Skip to content

Bump the php-prod group across 1 directory with 9 updates #468

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the php-prod group across 1 directory with 9 updates #468

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 17, 2025
edited
Loading

Bumps the php-prod group with 8 updates in the / directory:

Package From To
doctrine/annotations 2.0.1 2.0.2
guzzlehttp/guzzle 7.8.1 7.9.3
jms/translation-bundle 2.3.0 2.6.0
mpdf/mpdf 8.2.4 8.2.5
nelmio/security-bundle 3.3.0 3.5.1
surfnet/stepup-middleware-client-bundle 5.1.0 5.2.0
twig/extra-bundle 3.13.0 3.20.0
twig/intl-extra 3.13.0 3.20.0

Updates doctrine/annotations from 2.0.1 to 2.0.2

Release notes

Sourced from doctrine/annotations's releases.

2.0.2

Release Notes for 2.0.2

2.0.x bugfix release (patch)

2.0.2

  • Total issues resolved: 0
  • Total pull requests resolved: 2
  • Total contributors: 2

Improvement

Documentation

Changes from Lower Branches

  • This release includes all changes of the 1.14.4 release
Commits

Updates guzzlehttp/guzzle from 7.8.1 to 7.9.3

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.9.3

Changed

  • Remove explicit content-length header for GET requests
  • Improve compatibility with bad servers for boolean cookie values

Release 7.9.2

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

Release 7.9.1

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

Release 7.9.0

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

Release 7.8.2

Added

  • Support for PHP 8.4
Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.9.3 - 2025-03-27

Changed

  • Remove explicit content-length header for GET requests
  • Improve compatibility with bad servers for boolean cookie values

7.9.2 - 2024-07-24

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

7.9.1 - 2024-07-19

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

7.9.0 - 2024-07-18

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

7.8.2 - 2024-07-18

Added

  • Support for PHP 8.4
Commits

Updates jms/translation-bundle from 2.3.0 to 2.6.0

Release notes

Sourced from jms/translation-bundle's releases.

2.6.0

What's Changed

Kudos to @​deguif for his contributions!

Full Changelog: schmittjoh/JMSTranslationBundle@2.5.0...2.6.0

2.5.0

What's Changed

Full Changelog: schmittjoh/JMSTranslationBundle@2.4.0...2.5.0

2.4.0

What's Changed

Full Changelog: schmittjoh/JMSTranslationBundle@2.3.0...2.4.0

Commits
  • 2a51f8a Merge pull request #611 from deguif/remove-twig-legacy-code
  • d465379 Merge pull request #612 from deguif/base-exception-throwable
  • 001aa5e Merge pull request #613 from deguif/gitattributes-update
  • 86d6932 Merge pull request #614 from deguif/phpunit-attributes
  • f3a9d31 feature: use phpunit attributes
  • 356c0d8 refactor: update .gitattributes
  • 6a54f1e feature: make base exception extends throwable
  • ec1a0ac refactor: remove twig trans node backward compatibility
  • 4c7e5de Merge pull request #598 from deguif/remove-legacy-code
  • 444fa3f Merge pull request #609 from deguif/ci-configuration
  • Additional commits viewable in compare view

Updates mpdf/mpdf from 8.2.4 to 8.2.5

Commits

Updates nelmio/security-bundle from 3.3.0 to 3.5.1

Release notes

Sourced from nelmio/security-bundle's releases.

v3.5.1

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.5.0...v3.5.1

v3.5.0

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.2...v3.5.0

v3.4.2

What's Changed

New Contributors

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.1...v3.4.2

v3.4.1

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.0...v3.4.1

v3.4.0

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.3.0...v3.4.0

Changelog

Sourced from nelmio/security-bundle's changelog.

This CHANGELOG is here for historical reasons only, for newer changelog entries see github releases

Commits

Updates surfnet/stepup-middleware-client-bundle from 5.1.0 to 5.2.0

Commits
  • 3301e98 Merge pull request #99 from OpenConext/bugfix/add-missing-assert-self-vetting...
  • 472ffa8 Add missing self vetting token endpoint
  • e536b2f Update readme (#98)
  • See full diff in compare view

Updates twig/extra-bundle from 3.13.0 to 3.20.0

Commits

Updates twig/intl-extra from 3.13.0 to 3.20.0

Commits

Updates twig/twig from 3.14.2 to 3.20.0

Changelog

Sourced from twig/twig's changelog.

3.20.0 (2025-02-13)

  • Fix support for ignoring syntax errors in an undefined handler in guard
  • Add configuration for Commonmark
  • Fix wrong array index
  • Bump minimum PHP version to 8.1
  • Add support for registering callbacks for undefined functions, filters or token parsers in the IntegrationTestCase
  • Use correct line number for ForElseNode
  • Fix timezone conversion on strings

3.19.0 (2025-01-28)

  • Fix a security issue where escaping was missing when using ??
  • Deprecate Token::getType(), use Token::test() instead
  • Add Token::toEnglish()
  • Add ForElseNode
  • Deprecate Twig\ExpressionParser::parseOnlyArguments() and Twig\ExpressionParser::parseArguments() (use Twig\ExpressionParser::parseNamedArguments() instead)
  • Fix constant() behavior when used with ??
  • Add the invoke filter
  • Make {} optional for the types tag
  • Add LastModifiedExtensionInterface and implementation in AbstractExtension to track modification of runtime classes
  • Ignore static properties when using the dot operator

3.18.0 (2024-12-29)

  • Fix unary operator precedence change
  • Ignore SyntaxError exceptions from undefined handlers when using the guard tag
  • Add a way to stream template rendering (TemplateWrapper::stream() and TemplateWrapper::streamBlock())

