Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove python-jose from dependencies #558

Open
nuclearcat opened this issue Oct 22, 2024 · 2 comments
Open

Remove python-jose from dependencies #558

nuclearcat opened this issue Oct 22, 2024 · 2 comments
Labels
bug Something isn't working critical

Comments

@nuclearcat
Copy link
Member

@moto-timo mentioned that:

Snyk is highlighting python-jose as having High vulnerabilities. One of the suggested replacements is PyJWT.

We need to remove python-jose if possible.
@nuclearcat nuclearcat added bug Something isn't working critical labels Oct 22, 2024
nuclearcat referenced this issue Oct 22, 2024
api: upgrade python packages
96fd1b6 
Enable support for `pydantic v2` along
with the latest `fastapi-pagination` package.
To enable the upgrade `fastapi` and `fastapi-users`
packages are also required to be upgraded.

Signed-off-by: Jeny Sadadia <[email protected]>
@moto-timo
Copy link

Possible hint at refactoring
jpadilla/pyjwt#942

@moto-timo
Copy link

Some other alternatives can be found:
https://python.libhunt.com/python-jose-alternatives

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working critical
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nuclearcat @moto-timo