search

docusign / docusign-esign-php-client

The Official Docusign PHP Client Library used to interact with the eSign REST API. Send, sign, and approve documents using this client.
https://www.docusign.com/devcenter
MIT License
198 stars 122 forks source link

Cannot install the last version due to the firebase/php-jwt version #172

Closed wehostadm closed 1 year ago

wehostadm commented 2 years ago

Hi,

I was unable to install the last version 

$ composer require docusign/esign-client
Using version ^6.8 for docusign/esign-client
./composer.json has been updated
Running composer update docusign/esign-client
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires docusign/esign-client ^6.8 -> satisfiable by docusign/esign-client[v6.8.0].
    - docusign/esign-client v6.8.0 requires firebase/php-jwt ^5.0 -> found firebase/php-jwt[v5.0.0, ..., v5.5.1] but the package is fixed to v6.1.2 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
You can also try re-running composer require with an explicit version constraint, e.g. "composer require docusign/esign-client:*" to figure out if any version is installable, or "composer require docusign/esign-client:^2.1" if you know which you need.

Installation failed, reverting ./composer.json and ./composer.lock to their original content.

It seems that the package requires firebase/php-jwt version: ^5.0

Or my local version of firebase/php-jwt version is firebase/php-jwt v6.1.2 A simple library to encode and decode JSON Web Tokens (JWT) in PHP. ...

So it does not match the requirements...

How can I do ?

Thanks,

karankaushik95 commented 2 years ago

Based on what I read here - https://stackoverflow.com/questions/65421249/laravel-unable-to-add-new-package, can you try removing your composer.lock file and try running the command again?

Karthikeyan-SBS commented 2 years ago

We also like this upgrade happen soon, currently our builds scan are giving below error:

Vulnerability - CVE-2021-46743 Only fix needed is "Upgrade to version v6.0.0 Message: Upgrade to version Details: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46743"

karankaushik95 commented 2 years ago

Hi @Karthikeyan-SBS thanks for flagging this. Our SDK team is already aware of this issue and they are working towards a fix. The RC of our SDK due to be released this week will patch this.

ChangingTerry commented 1 year ago

Any movement on this?

karankaushik95 commented 1 year ago

Hi @ChangingTerry This should already be resolved, are you still facing issues?

ChangingTerry commented 1 year ago

Sorry, yes I am.

Unless I'm missing something it would seem that the current version still relies on version 5.0 of firebase/jwt?

apsylone commented 1 year ago

I still have this issue too on my side @karankaushik95 @ChangingTerry .

dbbrahmbhatt commented 1 year ago

Hello All, Thank you for filing the issue. We have added the support for firebase/php-jwt 6.* in release 6.12.0-rc. Please let us know if you still face the issue.