Closed cicnavi closed 1 year ago
It's probably good to know that SSP itself is also moving to PHP 8.0 in the upcoming 2.1 release.
In order to move away from packages with CVEs, v4 released: https://github.com/simplesamlphp/simplesamlphp-module-oidc/releases/tag/v4.0.0
Leaving other mentioned tasks for later...
Important underlying package(s) like 'league/oauth2-server' have moved to PHPv8. Current version of mentioned package has a CVE, but the fixed version requires PHPv8.
It is necessary to create a new version (4) of the oidc module which would require PHPv8.
This is also a good opportunity to move away from the laminas/laminas-diactoros, custom container, etc...