Merge release 3.3.0 into 4.0.x

.editorconfig

@@ -17,6 +17,9 @@ block_comment_end = */
 [{*.yml,*.yaml}]
 indent_size = 2
 
+[*.neon]
+indent_style = tab
+
 [*.md]
 trim_trailing_whitespace = false
 

.github/workflows/infection.yml

@@ -0,0 +1,37 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow
+
+name: "Integrate"
+
+on:
+  push:
+    branches:
+      - "*.x"
+
+jobs:
+  mutation_testing:
+    name: "5️⃣ Mutation Testing"
+    needs:
+      - "byte_level"
+      - "syntax_errors"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: "Set up PHP"
+        uses: "shivammathur/setup-php@v2"
+        with:
+          php-version: "8.1"
+          extensions: "json, mbstring, openssl, sqlite3, curl, uuid"
+
+      - name: "Checkout code"
+        uses: "actions/checkout@v4"
+
+      - name: "Fetch Git base reference"
+        run: "git fetch --depth=1 origin ${GITHUB_BASE_REF}"
+
+      - name: "Install dependencies"
+        uses: "ramsey/composer-install@v2"
+        with:
+          dependency-versions: "highest"
+          composer-options: "--optimize-autoloader"
+
+      - name: "Execute Infection"
+        run: "make ci-mu"

.github/workflows/integrate.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: "ubuntu-latest"
     steps:
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Check file permissions"
         run: |
@@ -34,7 +34,7 @@ jobs:
           php-version: "8.1"
 
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Install dependencies"
         uses: "ramsey/composer-install@v2"
@@ -55,6 +55,8 @@ jobs:
           - "ubuntu-latest"
         php-version:
           - "8.1"
+          - "8.2"
+          - "8.3"
         dependencies:
           - "lowest"
           - "highest"
@@ -68,7 +70,7 @@ jobs:
           coverage: "xdebug"
 
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Install dependencies"
         uses: "ramsey/composer-install@v2"
@@ -101,7 +103,7 @@ jobs:
           extensions: "json, mbstring, openssl, sqlite3, curl, uuid"
 
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Validate Composer configuration"
         run: "composer validate --strict"
@@ -129,7 +131,7 @@ jobs:
           extensions: "json, mbstring, openssl, sqlite3, curl, uuid"
 
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Check adherence to EditorConfig"
         uses: "greut/eclint-action@v0"
@@ -143,34 +145,6 @@ jobs:
       - name: "Check coding style"
         run: "make ci-cs"
 
-  mutation_testing:
-    name: "5️⃣ Mutation Testing"
-    needs:
-      - "byte_level"
-      - "syntax_errors"
-    runs-on: "ubuntu-latest"
-    steps:
-      - name: "Set up PHP"
-        uses: "shivammathur/setup-php@v2"
-        with:
-          php-version: "8.1"
-          extensions: "json, mbstring, openssl, sqlite3, curl, uuid"
-
-      - name: "Checkout code"
-        uses: "actions/checkout@v3"
-
-      - name: "Fetch Git base reference"
-        run: "git fetch --depth=1 origin ${GITHUB_BASE_REF}"
-
-      - name: "Install dependencies"
-        uses: "ramsey/composer-install@v2"
-        with:
-          dependency-versions: "highest"
-          composer-options: "--optimize-autoloader"
-
-      - name: "Execute Infection"
-        run: "make ci-mu"
-
   rector_checkstyle:
     name: "6️⃣ Rector Checkstyle"
     needs:
@@ -186,7 +160,7 @@ jobs:
           coverage: "xdebug"
 
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Fetch Git base reference"
         run: "git fetch --depth=1 origin ${GITHUB_BASE_REF}"
@@ -208,7 +182,7 @@ jobs:
     runs-on: "ubuntu-20.04"
     steps:
       - name: "Checkout code"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
 
       - name: "Check exported files"
         run: |

.github/workflows/release-on-milestone-closed.yml

@@ -14,7 +14,9 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
+        with:
+          fetch-depth: 0
 
       - name: "Release"
         uses: "laminas/[email protected]"
@@ -35,7 +37,9 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
+        with:
+          fetch-depth: 0
 
       - name: "Create Merge-Up Pull Request"
         uses: "laminas/[email protected]"
@@ -56,7 +60,9 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
+        with:
+          fetch-depth: 0
 
       - name: "Create and/or Switch to new Release Branch"
         uses: "laminas/[email protected]"
@@ -77,7 +83,7 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
         with:
           fetch-depth: 0
 
@@ -100,7 +106,9 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: "actions/checkout@v3"
+        uses: "actions/checkout@v4"
+        with:
+          fetch-depth: 0
 
       - name: "Create new milestones"
         uses: "laminas/[email protected]"

