Update dependency laravel/passport to v12

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
laravel/passport	10.4.1 -> 12.3.1

---

Release Notes

laravel/passport (laravel/passport)

v12.3.1

Compare Source

• Update logo to support dark/light theme by @​milewski in https://github.com/laravel/passport/pull/1787
• Fix repeated word "the" in upgrade guide by @​caendesilva in https://github.com/laravel/passport/pull/1798

v12.3.0

Compare Source

• [12.x] Add access token revoked event by @​axlon in https://github.com/laravel/passport/pull/1776

v12.2.1

Compare Source

• [12.x] Fix purge command by @​hafezdivandari in https://github.com/laravel/passport/pull/1772

v12.2.0

Compare Source

• [12.x] Add refreshToken relation to Token model by @​gdebrauwer in https://github.com/laravel/passport/pull/1739

v12.1.0

Compare Source

• [12.x] Make Passport's database connection configurable by @​axlon in https://github.com/laravel/passport/pull/1738

v12.0.3

Compare Source

• Adjust newFactory method visibility by @​brandonfarber in https://github.com/laravel/passport/pull/1735

v12.0.2

Compare Source

• [12.x] Make commands lazy by @​timacdonald in https://github.com/laravel/passport/pull/1731
• [12.x] Allow token "expires in" to be defined as date interval by @​jacobmllr95 in https://github.com/laravel/passport/pull/1733

v12.0.1

Compare Source

• [12.x] Cast session lifetime to int by @​kindslayer in https://github.com/laravel/passport/pull/1727
• [12.x] Fixes used version of L9 by @​nunomaduro in https://github.com/laravel/passport/pull/1730

v12.0.0

Compare Source

• [12.x] Adds Laravel 11 support by @​nunomaduro in https://github.com/laravel/passport/pull/1702
• [12.x] Disable password grant by default by @​hafezdivandari in https://github.com/laravel/passport/pull/1715
• [12.x] Make Client::$plainSecret public by @​axlon in https://github.com/laravel/passport/pull/1719
• [12.x] Use more secure key permissions by @​axlon in https://github.com/laravel/passport/pull/1721
• [12.x] Enhance console commands by @​hafezdivandari in https://github.com/laravel/passport/pull/1724

v11.10.6

Compare Source

• Check that properties grant_types and scopes exist by @​uintaam in https://github.com/laravel/passport/pull/1722

v11.10.5

Compare Source

• [11.x] Fix getting/setting client scopes and grant types by @​axlon in https://github.com/laravel/passport/pull/1717

v11.10.4

Compare Source

• Consistently retrieve client uuids value from Passport by @​rojtjo in https://github.com/laravel/passport/pull/1711
• [11.x] Allow developers to disable the password grant type by @​axlon in https://github.com/laravel/passport/pull/1712

v11.10.2

Compare Source

• Add getScopesAttribute and getScopesAttribute methods by @​uintaam in https://github.com/laravel/passport/pull/1709

v11.10.1

Compare Source

• [11.x] Allow unsetting a user's access token by @​axlon in https://github.com/laravel/passport/pull/1698
• [11.x] Add getGrantTypesAttribute method to fix Eloquent strict mode error by @​gdebrauwer in https://github.com/laravel/passport/pull/1705

v11.10.0

Compare Source

• [11.x] Named static methods for middleware by @​michaelnabil230 in https://github.com/laravel/passport/pull/1695
• Simplify Conditional Statement by @​michaelnabil230 in https://github.com/laravel/passport/pull/1696

v11.9.2

Compare Source

• Add return to revokeRefreshTokensByAccessTokenId method by @​aminkhoshzahmat in https://github.com/laravel/passport/pull/1693

v11.9.1

Compare Source

• [11.x] Allow scope repository to be constructed without parameters by @​axlon in https://github.com/laravel/passport/pull/1686

v11.9.0

Compare Source

• [11.x] Add the ability to limit scopes by client by @​axlon in https://github.com/laravel/passport/pull/1682
• [11.x] Add support for inherited scopes when limiting scopes on clients by @​axlon in https://github.com/laravel/passport/pull/1683

