drf-social-oauth2 icon indicating copy to clipboard operation
drf-social-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon wagnerdelima

chore: switch from jose to pyjwt

Open t16n opened this issue 1 year ago • 0 comments

Description

The python-jose project is not being maintained anymore.

The project is using an outdated dependency: ecdsa

Fixes # (issue) Minerva timing attack on P-256 in python-ecdsa

There already is an issue on the python-jose project, with no reaction by the authors: https://github.com/mpdavis/python-jose/issues/341

This PR switches python-jose to PyJWT

Checklist

  • [x] Do unit tests run with no errors?
  • [x] Has coverage not decreased?
  • [x] Is your code concise and clean?
  • [x] Are the conf.py and installation sphinx updated with the new version?
  • [x] Is the init.py version variable updated?

t16n avatar Feb 07 '24 12:02 t16n