chore(deps-dev): bump joserfc from 1.0.0 to 1.6.3

[dependabot]

Bumps joserfc from 1.0.0 to 1.6.3.

Release notes

Sourced from joserfc's releases.

1.6.3

   🐞 Bug Fixes

• jwe: Set max value for p2c  -  by @​lepture (696a9)

    View changes on GitHub

1.6.2

   🐞 Bug Fixes

• Class does not need to inherit object  -  by @​lepture (4a9be)
• jwe: Move size limit to DeflateZipModel  -  by @​lepture (04211)
• jwe: Auto add kid when add_recipient  -  by @​lepture (10ac9)
• jwe: Auto add kid to recipient when kid exists  -  by @​lepture (9db7e)

    View changes on GitHub

1.6.1

   🐞 Bug Fixes

• Remove duplicate code  -  by @​lepture (2c2ca)
• Improve base key method definition  -  by @​lepture (d78b4)
• Update for type hints  -  by @​lepture (e0d4f)
• jwt: Remove InvalidTokenError, ExpiredTokenError based on ClaimError  -  by @​lepture (b71ca)

    View changes on GitHub

1.6.0

   🚀 Features

• Filter_algorithms names parameter default to all algs  -  by @​azmeuk (1034a)
• Pick_random_key algorithm parameter is optional  -  by @​azmeuk (ee046)
• Filter_algorithms supports KeySet objects  -  by @​azmeuk (775d5)
• jwk: Add a derive_key method for OKPKey  -  by @​lepture (04f59)
• jwk: Add derive_key method for ECKey  -  by @​lepture (73412)

   🐞 Bug Fixes

• Remove backend parameter, it is deprecated  -  by @​lepture (e10e1)
• jwa: Improve RFC9864 check key logic  -  by @​lepture (b8434)
• jwk: Improve OKPKey implementation  -  by @​lepture (7b8e3)
• jwk: Allow import key from cryptography native key types  -  by @​lepture (6db65)
• jwk: Raise InvalidKeyCurveError when generate ECKey with invalid crv  -  by @​lepture (c7921)
• jwk: Improve generate_private_key on binding class  -  by @​lepture (24257)
• jwk: Remove useless properties on OKPKey  -  by @​lepture (bf35f)
• jws: Use JWSRegistry.guess_algorithm to replace JWSRegistry.guess_alg  -  by @​lepture (6b34c)
• jwt: Make BaseClaimsRegistry.essential_keys a property.  -  by @​lepture (bc13e)

    View changes on GitHub

... (truncated)

Changelog

Sourced from joserfc's changelog.

1.6.3

Released on February 25, 2026

• JWE: Set a max value for p2c header.

1.6.2

Released on February 16, 2026

• JWE: Auto add kid to recipient.
• JWE: Use DeflateZipModel.MAX_SIZE to determine size limit.

1.6.1

Released on December 30, 2025

• Deprecate InvalidTokenError, please use InvalidClaimError instead.
• Convert ExpiredTokenError to inherit from ClaimError.
• Improve on type hints.

1.6.0

Released on December 14, 2025

• filter_algorithms names defaults to all algorithms. :pull:79.
• Replace JWSRegistry.guess_alg with JWSRegistry.guess_algorithm.
• filter_algorithms and guess_alg supports KeySet objects. :pull:81.
• Improve generate_private_key method on Key's binding class.
• Raise InvalidKeyCurveError when generating ECKey with an invalid curve.
• Allow import key from cryptography native key types.
• Add ECKey.derive_key and OKPKey.derive_key class methods.

1.5.0

Released on November 30, 2025

• Add Ed25519 and Ed448 algorithms per :ref:rfc9864, via :issue:76.
• Marked EdDSA algorithm as deprecated per :ref:rfc9864, via :issue:76.
• Add parameter default_type for :meth:jwt.encode method.

1.4.3

Released on November 19, 2025

... (truncated)

Commits

• f06540f chore: release 1.6.3
• 696a961 fix(jwe): set max value for p2c
• 52c6ffd chore: release 1.6.2
• 3b36720 chore: update deps
• 91c7ecd chore: update readme
• 9db7e44 fix(jwe): auto add kid to recipient when kid exists
• 1330b49 docs: add a cheatsheet recipe
• 10ac93f fix(jwe): auto add kid when add_recipient
• 224e72a chore: remove codecov token
• 042118c fix(jwe): move size limit to DeflateZipModel
• Additional commits viewable in compare view

[Sashwatdas123]

@dependabot rebase

[Sashwatdas123]

LGTM