web-eid
diff --git a/‎.gitignore‎
Lines changed: 4 additions & 2 deletions b/‎.gitignore‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 22 additions & 0 deletions b/‎README.md‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎composer.json‎
Lines changed: 9 additions & 5 deletions b/‎composer.json‎
Lines changed: 9 additions & 5 deletions
@@ -1,7 +1,9 @@
 vendor
-composer.lock
+.vscode
 .DS_Store
 .phpunit.result.cache
+.phpunit.cache
 web-eid-authtoken-validation-php.log
 build
-phpunit.xml
+phpunit.xml
+*.swp
@@ -378,6 +378,28 @@ composer dump-autoload
 
 Please note, that there are no certificate files included in this example. You can find certificates from [here](https://www.skidsolutions.eu/en/repository/certs)
 
+
+# Dependency versioning policy
+
+Starting from version 1.2.0 we adopt a flexible versioning policy for
+`phpseclib` and `guzzlehttp`, and specify the dependency version as `x.y.*`.
+This approach allows our library integrators to quickly incorporate security
+patches and minor updates from dependencies.
+
+## Why we include `composer.lock`
+
+While it is common practice for applications to include a `composer.lock` file
+to lock down the specific versions of dependencies used, this is less common
+for libraries. However, we have chosen to include `composer.lock` in our
+repository to clearly indicate the exact versions of dependencies we have
+tested against.
+
+Although our library is designed to work with any minor version of dependencies
+within the specified range, the `composer.lock` file ensures that integrators
+are aware of the specific version we consider stable and secure. The provided
+`composer.lock` is intended to be used as a reference, not as a strict
+requirement.
+
 # Code formatting
 
 We are using `Prettier` for code formatting. To install Prettier, use following command:
 
@@ -10,8 +10,8 @@
         }
     ],
     "require-dev": {
-		"phpunit/phpunit": "^11.0.4"
-	},    
+        "phpunit/phpunit": "^11.0.4"
+    },
     "autoload": {
         "psr-4": {
             "web_eid\\web_eid_authtoken_validation_php\\": ["src"]
@@ -33,12 +33,16 @@
     ],
     "require": {
         "phpseclib/phpseclib": "3.0.*",
-        "guzzlehttp/psr7": "2.6.2",
-        "web-eid/ocsp-php": "dev-main",
+        "guzzlehttp/psr7": "2.6.*",
+        "web-eid/ocsp-php": "1.1.1",
         "psr/log": "^3.0"
     },
     "scripts": {
         "fix-php": ["prettier src/**/* --write", "prettier examples/src/* --write"],
-        "test": "phpunit --no-coverage"
+        "test": "phpunit --no-coverage --display-warnings",
+        "test-coverage": [
+            "@putenv XDEBUG_MODE=coverage",
+            "phpunit --coverage-html coverage"
+        ]
     }
 }