A simple library to work with JSON Web Token and JSON Web Signature
This release provides an API to ease key rotation procedures and dependency updates.
This releases compatibility guarantees with PHP 8.3 and adds testing against PHP 8.4-dev.
1025: Update all non-major dependencies thanks to @renovate[bot]
1017: Update dependency phpstan/phpstan to v1.10.26 thanks to @renovate[bot]
1016: Update dependency lcobucci/coding-standard to v11 thanks to @renovate[bot]
1006: Lock file maintenance thanks to @renovate[bot]
1004: Update all non-major dependencies thanks to @renovate[bot]
1010: Fixed naming of assertShouldRaiseExceptionWhenSignatureIsValid()
thanks to @rhertogh
This release removes deprecated components, makes PHP 8.1 the minimum required version, and ships some API improvements.
string
s thanks to @Slamdunk\Lcobucci\JWT\Signer\None
thanks to @SlamdunkFeature release (minor)
lcobucci/clock:^3.0
to be installed with lcobucci/jwt:^4
thanks to @OcramiusThis release fixes a documentation mistake.
This release provides a high-level API, a new (non-standard) algorithm, and validation for key length requirements. The latter is a minor BC-break for users that aren't following the RFC recommendations.
To contain the impact of the changes and give time for people to rotate keys, we have deprecated implementations that maintain the previous behaviour and allow unsafe keys. For more information, please read the documentation.
::empty()
factory method thanks to @Slamdunk789: Merge release 4.1.5 into 4.2.x thanks to @github-actions[bot]
704: Invalid signing with SHA256 alg using secp521r1 curve thanks to @KartaviK
This patch ships a minor security fix to prevent misuse of the LocalFileReference
key.
More info: https://github.com/lcobucci/jwt/security/advisories/GHSA-7322-jrq4-x5hf
This patch ships a minor security fix to prevent misuse of the LocalFileReference
key.
More info: More info: https://github.com/lcobucci/jwt/security/advisories/GHSA-7322-jrq4-x5hf
This patch ships a minor security fix to prevent misuse of the LocalFileReference
key.
More info: More info: https://github.com/lcobucci/jwt/security/advisories/GHSA-7322-jrq4-x5hf
This release removes the possibility of having parsing issues when dealing with time-fractions with more than 6 decimal places.