Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump symfony/symfony from 5.4.42 to 5.4.47 in /myoos #40

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump symfony/symfony from 5.4.42 to 5.4.47 in /myoos #40

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 13, 2024

Bumps symfony/symfony from 5.4.42 to 5.4.47.

Release notes

Sourced from symfony/symfony's releases.

v5.4.47

Changelog (symfony/symfony@v5.4.46...v5.4.47)

[PR] symfony/symfony#58848 [SECURITY] Security release

v5.4.46

Changelog (symfony/symfony@v5.4.45...v5.4.46)

[PR] symfony/symfony#58777 [SECURITY] Security release

v5.4.45

Changelog (symfony/symfony@v5.4.44...v5.4.45)

... (truncated)

Changelog

Sourced from symfony/symfony's changelog.

  • 5.4.47 (2024-11-13)

  • security #cve-2024-50342 [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient (nicolas-grekas)

  • security #cve-2024-51996 [Security] Check owner of persisted remember-me cookie (jderusse)

  • bug #58799 [String] Fix some spellings in EnglishInflector (alexandre-daubois)

  • bug #58791 [RateLimiter] handle error results of DateTime::modify() (xabbuh)

  • bug #58800 [PropertyInfo] fix support for phpstan/phpdoc-parser 2 (xabbuh)

  • 5.4.46 (2024-11-06)

  • bug #58772 [DoctrineBridge] Backport detection fix of Xml/Yaml driver in DoctrineExtension (MatTheCat)

  • security #cve-2024-51736 [Process] Use PATH before CD to load the shell on Windows (nicolas-grekas)

  • security #cve-2024-50342 [HttpClient] Filter private IPs before connecting when Host == IP (nicolas-grekas)

  • security #cve-2024-50345 [HttpFoundation] Reject URIs that contain invalid characters (nicolas-grekas)

  • security #cve-2024-50340 [Runtime] Do not read from argv on non-CLI SAPIs (wouterj)

  • bug #58765 [VarDumper] fix detecting anonymous exception classes on Windows and PHP 7 (xabbuh)

  • bug #58757 [RateLimiter] Fix DateInterval normalization (danydev)

  • bug #58754 [Security] Store original token in token storage when implicitly exiting impersonation (wouterj)

  • bug #58753 [Cache] Fix clear() when using Predis (nicolas-grekas)

  • bug #58713 [Config] Handle Phar absolute path in FileLocator (alexandre-daubois)

  • bug #58739 [WebProfilerBoundle] form data collector check passed and resolved options are defined (vltrof)

  • bug #58752 [Process] Fix escaping /X arguments on Windows (nicolas-grekas)

  • bug #58735 [Process] Return built-in cmd.exe commands directly in ExecutableFinder (Seldaek)

  • bug #58723 [Process] Properly deal with not-found executables on Windows (nicolas-grekas)

  • bug #58711 [Process] Fix handling empty path found in the PATH env var with ExecutableFinder (nicolas-grekas)

  • 5.4.45 (2024-10-27)

  • bug #58669 [Cache] Revert "Initialize RedisAdapter cursor to 0" (nicolas-grekas)

  • bug #58649 [TwigBridge] ensure compatibility with Twig 3.15 (xabbuh)

  • bug #58661 [Cache] Initialize RedisAdapter cursor to 0 (thomas-hiron)

  • bug #58593 [Mime] fix encoding issue with UTF-8 addresses containing doubles spaces (0xb4lint)

  • bug #58615 [Validator] [Choice] Fix callback option if not array returned (symfonyaml)

  • bug #58618 [DependencyInjection] Fix linting factories implemented via __callStatic (KevinVanSonsbeek)

  • bug #58619 [HttpFoundation][Lock] Ensure compatibility with ext-mongodb v2 (GromNaN)

  • bug #58627 Minor fixes around parse_url() checks (nicolas-grekas)

  • bug #58617 [DependencyInjection] Fix replacing abstract arguments with bindings (nicolas-grekas)

  • bug #58613 Symfony 5.4 LTS will get security fixes until Feb 2029 thanks to Ibexa' sponsoring (nicolas-grekas)

  • bug #58523 [DoctrineBridge] fix: DoctrineTokenProvider not oracle compatible (jjjb03)

  • bug #58492 [MonologBridge] Fix PHP deprecation with preg_match() (simoheinonen)

  • bug #58449 [Form] Support intl.use_exceptions/error_level in NumberToLocalizedStringTransformer (bram123)

  • bug #58459 [FrameworkBundle] Fix displayed stack trace when session is used on stateless routes (nicolas-grekas)

  • bug #58376 [HttpKernel] Correctly merge max-age/s-maxage and Expires headers (aschempp)

  • bug #58299 [DependencyInjection] Fix XmlFileLoader not respecting when env for services (Bradley Zeggelaar)

  • bug #58332 [Console] Suppress proc_open errors within Terminal::readFromProcess (fritzmg)

  • bug #58404 [TwigBridge] Remove usage of Node() instantiations (fabpot)

  • bug #58393 [Dotenv] Default value can be empty (HypeMC)

  • bug #58372 Tweak error/exception handler registration (nicolas-grekas)

  • 5.4.44 (2024-09-21)

... (truncated)

Commits
  • d869cc1 Merge pull request #58848 from fabpot/release-5.4.47
  • d6df8c2 Update VERSION for 5.4.47
  • cd92617 Update CHANGELOG for 5.4.47
  • b8f4116 security #cve-2024-50342 [HttpClient] Resolve hostnames in NoPrivateNetworkHt...
  • cb19470 security #cve-2024-51996 [Security] Check owner of persisted remember-me cook...
  • b4bf5af [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient
  • 439a278 bug #58799 [String] Fix some spellings in EnglishInflector (alexandre-daubois)
  • dfc53b8 [String] Fix some spellings in EnglishInflector
  • da4eb8b bug #58791 [RateLimiter] handle error results of DateTime::modify() (xabbuh)
  • d77f5d9 minor #58812 relax format assertions for fstat() results on Windows (xabbuh)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump symfony/symfony from 5.4.42 to 5.4.47 in /myoos
8df6937 
Bumps [symfony/symfony](https://github.com/symfony/symfony) from 5.4.42 to 5.4.47.
- [Release notes](https://github.com/symfony/symfony/releases)
- [Changelog](https://github.com/symfony/symfony/blob/v5.4.47/CHANGELOG-5.4.md)
- [Commits](symfony/symfony@v5.4.42...v5.4.47)

---
updated-dependencies:
- dependency-name: symfony/symfony
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Nov 13, 2024
@dependabot dependabot bot mentioned this pull request Nov 13, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file php Pull requests that update Php code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants