Merge branch 'main' into task/use-7.3-tag

.gitattributes

@@ -0,0 +1,20 @@
+.editorconfig          export-ignore
+.gitattributes         export-ignore
+.github/               export-ignore
+.gitignore             export-ignore
+.php-cs-fixer.dist.php export-ignore
+.semgrepignore         export-ignore
+.shiprc                export-ignore
+CHANGELOG.ARCHIVE.md   export-ignore
+CHANGELOG.md           export-ignore
+docs/                  export-ignore
+EXAMPLES.md            export-ignore
+examples/              export-ignore
+opslevel.yml           export-ignore
+phpstan.neon.dist      export-ignore
+phpunit.xml.dist       export-ignore
+psalm.xml.dist         export-ignore
+rector.php             export-ignore
+tests/                 export-ignore
+UPGRADE.md             export-ignore
+vendor/                export-ignore

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,3 @@
+# Code of Conduct
+
+Before making any contributions to this repo, please review Auth0's [Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md). By contributing, you agree to uphold this code.

.github/CONTRIBUTING.md

@@ -0,0 +1,93 @@
+# Contribution Guide
+
+-   [Getting Involved](#getting-involved)
+-   [Support Questions](#support-questions)
+-   [Code Contributions](#code-contributions)
+-   [Security Vulnerabilities](#security-vulnerabilities)
+-   [Coding Style](#coding-style)
+    -   [PHPDoc](#phpdoc)
+-   [Code of Conduct](#code-of-conduct)
+
+## Getting Involved
+
+To encourage active collaboration, Auth0 strongly encourages pull requests, not just bug reports. Pull requests will only be reviewed when marked as "ready for review" (not in the "draft" state) and all tests for new features are passing. Lingering, non-active pull requests left in the "draft" state will eventually be closed.
+
+If you file a bug report, your issue should contain a title and a clear description of the issue. You should also include as much relevant information as possible and a code sample that demonstrates the issue. The goal of a bug report is to make it easy for yourself - and others - to replicate the bug and develop a fix.
+
+Remember, bug reports are created in the hope that others with the same problem will be able to collaborate with you on solving it. Do not expect that the bug report will automatically see any activity or that others will jump to fix it. Creating a bug report serves to help you and others start on the path of fixing the problem. If you want to chip in, you can help out by fixing any bugs listed in our issue trackers.
+
+## Support Questions
+
+Auth0's GitHub issue trackers are not intended to provide integration support. Instead, please refer your questions to the [Auth0 Community](https://community.auth0.com).
+
+## Code Contributions
+
+You may propose new features or improvements to existing SDK behavior by creating a feature request within the repository's issue tracker. If you are willing to implement at least some of the code that would be needed to complete the feature, please fork the repository and submit a pull request.
+
+All development should be done in individual forks using dedicated branches, and submitted against the `main` default branch.
+
+Pull request titles must follow [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) rules so our changelogs can be automatically generated. Commits messages are irrelevant as they will be squashed into the Pull request's title during a merge.
+
+The following types are allowed:
+
+-   _feat:_ A new feature
+-   _perf:_ A code change that improves performance
+-   _refactor:_ A code change that neither fixes a bug nor adds a feature
+-   _build:_ Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
+-   _ci:_ Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
+-   _style:_ Changes that do not affect the meaning of the code (white space, formatting, missing semi-colons, etc)
+-   _fix:_ A bug fix
+-   _security:_ A change that improves security
+-   _docs:_ Documentation only changes
+-   _test:_ Adding missing tests or correcting existing tests
+
+## Security Vulnerabilities
+
+If you discover a security vulnerability within this SDK, please review Auth0's [Responsible Disclosure Program](https://auth0.com/responsible-disclosure-policy) details the procedure for disclosing security issues. All security vulnerabilities will be promptly addressed.
+
+## Unit Testing and 100% Minimum Coverage
+
+We use [PEST](https://pestphp.com/) for testing. You can run `composer pest` to run the test suite. You can also run `composer pest:coverage` to generate a code coverage report.
+
+We require 100% code coverage for all new features. If you are adding a new feature, please add tests to cover all of the new code. If you are fixing a bug, please add a test that reproduces the bug and then shows that it has been fixed.
+
+Pull requests that do not meet the minimum coverage requirements will not be merged.
+
+## Static Analysis
+
+We use [PHPStan](https://phpstan.org) and [Psalm](https://psalm.dev/) for static analysis. You can use `composer phpstan` and `composer psalm` to run them.
+
+## Coding Style
+
+We use [PHP CS Fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer) to ensure that code styling is consistent. You can run `composer phpcs` to check for any code style issues. `composer phpcs:fix` will attempt to automatically fix the issues, but be cautious as it may not always get it right.
+
+We also use [Rector](https://github.com/rectorphp/rector) to catch edge cases where more optimal refactoring can be made. You can run `composer rector` to check for any recommendations, and `composer rector:fix` to accept the suggestions.
+
+It's important to note that our GitHub CI will also run these checks for pull requests, but you should run these locally first to avoid any surprises when you push your code. If you disagree with one of these recommendations, please bring it up in the pull request so we can discuss it. We may decide to adjust the styling rules if we feel it's warranted, but we prefer to avoid it if possible.
+
+### PHPDoc
+
+All public methods and classes should be documented with PHPDoc blocks.
+
+Below is an example of a valid documentation block. Note that the @param attribute is followed by two spaces, the argument type, two more spaces, and finally the variable name:
+
+```php
+/**
+ * Register a binding with the container.
+ *
+ * @param  string|array  $abstract
+ * @param  \Closure|string|null  $concrete
+ * @param  bool  $shared
+ * @return void
+ *
+ * @throws \Exception
+ */
+public function bind($abstract, $concrete = null, $shared = false)
+{
+    //
+}
+```
+
+## Code of Conduct
+
+Before making any contributions to this repo, please review Auth0's [Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md). By contributing, you agree to uphold this code.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,90 @@
+name: Report a Bug
+description: Encountering unexpected problems or unintended behavior? Let us know!
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        **Please do not report security vulnerabilities here**. The [Responsible Disclosure Program](https://auth0.com/responsible-disclosure-policy) details the procedure for disclosing security issues.
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      options:
+        - label: This can be reproduced using [the quickstart sample application](https://github.com/auth0-samples/laravel).
+          required: true
+        - label: I have looked at [the README](https://github.com/auth0/laravel-auth0/#readme) and have not found a solution.
+          required: true
+        - label: I have looked at [the `docs` directory](https://github.com/auth0/laravel-auth0/blob/main/docs) and have not found a solution.
+          required: true
+        - label: I have searched [previous issues](https://github.com/auth0/laravel-auth0/issues) and have not found a solution.
+          required: true
+        - label: I have searched [the Auth0 Community](https://community.auth0.com/tag/laravel) and have not found a solution.
+          required: true
+        - label: I agree to uphold [the Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
+          required: true
+
+  - type: dropdown
+    id: laravel
+    attributes:
+      label: Laravel Version
+      description: What version of Laravel are you using? (`composer show | grep laravel/framework`)
+      options:
+        - 10
+        - 9
+        - Other (specify below)
+    validations:
+      required: true
+
+  - type: dropdown
+    id: sdk
+    attributes:
+      label: SDK Version
+      description: What version of our SDK are you using? (`composer show | grep auth0/login`)
+      options:
+        - 7.13
+        - 7.12
+        - 7.11
+        - 7.10
+        - 7.9
+        - 7.8
+        - 7.7
+        - 7.6
+        - 7.5
+        - 7.4
+        - 7.3
+        - 7.2
+        - 7.1
+        - 7.0
+        - Other (specify below)
+    validations:
+      required: true
+
+  - type: dropdown
+    id: php
+    attributes:
+      label: PHP Version
+      description: What version of PHP are you running? (`php -v`)
+      options:
+        - PHP 8.3
+        - PHP 8.2
+        - Other (specify below)
+    validations:
+      required: true
+
+  - type: textarea
+    id: bug-description
+    attributes:
+      label: Description
+      description: Provide a description of the issue, including what you expected to happen.
+    validations:
+      required: true
+
+  - type: textarea
+    id: bug-reproduction
+    attributes:
+      label: How can we reproduce this issue?
+      description: Detail the steps taken to reproduce this error. If possible, please provide a GitHub repository to demonstrate the issue.
+    validations:
+      required: true

