Skip to content

🚨 [Conductor] Security update symfony/http-foundation to v5.4.48 #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

🚨 [Conductor] Security update symfony/http-foundation to v5.4.48 #6

wants to merge 1 commit into from

Conversation

private-packagist[bot]
Copy link

This PR was automatically generated by Conductor.

The PR contains the changes generated by running the following command:

composer update --with-all-dependencies --minimal-changes symfony/http-foundation:v5.4.48

Changelog

symfony/http-foundation (Source: GitHub Releases))

v5.4.48

Changelog (v5.4.47...v5.4.48)

v5.4.46

Changelog (v5.4.45...v5.4.46)

v5.4.45

Changelog (v5.4.44...v5.4.45)

v5.4.44

Changelog (v5.4.43...v5.4.44)

v5.4.42

Changelog (v5.4.41...v5.4.42)

v5.4.40

Changelog (v5.4.39...v5.4.40)

v5.4.39

Changelog (v5.4.38...v5.4.39)

v5.4.38

Changelog (v5.4.37...v5.4.38)

  • no significant changes

v5.4.35

Changelog (v5.4.34...v5.4.35)

  • bug symfony/symfony#53432 [HttpFoundation] Request without content-type or content-length header should result in null values, not empty strings (@​priyadi)

v5.4.34

Changelog (v5.4.33...v5.4.34)

  • no significant changes

v5.4.32

Changelog (v5.4.31...v5.4.32)

v5.4.31

Changelog (v5.4.30...v5.4.31)

v5.4.30

Changelog (v5.4.29...v5.4.30)

  • no significant changes

v5.4.28

Changelog (v5.4.27...v5.4.28)

v5.4.26

Changelog (v5.4.25...v5.4.26)

v5.4.25

Changelog (v5.4.24...v5.4.25)

v5.4.24

Changelog (v5.4.23...v5.4.24)

v5.4.23

Changelog (v5.4.22...v5.4.23)

  • bug #48972 Fix memory limit problems in BinaryFileResponse (glady)

v5.4.22

Changelog (v5.4.21...v5.4.22)

  • bug #49758 Use separate caches for IpUtils checkIp4 and checkIp6 (danielburger1337)
  • bug #49745 Fix wiring session.handler when handler_id is null (nicolas-grekas)

v5.4.21

Changelog (v5.4.20...v5.4.21)

  • bug #48880 getMaxAge() returns non-negative integer (pkruithof, fabpot)

v5.4.20

Changelog (v5.4.19...v5.4.20)

  • bug #49141 Fix bad return type in IpUtils::checkIp4() (tristankretzer)

v5.4.19

Changelog (v5.4.18...v5.4.19)

  • no significant changes

v5.4.17

Changelog (v5.4.16...v5.4.17)

  • bug #48635 Use relative timestamps with MemcachedSessionHandler (tvlooy)
  • bug #48628 Fix dumping array cookies (nicolas-grekas)
  • bug #48421 IPv4-mapped IPv6 addresses incorrectly rejected (bonroyage)

v5.4.16

Changelog (v5.4.15...v5.4.16)

  • bug #48112 Compare cookie with null value as empty string in ResponseCookieValueSame (fancyweb)
  • bug #48050 Check IPv6 is valid before comparing it (PhilETaylor)

v5.4.15

Changelog (v5.4.14...v5.4.15)

  • no significant changes

v5.4.14

Changelog (v5.4.13...v5.4.14)

  • bug #47746 Fix BinaryFileResponse content type detection logic (X-Coder264)

v5.4.13

Changelog (v5.4.12...v5.4.13)

  • bug #47516 Prevent BinaryFileResponse::prepare from adding content type if no content is sent (naitsirch)
  • bug #47530 Always return strings from accept headers (ausi)
  • bug #47434 move flushing outside of Response::closeOutputBuffers (nicolas-grekas)

v5.4.12

Changelog (v5.4.11...v5.4.12)

  • bug #47283 Prevent accepted rate limits with no remaining token to be preferred over denied ones (MatTheCat)
  • bug #47273 Do not send Set-Cookie header twice for deleted session cookie (X-Coder264)
  • bug #47130 Fix invalid ID not regenerated with native PHP file sessions (BrokenSourceCode)

v5.4.11

Changelog (v5.4.10...v5.4.11)

  • bug #46931 Flush backend output buffer after closing. (bradjones1)
  • bug #42033 Fix deleteFileAfterSend on client abortion (nerg4l)
  • bug #46790 Prevent PHP Warning: Session ID is too long or contains illegal characters (BrokenSourceCode)
  • bug #46808 Fix TypeError on null $_SESSION in NativeSessionStorage::save() (chalasr)

v5.4.10

Changelog (v5.4.9...v5.4.10)

