Skip to content

chore(deps): bump laravel/passport from 12.4.3 to 13.7.5#1124

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/composer/laravel/passport-13.7.5
Open

chore(deps): bump laravel/passport from 12.4.3 to 13.7.5#1124
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/composer/laravel/passport-13.7.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 13, 2026
edited
Loading

Bumps laravel/passport from 12.4.3 to 13.7.5.

Release notes

Sourced from laravel/passport's releases.

v13.7.5

v13.7.4

v13.7.3

v13.7.2

v13.7.1

v13.7.0

v13.6.0

v13.5.0

v13.4.4

v13.4.3

v13.4.2

v13.4.1

v13.4.0

v13.3.0

... (truncated)

Changelog

Sourced from laravel/passport's changelog.

v13.7.5 - 2026-04-16

v13.7.4 - 2026-04-09

v13.7.3 - 2026-04-07

v13.7.2 - 2026-04-02

This change permanently invalidates client credential tokens for any user whose user ID happens to match the client ID of the token issuer.

v13.7.1 - 2026-04-01

v13.7.0 - 2026-03-21

v13.6.0 - 2026-03-05

v13.5.0 - 2026-02-23

v13.4.4 - 2026-02-09

v13.4.3 - 2025-12-22

v13.4.2 - 2025-12-15

... (truncated)

Upgrade guide

Sourced from laravel/passport's upgrade guide.

Upgrade Guide

General Notes

Upgrading To 13.0 From 12.x

Minimum PHP Version

PR: laravel/passport#1734, laravel/passport#1783

PHP 8.2 is now the minimum required version.

Minimum Laravel Version

PR: laravel/passport#1757, laravel/passport#1783, laravel/passport#1797

Laravel 11.35 is now the minimum required version.

OAuth2 Server

PR: laravel/passport#1734

The league/oauth2-server Composer package which is utilized internally by Passport has been updated to 9.0, which adds additional types to method signatures. To ensure your application is compatible, you should review this package's complete changelog.

Headless

PR: laravel/passport#1771

Passport's views were not rendering properly for several release cycles. Passport is now a headless OAuth2 library. If you would like a frontend implementation of Laravel Passport's OAuth features that are already completed for you, you should use an application starter kit.

All the authorization view's rendering logic may be customized using the appropriate methods available via the Laravel\Passport\Passport class. Typically, you should call these methods within the boot method of your application's App\Providers\AppServiceProvider class. Passport will take care of defining the routes that return these views:

public function boot(): void
{
    // By providing the view names...
    Passport::authorizationView('auth.oauth.authorize');
    Passport::deviceUserCodeView('auth.oauth.device.user-code');
    Passport::deviceAuthorizationView('auth.oauth.device.authorize');
// Or using conventional names under the given prefix...
Passport::viewPrefix('auth.oauth');

}

User Model Interface

PR: laravel/passport#1797

Passport 13 introduces the Laravel\Passport\Contracts\OAuthenticatable interface, which must now be

... (truncated)

Commits
  • 90053dc Clarify that running passport:hash is not optional (#1911)
  • ed8956c add notices of invalid tokens when user and client have identical ids (#1910)
  • d085f96 Update CHANGELOG
  • 16c4579 [13.x] Support space-delimited prompt parameter (#1906)
  • cfcd9db Update CHANGELOG
  • f4f85e3 [13.x] Fix session JSON serialization (#1905)
  • 27ba0a8 Update CHANGELOG
  • 0c016c9 [13.X] fix: resolve user as null when user ID matches client ID on integer ke...
  • dd68c65 Update CHANGELOG
  • ca14d97 Prevent user impersonation via client credentials token (#1901)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels May 13, 2026
@dependabot
chore(deps): bump laravel/passport from 12.4.3 to 13.7.5
e1252b2 
Bumps [laravel/passport](https://github.com/laravel/passport) from 12.4.3 to 13.7.5.
- [Release notes](https://github.com/laravel/passport/releases)
- [Changelog](https://github.com/laravel/passport/blob/13.x/CHANGELOG.md)
- [Upgrade guide](https://github.com/laravel/passport/blob/13.x/UPGRADE.md)
- [Commits](laravel/passport@v12.4.3...v13.7.5)

---
updated-dependencies:
- dependency-name: laravel/passport
  dependency-version: 13.7.5
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/composer/laravel/passport-13.7.5 branch from 071e852 to e1252b2 Compare May 13, 2026 11:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants