Skip to content

Alow sodium_compat v1 or v2 #385

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
paragonie-security wants to merge 1 commit into from
Closed

Alow sodium_compat v1 or v2 #385

paragonie-security wants to merge 1 commit into from

Conversation

@paragonie-security
Copy link

@paragonie-security paragonie-security commented Apr 21, 2024

More info: https://paragonie.com/blog/2024/04/release-sodium-compat-v2-and-future-our-polyfill-libraries

Description

Add a short description of the change. If this is related to an issue, please add a reference to the issue.

CHANGELOG

  • [CHANGED] Describe your change here. Look at CHANGELOG.md to see the format.

stof
stof reviewed Apr 24, 2024
View reviewed changes
composer.json
"guzzlehttp/guzzle": "^7.2",
"psr/log": "^1.0|^2.0|^3.0",
"paragonie/sodium_compat": "^1.6"
"paragonie/sodium_compat": "^1|^2"
Copy link
Contributor

@stof stof Apr 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't you keep the existing lowest bound instead of reverting it to 1.0 ?

Copy link
Author

@paragonie-security paragonie-security Apr 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a good point.

Alternatively, ^1.21|^2 might be more appropriate, given the long list of bug fixes since 1.6.0.

@IanSimpson IanSimpson mentioned this pull request Aug 22, 2024
Merged
@IanSimpson
Copy link
Contributor

IanSimpson commented Aug 22, 2024

Created #391 with suggested changes from @stof

@stale
Copy link

stale bot commented Feb 1, 2025

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you'd like this issue to stay open please leave a comment indicating how this issue is affecting you. Thank you.

@stale stale bot added the wontfix label Feb 1, 2025
@stale stale bot closed this Apr 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@stof stof stof left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

wontfix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@paragonie-security @IanSimpson @stof