[6.0] Remove duplicate password length check #29468
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This removes duplicate (and hardcoded) length check from the PasswordBroker. At the moment this is duplicated in the ResetsPasswords trait where it can be customized by overwriting the rules method and the PasswordBroker where it cannot be adjusted. A length of 8 is a sensible default to have (see #25957) but allowing people to overwrite when needed allows people to modify as they see fit.
I've left the rules in user land (laravel/laravel repo & ResetsPassword trait) as is because it still makes sense to ship with a default length in user land.