Comment on page
From 4.x to 5.0
Step-by-step guide for migrating from 4.x to 5.0
THis page is subject to changes as the version 5.0.0 is not available at the time of writing.
This project follows the Semantic Versioning principles and, contrary to upgrade a minor version (where the middle number changes) where no difficulty should be encountered, upgrade a major version (where the first number changes) is subject to significant modifications.
First of all, you have to make sure you are using the last 4.x release (4.6.0 at the time of writing).
In addition, you have to make sure you are using PHP
8.2+.Next, you have to verify you don’t use any deprecated class, interface, method or property. If you have PHPUnit tests, you can easily get the list of deprecation used in your application.
All references to token binding are deprecated. This functionality is not supported anymore as removed from the latest Webauthn spectification versions.
All references to the ECDAA Attestation Statement type are deprecated. This functionality is not supported anymore as removed from the latest Webauthn spectification versions.
- Constant
AuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_NONE: please useAuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_NO_PREFERENCEinstead - Method
This class is now deprecated. Please use
Webauthn\MetadataService\CertificateChainChecker\PhpCertificateChainValidator instead or a class that implements Webauthn\MetadataService\CertificateChain\CertificateChainValidator.
- Added:
symfony/clock:^6.3
- Bumped:
PHP:>=8.2symfony/*:^6.3
- Removed:
lcobucci/clock
No modification required.
When deprecations are removed, you can upgrade the libraries. In your composer.json, change all
web-auth/* dependencies from ^4.x.y to ^5.0.0. When done, execute composer update.This may also update other dependencies. You can list upgradable libraries by calling
composer outdated. Please make sure these libraries do not impact your upgrade.Last modified 2mo ago