Is there a plan to migrate from python-jose to pyjwt? Python-jose isn't maintained any more and contains some known vulnerabilities.
I noticed that there was some effort done in #41 , but not sure what happened to it. As an intermediate solution, we could perhaps move to python-jose[cryptography] which is already recommended above the default python-jose (with Python backend)?
Is there a plan to migrate from
python-josetopyjwt? Python-jose isn't maintained any more and contains some known vulnerabilities.I noticed that there was some effort done in #41 , but not sure what happened to it. As an intermediate solution, we could perhaps move to
python-jose[cryptography]which is already recommended above the defaultpython-jose(with Python backend)?