# Desscription

There were some issues after I had update jsonwebtoken to v9.0.0

# Problem 1

If you  import * as jwt from "jsonwebtoken" , then you can't call  jwt.decode . It works fine if you use a default import though ( import jwt from "jsonwebtoken" ).

jwt.decode("abc"); // TypeError: jwt.decode is not a function

# Troubleshoot 1

please use verify() function instead

# Problem 2

Changes to how  decode  is defined in 9.0.0 (15a1bc4) prevent it from being altered for unit tests by tools such as  sinon , or even direct alteration such as

jwt.decode = function() { return( 'teststring' ); };

As a result errors such as  TypeError: Cannot redefine property: decode  are thrown in these scenarios.

# Troubleshoot 2

I also had this error when I used node v 12.16.1 and jwt 9.0.0
installing node@12.19 or above will solve the problem.

I believe the error we saw refers to the  KeyObject  that is coming from this line of code in  verify.js  file (from jsonwebtoken@9.0.0):
if (secretOrPublicKey != null && !(secretOrPublicKey instanceof KeyObject))

there's a big change in the  KeyObject  class from  node@12.19  in this PR : nodejs/node#33360
(jsonwebtoken uses  crypto  module from  node , and  KeyObject  is in that module)

Originally (before this PR), this  KeyObject  was not exposed to users. instead, users could use other functions to construct the key objects
so  node@12.16.1  that I used didn't include the changes (expose to users) in the PR, so the  KeyObject  won't work for  jsonwebtoken@9.0.0 , which means  verify()  won't work

for jsonwebtoken v.8.5.1, its  verify()  function doesn't use  KeyObject , so it should work with the node version that's below node@12.19