v11.8.8

Compare Source

• Add generics to client factory by @​axlon in https://github.com/laravel/passport/pull/1669
• Update composer.json by @​Smoggert in https://github.com/laravel/passport/pull/1674
• Update composer.json by @​drhoussem in https://github.com/laravel/passport/pull/1677

v11.8.7

Compare Source

• Revert "[11.x] Add Provider Guard to ClientRepository for Personal Access Clients" by @​driesvints in https://github.com/laravel/passport/pull/1658

v11.8.6

Compare Source

• Add Provider Guard to ClientRepository for Personal Access Clients by @​michaelnabil230 in https://github.com/laravel/passport/pull/1655

v11.8.5

Compare Source

• Allow lcobucci/jwt v5 and cleaned up version constraints by @​GrahamCampbell in https://github.com/laravel/passport/pull/1649
• Pass user identifier through to finalize scopes in personal access grant by @​GrahamCampbell in https://github.com/laravel/passport/pull/1650

v11.8.4

Compare Source

• Removed deprecated dates property from RefreshToken model by @​siarheipashkevich in https://github.com/laravel/passport/pull/1645
• Removed deprecated dates property from AuthCode model by @​siarheipashkevich in https://github.com/laravel/passport/pull/1644
• Fix doc block types by @​hafezdivandari in https://github.com/laravel/passport/pull/1647

v11.8.3

Compare Source

• Allow overriding the AccessToken class by @​hafezdivandari in https://github.com/laravel/passport/pull/1638
• Make $userId nullable in ClientRepository->createPersonalAccessClient by @​bram-pkg in https://github.com/laravel/passport/pull/1642

v11.8.2

Compare Source

• Re-apply "Added AuthenticationException to extend the behaviour of Laravel's default exception handler" by @​driesvints in laravel/passport@67c3e33

v11.8.1

Compare Source

• Revert "Move AuthenticationException into the scope of Laravel Passport" by @​driesvints in laravel/passport@db543b0

v11.8.0

Compare Source

• Move AuthenticationException into the scope of Laravel Passport by @​chrispage1 in https://github.com/laravel/passport/pull/1633
• Custom authorization view response by @​JonErickson in https://github.com/laravel/passport/pull/1629
• Fix deprecated $dates property by @​TonyWong9527 in https://github.com/laravel/passport/pull/1636

v11.7.0

Compare Source

Added

• Add support for EncryptCookies middleware by @​axlon in https://github.com/laravel/passport/pull/1628

v11.6.1

Compare Source

Changed

• Indicate current token can be TransientToken by @​axlon in https://github.com/laravel/passport/pull/1627

v11.6.0

Compare Source

Changed

• Update ClientCommand.php's user_id description by @​Smoggert in https://github.com/laravel/passport/pull/1619
• Get model PK instead of forcibly id column by @​lucaspanik in https://github.com/laravel/passport/pull/1626

Fixed

• Fix doc block for withAccessToken() by @​axlon in https://github.com/laravel/passport/pull/1620

v11.5.1

Compare Source

Fixed

• Get authenticated user from the guard by @​hafezdivandari in https://github.com/laravel/passport/pull/1617

v11.5.0

Compare Source

Added

• Laravel v10 Support by @​driesvints in https://github.com/laravel/passport/pull/1615

v11.4.0

Compare Source

Changed

• Uses PHP Native Type Declarations 🐘 by @​nunomaduro in https://github.com/laravel/passport/pull/1594

v11.3.1

Compare Source

Changed

• Add auth guard to routes by @​hafezdivandari in https://github.com/laravel/passport/pull/1603

v11.3.0

Compare Source

Added

• Support prompting login when redirecting for authorization by @​hafezdivandari in https://github.com/laravel/passport/pull/1577

