chore: release 1.4.1

Author: lepture

docs/changelog.rst

@@ -12,6 +12,14 @@ Changelog
 .. module:: joserfc
     :noindex:
 
+1.4.1
+-----
+
+**Released on November 5, 2025**
+
+- Add a base ``ClaimError`` for catching JWT claim validation errors.
+- Show security warnings when importing weak OctKey and RSAKey.
+
 1.4.0
 -----
 

docs/guide/jwt.rst

@@ -86,14 +86,23 @@ JSON object.
 
 .. code-block:: python
 
+    from joserfc.errors import ClaimError, ExpiredTokenError, InvalidTokenError
     from joserfc.jwt import JWTClaimsRegistry
 
     claims_requests = JWTClaimsRegistry(
         iss={"essential": True, "value": "https://authlib.org"},
     )
 
     # usually you will use the claims registry after ``.decode``
-    claims_requests.validate(token.claims)
+    try:
+        claims_requests.validate(token.claims)
+    except ClaimError as error:
+        print(error)
+    except ExpiredTokenError as error:
+        print("expired")
+    except InvalidTokenError as error:
+        # only happens when iat and nbf invalid
+        print("invalid")
 
 The Individual Claims Requests JSON object contains:
 

src/joserfc/__init__.py

@@ -1,4 +1,4 @@
-__version__ = "1.4.0"
+__version__ = "1.4.1"
 __homepage__ = "https://jose.authlib.org/en/"
 __author__ = "Hsiaoming Yang <[email protected]>"
 __license__ = "BSD-3-Clause"