hajekj
commented
2 years ago Do you think it would be okay to drop support for 3.0, 4.0. and <5.5 version of php-jwt package?
Open kamilHipsz opened 2 years ago
hajekj
commented
2 years ago Do you think it would be okay to drop support for 3.0, 4.0. and <5.5 version of php-jwt package?
kamilHipsz
commented
2 years ago I think it should be fine. Maybe it's worth to revert #163 and release it as 2.1.2 and then, create a tag 2.2.0 with "firebase/php-jwt": "~5.5||~6.0"?
tomasfejfar
commented
1 year ago It's not only #163
This commit (in 2.1.0) added JWK https://github.com/TheNetworg/oauth2-azure/commit/e4f597ef1933fa7d033939386c1077319a4518b1#diff-e71d1d223a40906fdb0c32e375c67398c6f658f4c95a71dad16b855004d91fa7R359 But such class was added in v5.2.0 https://github.com/firebase/php-jwt/commit/b0def5fca80851717920a3816b5c670e6182bc2f
I think such issues could be prevented by having a build that would check for highest and lowest dependencies and then run simple PHPStan with very low level that will resolve all the classes and make sure they exist and are compatible.
tomasfejfar
commented
1 year ago So 2.0.1 is the latest version supporting v4 of JWT.
tomasfejfar
commented
1 year ago I'll try to contribute Github Actions build that would catch this if I find the time.
yehudahkay
commented
1 year ago I had to require firebase separately
Hi, https://github.com/TheNetworg/oauth2-azure/pull/163 breaks compatibility with firebase/php-jwt versions earlier than 5.5.0. Firebase\JWT\Key class exists only in 5.5.0 and above and it conflicts with following composer dependencies:
"firebase/php-jwt": "~3.0||~4.0||~5.0||~6.0"Thanks, Kamil