🚨 [security] [server] Update symfony/http-kernel: 4.2.2 → 4.4.50 (minor) #17
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Welcome to Depfu 👋
This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.
After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.
Let us know if you have any questions. Thanks so much for giving Depfu a try!
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
Security Advisories 🚨
🚨 Symfony storing cookie headers in HttpCache
🚨 Non-constant time comparison in UriSigner
🚨 Non-constant time comparison in UriSigner
🚨 RCE in Symfony
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by 75 commits:
Add composer cache
Cleanup composer dependencies
Add github workflow
Apply new code standards to projects
update phpstan key
Merge pull request #24 from GrahamCampbell/patch-1
Update .travis.yml
Teston PHP 7.3 and 7.4
Merge pull request #19 from ashnazg/ci
phpstan fix
lowest dependency versions that pass tests
better parallelize build stages
Merge pull request #18 from voyula/patch-1
Update composer.json
Merge pull request #17 from ashnazg/ci
use ecs v3.x
Merge pull request #16 from ashnazg/reflection-needs
update appveyor config format
look for php tarball in archive
Revert "update PHP versions on appveyor"
update PHP versions on appveyor
skip ecs until I can get its usage updated
remove string typehint for Reflection's sake (cannot use phpunit while this typehint exists)
bump php versions
additional return types;
add arg typehint
update deps; add branch-alias for better dep resolution by composer
see if looser phpunit v6 works on travis
Merge pull request #15 from ashnazg/shield
shield url to packagist must match composer package name of reflection-common
Merge pull request #14 from ashnazg/php7
update copyright, license blurb, and remove php version from docblocks;
Merge pull request #13 from ashnazg/strict
ecs --fix
add strict typing
Merge pull request #12 from ashnazg/ci
use --dev phpunit
try installing phpunit separately
stick with phpunit in require-dev, for IDE use and to lessen complications with reflection-* deps
do not use phpunit.phar against a package that is itself in that phar
adjust phpunit for coverage
track phive.xml
fix phive coveralls
use phive-installed phpunit for test stage
install phive for all stages
use travis_retry on occasional error points
cache phive
adjust phive usage
specify no coverage for test stage; need composer-installed phpunit to properly generate coverage
use preinstalled phpunit; don't show phive download progress;
avoid key prompt
php list must be global; test stage not working like expected
try out phive for phars
just use composer for phpunit in the coverage phase, to work around phpunit.phar not producing coverage correctly
phpunit phar not generating coverage correctly... try composer
fix phpunit phar download
use phar in appveyor
fix name of coveralls phar
go with coveralls 2.0
try php-coveralls version
see if newer coveralls will work
do the phar fetching as before_script, so that its failure is build Error rather than Failure
get phpunit phar only when needed by stage
switch dev deps to using phars instead, to avoid installation dep issues
remove duplicated checker
composer update
ignore ecs
ecs fixes
Merge pull request #11 from ashnazg/ci
no coverage for phpunit here
use shields for badges
coveralls cfg not needed
add phpstan
update ci cfg
bump to 7.1
Commits
See the full diff on Github. The new version differs by 33 commits:
Merge pull request #196 from GrahamCampbell/patch-1
Update .travis.yml
Merge pull request #195 from GrahamCampbell/patch-1
Removed bad line
Revert "Install phpunit's phar using phive"
Revert "Update travis to use phive"
Revert "Installing phive dependencies should be non-interactive"
Installing phive dependencies should be non-interactive
Update travis to use phive
Install phpunit's phar using phive
Fixed code style
Travis fixes
Actually fixed the tests
Dropped composer cache
Updated deps
Add required interface to example tag
Add braces support to Property, Property-Read, Property-Write and Var
Support braces in types for `@param`
Move type extraction to base class and re-use in Throws
Add extra tests to check for multibyte behaviour
Support braces in types for @return
Fix invalid unittest
Fixed @method annotations with an empty argument list and description
Add fast finish to travis
Test on PHP 7.4
Merge pull request #178 from alexander-schranz/enhancement/update-type-resolver
Set version for coding standard check
Fix test for php 7.0
Add appveyor script
Test agains neweset dependencies
Update type resolver usage
added test for generic tag to parse description with `0` as expected
fixed generic tag to parse description with `0` as expected
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
1.1.4
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 23 commits:
Merge pull request #74 from Jeckerson/master
Make type of 2nd argument `context` compliant with LoggerInterface
Revert "Clarify type of 2nd argument `context`"
Clarify type of 2nd argument `context`
Merge pull request #73 from varfrog/patch-1
Fix the phpdoc of LoggerAwareTrait::$logger
Merge pull request #71 from J0WI/patch-1
Update url to HTTPS
Merge pull request #70 from greg0ire/better-typehints
Be explicit about mixed context elements
Use PSR-4 for all classes (#69)
Create .gitattributes (#67)
Add "exception"-context array key to docs
Merge pull request #66 from WyriHaximus-labs/extract-DummyTest-into-its-own-file-and-return-empty-string-from-___toString
Return string from DummyTest::__toString
Merge pull request #55 from DQNEO/namespaced-phpunit
Remove alias as PHPUnit 4.8.35+ ships with it which is supporting PHP 5.3
Merge pull request #63 from ArturGoldyn/patch-1
Merge pull request #51 from Fleshgrinder/throws-annoation
Remove redundant leading backslashes
Update TestLogger.php
Merge pull request #58 from lyrixx/patch-1
Bump version to `1.1.x-dev`
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Commits
See the full diff on Github. The new version differs by 2 commits:
Fix CS
CS fixes
Commits
See the full diff on Github. The new version differs by 24 commits:
Prepare for v1.27
Update changelog
Update CHANGELOG.md
Indicates that polyfills provides corresponding extensions
[GHA] Add PHP 8.1
Update CHANGELOG and branch-alias
Add polyfill-php81
Update and apply CS rules
Verify the signature of polyfills on PHP >= 8
Drop polyfills for PHP <= 7.1 from the metapackage
Bump minimum PHP version to 7.1
Fix the name of arguments for PHP 8
Update branch-alias for main + v1.19
Update CHANGELOG and branch-alias
Add missing "extra.thanks" entries in composer.json
Bump for 1.17.0
Add separate checks for all polyfilled functions and constants
Bumped branch alias
Bump branch-alias
PHP 8.0 - add fdiv() function polyfill
[Uuid] Added the polyfill
bump branch-alias and update changelog
Added missing polyfill for JsonException
Update year in license file
Commits
See the full diff on Github. The new version differs by 47 commits:
Prepare for v1.27
CS fix
Update changelog
Update CHANGELOG.md
Passing null to preg_split() throws deprecation on PHP 8.1
Passing null to strpos() throws deprecation on PHP 8.1
Indicates that polyfills provides corresponding extensions
[Mbstring] fix throwing from mb_substitute_character on PHP >= 8
Fixed `grapheme_str(r)ipos()`
Update to Unicode 13
Various fixes
[mbstring] add return value to mb_parse_str (#351)
minor #349 Use fully-qualified iconv calls in the mbstring polyfill (stof)
Use fully-qualified iconv calls in the mbstring polyfill
Update CHANGELOG and branch-alias
Always accept null values on PHP 8
Add polyfill-php81
Update and apply CS rules
Adjust mbstring polyfill for PHP 8
Verify the signature of polyfills on PHP >= 8
Drop polyfills for PHP <= 7.1 from the metapackage
Bump minimum PHP version to 7.1
Fix the name of arguments for PHP 8
Update branch-alias for main + v1.19
Fix php8 error passing too many arguments to strrchr
Update CHANGELOG and branch-alias
Add missing "extra.thanks" entries in composer.json
Bump unicode data
Fix declaring extra constants when `intl` is loaded
Bump for 1.17.0
Add separate checks for all polyfilled functions and constants
Bumped branch alias
Fix support for preloading
Bump branch-alias
Add link in intl idn readme
PHP 8.0 - add fdiv() function polyfill
[Mbstring] fix `mb_str_split()` ignoring new-line characters
minor #199 Optimization of mb_str_split (kamil-tekiela)
Optimization of mb_str_split
[Uuid] Added the polyfill
[Mbstring] fix mb_strrpos with negative offset
bump branch-alias and update changelog
feature #181 add new PHP 7.4 functions (IonBazan)
add new PHP 7.4 functions
[Mbstring ] fix mb_substr return type
Added missing polyfill for JsonException
Update year in license file
Commits
See the full diff on Github. The new version differs by 30 commits:
Prepare for v1.27
CS fix
Update changelog
Update CHANGELOG.md
update Php72 README about mbstring functions
Various fixes
Update CHANGELOG and branch-alias
Add polyfill-php81
Update and apply CS rules
Drop polyfills for PHP <= 7.1 from the metapackage
Bump minimum PHP version to 7.1
Fix the name of arguments for PHP 8
Update branch-alias for main + v1.19
Fix null comparison
Update CHANGELOG and branch-alias
Add missing "extra.thanks" entries in composer.json
Fix declaring extra constants when `intl` is loaded
Bump for 1.17.0
fix a minor typo
Add polyfill for `PHP_FLOAT_*` constants
Add separate checks for all polyfilled functions and constants
Bumped branch alias
Fix the polyfill for spl_object_id()
Bump branch-alias
Add link in intl idn readme
PHP 8.0 - add fdiv() function polyfill
[Uuid] Added the polyfill
bump branch-alias and update changelog
Added missing polyfill for JsonException
Update year in license file
Commits
See the full diff on Github. The new version differs by 75 commits:
Merge pull request #209 from GrahamCampbell/patch-1
Release 1.9.1
Merge pull request #207 from Ayesh/php8
composer.json: Allow PHP 8
Fix `method_exist()` calls throwing `\TypeError` exceptions on non-string|object
Fix typo in CHANGELOG (#206)
Prepare release 1.9.0 (#204)
Update CHANGELOG.md
Fix pslam capitalization
Update CHANGELOG.md
Prepare release 1.9.0
Add phpstan conflict (#203)
NullOr/all assertions implementation (#126)
Added missing @psalm-pure (#189)
Led an assertion errors to a uniform standard (#196)
Add @psalm-assert and @psalm-pure to Assert::classExists (#186)
Doc changes (#187)
Prep 1.8.0 release (#184)
Add `inArray`, and make `oneOf` an alias of it (#174)
Update the changelog for unreleased features (#181)
Feature: Add notStartsWith() & notEndsWith() (#147) (#175)
Assert::count(): also sprintf $message var (#179)
Convert DateTime to string value (#176)
Added type assertions for multiple methods not covered by existing `@psalm-assert` functionality (#160)
Prepare 1.7.0 release (#172)
Added isAOf(), isAOfAny(), notAOf() (#106)
increase psalm to latest version to allow `non-empty-list` in `@psalm… (#170)
Don't allow HHVM to fail anymore (#162)
Add `notFalse` (#164)
Fix typos in README.md (#163)
Update link to https (#159)
Use php 7.4 instead of the snapshot version (#157)
Update appveyor to php 7.4 (#158)
Update changelog for 1.6.0 (#156)
Improve the error messages on auto review tests (#155)
Add non empty assertions for list and map (#153)
Revert a BC break on filer_var based assertions (#154)
Fix: allow empty maps and lists (#152)
Add has static analysis test (#149)
Remove side effect psalm assert from stringNotEmpty (#150)
Add more psalm assertions (#143)
Remove unneeded psalm asserts (#146)
Remove psalm-assert for `oneOf` (#144)
added coverage badge to readme (#139)
fixes parametername in docblock (#142)
SimpeXML and ResourceBundle are also 'countable'. (#141)
Add validArrayKey assertion (#140)
Add an auto review test for the annotations (#133)
fixed starts with letter (#138)
Add check for #81 (#137)
Docblock fixes (#136)
Test argument really is a string before doing a filter_var. (#135)
Alpha improvement (#134)
Add throws tag to doc (#130)
Remove branch alias (#131)
Add an extending assert section to the readme (#120)
Use correct headers for changelog (#123)
Update changelog for 1.5.0 (#122)
Add annotations (#118)
Prefix all function calls with a \ (#114)
Add email assertion (#113)
Add "unicodeLetters" assertion for Unicode letters (#112)
Use trusty dist for php 5.4 and 5.5 (#117)
Fix nightly builds (#111)
Fix endsWith for multibyte suffix (#79)
Test against 3.x version of hhvm (#109)
Fix strlen for fullwidth characters (#78)
Add an editorconfig (#107)
Add some more test cases (#108)
Update CI (#103)
Update phpunit configuration (#104)
Add deprecated tag to isTraversable (#105)
Improve arguments name. (#100)
Assert::uniqueValues($values, $message = '') (#93)
Updated readme (#92)
🆕 symfony/error-handler (added, 4.4.44)
🆕 symfony/event-dispatcher-contracts (added, 1.1.13)
🆕 symfony/http-client-contracts (added, 1.1.13)
🆕 symfony/mime (added, 4.4.47)
🆕 symfony/polyfill-intl-idn (added, 1.27.0)
🆕 symfony/polyfill-intl-normalizer (added, 1.27.0)
🆕 symfony/polyfill-php73 (added, 1.27.0)
🆕 symfony/polyfill-php80 (added, 1.27.0)
🗑️ laravel/envoy (removed)
🗑️ nategood/httpful (removed)
👉 No CI detected
You don't seem to have any Continuous Integration service set up!
Without a service that will test the Depfu branches and pull requests, we can't inform you if incoming updates actually work with your app. We think that this degrades the service we're trying to provide down to a point where it is more or less meaningless.
This is fine if you just want to give Depfu a quick try. If you want to really let Depfu help you keep your app up-to-date, we recommend setting up a CI system:
depfu/
.Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands