Update rollerworks/password-strength-validator

rollerworks / PasswordStrengthBundle

Symfony Password strength and blacklisting validator bundle

MIT License

142 stars 26 forks source link

Update rollerworks/password-strength-validator #109

Closed webketje closed 3 years ago

webketje commented 3 years ago

Q	A
Bug report?	no
Feature request?	yes
BC Break report?	no
RFC?	no

Hi, I noticed that PasswordStrengthBundle is still pointing to PasswordStrengthValidator 1.0.1, while that repository has already moved to 1.6.0. Any chance to update the dependency? I stumbled upon this due to not being able to specify a Symfony constraint as attribute (feature included in 1.6.0)

Current work-around is to explicitly add composer require rollerworks/password-strength-validator

sstok commented 3 years ago

That's strange, normally composer should use the latest package. There is nothing preventing from installing that version. "rollerworks/password-strength-validator": "^1.0.1" also allows 1.6, unless you are using a special flag like using the lowest possible version or something.

webketje commented 3 years ago

So I did:

composer remove rollerworks/password-strength-bundle
composer require rollerworks/password-strength-bundle
composer show rollerworks/password-strength-validator # 1.6.0

And the correct version showed up. I suppose it had to do with symfony.lock:

     "rollerworks/password-strength-bundle": {
-        "version": "v2.2.1"
+        "version": "v2.2.2"
     },
     "rollerworks/password-strength-validator": {
-        "version": "v1.3.2"
+        "version": "v1.6.0"
     },