unpin jwt dependency to allow 3.x (0.3.1)

Esity · Esity · commit e29183ea582b · 2026-03-30T22:34:48.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,40 +2,10 @@
 
 ## [Unreleased]
 
-### Added
-- GitHub App authentication (JWT generation, installation tokens, manifest flow)
-- OAuth delegated authentication (Authorization Code + PKCE, device code fallback)
-- Scope-aware credential resolution chain (8 sources, rate limit + scope fallback)
-- `ScopeRegistry` for caching credential-to-owner/repo authorization status
-- `CredentialFallback` Faraday middleware (transparent 403/429 retry with next credential)
-- `RateLimit` Faraday middleware with automatic credential exhaustion tracking
-- `ScopeProbe` Faraday middleware for passive scope learning from API responses
-- `Helpers::Cache` for two-tier API response caching (global Redis + local in-memory)
-- `Helpers::TokenCache` for token lifecycle management with per-installation keying
-- `App::Runners::Auth` (JWT generation, installation token exchange)
-- `App::Runners::Webhooks` (signature verification, event parsing, scope invalidation)
-- `App::Runners::Manifest` (GitHub App manifest flow)
-- `App::Runners::Installations` (list, get, suspend, unsuspend, delete)
-- `App::Runners::CredentialStore` (Vault persistence after manifest flow)
-- `OAuth::Runners::Auth` (authorize_url, exchange_code, refresh, device_code, revoke)
-- `Runners::Actions` (GitHub Actions workflow management)
-- `Runners::Checks` (check runs and check suites)
-- `Runners::Releases` (release and asset management)
-- `Runners::Deployments` (deployment and status management)
-- `Runners::RepositoryWebhooks` (programmatic webhook management)
-- `Helpers::CallbackServer` for standalone OAuth redirect handling
-- `Helpers::BrowserAuth` for browser-based OAuth with PKCE
-- `CLI::Auth` for `legion lex exec github auth login/status`
-- `CLI::App` for `legion lex exec github app setup`
-- `RateLimitError`, `AuthorizationError`, `ScopeDeniedError` error classes
-- `jwt` (~> 2.7) and `base64` (>= 0.1) runtime dependencies
+## [0.3.1] - 2026-03-30
 
 ### Changed
-- `Helpers::Client` now uses scope-aware credential resolution (`owner:`, `repo:` context)
-- All existing runners forward `owner:` and `repo:` to `connection()` for scope-aware resolution
-- All existing runners now include `Helpers::Cache` for two-tier API response caching
-- `Client` class includes App and OAuth runner modules
-- Version bump to 0.3.0
+- Unpin jwt dependency from `~> 2.7` to `>= 2.7` to resolve conflict with jwt 3.x
 
 ## [0.3.0] - 2026-03-30
 
diff --git a/lex-github.gemspec b/lex-github.gemspec
@@ -28,7 +28,7 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'base64', '>= 0.1'
   spec.add_dependency 'faraday', '>= 2.0'
-  spec.add_dependency 'jwt', '~> 2.7'
+  spec.add_dependency 'jwt', '>= 2.7'
   spec.add_dependency 'legion-cache',     '>= 1.3.11'
   spec.add_dependency 'legion-crypt',     '>= 1.4.9'
   spec.add_dependency 'legion-data',      '>= 1.4.17'
diff --git a/lib/legion/extensions/github/version.rb b/lib/legion/extensions/github/version.rb
@@ -3,7 +3,7 @@
 module Legion
   module Extensions
     module Github
-      VERSION = '0.3.0'
+      VERSION = '0.3.1'
     end
   end
 end
