tvdijen
commented
1 year ago It's probably good to know that SSP itself is also moving to PHP 8.0 in the upcoming 2.1 release.
Closed cicnavi closed 1 year ago
tvdijen
commented
1 year ago It's probably good to know that SSP itself is also moving to PHP 8.0 in the upcoming 2.1 release.
cicnavi
commented
1 year ago In order to move away from packages with CVEs, v4 released: https://github.com/simplesamlphp/simplesamlphp-module-oidc/releases/tag/v4.0.0
Leaving other mentioned tasks for later...
Important underlying package(s) like 'league/oauth2-server' have moved to PHPv8. Current version of mentioned package has a CVE, but the fixed version requires PHPv8.
It is necessary to create a new version (4) of the oidc module which would require PHPv8.
This is also a good opportunity to move away from the laminas/laminas-diactoros, custom container, etc...