A tool that facilitates the participation of Micro, Small, and Medium businesses (MSMEs) in the Colombian public procurement market.
BSD 3-Clause "New" or "Revised" License
5
stars
0
forks
source link
Replace python-jose #277
Closed
jpmckinney closed 4 months ago
python-jose is not maintained and it depends on ecdsa which has an unresolvable security vulnerability (it would have to be implemented in C, but it's designed to be Python only). See the Reply/Mitigation at https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp
We can migrate to https://github.com/jpadilla/pyjwt (https://github.com/jpadilla/pyjwt/issues/942)
We use jose in: