Closed KasperFranz closed 2 months ago
Hi @KasperFranz , we will need to evaluate this package.
Kindly allow us some time to add this to our work backlog and we will update this thread with a probable future release date.
---Gabriel
Thank you, We are not able to update our integration as the required package conflicts with our security policy
Any update on this?
Hi, Do you have any updates on this? We are unable to integrate one of the packages which is dependent on this.
Any updates on this please ?
Hi,
We can't update cybersource/rest-client-php (right now locked in 0.0.43) as well because we're using Symfony 6.
And we have to update before 3/22/2024 due to security fix https://community.developer.cybersource.com/t5/cybersource-Developer-Blog/REST-API-Http-Signature-Authentication-Critical-Security-Update/ba-p/87319
Could you please prioritize that?
@gaubansa @monu-kumar-visa @gnongsie could you please check?
Same issue. Downgrading symfony/console is out of the question for us from a security standpoint and also from package conflict standpoint.
I'm using "laravel/framework": "^10.10" and PHP 8.2 and there are so many conflicts that arise even if I try to downgrade symphony/console version.
Similiar issues arise when with the "brick/math" Cybersource dependency as well.
Please fix since Cybersource is requiring developers to upgrade March 22nd 2024 .
We've updated the blog post; the updated date is April 22. Additionally, we will share an update regarding the upgrade decision by the end of February.
Hello, do we have an update concerning the impossibility to upgrade the package for a symfony/laravel project ?
Cybersource is no longer requiring the update. It's optional now.
On Wed, Mar 20, 2024 at 4:21 AM Maud REMORIQUET @.***> wrote:
Hello, do we have an update concerning the impossibility to upgrade the package for a symfony/laravel project ?
— Reply to this email directly, view it on GitHub https://github.com/CyberSource/cybersource-rest-client-php/issues/138#issuecomment-2009102919, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABQZXXJGLX2SBY5DCSL3XDTYZFIK5AVCNFSM6AAAAAA5Y3H7IGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMBZGEYDEOJRHE . You are receiving this because you commented.Message ID: @.***>
I see this, but do they plan to update their package ? Because I need to use an old version of the package to avoid the symfony/console conflict.
I have no idea ? I've thought about that as well. I haven't tried updating and testing yet.
On Fri, Mar 22, 2024 at 12:51 AM Maud REMORIQUET @.***> wrote:
I see this, but do they plan to update their package ? Because I need to use an old version of the package to avoid the symfony/console conflict.
— Reply to this email directly, view it on GitHub https://github.com/CyberSource/cybersource-rest-client-php/issues/138#issuecomment-2014405877, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABQZXXP5UL6PMNF6I2I5JS3YZPBHZAVCNFSM6AAAAAA5Y3H7IGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMJUGQYDKOBXG4 . You are receiving this because you commented.Message ID: @.***>
Hi All, We have upgraded the web-token/jwt-framework dependency in SDK to ^2.2.11|^3.3.5 which will optional to higher version for php v8.1 and above and you can use the new PHP SDK version 0.0.50 onwards.
Hi,
I can see you have just included the package web-token/jwt-framework in the latest release.
Would you be able to update to use v3 instead of v2? (or allow both at the same time).
version 2 is using symfony/console ^4.2|^5.0 version 3 allows ^5.4|^6.0.
Symfony 4.4 is out of security support in November this year https://symfony.com/releases/4.4
Thank you