Tunyesz
commented
2 years ago Thanks for the advice! Encryption file removed and updated to use the built-in sodium php features #9
Closed danmarsden closed 7 months ago
Tunyesz
commented
2 years ago Thanks for the advice! Encryption file removed and updated to use the built-in sodium php features #9
Firstly - when including an external library in your plugin, you must include a thirdpartylibs.xml file that includes the name, location and license of the library. This is a blocker for plugins db approval
More information on this is here: https://docs.moodle.org/dev/Plugin_files#thirdpartylibs.xml And here: https://docs.moodle.org/dev/Plugin_with_third_party_libraries
One of the other advantages of using this is that Moodle's codechecker automatically ignores any files included in the location specificed in the thirdpartylibs.xml file.
But... what's even a bigger issue here, is that including Stack overflow based code in your GPL project is even more problematic - if you do a google search for this you'll find a number of articles about this - it's probably better to stop using that file completely and find another method for encryption - libsodium is a good option as it's now in PHP core, but if you want a library to help you use libsodium then Halite is a really good option which I've been using for some projects myself recently: https://github.com/paragonie/halite