packagist lcobucci/jwt 3.0.0
Version 3.0.0

latest releases: 4.2.x-dev, dev-dependabot/github_actions/shivammathur/setup-php-2.19.0, dev-dependabot/github_actions/actions/cache-3.0.3...
7 years ago

For security reasons we recommend that users upgrade to this last version.


  • Parser is not relying on alg header to retrieve the signature algorithm (#21)


  • Token class simplified (#22)
  • JSON decoder is not converting to arrays anymore (#23)

The major thing of this version is that you should now specify the signer in order to verify a token, so one would not be able to forge tokens with different algorithms than the expected one.

Don't miss a new jwt release

NewReleases is sending notifications on new releases.