3.17.1 (2024-12-12)

  • Fix the null coalescing operator when the test returns null
  • Fix the Elvis operator when used as '? :' instead of '?:'
  • Support for invoking closures

3.17.0 (2024-12-10)

  • Fix ArrayAccess with objects as keys
  • Support underscores in number literals
  • Deprecate ConditionalExpression and NullCoalesceExpression (use ConditionalTernary and NullCoalesceBinary instead)

3.16.0 (2024-11-29)

  • Deprecate InlinePrint
  • Fix having macro variables starting with an underscore
  • Deprecate not passing a Source instance to TokenStream
  • Deprecate returning null from TwigFilter::getSafe() and TwigFunction::getSafe(), return [] instead

... (truncated)

Commits
  • 3468920 Prepare the 3.20.0 release
  • e456a31 Update CHANGELOG
  • f1c9039 Fix typo
  • d1737bd Fix CHANGELOG
  • 6508e80 bug #4575 Fix support for ignoring syntax erros in an undefined handler in gu...
  • 3794efe Fix support for ignoring syntax erros in an undefined handler in guard
  • 40a2d5b Add missing CHANGELOG
  • 3cdf26f feature #3737 Added configuration for commonmark use in twig-extra-bundle. (d...
  • fab1a37 bug #4546 Fix timezone conversion on strings (PrinsFrank)
  • f69531f Fix timezone conversion on strings
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Apr 17, 2025
@dependabot dependabot bot force-pushed the dependabot/composer/php-prod-4f66e4cc73 branch from b01c8a4 to 05acf56 Compare May 28, 2025 10:51
@dependabot
Bump the php-prod group across 1 directory with 9 updates
706ff15 
Bumps the php-prod group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [doctrine/annotations](https://github.com/doctrine/annotations) | `2.0.1` | `2.0.2` |
| [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) | `7.8.1` | `7.9.3` |
| [jms/translation-bundle](https://github.com/schmittjoh/JMSTranslationBundle) | `2.3.0` | `2.6.0` |
| [mpdf/mpdf](https://github.com/mpdf/mpdf) | `8.2.4` | `8.2.5` |
| [nelmio/security-bundle](https://github.com/nelmio/NelmioSecurityBundle) | `3.3.0` | `3.5.1` |
| [surfnet/stepup-middleware-client-bundle](https://github.com/OpenConext/Stepup-Middleware-clientbundle) | `5.1.0` | `5.2.0` |
| [twig/extra-bundle](https://github.com/twigphp/twig-extra-bundle) | `3.13.0` | `3.20.0` |
| [twig/intl-extra](https://github.com/twigphp/intl-extra) | `3.13.0` | `3.20.0` |



Updates `doctrine/annotations` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/doctrine/annotations/releases)
- [Commits](doctrine/annotations@2.0.1...2.0.2)

Updates `guzzlehttp/guzzle` from 7.8.1 to 7.9.3
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.9/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.8.1...7.9.3)

Updates `jms/translation-bundle` from 2.3.0 to 2.6.0
- [Release notes](https://github.com/schmittjoh/JMSTranslationBundle/releases)
- [Changelog](https://github.com/schmittjoh/JMSTranslationBundle/blob/master/CHANGELOG.md)
- [Commits](schmittjoh/JMSTranslationBundle@2.3.0...2.6.0)

Updates `mpdf/mpdf` from 8.2.4 to 8.2.5
- [Release notes](https://github.com/mpdf/mpdf/releases)
- [Changelog](https://github.com/mpdf/mpdf/blob/development/CHANGELOG.md)
- [Commits](mpdf/mpdf@v8.2.4...v8.2.5)

Updates `nelmio/security-bundle` from 3.3.0 to 3.5.1
- [Release notes](https://github.com/nelmio/NelmioSecurityBundle/releases)
- [Changelog](https://github.com/nelmio/NelmioSecurityBundle/blob/master/CHANGELOG.md)
- [Commits](nelmio/NelmioSecurityBundle@v3.3.0...v3.5.1)

Updates `surfnet/stepup-middleware-client-bundle` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/OpenConext/Stepup-Middleware-clientbundle/releases)
- [Changelog](https://github.com/OpenConext/Stepup-Middleware-clientbundle/blob/main/CHANGELOG.md)
- [Commits](OpenConext/Stepup-Middleware-clientbundle@5.1.0...5.2.0)

Updates `twig/extra-bundle` from 3.13.0 to 3.20.0
- [Commits](twigphp/twig-extra-bundle@v3.13.0...v3.20.0)

Updates `twig/intl-extra` from 3.13.0 to 3.20.0
- [Commits](twigphp/intl-extra@v3.13.0...v3.20.0)

Updates `twig/twig` from 3.14.2 to 3.20.0
- [Changelog](https://github.com/twigphp/Twig/blob/3.x/CHANGELOG)
- [Commits](twigphp/Twig@v3.14.2...v3.20.0)

---
updated-dependencies:
- dependency-name: doctrine/annotations
  dependency-version: 2.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: php-prod
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.9.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: jms/translation-bundle
  dependency-version: 2.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: mpdf/mpdf
  dependency-version: 8.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: php-prod
- dependency-name: nelmio/security-bundle
  dependency-version: 3.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: surfnet/stepup-middleware-client-bundle
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/extra-bundle
  dependency-version: 3.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/intl-extra
  dependency-version: 3.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/twig
  dependency-version: 3.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/composer/php-prod-4f66e4cc73 branch from 05acf56 to 706ff15 Compare May 29, 2025 10:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@johanib johanib

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@johanib