See https://github.com/LimeSurvey/LimeSurvey/pull/3960/files#r1756475043

Fixes to this are already included in 19685.

The TwoFactor lib has been updated by its author. But the newest version doesn't support versions older than 8.2.
So we have 2 alternatives:
1) Just use the one we patched (and move it outside of the vendor directory)

2) Adapt the plugin so:

• it includes one version or the other of the lib (this would require to move out the lib from the vendor and composer).
• it can deal with the new version of the library (huge change between the two versions)

3) Use a different TwoFactorAuth lib

Either way, we would need to move the chnage we did in 19685 and include them in this PR.

I would say go with Alternative #1. (technical solution for this PHP upgrade)
And then approach on another ticket alternative #3. (feature update)

I would say go with Alternative #1. (technical solution for this PHP upgrade)
And then approach on another ticket alternative #3. (feature update)

:+1: for me here !

@c_schmitz what do you think what would be the best solution here? I agree to go with #1 proposed solution, but I am not sure if there are some additional implications for our software if we do it this way that I am not aware of.

Quick update. Nothing is needed here. Although there is impact, those are for deprecations.
The issue is thatthose deprectations are since 7.1... so if we got this far with that, means that code is not used.

If that part of the code is not used, shall we still update it?
Make sense?
According to the previous comments, maybe is best to not update anything and later on refactor the whole plugin to use a different library.

As per the impacts on the library that we commented, they are on the demo folder, so not real impact.
I would just don't do anything.
Test. If something popsup, we review it.

Thoughts?

We don't have a test for 2FA ?
I know it's complex to do one since we can not really validate it work …
But adding some test seems cleaner :)