- Chris Pook, 8th Jan 2020
Those of us working with Magento sites will no doubt have recently encountered the following worrying messaging when running Composer builds:
This is a result of Zend Framework transitioning to a new open source framework named Laminas. As the Composer messages suggest, the Laminas alternatives for each Zend dependency are recommended instead of continuing to rely on the Zend packages.
What happens over the coming weeks will be an intersting view in to the mindset of the core Magento development team. Reliance on an abandoned package has fairly large security implications which Magento must make moves to mitigate. If we are still seeing these warnings on builds in weeks or months to come I believe questions will rightly be raised regarding the integrity of the Magento codebase.
Certainly this is an unfortunate occurance, however the transition of Zend to Laminas has been in the pipeline for some time, so hopefully it was already on the Magento road map and a plan is in action.
If you are interested in tracking the progress of the Laminas project there is more information regarding how Zend Framework is becoming Laminas here:
https://www.zend.com/blog/what-status-zend-framework-transition-laminas
20th May 2020
The dependencies mentioned above have indeed now been swapped for their suggested Laminas replacements. Read about the transition here.