PyJWT v2.4.0 Release Notes
-
๐ Security
- ๐ [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24 ๐ Changed ~~~~~~~ - Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713 - ๐ Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742 ๐ Fixed ~~~~~ - Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705 - ๐ documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661 - ๐ fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729 - Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743 โ Added ~~~~~ - โ Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699 - api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725 - โก๏ธ Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727 - ๐ Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734 - ๐ Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738 - โ Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723 - Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744 - โก๏ธ Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751