- Issue created by @Den Tweed
- πΊπΈUnited States cmlara
Unfortunately this issue is a bit more complex than it appears on the surface.
The plugin list isn't currently reliable, plugins can be listed when they are not ready and not required. This has been part of the complexity in recent security releases.
A combination of the logic (but not the direct use of) TfaLoginContext::isDisabled(), TfaLoginContext::isReady(), and TfaLoginContext::canLoginWithoutTfa() is currently the most accurate data, however that likely is a bit heavy for a View. I'm hoping when we implement π Convert plugin configuration to Config Entities Active or π Convert plugin configuration to Config Entities Active we may end up cleaning up flaws of plugins not correctly keeping the plugin list updated, however that isn't necnecessarily guaranteed to be in scope of those issues.
Moving this to 2.x as we should fix this in the newest branches first and than backport.
As an aside:
Merge Requests are now recommended to be used whenever possible across the entire D.O. ecosystem. The DrupalCi system that is utilized for testing patch files will be shutdown in the near future and the new GitLab CI system is only capable of testing Merge Requests. Some projects, including TFA, have migrated fully to the new system and are now no longer able to test patch files.