🇸🇮Slovenia LUTi
I've managed to run Security Review with the following patch:
diff -up modules/contrib/security_review/src/Plugin/SecurityCheck/NamePasswords.php~ modules/contrib/security_review/src/Plugin/SecurityCheck/NamePasswords.php
--- modules/contrib/security_review/src/Plugin/SecurityCheck/NamePasswords.php~ 2024-07-10 19:55:58.848825234 +0200
+++ modules/contrib/security_review/src/Plugin/SecurityCheck/NamePasswords.php 2024-07-23 21:24:40.015774057 +0200
@@ -14,7 +14,7 @@ use Drupal\Core\Plugin\ContainerFactoryP
use Drupal\security_review\CheckResult;
use Drupal\security_review\SecurityCheckBase;
use Drupal\user\Entity\User;
-use Drupal\user\UserAuthInterface;
+use Drupal\user\UserAuthenticationInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
@@ -53,9 +53,9 @@ class NamePasswords extends SecurityChec
/**
* Drupal's user authentication service.
*
- * @var \Drupal\user\UserAuthInterface
+ * @var \Drupal\user\UserAuthenticationInterface
*/
- protected UserAuthInterface $userAuth;
+ protected UserAuthenticationInterface $userAuth;
/**
* {@inheritdoc}
@@ -97,7 +97,7 @@ class NamePasswords extends SecurityChec
$users = User::loadMultiple($ids);
$findings = [];
foreach ($users as $user) {
- if ($this->userAuth->authenticate($user->getDisplayName(), $user->getDisplayName())) {
+ if ($this->userAuth->authenticateAccount($this->userAuth->lookupAccount($user->getDisplayName()), $user->getDisplayName())) {
$findings[] = $user->getDisplayName();
}