v8 composer problem

[kw-pr]

I can not install v8 because of this compose problem:

  Problem 1
    - Root composer.json requires langleyfoxall/laravel-nist-password-rules ^8.0 -> satisfiable by langleyfoxall/laravel-nist-password-rules[v8.0.0].
    - langleyfoxall/laravel-nist-password-rules v8.0.0 requires divineomega/laravel-password-exposed-validation-rule ^4.0 -> found divineomega/laravel-password-exposed-validation-rule[dev-master, v1.0.0, ..., v1.2.3, v2.0.0, ..., v2.5.0] but it does not match the constraint.

Maybe in composer.json you need to require

langleyfoxall/laravel-password-exposed-validation-rule

instead of

divineomega/laravel-password-exposed-validation-rule.

[ORN-Fox]

Hi, i created a Pull Request for change this : #66

[rolfvandekrol]

I suppose the author uses their fork of that package on https://github.com/langleyfoxall/laravel-password-exposed-validation-rule. I don't think that is a green flag for security package like this.

[ORN-Fox]

Ok, divineomega/laravel-password-exposed-validation-rule not have tag 4.0, so we have to change to use the 4.0 of the module provided by langleyfoxall/laravel-password-exposed-validation-rule ??

Otherwise, we always get an error that the package does not exist!

[rolfvandekrol]

Warning

I don't think this is good idea, but it should work.

What you potentially could do, is adding this to your composer.json.

    "repositories": [
        {
            "type": "vcs",
            "url": "https://github.com/langleyfoxall/laravel-password-exposed-validation-rule"
        }
    ],

With this change you instruct composer to prefer the package from their repository instead of the official package. If you add this to composer.json, you should be able to do this.

composer require langleyfoxall/laravel-nist-password-rules