From 6dcc9c7f750487b169c519ace80da75dde4d1e70 Mon Sep 17 00:00:00 2001
From: Brent Shaffer <betterbrent@google.com>
Date: Thu, 21 Dec 2023 06:36:09 -0800
Subject: [PATCH] fix: disallow vulnerable guzzle versions

---
 composer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index e1f9498a0..2a930f398 100644
--- a/composer.json
+++ b/composer.json
@@ -12,7 +12,7 @@
         "firebase/php-jwt": "~6.0",
         "monolog/monolog": "^2.9||^3.0",
         "phpseclib/phpseclib": "^3.0.19",
-        "guzzlehttp/guzzle": "~6.5||~7.0",
+        "guzzlehttp/guzzle": "~6.5.8||~7.4.5",
         "guzzlehttp/psr7": "^1.8.4||^2.2.1"
     },
     "require-dev": {