Bump firebase/php-jwt from 4.0.0 to 6.4.0 in /3rdparty

[dependabot]

Bumps firebase/php-jwt from 4.0.0 to 6.4.0.

Release notes

Sourced from firebase/php-jwt's releases.

v6.4.0

6.4.0 (2023-02-08)

Features

• add support for W3C ES256K (#462) (213924f)
• improve caching by only decoding jwks when necessary (#486) (78d3ed1)

v6.3.2

6.3.2 (2022-11-01)

Bug Fixes

• check kid before using as array index (bad1b04)

v6.3.1

6.3.1 (2022-11-01)

Bug Fixes

• casing of GET for PSR compat (#451) (60b52b7)
• string interpolation format for php 8.2 (#446) (2e07d8a)

v6.3.0

Features

• Added ES256 support to JWK parsing (#399)

Bug Fixes

• Fixed potential caching error in CachedKeySet by caching jwks as strings (#435)

v6.2.0

Features

1. Added Cached Key Sets (#397)!! See the README for usage instructions

2. Added $defaultAlg parameter to JWT::parseKey and JWT::parseKeySet (#426). This will allow users to parse JWKS which do not populate the alg parameter without having to manually edit the JSON.

v6.1.2

Bug Fix

• revert the flag to json_decode to force object (firebase/php-jwt#420)

Note: This fixes the PHP Fatal error the previous version tried to fix, but does so in a safer way.

... (truncated)

Changelog

Sourced from firebase/php-jwt's changelog.

6.4.0 (2023-02-08)

Features

• add support for W3C ES256K (#462) (213924f)
• improve caching by only decoding jwks when necessary (#486) (78d3ed1)

6.3.2 (2022-11-01)

Bug Fixes

• check kid before using as array index (bad1b04)

6.3.1 (2022-11-01)

Bug Fixes

• casing of GET for PSR compat (#451) (60b52b7)
• string interpolation format for php 8.2 (#446) (2e07d8a)

6.3.0 / 2022-07-15

• Added ES256 support to JWK parsing (#399)
• Fixed potential caching error in CachedKeySet by caching jwks as strings (#435)

6.2.0 / 2022-05-14

• Added CachedKeySet (#397)
• Added $defaultAlg parameter to JWT::parseKey and JWT::parseKeySet (#426).

6.1.0 / 2022-03-23

• Drop support for PHP 5.3, 5.4, 5.5, 5.6, and 7.0
• Add parameter typing and return types where possible

6.0.0 / 2022-01-24

• Backwards-Compatibility Breaking Changes: See the Release Notes for more information.
• New Key object to prevent key/algorithm type confusion (#365)
• Add JWK support (#273)
• Add ES256 support (#256)
• Add ES384 support (#324)
• Add Ed25519 support (#343)

5.0.0 / 2017-06-26

• Support RS384 and RS512. See #117. Thanks @​joostfaassen!

... (truncated)

Commits

• 4dd1e00 chore(main): release 6.4.0 (#477)
• 78d3ed1 feat: improve caching by only decoding jwks when necessary (#486)
• 08c7ba6 chore(tests): use assertSame for strict equals (#478)
• 213924f feat: add support for W3C ES256K (#462)
• 0178679 chore: suggest ext-sodium (#474)
• 7df47dd chore: add PHP 8.2 to test suite (#476)
• ea7dda7 chore(main): release 6.3.2 (#470)
• bad1b04 fix: check kid before using as array index
• ddfaddc chore(main): release 6.3.1 (#468)
• 436fa9c chore: move changelog into separate file (#469)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Base: 22.38% // Head: 0.00% // Decreases project coverage by -22.39% ⚠️

Coverage data is based on head (6d73420) compared to base (06d2250).
Patch has no changes to coverable lines.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files

@@             Coverage Diff              @@
##             master     #22       +/-   ##
============================================
- Coverage     22.38%   0.00%   -22.39%     
  Complexity      348     348               
============================================
  Files            23      23               
  Lines          1461    1648      +187     
============================================
- Hits            327       0      -327     
- Misses         1134    1648      +514     

Impacted Files	Coverage Δ
lib/Settings/Section.php	0.00% <0.00%> (-100.00%)	⬇️
lib/Middleware/OnlyLoggedInMiddleware.php	0.00% <0.00%> (-100.00%)	⬇️
lib/Settings/Admin.php	0.00% <0.00%> (-98.88%)	⬇️
lib/Command/GetMetadata.php	0.00% <0.00%> (-86.96%)	⬇️
lib/AppInfo/Application.php	0.00% <0.00%> (-50.00%)	⬇️
lib/UserData.php	0.00% <0.00%> (-40.91%)	⬇️
lib/UserBackend.php	0.00% <0.00%> (-29.03%)	⬇️
lib/Controller/SAMLController.php	0.00% <0.00%> (-26.54%)	⬇️
lib/SAMLSettings.php	0.00% <0.00%> (ø)
lib/UserResolver.php	0.00% <0.00%> (ø)
... and 1 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.