Update module to use Firebase PHP-JWT > Version 6

Created on 21 February 2023, over 1 year ago

Problem/Motivation

There is a security update available for Firebase PHP-JWT. It appears that the version that this module references in its composer.json file is not going to receive the appropriate the security patch. See https://github.com/advisories/GHSA-8xf4-w7qw-pjjw

This security update is causing deployment pipelines to break that include checks for security updates for third party composer dependencies.

Proposed resolution

Update the module and its dependencies to make use of firebase/php-jwt:^6.0.

Remaining tasks

Update composer.json to require firebase/php-jwt:^6.0.
Make any necessary module updates that overcome issues introduced by upgrading PHP-JWT to the next major version.
Perform tests to ensure the module is functioning as expected.

📌 Task

Status

Active

Version

5.0

Component

salesforce_jwt.module

Created by

🇨🇦Canada rbrownell Ottawa, Ontario, Canada

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @rbrownell
Comment over 1 year ago →
🇨🇦Canada rbrownell Ottawa, Ontario, Canada

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024