From v3.x to v4.0
Step-by-step guide for migrating from v3.x to v4.0
This project follows the Semantic Versioning principles and, contrary to upgrade a minor version (where the middle number changes) where no difficulty should be encountered, upgrade a major version (where the first number changes) is subject to significant modifications.
First of all, you have to make sure you are using the last v3.x release (v3.3.4 at the time of writing).
In addition, you have to make sure you are using PHP
8.1+
.If you use the Symfony bundle and Symfony Flex, please note that Flex Recipes are now provided through a dedicated server.
It is highly recommended to declare this server within your application
composer.json
file.composer config --json extra.symfony.endpoint '["https://api.github.com/repos/web-auth/recipes/contents/index.json?ref=main", "flex://defaults"]'
You can adapt this command line depending on the other Flex servers you are using.
Next, you have to verify you don’t use any deprecated class, interface, method or property. If you have PHPUnit tests, you can easily get the list of deprecation used in your application.
- The class
Webauthn\Server
is removed and there is no replacement. - The Metadata Statement embraces the version 3 of the specification. There is no migration tool to convert the MDS from v2 to v3. We suggest to refer to this blog post from Yuriy Ackermann, a Fido Alliance staff member who regulary write articles on Webauthn.
- Added:
symfony/http-client ^6.0
symfony/uid ^6.0
- Bumped:
spomky-labs/cbor-php
minimal version is now^3.0
spomky-labs/cbor-bundle
minimal version is now^3.0
symfony
components minimal version is now^6.0
symfony/psr-http-message-bridge
minimal version is now^2.0
- thecodingmachine/safe minimal version is now
^2.0
- Removed:
sensio/framework-extra-bundle
ramsey/uuid
As the bundle
sensio/framework-extra-bundle
is not required anymore, the associated configuration may become useless if you do not use this bundle in your project.The most notable changes are related to the Metadata Statement section
webauthn:
metadata: ## Optional
enabled: true
mds_repository: 'App\MDS\MetadataStatementRepository'
status_report_repository: 'App\MDS\MetadataStatementRepository'
#certificate_chain_checker: 'Webauthn\CertificateChainChecker\PhpCertificateChainChecker::class'
It is now time to upgrade the libraries. In your composer.json, change all
web-auth/*
dependencies from v3.x
to v4.0
. When done, execute composer update
.This may also update other dependencies. You can list upgradable libraries by calling
composer outdated
. Please make sure these libraries do not impact your upgrade.