Changed

• Update PurgeCommand.php by @​fatoskurtishi in https://github.com/laravel/passport/pull/1586
• Fix ClientRepository doc blocks by @​axlon in https://github.com/laravel/passport/pull/1587
• Update docblock by @​mnabialek in https://github.com/laravel/passport/pull/1588

v11.2.1

Compare Source

Fixed

• Improve token guard return type by @​axlon in https://github.com/laravel/passport/pull/1579

v11.2.0

Compare Source

Changed

• Let OAuth2 server handle the denying response by @​hafezdivandari in https://github.com/laravel/passport/pull/1572

v11.1.0

Compare Source

Added

• Support prompting re-consent when redirecting for authorization by @​hafezdivandari in https://github.com/laravel/passport/pull/1567
• Support disabling prompt when redirecting for authorization by @​hafezdivandari in https://github.com/laravel/passport/pull/1569

v11.0.1

Compare Source

Changed

• Custom days and hours to passport purge command by @​rubengg86 in https://github.com/laravel/passport/pull/1563
• Allow for bootstrapping without loading routes by @​axlon in https://github.com/laravel/passport/pull/1564

v11.0.0

Compare Source

Added

• Allow authenticated client to be retrieved from the guard by @​axlon in https://github.com/laravel/passport/pull/1508

Changed

• Revert model DB connection customization by @​driesvints in https://github.com/laravel/passport/pull/1412
• Allow timestamps on Token model by @​driesvints in https://github.com/laravel/passport/pull/1425
• Improve authenticateViaBearerToken() performance by @​alecpl in https://github.com/laravel/passport/pull/1447
• Refactor routes to dedicated file by @​driesvints in https://github.com/laravel/passport/pull/1464

Fixed

• Stub client on guard when calling Passport::actingAsClient() by @​axlon in https://github.com/laravel/passport/pull/1519
• Fix scope inheritance when using Passport::actingAs() by @​axlon in https://github.com/laravel/passport/pull/1551

Removed

• Drop PHP 7.x and Laravel v8 by @​driesvints in https://github.com/laravel/passport/pull/1558
• Remove deprecated properties by @​driesvints in https://github.com/laravel/passport/pull/1560
• Remove deprecated functionality and simplify some feature tests by @​driesvints in https://github.com/laravel/passport/pull/1559

v10.4.2

Compare Source

• Fix migrations for Laravel 9.x by @​ricky-perchpeek in https://github.com/laravel/passport/pull/1639

v10.4.1

Compare Source

Changed

• Add new URI Rule to validate URI and use it to RedirectRule. by @​victorbalssa in https://github.com/laravel/passport/pull/1544

v10.4.0

Compare Source

Changed

• Upgrade firebase/php-jwt to ^6.0 by @​prufrock in https://github.com/laravel/passport/pull/1538

v10.3.3

Compare Source

Changed

• Use anonymous migrations by @​mmachatschek in https://github.com/laravel/passport/pull/1531

v10.3.2

Compare Source

Fixed

• Fix Faker deprecations by @​X-Coder264 in https://github.com/laravel/passport/pull/1530

v10.3.1

Compare Source

Changed

• Allow to use custom authorization server response (#​1521)

v10.3.0

Compare Source

Changed

• Laravel 9 Support (#​1516)

v10.2.2

Compare Source

Fixed

• Fix jsonSerialize PHP 8.1 issue (#​1512)

v10.2.1

Compare Source

Fixed

• Fix str_replace error when third parameter ($subject) is null (#​1511)

v10.2.0

Compare Source

Added

• Add custom encryption key for JWT tokens (#​1501)

Changed

• Refactor expiry dates to intervals (#​1500)

v10.1.4

Compare Source

Fixed

• Ensure client model factory always creates models with a primary key (#​1492

v10.1.3

Compare Source

Changed

• Use app helper (3d1e6bb)

Fixed

• Fix binding (e3478de)

v10.1.2

Compare Source

Fixed

• Backport phpseclib v2 (#​1418)

v10.1.1

Compare Source

Changed

• Update to phpseclib v3 (#​1410)

v10.1.0

Compare Source

Added

• PHP 8 Support (#​1373)

Removed

• Remove Vue components (#​1352)

v10.0.1

Compare Source

Fixed

• Use newFactory to properly reference factory (#​1349)

v10.0.0

Compare Source

Added

• Support Laravel 8 & drop PHP 7.2 support (#​1336)

Changed

• forceFill new auth code attributes (#​1266)
• Use only one PSR 7 implementation (#​1330)

Removed

• Remove old static personal client methods (#​1325)
• Remove Guzzle dependency (#​1327)

v9.4.0

Compare Source

Added

• Support PHP 8.0 (#​1387)

