behat-api-extension
behat-api-extension copied to clipboard
Extend support of firebase/php-jwt with version 6 branch
Hello,
we had to update some of our packages to the latest version because of some Synk findings. Now we stumpled upon an incompatibility regarding the package composition. Would it be possible to extend your composer.json
like shown below or are there any known issues with version 6 of firebase/php-jwt
?
"require": {
"firebase/php-jwt": "^5.2 || ^6.0",
}
Vulnerability details can be found here. It seems that every version below 6 has a CVSS score with 7.5 (high). https://security.snyk.io/vuln/SNYK-PHP-FIREBASEPHPJWT-2434829
Yes please, I also can't update my project's dependencies because of this. see https://github.com/imbo/behat-api-extension/pull/121
Hi, any updates there? Can the maintainers of the library to fix the issue? I've also faced with it one project, where I need to upgrade firebase/php-jwt, but can't due the issue :(
Hi, is there any update on this we also need this issue fixed.
#125
Thanks for upgrading dependencies