Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: cakephp/authentication
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 3.3.4
Choose a base ref
...
head repository: cakephp/authentication
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 3.3.5
Choose a head ref
  • 7 commits
  • 19 files changed
  • 4 contributors

Commits on Dec 20, 2025

  1. update stan

    @LordSimal
    LordSimal committed Dec 20, 2025
    Configuration menu
    Copy the full SHA
    7530454 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #757 from cakephp/3.x-update-stan 

    update stan
    @LordSimal
    LordSimal authored Dec 20, 2025
    Configuration menu
    Copy the full SHA
    acdcdf9 View commit details
    Browse the repository at this point in the history

Commits on Jan 13, 2026

  1. Fix deprecation errors

    @ADmad
    ADmad committed Jan 13, 2026
    Configuration menu
    Copy the full SHA
    e69a5bb View commit details
    Browse the repository at this point in the history

  2. Merge pull request #759 from cakephp/deprecations 

    Fix deprecation errors
    @ADmad
    ADmad authored Jan 13, 2026
    Configuration menu
    Copy the full SHA
    d5ac2be View commit details
    Browse the repository at this point in the history

  3. Deprecate SessionAuthenticator identify option 

    The `identify` option only verifies that the username exists in the
database, it does not verify passwords as the documentation previously
suggested. This makes it ineffective for the use case of detecting
password changes or remotely invalidating sessions.

Users should use `PrimaryKeySessionAuthenticator` instead if they need
to fetch fresh user data from the database on each request.

Also updated the Quick Start guide to clarify that SessionAuthenticator
does not need an identifier - it uses session data directly as identity.
    @dereuromark
    dereuromark committed Jan 13, 2026
    Configuration menu
    Copy the full SHA
    ad2c520 View commit details
    Browse the repository at this point in the history

Commits on Jan 27, 2026

  1. Remove sentence about not verifying passwords from deprecation notices

    @dereuromark
    dereuromark committed Jan 27, 2026
    Configuration menu
    Copy the full SHA
    373bd7a View commit details
    Browse the repository at this point in the history

Commits on Jan 31, 2026

  1. Merge pull request #763 from cakephp/fix/deprecate-session-identify 

    Deprecate SessionAuthenticator identify option
    @markstory
    markstory authored Jan 31, 2026
    Configuration menu
    Copy the full SHA
    9a12edc View commit details
    Browse the repository at this point in the history
Loading