Mealie is a self hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in Vue for a pleasant user experience for the whole family. Easily add recipes into your database by providing the url and mealie will automatically import the relevant data or add a family recipe with the UI editor
I don't think we're actually impacted by this issue because we always specify the algorithm explicitly, but it was such an easy dependency replacement I thought it would be a good idea to take care of it now.
What type of PR is this?
(REQUIRED)
What this PR does / why we need it:
(REQUIRED)
python-jose has a high-security vulnerability which has been known about for a month, but python-jose hasn't been updated in a year.
PyJWT is much more actively updated and fixed the same issue several versions ago.
I don't think we're actually impacted by this issue because we always specify the algorithm explicitly, but it was such an easy dependency replacement I thought it would be a good idea to take care of it now.
Which issue(s) this PR fixes:
(REQUIRED)
Fixes https://github.com/mealie-recipes/mealie/security/dependabot/194 Fixes https://github.com/mealie-recipes/mealie/security/dependabot/195
Special notes for your reviewer:
(fill-in or delete this section)
Apparently this isn't the first time python-jose has been out of date