Chore(deps): Bump firebase/php-jwt from 6.11.1 to 7.0.2

Open dependabot[bot] opened this issue 3 weeks ago • 0 comments

Bumps firebase/php-jwt from 6.11.1 to 7.0.2.

Release notes

Sourced from firebase/php-jwt's releases.

v7.0.2

7.0.2 (2025-12-16)

Bug Fixes

add key length validation for ec keys (#615) (7044f9a)

v7.0.1

Bug Fixes

remove resource support (#612)

v7.0.0

7.0.0 (2025-12-15)

⚠️ ⚠️ ⚠️ Security Fixes ⚠️ ⚠️ ⚠️

add key size validation (#613) (6b80341) NOTE: This fix will cause keys with a size below the minimally allowed size to break.

Features

add SensitiveParameter attribute to security-critical parameters (#603) (4dbfac0)

store timestamp in ExpiredException (#604) (f174826)

Bug Fixes

validate iat and nbf on payload (#568) (953b2c8)

Changelog

Sourced from firebase/php-jwt's changelog.

7.0.2 (2025-12-16)

Bug Fixes

add key length validation for ec keys (#615) (7044f9a)

7.0.0 (2025-12-15)

⚠️ ⚠️ ⚠️ Security Fixes ⚠️ ⚠️ ⚠️

add key size validation (#613) (6b80341) NOTE: This fix will cause keys with a size below the minimally allowed size to break.

Features

add SensitiveParameter attribute to security-critical parameters (#603) (4dbfac0)

store timestamp in ExpiredException (#604) (f174826)

Bug Fixes

validate iat and nbf on payload (#568) (953b2c8)

Commits

5645b43 chore(main): release 7.0.2 (#616)
7044f9a fix: add key length validation for ec keys (#615)
81ed59e Add key size validation (#612)
c03036f chore(main): release 7.0.0 (#614)
6b80341 feat: add key size validation (#613)
a3edb39 chore: update release-please secret (#608)
f174826 feat: store timestamp in ExpiredException (#604)
4dbfac0 feat: add SensitiveParameter attribute to security-critical parameters (#603)
223d1b3 chore: move release please from app to github action (#606)
953b2c8 fix: validate iat and nbf on payload (#568)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Dec 20 '25 02:12 dependabot[bot]