fix(deps): update dependency firebase/php-jwt to v7 [security] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
firebase/php-jwt	^6.8 → ^7.0

GitHub Vulnerability Alerts

CVE-2025-45769

php-jwt v6.11.0 was discovered to contain weak encryption.

---

Release Notes

firebase/php-jwt (firebase/php-jwt)

v7.0.0

Compare Source

⚠️ ⚠️ ⚠️ Security Fixes ⚠️ ⚠️ ⚠️

• add key size validation (#​613) (6b80341)
  NOTE: This fix will cause keys with a size below the minimally allowed size to break.

Features

• add SensitiveParameter attribute to security-critical parameters (#​603) (4dbfac0)
• store timestamp in ExpiredException (#​604) (f174826)

Bug Fixes

• validate iat and nbf on payload (#​568) (953b2c8)

v6.11.1

Compare Source

Bug Fixes

• update error text for consistency (#​528) (c11113a)

v6.11.0

Compare Source

Features

• support octet typed JWK (#​587) (7cb8a26)

Bug Fixes

• refactor constructor Key to use PHP 8.0 syntax (#​577) (29fa2ce)

v6.10.2

Compare Source

Bug Fixes

• Mitigate PHP8.4 deprecation warnings (#​570) (76808fa)
• support php 8.4 (#​583) (e3d68b0)

v6.10.1

Compare Source

Bug Fixes

• ensure ratelimit expiry is set every time (#​556) (09cb208)
• ratelimit cache expiration (#​550) (dda7250)

v6.10.0

Compare Source

Features

• allow typ header override (#​546) (79cb30b)

v6.9.0

Compare Source

Features

• add payload to jwt exception (#​521) (175edf9)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.