kenzuya/unshackle
1
0
Fork 2
mirror of https://github.com/unshackle-dl/unshackle.git synced 2026-05-16 21:59:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(deps): bump PyJWT minimum to 2.12.0 for CVE-2026-32597

Browse Source 
PyJWT <= 2.11.0 accepts unknown `crit` header extensions in violation of RFC 7515 §4.1.11. Bump lower bound to 2.12.0 which includes the fix.
This commit is contained in:
Andy
2026-03-25 15:16:21 -06:00
parent 732709d3a9
commit 7358619a40
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pyproject.toml
View File

@@ -40,7 +40,7 @@ dependencies = [
"protobuf>=4.25.3,<7",
"pycaption>=2.2.6,<3",
"pycryptodomex>=3.20.0,<4",
"pyjwt>=2.8.0,<3",
"pyjwt>=2.12.0,<3",
"pymediainfo>=6.1.0,<8",
"pymp4>=1.4.0,<2",
"pymysql>=1.1.0,<2",