Last year, you confirmed that node-jwk-to-pem is not working with elliptic signatures on #187 (comment).
However, since then, elliptic has received attention due to signature verification vulnerabilities and unfortunately, those issues still exist today. There is no progress in that regard (as of now) despite last year's efforts. See comments indutny/elliptic#321 (comment).
In addition to that, some of us are getting annoyed by tools such as snyk for packages that depend on node-jwk-to-pem (due to elliptic).
So I wonder if node-jwk-to-pem could evaluate switching to a better-maintained library for Elliptic Curve, like for example https://github.com/paulmillr/noble-curves.
I'm not a cryptographer, so I leave this here and wait for your thoughts are about.