PyJWT v2.4.0 Release Notes

  • ๐Ÿ”’ Security

    - ๐Ÿ”’ [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats.
    ๐Ÿ”„ Changed
    - Explicit check the key for ECAlgorithm by @estin in
    - ๐Ÿ—„ Raise DeprecationWarning for jwt.decode(verify=...) by @akx in
    ๐Ÿ›  Fixed
    - Don't use implicit optionals by @rekyungmin in
    - ๐Ÿ“š documentation fix: show correct scope for decode_complete() by @sseering in
    - ๐Ÿ›  fix: Update copyright information by @kkirsche in
    - Don't mutate options dictionary in .decode_complete() by @akx in
    โž• Added
    - โž• Add support for Python 3.10 by @hugovk in
    - api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in
    - โšก๏ธ Update usage.rst by @guneybilen in
    - ๐Ÿ“„ Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in
    - ๐Ÿ›  Fixed typo in usage.rst by @israelabraham in
    - โž• Add detached payload support for JWS encoding and decoding by @fviard in
    - Replace various string interpolations with f-strings by @akx in
    - โšก๏ธ Update CHANGELOG.rst by @hipertracker in