Closed erickskrauch closed 10 months ago
SecondeJK
commented
10 months ago Apologies for the automatic closure: the timing was unfortunately really bad: #441 is literally the PR before this one and is about to be merged: it refactors the library to use the PHP JWT library (that uses 4.1 of lcobucci, but that dependency is now abstracted out so version upgrades will be easier)
erickskrauch
commented
10 months ago No problem. I hope support for v5 will be added soon. I'll keep my job project living on my fork for a while.
SecondeJK
commented
10 months ago I'll make a note to bump vonage/jwt up to jcobucci/jwt 5. It won't be -too- soon though because I want to support PHP8 for a little bit after security patches. Once this core library has it's next major release (possibly at the end of Q4 2023 or Q1 2024) I expect I'll drop it and bump up to v5
Brenneisen
commented
9 months ago @SecondeJK As a customer, we would like to see this library get more modern dependencies soon. A normal way in such situations would be a new major version with updates for PHP 8.3 support and lcobucci/jwt 5.2 support. Since Laravel also requires ramsey/uuid 4.7, this would also be necessary. You are restricting your customers with legacy dependencies and have no other option.
This PR allows us to install it with
lcobucci/jwtv5.Description
It does what title says :) It also removes allowance of
lcobucci/jwtv3 since it might be installed only on PHP^7.0, but the library itself requires at least^8.0.Motivation and Context
On our project we use the latest version of the
lcobucci/jwt, so we couldn't install the library without this fix.How Has This Been Tested?
I have performed
vendor/bin/phpunitfor both 4 and 5 versions oflcobucci/jwt. No errors have been reported.Types of changes
Checklist: