Is there a way to disable that laminas module so that I can install plugin against the CVE-2025-54236 vulnerability? Sadly upgrading magento 2.3.5 to 2.4 version is not possible because of the costs and time needed. See problem below.
composer require wubinworks/module-session-reaper-patch:*
The "magento/magento-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.6.0"). You may need to run composer update with the "--no-plugins" option.
The "magento/inventory-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.6.0"). You may need to run composer update with the "--no-plugins" option.
The "laminas/laminas-dependency-plugin" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.6.0"). You may need to run composer update with the "--no-plugins" option.
./composer.json has been updated
The "magento/magento-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.0") that does not match your Composer installation ("2.6.0"). You may need to run composer update with the "--no-plugins" option.
The "magento/inventory-composer-installer" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.6.0"). You may need to run composer update with the "--no-plugins" option.
The "laminas/laminas-dependency-plugin" plugin was skipped because it requires a Plugin API version ("^1.1") that does not match your Composer installation ("2.6.0"). You may need to run composer update with the "--no-plugins" option.
Running composer update wubinworks/module-session-reaper-patch
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.
Problem 1
- magento/product-community-edition is locked to version 2.3.5-p1 and an update of this package was not requested.
- laminas/laminas-dependency-plugin 1.0.4 requires composer-plugin-api ^1.1 -> found composer-plugin-api[2.6.0] but it does not match the constraint.
- magento/product-community-edition 2.3.5-p1 requires laminas/laminas-dependency-plugin ^1.0 -> satisfiable by laminas/laminas-dependency-plugin[1.0.4].
Installation failed, reverting ./composer.json and ./composer.lock to their original content.