search

laminas / laminas-authentication

provides an API for authentication and includes concrete authentication adapters for common use case scenarios
https://docs.laminas.dev/laminas-authentication/
BSD 3-Clause "New" or "Revised" License
24 stars 15 forks source link

Remove dependency on Laminas\Crypt #55

Closed gsteel closed 2 months ago

gsteel commented 11 months ago

This patch ships a copy of "Apache Password" from laminas-crypt with several simplifications and improved tests. It effectively removes all dependencies on laminas-crypt with the exception that it would be a BC break to remove the protected method getApachePassword() from the ApacheResolver.

Perhaps, with the given changes, it might be possible to remove the dep from composer, therefore requiring that anyone who's extended from ApacheResolver also install laminas-crypt as it is now completely 'un-used' here.

Ocramius commented 11 months ago

@ezimuel do you have time to check this, perhaps?

gsteel commented 8 months ago

Thanks for the review @lcobucci - I've also dropped laminas-crypt from require-dev and suggest.

Do we need more reviews from @laminas/technical-steering-committee on this as it's security sensitive?

gsteel commented 2 months ago

@weierophinney Could you possibly review this one for me when you get a minute? I'd like to get it off my desk and it needs final approval 🙏