Sdk 2795 php upgrade to protobuf 4 33 6 and phpseclib 3 0 50

[mehmet-yoti]

Summary

Security update addressing two dependency vulnerabilities. Minimum PHP version raised to 8.1.

Security Fixes

google/protobuf — GHSA-p2gh-cfq4-4wjc (HIGH)

Denial of Service issue through malicious messages containing negative varints or deep recursion.

• Affected: < 4.33.6
• Patched: 4.33.6
• Constraint updated: ^3.10 → ^4.33.6

phpseclib/phpseclib — CVE-2026-32935 (MEDIUM)

AES-CBC padding oracle timing attack.

• Affected: <= 3.0.49
• Patched: 3.0.50
• Constraint updated: ^3.0 → ^3.0.50

Breaking Changes

	Before	After
PHP	^7.4 || ^8.0 || ^8.1 || ^8.4	^8.1
google/protobuf	^3.10	^4.33.6
phpseclib/phpseclib	^3.0	^3.0.50

⚠️ PHP 7.4 and 8.0 are no longer supported.

Changes

• Updated google/protobuf constraint to ^4.33.6
• Updated phpseclib/phpseclib constraint to ^3.0.50
• Updated minimum PHP version to ^8.1
• Updated CI matrix: PHP 8.1, 8.2, 8.3, 8.4 (removed 7.4, 8.0)
• Bumped SDK version to 4.5.0

[Copilot]

Pull request overview

This PR performs a security-focused dependency upgrade and aligns the SDK’s supported PHP/runtime matrix accordingly, including a version bump to 4.5.0.

Changes:

• Bump SDK version to 4.5.0 across src/Constants.php, composer.json, and README.md.
• Raise minimum supported PHP version to ^8.1 and remove older PHP versions from documentation and CI.
• Upgrade vulnerable dependencies: google/protobuf to ^4.33.6 and phpseclib/phpseclib to ^3.0.50.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
src/Constants.php	Updates SDK version constant to 4.5.0.
README.md	Updates PHP requirements and installation examples to 4.5.0 / PHP ^8.1.
composer.json	Raises minimum PHP to ^8.1, upgrades protobuf/phpseclib, bumps package version to 4.5.0.
.github/workflows/tests.yaml	Updates CI jobs to run unit tests on PHP 8.1–8.4 (removing 7.4/8.0).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.