CVE-2024-51736 (https://github.com/Comcast/php-legal-licenses/security/dependabot/1) was discovered yesterday, November 6th, 2024 and this utility was affected. The minimum version unaffected by this vulnerability was 5.4.46, so this change eliminates support for versions lower than that, which also removes support for PHP versions below 7.2. Therefore this is a breaking change.
Tested the utility after this change on the following PHP versions:
- 7.4 ✅
- 8.0 ✅
- 8.1 ✅
- 8.2 ✅
- 8.3 ✅
- 8.4 ✅