Upgrade jwt to 2.0.0

[travisofthenorth]

Version 2.0.0 of ruby-jwt has just been released after being in beta for many months. This PR updates the version used by this gem.

[coveralls]

Coverage remained the same at 96.0% when pulling 1475dc0 on travisofthenorth:upgrade-jwt into 452a085 on intridea:master.

[travisofthenorth]

Ok, so jwt now requires Ruby version >= 2.1. Obviously this prohibits the use of 1.9 and 2.0 which are both used in runs on CI.

Can a maintainer chime in when you get a chance? @sferik ?

[greysteil]

Not a maintainer, but I've spent more time worrying about dependency updates than most (I wrote Dependabot).

For a gemspec update like this, you want to change the requirement to be a range - in this case ">= 1.0", "< 3.0". The jwt gem specifies a required ruby version, so older rubies will still install a 1.x version just fine. I'd also leave the line in the Gemfile there - it's there because very old versions of Bundler don't respect the required_ruby_version, but we still want to test against them in the build matrix.

Version 2.0 of jwt isn't that breaking, so I think specs should pass on it without any code changes... (And I just checked Travis for this PR - indeed they do.)

[travisofthenorth]

@greysteil awesome, thanks for your help! Let me know if it looks right now.

[greysteil]

Looks 👌 . Given the note in the readme, you might want to email jason@mobomo.com if you want to get this merged, though...

[coveralls]

Coverage remained the same at 96.0% when pulling 401f1c8 on travisofthenorth:upgrade-jwt into 452a085 on intridea:master.

[anitsirc]

@jasonschulte @sferik Can we get this merged 😄 ?

[jasonschulte]

Thank you for contacting me. Currently no one in our company is assigned to maintain this repo. I am including our CTO Shawn MacFarland to see what can be done.

…

On Wed, Sep 20, 2017 at 7:53 AM, Cristina Matonte ***@***.***> wrote: @jasonschulte <https://github.com/jasonschulte> @sferik <https://github.com/sferik> Can we get this merged 😄 ? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#317 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ADWE952SiUrFBI2atNWdf6N5CCL52kvaks5skQragaJpZM4POkBS> .

[anitsirc]

@jasonschulte any updates?

[jasonschulte]

Still waiting on direction from our CTO. I'm inviting him to this repo so we can tag him on this thread and he can respond directly.

[dnd]

@jasonschulte any chance that there will be some movement on this soon?

[travisofthenorth]

@jasonschulte I understand that your team isn't actively maintaining the gem, but this is a pretty safe/easy change. This gem is a blocker to upgrading jwt in any application using it, and v2 contains some pretty important fixes. Is there anything I can do to help get this past the finish line?

[pboling]

LGTM

[travisofthenorth]

@pboling 💯 👏 🥇 😭 thank you

[travisofthenorth]

@pboling when we can expect to see a new version published?

[pboling]

I do not think I have push access to rubygems.org yet. I am working on that. CC @mbleigh @sferik

[bruschill]

Any update on getting 1.5.0 out and on rubygems?

[pboling]

@bruschill @travisofthenorth @dnd @anitsirc @greysteil We are working on getting a release out as soon as possible. There are still some loose ends. All assistance in reviewing open PRs and issues is appreciated!
There is no specific timeline for 1.5.0 aside from "as soon as it is ready". Everyone working on the project is pretty new to the project, and we have no desire to mess up a critical piece of software.