Update jsonwebtoken requirement from 8.0 to 9.3

[dependabot]

Updates the requirements on jsonwebtoken to permit the latest version.

Changelog

Sourced from jsonwebtoken's changelog.

9.3.0 (2024-03-12)

• Add Validation.reject_tokens_expiring_in_less_than, the opposite of leeway

9.2.0 (2023-12-01)

• Add an option to not validate aud in the Validation struct
• Get the current timestamp in wasm without using std
• Update ring to 0.17

9.1.0 (2023-10-21)

• Supports deserialization of unsupported algorithms for JWKs

9.0.0 (2023-10-16)

• Update ring
• Rejects JWTs containing audiences when the Validation doesn't contain any

8.3.0 (2023-03-15)

• Update base64
• Implement Clone for TokenData if T impls Clone

8.2.0 (2022-12-03)

• Add DecodingKey::from_jwk
• Can now use PEM certificates if you have the use_pem feature enabled

8.1.1 (2022-06-17)

• Fix invalid field name on OctetKeyParameters

8.1.0 (2022-04-12)

• Make optional fields in the spec really optional
• Implements Hash for Header

8.0.1 (2022-02-03)

• Fix documentation of leeway

8.0.0 (2022-02-02)

• Add EdDSA algorithm
• sign/verify now takes a &[u8] instead of &str to be more flexible

... (truncated)

Commits

• 5162702 v9.3.0
• 29674b6 Add support for the reject_tokens_expiring_in_less_than option. (#370)
• aa5266d Refactor auth0 example (#367)
• 193eb8d Fix typo in jwk.rs (#353)
• 95cfdfb Set expected audience to validation in auth0 example (#349)
• 5ae24bb Forgot something in changelog
• 08601f7 Update changelog
• 32eabfb Add wasm tests using was-bindgen-test and wasm-pack (#346)
• 4e8ca23 Comment out wasm in CI
• 58f2df2 Next version
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 78.68%. Comparing base (678f651) to head (839322d).
Report is 4 commits behind head on main.

❗ Current head 839322d differs from pull request most recent head 7fb4885. Consider uploading reports for the commit 7fb4885 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #647      +/-   ##
==========================================
+ Coverage   78.35%   78.68%   +0.33%     
==========================================
  Files          72       72              
  Lines        2088     2088              
==========================================
+ Hits         1636     1643       +7     
+ Misses        452      445       -7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.