Your requirements could not be resolved to an installable set of packages. Problem 1 - Root composer.json requires google/apiclient ^2.7 -> satisfiable by google/apiclient[v2.7.0, ..., v2.19.1]. - google/apiclient[v2.7.0, ..., v2.12.1] require firebase/php-jwt ~2.0||~3.0||~4.0||~5.0 -> found firebase/php-jwt[2.0.0, v2.1.0, v2.2.0, v3.0.0, v4.0.0, v5.0.0, ..., v5.5.1] but these were not loaded, because they are affected by security advisories ("PKSA-y2cr-5h3j-g3ys", "PKSA-2kqm-ps5x-s4f5"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config. - google/apiclient[v2.12.2, ..., v2.14.0] require firebase/php-jwt ~2.0||~3.0||~4.0||~5.0||~6.0 -> found firebase/php-jwt[2.0.0, v2.1.0, v2.2.0, v3.0.0, v4.0.0, v5.0.0, ..., v5.5.1, v6.0.0, ..., v6.11.1] but these were not loaded, because they are affected by security advisories ("PKSA-y2cr-5h3j-g3ys", "PKSA-2kqm-ps5x-s4f5"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config. - google/apiclient[v2.15.0, ..., v2.16.1] require firebase/php-jwt ~6.0 -> found firebase/php-jwt[v6.0.0, ..., v6.11.1] but these were not loaded, because they are affected by security advisories ("PKSA-y2cr-5h3j-g3ys"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config. - google/apiclient[v2.17.0, ..., v2.18.4] require firebase/php-jwt ^6.0 -> found firebase/php-jwt[v6.0.0, ..., v6.11.1] but these were not loaded, because they are affected by security advisories ("PKSA-y2cr-5h3j-g3ys"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config. - google/apiclient v2.19.0 requires phpseclib/phpseclib ^3.0.36 -> found phpseclib/phpseclib[3.0.36, ..., 3.0.50] but it conflicts with your root composer.json require (^2.0). - google/apiclient v2.19.1 requires phpseclib/phpseclib ^3.0.50 -> found phpseclib/phpseclib[3.0.50] but it conflicts with your root composer.json require (^2.0).