.github/ISSUE_TEMPLATE/config.yml

@@ -4,7 +4,7 @@ contact_links:
     url: https://github.com/auth0/auth0-PHP/
     about: For issues relating to the Auth0-PHP SDK, please report them in that repository.
   - name: Community Support
-    url: https://community.auth0.com/tags/c/sdks/5/laravel
+    url: https://community.auth0.com/tag/laravel
     about: Please ask general usage questions here.
   - name: Responsible Disclosure Program
     url: https://auth0.com/whitehat

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,23 @@
+name: Suggest a Feature
+description: Help us improve the SDK by suggest new features and improvements.
+
+body:
+  - type: markdown
+    attributes:
+      value: Thanks for taking the time to help us improve this SDK!
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      options:
+        - label: I agree to uphold [the Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
+          required: true
+
+  - type: textarea
+    id: feature-description
+    attributes:
+      label: Description
+      description: Please provide a summary of the change you'd like considered, including any relevant context.
+    validations:
+      required: true

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,35 +1,28 @@
 <!--
-  Please only send a pull request to branches that are currently supported.
-  Pull requests without a descriptive title, thorough description, or tests will be closed.
-  -
-  When proposing enhancements, please ensure you have created an Issue and given our engineers time to
-  review your suggestion there prior to commiting work.
+  Please only send pull requests to branches that are actively supported.
+  Pull requests without an adequate title, description, or tests will be closed.
 -->
 
 ### Changes
 
 <!--
-  Would you please describe both what is changing and why this is important?
-  Explain the benefit to end-users, why it does not break any existing features, how it makes building applications easier, etc.
+  What is changing, and why this is important?
 -->
 
 ### References
 
 <!--
-  All pull requests should link to an associated issue tagged 'selected for development' by an Auth0 engineer.
+  Link to any associated issues.
 -->
 
-Resolves #
-
 ### Testing
 
 <!--
-  Would you please describe how reviewers can test this?
-  Be specific about anything not tested and the reasons why.
   Tests must be added for new functionality, and existing tests should complete without errors.
+  100% test coverage is required.
 -->
 
 ### Contributor Checklist
 
-- [ ] I have read the [Auth0 general contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md)
-- [ ] I have read the [Auth0 code of conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md)
+-   [ ] I have read the [Auth0 general contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md)
+-   [ ] I have read the [Auth0 code of conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md)

.github/SECURITY.md

@@ -0,0 +1,11 @@
+# Security Policy
+
+**PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, [SEE BELOW](#reporting-a-vulnerability).**
+
+## Supported Versions
+
+Please see [our support policy](https://github.com/auth0/laravel-auth0#requirements) for information on supported versions for security releases.
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability within this SDK, please review Auth0's [Responsible Disclosure Program](https://auth0.com/responsible-disclosure-policy) details the procedure for disclosing security issues. All security vulnerabilities will be promptly addressed.

.github/SUPPORT.md

@@ -0,0 +1,3 @@
+# Support Questions
+
+Auth0's GitHub issue trackers are not intended to provide integration support. Instead, please refer your questions to the [Auth0 Community](https://community.auth0.com).