PyJWT v2.4.0 Release Notes
-
๐ Security
- ๐ [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24 ๐ Changed
- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713
- ๐ Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742
๐ Fixed
- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705 - ๐ documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661 - ๐ fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729 - Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743 โ Added
- โ Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.getitem by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725
- โก๏ธ Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727
- ๐ Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734
- ๐ Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738
- โ Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744
- โก๏ธ Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751