vulnerabilities in composer dependencies

ugh, composer.

There are 2 composer security advisories affecting our repositories.

twig/twig (CVE-2022-39261)

Possibility to load a template outside a configured directory when using the filesystem loader

Affected repositories (1)

• ❌mediawiki/extensions/FundraisingEmailUnsubscribe

firebase/php-jwt (CVE-2021-46743)

Key/algorithm type confusion

Affected repositories (3)

• 🗄mediawiki/extensions/CheckUser
• 🗄mediawiki/extensions/ContentTranslation
• ❌🗄mediawiki/extensions/OAuth

Source code is licensed under the AGPL.