Skip to content

Bump the php-prod group across 1 directory with 8 updates #447

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the php-prod group across 1 directory with 8 updates #447

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 19, 2025
edited
Loading

Bumps the php-prod group with 7 updates in the / directory:

Package From To
doctrine/annotations 2.0.1 2.0.2
guzzlehttp/guzzle 7.8.1 7.9.2
jms/translation-bundle 2.3.0 2.6.0
mpdf/mpdf 8.2.4 8.2.5
nelmio/security-bundle 3.3.0 3.4.2
twig/extra-bundle 3.13.0 3.20.0
twig/intl-extra 3.13.0 3.20.0

Updates doctrine/annotations from 2.0.1 to 2.0.2

Release notes

Sourced from doctrine/annotations's releases.

2.0.2

Release Notes for 2.0.2

2.0.x bugfix release (patch)

2.0.2

  • Total issues resolved: 0
  • Total pull requests resolved: 2
  • Total contributors: 2

Improvement

Documentation

Changes from Lower Branches

  • This release includes all changes of the 1.14.4 release
Commits

Updates guzzlehttp/guzzle from 7.8.1 to 7.9.2

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.9.2

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

Release 7.9.1

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

Release 7.9.0

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

Release 7.8.2

Added

  • Support for PHP 8.4
Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.9.2 - 2024-07-24

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

7.9.1 - 2024-07-19

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

7.9.0 - 2024-07-18

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

7.8.2 - 2024-07-18

Added

  • Support for PHP 8.4
Commits

Updates jms/translation-bundle from 2.3.0 to 2.6.0

Release notes

Sourced from jms/translation-bundle's releases.

2.6.0

What's Changed

Kudos to @​deguif for his contributions!

Full Changelog: schmittjoh/JMSTranslationBundle@2.5.0...2.6.0

2.5.0

What's Changed

Full Changelog: schmittjoh/JMSTranslationBundle@2.4.0...2.5.0

2.4.0

What's Changed

Full Changelog: schmittjoh/JMSTranslationBundle@2.3.0...2.4.0

Commits
  • 2a51f8a Merge pull request #611 from deguif/remove-twig-legacy-code
  • d465379 Merge pull request #612 from deguif/base-exception-throwable
  • 001aa5e Merge pull request #613 from deguif/gitattributes-update
  • 86d6932 Merge pull request #614 from deguif/phpunit-attributes
  • f3a9d31 feature: use phpunit attributes
  • 356c0d8 refactor: update .gitattributes
  • 6a54f1e feature: make base exception extends throwable
  • ec1a0ac refactor: remove twig trans node backward compatibility
  • 4c7e5de Merge pull request #598 from deguif/remove-legacy-code
  • 444fa3f Merge pull request #609 from deguif/ci-configuration
  • Additional commits viewable in compare view

Updates mpdf/mpdf from 8.2.4 to 8.2.5

Commits

Updates nelmio/security-bundle from 3.3.0 to 3.4.2

Release notes

Sourced from nelmio/security-bundle's releases.

v3.4.2

What's Changed

New Contributors

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.1...v3.4.2

v3.4.1

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.0...v3.4.1

v3.4.0

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.3.0...v3.4.0

Changelog

Sourced from nelmio/security-bundle's changelog.

This CHANGELOG is here for historical reasons only, for newer changelog entries see github releases

Commits
  • 3c47396 Merge pull request #361 from glaubinix/patch-1
  • e0a762a Twig: adjust version check to not dependend on changing VERSION constant
  • 00d275a Merge pull request #359 from pscheit/remove-tag-from-nodes
  • 0625e8f Ignore in phpstan that twig capturenode has a removed parameter tag
  • 7248a89 Fix codestyle on all files
  • 476ab6e dont use trailing commas for older php versions
  • dea9c4d Fix that passing a tag to the twig node is deprecated since twig 3.12
  • de34d69 Merge pull request #354 from martijnc/restore-default-xss-confg
  • 2958114 Merge pull request #355 from martijnc/feature/deprecate-sha256-default
  • 1a35093 Merge branch 'master' into feature/deprecate-sha256-default
  • Additional commits viewable in compare view

Updates twig/extra-bundle from 3.13.0 to 3.20.0

Commits

Updates twig/intl-extra from 3.13.0 to 3.20.0

Commits

Updates twig/twig from 3.14.2 to 3.20.0

Changelog

Sourced from twig/twig's changelog.

3.20.0 (2025-02-13)

  • Fix support for ignoring syntax errors in an undefined handler in guard
  • Add configuration for Commonmark
  • Fix wrong array index
  • Bump minimum PHP version to 8.1
  • Add support for registering callbacks for undefined functions, filters or token parsers in the IntegrationTestCase
  • Use correct line number for ForElseNode
  • Fix timezone conversion on strings

3.19.0 (2025-01-28)

  • Fix a security issue where escaping was missing when using ??
  • Deprecate Token::getType(), use Token::test() instead
  • Add Token::toEnglish()
  • Add ForElseNode
  • Deprecate Twig\ExpressionParser::parseOnlyArguments() and Twig\ExpressionParser::parseArguments() (use Twig\ExpressionParser::parseNamedArguments() instead)
  • Fix constant() behavior when used with ??
  • Add the invoke filter
  • Make {} optional for the types tag
  • Add LastModifiedExtensionInterface and implementation in AbstractExtension to track modification of runtime classes
  • Ignore static properties when using the dot operator

3.18.0 (2024-12-29)