Removed

• Remove Guzzle dependency (#​1327)

v9.3.2

Compare Source

Fixes

• Fix cookie handling for security release (#​1322, 75f1ad2)

v9.3.1

Compare Source

Fixed

• Use custom models in purge command if set (#​1316)
• Apply table responsive on table class (#​1318)

v9.3.0

Compare Source

Added

• Guzzle 7 support (#​1311)

v9.2.2

Compare Source

Fixed

• Fix maxlength for token names (#​1300)
• Improve passport:install command (#​1294)

v9.2.1

Compare Source

Fixed

• Fix actingAsClient token relation (#​1268)
• Fix HashCommand (bedf02c)

v9.2.0

Compare Source

Added

• Allow to change Models database connection (#​1255, 7ab3bdb)

Fixed

• Nonstandard ID in the token's relationship with the user (#​1267)

v9.1.0

Compare Source

Added

• Implement secret modal (#​1258)
• Warn about one-time-hashed-secret (#​1259)
• Add force option to hash command (#​1251)

Fixed

• Implement personal access client config (#​1260)

v9.0.1

Compare Source

Fixed

• Fix displaying secret in Vue component (#​1244)
• Moved provider check to bearer token only (#​1246)
• Fix create client call (aff9d09)

v9.0.0

Compare Source

Added

• Allow client credentials secret to be hashed (#​1145, ccbcfeb, 1c40ae0)
• Implement passport:hash command (#​1238)
• Initial support for multiple providers (#​1220)

Changed

• Client credentials middleware should allow any valid client (#​1132)
• Switch from getKey() to getAuthIdentifier() to match Laravel core (#​1134)
• Use Hasher interface instead of HashManager (#​1157)
• Bump league server dependency (#​1237)

Removed

• Remove deprecated functionality (#​1235)
• Drop support for old JWT versions (#​1236)

v8.5.0

Compare Source

Added

• Automatic configuration of client UUIDs (#​1231)

v8.4.4

Compare Source

Fixed

• Fix 500 Internal Server Error response (#​1222)

v8.4.3

Compare Source

Fixed

• Fix resolveInheritedScopes (#​1207)

v8.4.2

Compare Source

Fixed

• mergeConfigFrom already checked if app is running with config cached (#​1205)

v8.4.1

Compare Source

Fixed

• Forget session keys on invalid match (#​1192)
• Update dependencies for PSR request (#​1201)

v8.4.0

Compare Source

Changed

• Implement auth token for access requests (#​1188)

Fixed

• Revoke refresh tokens when auth tokens get revoked (#​1186)

v8.3.1

Compare Source

Fixed

• Remove foreign keys (20e9b66)

v8.3.0

Compare Source

Added

• Add a Passport Client factory to Passport publishing (#​1171)

Changed

• Use bigIncrements and indexes on relationships (#​1169, 140a693)

v8.2.0

Compare Source

Added

• Update ClientCommand to support public clients (#​1151)
• Purge Command for revoked and/or expired tokens and auth codes (#​1159, 6c1ea42)

Changed

• Replace deprecated package and namespaces (#​1158)

v8.1.0

Compare Source

Added

• Allow access to HTTP response status code on OAuthServerException (#​1148)
• Modify UserRepository to check for 'findAndValidateForPassport' method (#​1144)

v8.0.2

Compare Source

Changed

• Add abstract CheckCredentials middleware and allows to create (#​1127)

v8.0.1

Compare Source

Fixed

• Fix actingAsClient testing method (#​1119)

v8.0.0

Compare Source

Added

• Add ability to customize the RefreshToken (#​966)
• Add support for "public" clients (#​1065)

Changed

• Rework HandlesOAuthErrors trait to middleware (#​937)
• Use a renderable exception for OAuth errors (#​1066)
• Use diactoros 2.0 and psr-http-factory (aadf603)
• Replaced helpers with Blade directives (#​939)
• Use caret for constraints (d906804)
• Dropped support for Laravel 5.8 (654cc09)
• Dropped support for PHP 7.1 (3c830ac)
• Upgrade to league/oauth2-server 8.0 (97e3026)

