Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies #60

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependencies #60

wants to merge 1 commit into from

Conversation

cyrillkalita
Copy link

@cyrillkalita cyrillkalita commented Sep 8, 2020
edited
Loading

Add Laravel 8 dependencies, as per #59

@cyrillkalita
Update dependencies
59fe83b 
Add Laravel 8 dependencies
@abdrzakoxa abdrzakoxa mentioned this pull request Sep 15, 2020
Open
@abdrzakoxa
Copy link

@sildraug, @zarianec
someone can merge this?

@u01jmg3
Copy link

u01jmg3 commented Sep 24, 2020
edited
Loading

@adrianhurt @bri06 @dgoguerra

@elijahchancey
Copy link

@sildraug @zarianec @adrianhurt @dgoguerra Please merge this!

@cyrillkalita
Copy link
Author

cyrillkalita commented Sep 26, 2020
edited
Loading

While @sildraug is reviewing the code (and assuming the patch is accepted), you can use the power of composer:

  1. In the root of composer.json add repositories key (if you don't have one already)
    "repositories": [
        {
            "type": "vcs",
            "url": "https://github.com/cyrillkalita/Sanitizer"
        }
    ],
  1. Update the version of the package to
    "require": {
        ...
        "waavi/sanitizer": "dev-laravel-8-patch",
        ...
}

This will instruct composer to replace the canonical waavi/sanitizer with a patched version.

Not ideal, I understand, but everyone's got a life and we have to respect authors, maintainers, and their time.

@abdrzakoxa
Copy link

You can also use this:

...
"laravel/framework": "8.6 as 7.28",
"waavi/sanitizer": "~1.0",
...

@cyrillkalita
Copy link
Author

@abderrazzak-oxa not sure which of "not-ideal" solutions is less not ideal; locking the framework dependency or pointing to the patch.

For anyone looking for a quick solution, please remember, this should not be your production solution.

On one hand, the framework has been known to release security patches and locking to a version will prevent you from getting those. Upside - it keeps you composer.json very clean. Easy to forget something was done to it.

On another hand, replacing package with a patched version opens you to all sorts of malice from an unknown source, who can continue to add code. An obvious reason to not use it in production.

It would really be helpful through is @sildraug will decide if he wants to merge this code, though.

@nickfls
Copy link

nickfls commented Oct 13, 2020

@sildraug do you think you can review this PR?

@cyrillkalita
Copy link
Author

For anyone still interested, I forked the repo into a stable version 8 here:
Sanitizer

Moving forward supports only Laravel 8 over PHP7.3

@f-liva
Copy link

f-liva commented Feb 16, 2021

Thank you @cyrillkalita

This was referenced Jan 3, 2022
Open
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guerrillacontra guerrillacontra guerrillacontra approved these changes

@abdrzakoxa abdrzakoxa abdrzakoxa approved these changes

@timsinakiran timsinakiran timsinakiran approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@cyrillkalita @abdrzakoxa @u01jmg3 @elijahchancey @nickfls @f-liva @guerrillacontra @timsinakiran