  • Fix unary operator precedence change
  • Ignore SyntaxError exceptions from undefined handlers when using the guard tag
  • Add a way to stream template rendering (TemplateWrapper::stream() and TemplateWrapper::streamBlock())

3.17.1 (2024-12-12)

  • Fix the null coalescing operator when the test returns null
  • Fix the Elvis operator when used as '? :' instead of '?:'
  • Support for invoking closures

3.17.0 (2024-12-10)

  • Fix ArrayAccess with objects as keys
  • Support underscores in number literals
  • Deprecate ConditionalExpression and NullCoalesceExpression (use ConditionalTernary and NullCoalesceBinary instead)

3.16.0 (2024-11-29)

  • Deprecate InlinePrint
  • Fix having macro variables starting with an underscore
  • Deprecate not passing a Source instance to TokenStream
  • Deprecate returning null from TwigFilter::getSafe() and TwigFunction::getSafe(), return [] instead

... (truncated)

Commits
  • 3468920 Prepare the 3.20.0 release
  • e456a31 Update CHANGELOG
  • f1c9039 Fix typo
  • d1737bd Fix CHANGELOG
  • 6508e80 bug #4575 Fix support for ignoring syntax erros in an undefined handler in gu...
  • 3794efe Fix support for ignoring syntax erros in an undefined handler in guard
  • 40a2d5b Add missing CHANGELOG
  • 3cdf26f feature #3737 Added configuration for commonmark use in twig-extra-bundle. (d...
  • fab1a37 bug #4546 Fix timezone conversion on strings (PrinsFrank)
  • f69531f Fix timezone conversion on strings
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Feb 19, 2025
@dependabot dependabot bot force-pushed the dependabot/composer/php-prod-565a195bbf branch 2 times, most recently from a293c9b to d50f07e Compare February 27, 2025 10:51
@phavekes
Copy link
Member

phavekes commented Feb 28, 2025

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/composer/php-prod-565a195bbf branch 2 times, most recently from ce122f8 to b79ce8b Compare March 5, 2025 09:31
@dependabot
Bump the php-prod group across 1 directory with 8 updates
6bea099 
Bumps the php-prod group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [doctrine/annotations](https://github.com/doctrine/annotations) | `2.0.1` | `2.0.2` |
| [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) | `7.8.1` | `7.9.2` |
| [jms/translation-bundle](https://github.com/schmittjoh/JMSTranslationBundle) | `2.3.0` | `2.6.0` |
| [mpdf/mpdf](https://github.com/mpdf/mpdf) | `8.2.4` | `8.2.5` |
| [nelmio/security-bundle](https://github.com/nelmio/NelmioSecurityBundle) | `3.3.0` | `3.4.2` |
| [twig/extra-bundle](https://github.com/twigphp/twig-extra-bundle) | `3.13.0` | `3.20.0` |
| [twig/intl-extra](https://github.com/twigphp/intl-extra) | `3.13.0` | `3.20.0` |



Updates `doctrine/annotations` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/doctrine/annotations/releases)
- [Commits](doctrine/annotations@2.0.1...2.0.2)

Updates `guzzlehttp/guzzle` from 7.8.1 to 7.9.2
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.9/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.8.1...7.9.2)

Updates `jms/translation-bundle` from 2.3.0 to 2.6.0
- [Release notes](https://github.com/schmittjoh/JMSTranslationBundle/releases)
- [Changelog](https://github.com/schmittjoh/JMSTranslationBundle/blob/master/CHANGELOG.md)
- [Commits](schmittjoh/JMSTranslationBundle@2.3.0...2.6.0)

Updates `mpdf/mpdf` from 8.2.4 to 8.2.5
- [Release notes](https://github.com/mpdf/mpdf/releases)
- [Changelog](https://github.com/mpdf/mpdf/blob/development/CHANGELOG.md)
- [Commits](mpdf/mpdf@v8.2.4...v8.2.5)

Updates `nelmio/security-bundle` from 3.3.0 to 3.4.2
- [Release notes](https://github.com/nelmio/NelmioSecurityBundle/releases)
- [Changelog](https://github.com/nelmio/NelmioSecurityBundle/blob/master/CHANGELOG.md)
- [Commits](nelmio/NelmioSecurityBundle@v3.3.0...v3.4.2)

Updates `twig/extra-bundle` from 3.13.0 to 3.20.0
- [Commits](twigphp/twig-extra-bundle@v3.13.0...v3.20.0)

Updates `twig/intl-extra` from 3.13.0 to 3.20.0
- [Commits](twigphp/intl-extra@v3.13.0...v3.20.0)

Updates `twig/twig` from 3.14.2 to 3.20.0
- [Changelog](https://github.com/twigphp/Twig/blob/3.x/CHANGELOG)
- [Commits](twigphp/Twig@v3.14.2...v3.20.0)

---
updated-dependencies:
- dependency-name: doctrine/annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: php-prod
- dependency-name: guzzlehttp/guzzle
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: jms/translation-bundle
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: mpdf/mpdf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: php-prod
- dependency-name: nelmio/security-bundle
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/extra-bundle
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/intl-extra
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/twig
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/composer/php-prod-565a195bbf branch from b79ce8b to 6bea099 Compare March 7, 2025 10:59
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 17, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 17, 2025
@dependabot dependabot bot deleted the dependabot/composer/php-prod-565a195bbf branch April 17, 2025 11:19
@github-project-automation github-project-automation bot moved this from Backlog to Delivered in PHP development Apr 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

PHP development
Status: Delivered

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@phavekes