  • bug #46678 Update "[Session] Overwrite invalid session id" to only validate when files session storage is used (alexpott)
  • bug #46676 Extend type guessing on enum fields (Gigino Chianese)

v5.4.9

Changelog (v5.4.8...v5.4.9)

  • bug #46249 Regenerate invalid session id (peter17)

v5.4.8

Changelog (v5.4.7...v5.4.8)

  • no significant changes

v5.4.6

Changelog (v5.4.5...v5.4.6)

  • bug #45631 Fix PHP 8.1 deprecation in Response::isNotModified (HypeMC)

v5.4.5

Changelog (v5.4.4...v5.4.5)

  • bug #45495 Fix missing ReturnTypeWillChange attributes (luxemate)
  • bug #45281 Fix connecting to Redis via a socket file (alebedev80)

v5.4.3

Changelog (v5.4.2...v5.4.3)

  • no significant changes

v5.4.2

Changelog (v5.4.1...v5.4.2)

  • bug #44759 Fix notice when HTTP_PHP_AUTH_USER passed without pass (Vitali Tsyrkin)

v5.4.1

Changelog (v5.4.0...v5.4.1)

  • bug #44502 do not call preg_match() on null (xabbuh)
  • bug #44378 fix SessionHandlerFactory using connections (dmaicher)

v5.4.0

Changelog (v5.4.0-RC1...v5.4.0)

  • no significant changes

v5.4.0-RC1

Changelog (v5.4.0-BETA3...v5.4.0-RC1)

  • no significant changes

v5.4.0-BETA1

Changelog (v5.3.10...v5.4.0-BETA1)

  • feature #42471 Add generic types to traversable implementations (derrabus)
  • feature #43671 add ResponseIsUnprocessable (garak)
  • feature #41268 Allow setting session options via DSN (makraz)
  • feature #43411 Deprecate passing null as $requestIp in IpUtils (W0rma)
  • feature #43378 Deprecate upload_progress.* and url_rewriter.tags session options (Matthew Covey)
  • feature #43017 Map multipart/form-data as form Content-Type (keichinger)
  • feature #42957 remove @​experimental flag (nicolas-grekas)
  • feature #42900 Add a flag to hasSession to distinguished session from factory (jderusse)
  • feature #41390 Add session cookie handling in cli context (alexander-schranz, Nyholm)
  • feature #42332 Add litespeed_finish_request to Response (thomas2411)
  • feature #42392 Mark Request::get() internal (ro0NL)
  • feature #42286 Add SessionFactoryInterface (kbond)

v5.3.14

Changelog (v5.3.13...v5.3.14)

  • no significant changes

v5.3.13

Changelog (v5.3.12...v5.3.13)

  • bug #44759 Fix notice when HTTP_PHP_AUTH_USER passed without pass (Vitali Tsyrkin)
  • bug #44502 do not call preg_match() on null (xabbuh)

v5.3.11

Changelog (v5.3.10...v5.3.11)

  • no significant changes

v5.3.10

Changelog (v5.3.9...v5.3.10)

  • no significant changes

v5.3.7

Changelog (v5.3.6...v5.3.7)

  • bug #42753 Cast ini_get to an integer to match expected type (natewiebe13)
  • bug #42380 Don't pass null to strpos() (derrabus)
  • bug #42260 Fix return types for PHP 8.1 (derrabus)

v5.3.6

Changelog (v5.3.5...v5.3.6)

  • bug #42289 Fixed type mismatch (Toflar)

v5.3.4

Changelog (v5.3.3...v5.3.4)

  • bug #42112 fix FileBag under PHP 8.1 (alexpott)
  • bug #42114 Fix return types of SessionHandler::gc() (derrabus)
  • bug #41384 Fix SkippedTestSuite (jderusse)

v5.3.3

Changelog (v5.3.2...v5.3.3)

  • bug #41670 allow savePath of NativeFileSessionHandler to be null (simon.chrzanowski)

v5.3.2

Changelog (v5.3.1...v5.3.2)

  • no significant changes

v5.3.1

Changelog (v5.3.0...v5.3.1)

  • bug #41495 Add ReturnTypeWillChange to SessionHandlers (nikic)

v5.3.0

Changelog (v5.3.0-RC1...v5.3.0)

  • no significant changes

v5.3.0-RC1

Changelog (v5.3.0-BETA4...v5.3.0-RC1)

  • no significant changes

v5.3.0-BETA3

Changelog (v5.3.0-BETA2...v5.3.0-BETA3)

  • no significant changes

v5.3.0-BETA2

Changelog (v5.3.0-BETA1...v5.3.0-BETA2)