.gitsplit.yml

@@ -1,55 +1,59 @@
 splits:
-  - prefix: "src/Component/Core"
-    target: "https://${GH_TOKEN}@github.com/web-token/jwt-core.git"
-  - prefix: "src/Component/Checker"
-    target: "https://${GH_TOKEN}@github.com/web-token/jwt-checker.git"
-  - prefix: "src/Component/Signature"
+  - prefix: "src/Bundle"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-bundle.git"
+  - prefix: "src/Library"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-library.git"
+  - prefix: "src/Experimental"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-experimental.git"
+  - prefix: "src/Deprecated/Signature"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature.git"
-  - prefix: "src/Component/Encryption"
+  - prefix: "src/Deprecated/Checker"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-checker.git"
+  - prefix: "src/Deprecated/Console"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-console.git"
+  - prefix: "src/Deprecated/Core"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-core.git"
+  - prefix: "src/Deprecated/Ecc"
+    target: "https://${GH_TOKEN}@github.com/web-token/jwt-util-ecc.git"
+  - prefix: "src/Deprecated/Encryption"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption.git"
-  - prefix: "src/Component/KeyManagement"
+  - prefix: "src/Deprecated/KeyManagement"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-key-mgmt.git"
-  - prefix: "src/Component/Console"
-    target: "https://${GH_TOKEN}@github.com/web-token/jwt-console.git"
-  - prefix: "src/Component/NestedToken"
+  - prefix: "src/Deprecated/NestedToken"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-nested-token.git"
-  - prefix: "src/Bundle/JoseFramework"
-    target: "https://${GH_TOKEN}@github.com/web-token/jwt-bundle.git"
-  - prefix: "src/EncryptionAlgorithm/ContentEncryption/AESCBC"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/ContentEncryption/AESCBC"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-aescbc.git"
-  - prefix: "src/EncryptionAlgorithm/ContentEncryption/AESGCM"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/ContentEncryption/AESGCM"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-aesgcm.git"
-  - prefix: "src/EncryptionAlgorithm/KeyEncryption/AESGCMKW"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/KeyEncryption/AESGCMKW"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-aesgcmkw.git"
-  - prefix: "src/EncryptionAlgorithm/KeyEncryption/AESKW"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/KeyEncryption/AESKW"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-aeskw.git"
-  - prefix: "src/EncryptionAlgorithm/KeyEncryption/Direct"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/KeyEncryption/Direct"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-dir.git"
-  - prefix: "src/EncryptionAlgorithm/KeyEncryption/ECDHES"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/KeyEncryption/ECDHES"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-ecdh-es.git"
-  - prefix: "src/EncryptionAlgorithm/KeyEncryption/PBES2"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/KeyEncryption/PBES2"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-pbes2.git"
-  - prefix: "src/EncryptionAlgorithm/KeyEncryption/RSA"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/KeyEncryption/RSA"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-rsa.git"
-  - prefix: "src/SignatureAlgorithm/ECDSA"
+  - prefix: "src/Deprecated/SignatureAlgorithm/ECDSA"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature-algorithm-ecdsa.git"
-  - prefix: "src/SignatureAlgorithm/EdDSA"
+  - prefix: "src/Deprecated/SignatureAlgorithm/EdDSA"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature-algorithm-eddsa.git"
-  - prefix: "src/SignatureAlgorithm/None"
+  - prefix: "src/Deprecated/SignatureAlgorithm/None"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature-algorithm-none.git"
-  - prefix: "src/SignatureAlgorithm/HMAC"
+  - prefix: "src/Deprecated/SignatureAlgorithm/HMAC"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature-algorithm-hmac.git"
-  - prefix: "src/SignatureAlgorithm/RSA"
+  - prefix: "src/Deprecated/SignatureAlgorithm/RSA"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature-algorithm-rsa.git"
-  - prefix: "src/SignatureAlgorithm/Experimental"
+  - prefix: "src/Deprecated/SignatureAlgorithm/Experimental"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-signature-algorithm-experimental.git"
-  - prefix: "src/EncryptionAlgorithm/Experimental"
+  - prefix: "src/Deprecated/EncryptionAlgorithm/Experimental"
     target: "https://${GH_TOKEN}@github.com/web-token/jwt-encryption-algorithm-experimental.git"
-  - prefix: "src/Ecc"
-    target: "https://${GH_TOKEN}@github.com/web-token/jwt-util-ecc.git"
-  - prefix: "packs/encryption"
+  - prefix: "src/Deprecated/Pack/Encryption"
     target: "https://${GH_TOKEN}@github.com/web-token/encryption-pack.git"
-  - prefix: "packs/signature"
+  - prefix: "rc/Deprecated/Pack/Signature"
     target: "https://${GH_TOKEN}@github.com/web-token/signature-pack.git"
 
 origins:

Makefile

@@ -25,7 +25,7 @@ st: vendor ## Run static analyse
 
 ################################################
 
-ci-mu: vendor ## Mutation tests (for Github only)
+ci-mu: vendor ## Mutation tests (for GitHub only)
 	vendor/bin/infection --logger-github -s --threads=$$(nproc) --min-msi=45 --min-covered-msi=60
 
 ci-cc: vendor ## Show test coverage rates (console)

SECURITY.md

@@ -5,9 +5,8 @@
 | Version | Supported          |
 |---------|--------------------|
 | 4.0.x   | :white_check_mark: |
-| 3.1.x   | :white_check_mark: |
-| 3.0.x   | :white_check_mark: |
-| < 3.0.0 | :x:                |
+| 3.3.x   | :white_check_mark: |
+| < 3.3.0 | :x:                |
 
 ## Reporting a Vulnerability