dstepe
commented
3 years ago Forgot to mention that this closes #93
Closed dstepe closed 2 years ago
dstepe
commented
3 years ago Forgot to mention that this closes #93
subfission
commented
3 years ago Thank you for this PR. Ideally, we should not be blocking this package from getting the latest in security updates for such a critical function. Instead, by making this package adaptable to the newer versions and backwards compatible, this solves both use-cases. Please test the latest in master and see if that solves this issue for you.
dstepe
commented
3 years ago This is your package so I will defer to your decision. However, I disagree with the proposed solution. It uses execution failure to infer the correct behavior. That code must be executed even for new releases of the apereo/phpcas package and must be maintained going forward. Using version constraints addresses this problem without introducing conditional code which must be maintained.
I did not intend for this to be the final state. I absolutely want to be using the latest version of the phpcas package. The next step is to issue a new release of this package that works with the phpcas >= 1.3.9, but again, it would contain only the code known to work with those releases. I started working on that but discovered it required slightly more work and I have not had time to get back to it.
in response to a breaking change introduced in 1.3.9 (see https://github.com/apereo/phpCAS/issues/371)
This should provide short term relief from the issue introduced by the deprecation in the phpcas package.