Problem/Motivation
#3079481: Fix problems Vendor Hardening Plugin has with using the File Security component needed to add a duplicate, re-namespaced copy of the file security class in order to work around a Composer limitation that prevented it from autoloading the version in drupal/core. In the future, either #3077455: Move Drupal Components out of 'core' directory or #2943856: [meta] Reorganize Components so they are testable in isolation will move the File Security component to the vendor directory. Once this happens, the workaround will no longer be necessary.
Proposed resolution
Once the File Security component has been relocated to vendor, re-add "drupal/core-file-security" to the composer.json file of the Vendor Hardening plugin. Remove the duplicate copy of the File Security component, and make sure to use the correct copy in the Vendor Hardening plugin.
Remaining tasks
Blocked on #3077455: Move Drupal Components out of 'core' directory / #2943856: [meta] Reorganize Components so they are testable in isolation .
User interface changes
None.
API changes
None.
Data model changes
None.
Release notes snippet
tbd.