  • bug #40964 Fixes for PHP 8.1 deprecations (jrmajor)

v5.2.14

Changelog (v5.2.13...v5.2.14)

  • bug #42289 Fixed type mismatch (Toflar)

v5.2.12

Changelog (v5.2.11...v5.2.12)

  • bug #42112 fix FileBag under PHP 8.1 (alexpott)
  • bug #42114 Fix return types of SessionHandler::gc() (derrabus)
  • bug #41384 Fix SkippedTestSuite (jderusse)

v5.2.11

Changelog (v5.2.10...v5.2.11)

  • bug #41670 allow savePath of NativeFileSessionHandler to be null (simon.chrzanowski)
  • bug #41495 Add ReturnTypeWillChange to SessionHandlers (nikic)

v5.2.10

Changelog (v5.2.9...v5.2.10)

  • no significant changes

v5.2.8

Changelog (v5.2.7...v5.2.8)

  • no significant changes

v5.2.7

Changelog (v5.2.6...v5.2.7)

  • bug #40964 Fixes for PHP 8.1 deprecations (jrmajor)
  • bug #40807 RequestMatcher issue when _controller is a closure (Plopix)
  • bug #40610 Fixed bugs found by psalm (Nyholm)

v5.2.4

Changelog (v5.2.3...v5.2.4)

  • bug #40231 Configure session.cookie_secure earlier (tamcy)
  • bug #40188 Fix PHP 8.1 null values (kylekatarnls)
  • bug #40043 Setting REQUEST_TIME_FLOAT when constructing a Request object (ctasada)

v5.2.3

Changelog (v5.2.2...v5.2.3)

  • no changes

v5.2.2

Changelog (v5.2.1...v5.2.2)

  • bug #39633 Drop int return type from parseFilesize() (LukeTowers)
  • bug #39886 Revert #38614 and add assert to avoid regressions (BafS)
  • bug #39816 use atomic writes in MockFileSessionStorage (nicolas-grekas)
  • bug #39681 parse cookie values containing the equal sign (xabbuh)

v5.2.1

Changelog (v5.2.0...v5.2.1)

  • bug #39550 keep turning dots to underscores when using Request::create() (nicolas-grekas)
  • bug #39298 Fixed incorrect usage of UNLINK with PHPRedis with Redis < 4.0 (wickex)
  • bug #39271 Fix TypeError: Argument 1 passed to JsonResponse::setJson() must be of the type string, object given (sidz)
  • bug #39358 fix parsing some special chars with HeaderUtils::parseQuery() (nicolas-grekas)

v5.2.0

Changelog (v5.2.0-RC2...v5.2.0)

  • feature #39128 Deprecate BinaryFileResponse::create() (derrabus)

v5.2.0-RC2

Changelog (v5.2.0-RC1...v5.2.0-RC2)

  • bug #38614 Fix for virtualhosts based on URL path (mvorisek)

v5.2.0-RC1

Changelog (v5.2.0-BETA3...v5.2.0-RC1)

  • feature #38954 Deprecate the HEADER_X_FORWARDED_ALL constant (jderusse)
  • feature #38859 Deprecate not passing a Closure together with FILTER_CALLBACK to ParameterBag::filter() (nicolas-grekas)
  • bug #38894 Remove Symfony 3 compatibility code (derrabus)

v5.1.11

Changelog (v5.1.10...v5.1.11)

  • bug #39633 Drop int return type from parseFilesize() (LukeTowers)
  • bug #39886 Revert #38614 and add assert to avoid regressions (BafS)
  • bug #39816 use atomic writes in MockFileSessionStorage (nicolas-grekas)
  • bug #39681 parse cookie values containing the equal sign (xabbuh)

v5.1.10

Changelog (v5.1.9...v5.1.10)

  • bug #39271 Fix TypeError: Argument 1 passed to JsonResponse::setJson() must be of the type string, object given (sidz)

v5.1.9

Changelog (v5.1.8...v5.1.9)

  • bug #38614 Fix for virtualhosts based on URL path (mvorisek)
  • bug #38894 Remove Symfony 3 compatibility code (derrabus)

Task options

If you close the PR, the task will be skipped and Conductor will schedule the next task. Clicking the "Skip" button in the UI has the same effect. Conductor won't attempt to update the dependency to this exact version again but it will schedule updates to newer versions.

Powered by Private Packagist

@private-packagist Private Packagist
Copy link
Author

composer.lock

Package changes

Package Operation From To About
symfony/http-foundation upgrade v5.1.8 ⚠️ v5.4.48 ✅ diff

Settings · Docs · Powered by Private Packagist

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants