Contrib.social

Update module to use Firebase PHP-JWT > Version 6

Open on Drupal.org →
Created on 21 February 2023, over 1 year ago

Problem/Motivation

There is a security update available for Firebase PHP-JWT. It appears that the version that this module references in its composer.json file is not going to receive the appropriate the security patch. See https://github.com/advisories/GHSA-8xf4-w7qw-pjjw

This security update is causing deployment pipelines to break that include checks for security updates for third party composer dependencies.

Proposed resolution

Update the module and its dependencies to make use of firebase/php-jwt:^6.0.

Remaining tasks

  • Update composer.json to require firebase/php-jwt:^6.0.
  • Make any necessary module updates that overcome issues introduced by upgrading PHP-JWT to the next major version.
  • Perform tests to ensure the module is functioning as expected.
📌 Task
Status

Active

Version

5.0

Component

salesforce_jwt.module

Created by

🇨🇦Canada rbrownell Ottawa, Ontario, Canada

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024