v13.0.1

• [13.x] Fix access to undefined route by @axlon in #1812
• [13.x] Fix access to uninitialised typed static property by @owenvoke in #1811
• Use isset to check for initialisation by @patrickomeara in #1813
• [13.x] Fix middleware type error by @axlon in #1815

v13.0.0

• [13.x] Support OAuth2 Server v9 by @hafezdivandari in #1734
• [13.x] Always hash client secret by @hafezdivandari in #1745
• [13.x] Remove redundant PAT client table and model by @hafezdivandari in #1749
• [13.x] Fix determining revoked records by @hafezdivandari in #1751
• [13.x] Use the oauth_scopes property of the bearer token on TokenGuard by @hafezdivandari in #1755
• [13.x] Refactor migrations by @hafezdivandari in #1759
• [13.x] Cleanup by @hafezdivandari in #1758
• [13.x] Use unique IDs on client model by @hafezdivandari in #1757
• [13.x] Force confidential PAT client by @hafezdivandari in #1761
• [13.x] Fix register a custom rendering closure for OAuthServerException by @hafezdivandari in #1763
• [13.x] Use UUID to identify clients by default by @hafezdivandari in #1764
• [13.x] Disable PAT requests by @hafezdivandari in #1766
• [13.x] Cleanup and add feature tests by @hafezdivandari in #1767
• [13.x] Always validate auth token by @hafezdivandari in #1769
• [13.x] Configure the user provider for PAT by @hafezdivandari in #1768
• [13.x] Fix user-token relations by @hafezdivandari in #1773
• [13.x] Make client RFC compatible by @hafezdivandari in #1744
• [13.x] Fix skipping consent prompt by @hafezdivandari in #1777
• [13.x] Improve issuing PATs by @hafezdivandari in #1780
• [13.x] Fix clients confidentiality by @hafezdivandari in #1782
• [13.x] Make Passport headless (Support Laravel Jetstream and Breeze) by @hafezdivandari in #1771
• [13.x] Improve performance, fix minor bugs, and add tests by @hafezdivandari in #1783
• bug: mockery not setup correctly by @JimTools in #1785
• [13.x] Cleanup, improve types and tests by @hafezdivandari in #1788
• [13.x] Enhance error responses by @hafezdivandari in #1791
• [13.x] Rename CheckClientCredentials middleware by @hafezdivandari in #1792
• [13.x] Improve resolving and converting PSR responses by @hafezdivandari in #1793
• [13.x] Deprecate JSON API by @hafezdivandari in #1778
• [13.x] Add new EnsureClientIsResourceOwner middleware by @hafezdivandari in #1794
• [13.x] Make revoking refresh tokens optional by @hafezdivandari in #1790
• [13.x] Validate key files' permissions by @hafezdivandari in #1789
• [13.x] Determine if the client handles the specified grant by @hafezdivandari in #1762
• [13.x] Device Authorization Grant RFC8628 by @hafezdivandari in #1750
• [13.x] Release Passport 13.x by @hafezdivandari in #1797

v12.4.2

• [12.x] Update property annotation for $userId to match constructor type by @ukkok in #1805

v12.4.1

• Supports Laravel 12 by @crynobone in #1803

v12.4.0

• [12.x] Supports PHP 8.4 by @crynobone in #1799

v12.3.1

• Update logo to support dark/light theme by @milewski in #1787
• Fix repeated word "the" in upgrade guide by @caendesilva in #1798

v12.3.0

• [12.x] Add access token revoked event by @axlon in #1776

v12.2.1

• [12.x] Fix purge command by @hafezdivandari in #1772

v12.2.0

• [12.x] Add refreshToken relation to Token model by @gdebrauwer in #1739

v12.1.0

• [12.x] Make Passport's database connection configurable by @axlon in #1738