHANGELOG.md"
   }
 
   spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(spec|gemfiles|coverage|bin)/}) }
@@ -29,6 +29,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'appraisal'
   spec.add_development_dependency 'bundler'
   spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'reek'
   spec.add_development_dependency 'rspec'
   spec.add_development_dependency 'simplecov'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 2.4.1
 platform: ruby
 authors:
 - Tim Rudat
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-06-06 00:00:00.000000000 Z
+date: 2022-06-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: appraisal
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: reek
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -91,14 +105,15 @@ files:
 - ".github/workflows/coverage.yml"
 - ".github/workflows/test.yml"
 - ".gitignore"
+- ".reek.yml"
 - ".rspec"
 - ".rubocop.yml"
-- ".rubocop_todo.yml"
 - ".sourcelevel.yml"
 - AUTHORS
 - Appraisals
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - Gemfile
 - LICENSE
 - README.md
@@ -135,7 +150,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/jwt/ruby-jwt/issues
-  changelog_uri: https://github.com/jwt/ruby-jwt/blob/v2.4.0/CHANGELOG.md
+  changelog_uri: https://github.com/jwt/ruby-jwt/blob/v2.4.1/CHANGELOG.md
 post_install_message:
 rdoc_options: []
 require_paths:

data/.rubocop_todo.yml

@@ -1,22 +0,0 @@
-# This configuration was generated by
-# `rubocop --auto-gen-config --exclude-limit 1000000`
-# on 2021-12-27 06:53:55 UTC using RuboCop version 1.23.0.
-# The point is for the user to remove these configuration records
-# one by one as the offenses are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of RuboCop, may require this file to be generated again.
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: Include.
-# Include: **/*.gemspec
-Gemspec/RequireMFA:
-  Exclude:
-    - 'ruby-jwt.gemspec'
-
-# Offense count: 1
-# Configuration parameters: AllowedMethods.
-# AllowedMethods: respond_to_missing?
-Style/OptionalBooleanParameter:
-  Exclude:
-    - 'lib/jwt.rb'