imghdr is deprecated and slated for removal in Python 3.13

[elibon99]

The imghdr module is deprecated in Python 3.11 (see here) and slated for removal in Python 3.13.

imghdr is used to determine image type:

PGPy/pgpy/constants.py

Lines 430 to 435 in 30a7571

	@classmethod
	def encodingof(cls, imagebytes):
	type = imghdr.what(None, h=imagebytes)
	if type == 'jpeg':
	return ImageEncoding.JPEG
	return ImageEncoding.Unknown # pragma: no cover

If just looking for the JPEG type, maybe a simple fix to get rid of imghdr would be to look at the signature in the first few bytes of the image data like:

...
# Check for JPEG signature (first three bytes are b'\xFF\xD8\xFF')
if imagebytes.startswith(b'\xFF\xD8\xFF'):
    return ImageEncoding.JPEG
return ImageEncoding.Unknown

?

[stefanor]

See also #443

[etzelc]

It would be great to have this issue resolved now that Python 3.13 has been released and the imghdr module has been removed. PR #443 already proposes a potential solution.

[goldyfruit]

Fedora 41, Arch, openSUSE Tumbleweed are now shipped with Python 3.13 which prevent the usage of this library in some cases.

[memory]

In some frustration, I have published to pypi a (hopefully) temporary fork of PGPy, PGPy13, which addresses this problem using @etzelc's code (thank you!) and also removes the pinning of the cryptography library to <38.0.0 which I believe is no longer necessary since #403 was merged.

https://pypi.org/project/PGPy13/

I do not want to be a long-term maintainer of a fork of PGPy, and my hope is that @Commod0re or some other person at SecurityInnovation will resume maintenance of this project, and which point I will yank PGPy13 v0.6.1rc1 from PyPi. In the meantime however, this should be a drop-in replacement that allows current users to continue using this project on modern releases of python.