"notify_password_change: false" still sends password change emails

Silverstripe Version: 4.14

**Question: Why does setting “notify_password_change: false” in config not work — a password change is still triggering the email send? The code in /project/vendor/silverstripe/framework/src/Security/Member.php starting at about line 900 has this line: “&& static::config()->get(‘notify_password_change’)” which seems to test for “notify_password_change: true”. Why would the config setting not be working?
**

As described in https://docs.silverstripe.org/en/4/changelogs/4.11.0/ :

The SilverStripe\Security\Member.notify_password_change configuration has been set to true by default – it used to be false. This means when a user changes their password on a project in “live” mode, they will recieve an email alerting them that their password was changed. The email includes a link to change their password again, so that users can recover their account in the event that someone else changed their password without their knowledge.

This change was made to improve the default security of your projects, but if you do not want this behaviour you can disable it by setting the configuration back to false:

```
SilverStripe\Security\Member:
  notify_password_change: false
```

Silverstripe Version: 4.14

There’s no such thing. Can you please run composer show && grep silverstripe/framework to see what specific version of that module you’re using?

That YAML snippet you’ve shown should work. You can go to /dev/config or run sake dev/config to see all of the configuration to check if that config is actually being applied or not.