alexmerlin
commented
1 month ago You can see when that specific line was introduced by going here and hovering on the commit message.
The line "laminas/laminas-session": "^2.21.0", was added to the requirements a couple of days ago when we implemented CSRF in both DK Admin and Frontend. This feature needs the new CSRF validator, which was introduced in version 2.21.x.
Once we bump laminas-session to ^2.21 in dot-session, we can remove this requirement from both projects. Here's the task list:
bidi47
we have dotkernel/dot-session which requires laminas/laminas-session composer.json contains both dotkernel/dot-session and laminas/laminas-session can laminas/laminas-session be removed from composer.json?