Closed gsteel closed 2 months ago
@ezimuel do you have time to check this, perhaps?
Thanks for the review @lcobucci - I've also dropped laminas-crypt
from require-dev and suggest.
Do we need more reviews from @laminas/technical-steering-committee on this as it's security sensitive?
@weierophinney Could you possibly review this one for me when you get a minute? I'd like to get it off my desk and it needs final approval 🙏
This patch ships a copy of "Apache Password" from laminas-crypt with several simplifications and improved tests. It effectively removes all dependencies on laminas-crypt with the exception that it would be a BC break to remove the protected method
getApachePassword()
from the ApacheResolver.Perhaps, with the given changes, it might be possible to remove the dep from composer, therefore requiring that anyone who's extended from ApacheResolver also install laminas-crypt as it is now completely 'un-used' here.