Fixed

• Fix exception will thrown if token belongs to first party clients (#​1040)
• Fix auth codes table customization (#​1044)
• Add key type to refresh token model (e400c2b)

v7.5.1

Compare Source

Fixed

• Cast returned client identifier value to string (#​1091)

v7.5.0

Compare Source

Added

• Add actingAsClient method for tests (#​1083)

v7.4.1

Compare Source

Fixed

• Fixed key types for models (#​1078, a9a885d3)

v7.4.0

Compare Source

Added

• Let Passport support inherited parent scopes (#​1068)
• Accept requests with the encrypted X-XSRF-TOKEN HTTP header (#​1069)

v7.3.5

Compare Source

Fixed

• Use bigInteger column type for user_id columns (#​1057)

v7.3.4

Compare Source

Changed

• Remove old 5.9 constraints (58eb99c)

v7.3.3

Compare Source

Changed

• Update version constraints for Laravel 6.0 (609b5e8)

v7.3.2

Compare Source

Fixed

• Merge default Passport configuration (#​1039, e260c86)

v7.3.1

Compare Source

Changed

• Change server property type in CheckClientCredentialForAnyScope (#​1034)

v7.3.0

Compare Source

Added

• Allow first party clients to skip the authorization prompt (#​1022)

Fixed

• Fix AccessToken docblock (#​996)

v7.2.2

Compare Source

Fixed

• Allow installs of zend-diactoros 2 (c0c3fca)

v7.2.1

Compare Source

Fixed

• Change wasRecentlyCreated to false (#​979)

v7.2.0

Compare Source

Changed

• Changed the way to get action path from url() to route() (#​950)
• Allow '*' scope to be used with Client Credentials (#​949)

Fixed

• Replace fire() with dispatch() (#​952)

v7.1.0

Compare Source

Added

• Added redirect_uri and user_id options to cli (#​921, 8b8570c)
• Add ext-json dependency (#​940)

Changed

• Make name an optional question (#​926)

Fixed

• Do not auto increment AuthCode ID (#​929)
• Allow multiple redirects when creating clients (#​928)
• Add responses for destroy methods (#​942)

v7.0.5

Compare Source

Fixed

• Rename property (#​920)

v7.0.4

Compare Source

Added

• Add middleware CheckClientCredentialsForAnyScope (#​855)
• Support a default scope when no scope was requested by the client (#​879)
• Allow setting expiration of personal access tokens (#​919)

Changed

• Change auth code table to the model's table (#​865)
• Made whereRevoked consistent (#​868)
• Use unsignedInteger column type for client_id columns (47f0021)

Fixed

• Prevent passing empty string variable to retrieveById method (#​861)

v7.0.3

Compare Source

Added

• Add names to routes for re-usability (#​846)
• Add user relationship to client model (#​851, 3213be8)
• Add the ability to retrieve current client (#​854)

Fixed

• Fix migrations tag publish (#​832)

v7.0.2

Compare Source

Changed

• Authcode model is now used for persisting new authcodes (#​808)
• resources/assets directory was flattened (#​813)

Fixed

• Personal client exception (#​831, 7bb53d1)

v7.0.1

Compare Source

Added

• Add option to enable cookie serialization (9012496)

v7.0.0

Compare Source

Changed

• Don't serialize by default (29e9d53)

v6.0.7

Compare Source

v6.0.6

Compare Source

v6.0.5

Compare Source

v6.0.4

Compare Source

v6.0.3

Compare Source

v6.0.2

Compare Source

v6.0.1

Compare Source

v6.0.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: composer.lock

Command failed: composer update laravel/passport:12.2.0 --with-dependencies --ignore-platform-reqs --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins
Package "laravel/passport:12.2.0" listed for update is not installed. Ignoring.
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: composer.lock

Command failed: composer update laravel/passport:12.3.1 --with-dependencies --ignore-platform-reqs --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins
Package "laravel/passport:12.3.1" listed for update is not installed. Ignoring.
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 will be shutdown on August 1st 2025. You should upgrade to Composer 2. See https://blog.packagist.com/shutting-down-packagist-org-support-for-composer-1-x/
Updating dependencies (including require-dev)