Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #3096781 by longwave, xjm, catch, Eric_A, mikelutz: symfony/mime and symfony/var-dumper versions are on 5.1.7 (not an LTS) and therefore have gaps in security coverage relative to Drupal minors

merge-requests/90/head
Alex Pott 2020-11-30 19:28:14 +00:00
parent 86c7ed07ab
commit 0c30083525
No known key found for this signature in database
GPG Key ID: 31905460D4A69276
3 changed files with 97 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
composer.lock generated
View File

@ -2382,6 +2382,73 @@
],
"time": "2020-10-27T10:05:40+00:00"
},
{
"name": "symfony/deprecation-contracts",
"version": "v2.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/deprecation-contracts.git",
"reference": "5fa56b4074d1ae755beb55617ddafe6f5d78f665"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/5fa56b4074d1ae755beb55617ddafe6f5d78f665",
"reference": "5fa56b4074d1ae755beb55617ddafe6f5d78f665",
"shasum": ""
},
"require": {
"php": ">=7.1"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "2.2-dev"
},
"thanks": {
"name": "symfony/contracts",
"url": "https://github.com/symfony/contracts"
}
},
"autoload": {
"files": [
"function.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "A generic function and convention to trigger deprecation notices",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/deprecation-contracts/tree/master"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2020-09-07T11:33:47+00:00"
},
{
"name": "symfony/error-handler",
"version": "v4.4.16",
@ -2865,20 +2932,21 @@
},
{
"name": "symfony/mime",
"version": "v5.1.8",
"version": "v5.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/mime.git",
"reference": "f5485a92c24d4bcfc2f3fc648744fb398482ff1b"
"reference": "05f667e8fa029568964fd3bec6bc17765b853cc5"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/mime/zipball/f5485a92c24d4bcfc2f3fc648744fb398482ff1b",
"reference": "f5485a92c24d4bcfc2f3fc648744fb398482ff1b",
"url": "https://api.github.com/repos/symfony/mime/zipball/05f667e8fa029568964fd3bec6bc17765b853cc5",
"reference": "05f667e8fa029568964fd3bec6bc17765b853cc5",
"shasum": ""
},
"require": {
"php": ">=7.2.5",
"symfony/deprecation-contracts": "^2.1",
"symfony/polyfill-intl-idn": "^1.10",
"symfony/polyfill-mbstring": "^1.0",
"symfony/polyfill-php80": "^1.15"
@ -2888,7 +2956,11 @@
},
"require-dev": {
"egulias/email-validator": "^2.1.10",
"symfony/dependency-injection": "^4.4|^5.0"
"phpdocumentor/reflection-docblock": "^3.0|^4.0|^5.0",
"symfony/dependency-injection": "^4.4|^5.0",
"symfony/property-access": "^4.4|^5.1",
"symfony/property-info": "^4.4|^5.1",
"symfony/serializer": "^5.2"
},
"type": "library",
"autoload": {
@ -2920,7 +2992,7 @@
"mime-type"
],
"support": {
"source": "https://github.com/symfony/mime/tree/v5.1.8"
"source": "https://github.com/symfony/mime/tree/v5.2.0"
},
"funding": [
{
@ -2936,7 +3008,7 @@
"type": "tidelift"
}
],
"time": "2020-10-24T12:01:57+00:00"
"time": "2020-10-30T14:55:39+00:00"
},
{
"name": "symfony/polyfill-ctype",
@ -4108,16 +4180,16 @@
},
{
"name": "symfony/var-dumper",
"version": "v5.1.8",
"version": "v5.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/var-dumper.git",
"reference": "4e13f3fcefb1fcaaa5efb5403581406f4e840b9a"
"reference": "173a79c462b1c81e1fa26129f71e41333d846b26"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/var-dumper/zipball/4e13f3fcefb1fcaaa5efb5403581406f4e840b9a",
"reference": "4e13f3fcefb1fcaaa5efb5403581406f4e840b9a",
"url": "https://api.github.com/repos/symfony/var-dumper/zipball/173a79c462b1c81e1fa26129f71e41333d846b26",
"reference": "173a79c462b1c81e1fa26129f71e41333d846b26",
"shasum": ""
},
"require": {
@ -4176,7 +4248,7 @@
"dump"
],
"support": {
"source": "https://github.com/symfony/var-dumper/tree/v5.1.8"
"source": "https://github.com/symfony/var-dumper/tree/v5.2.0"
},
"funding": [
{
@ -4192,7 +4264,7 @@
"type": "tidelift"
}
],
"time": "2020-10-27T10:11:13+00:00"
"time": "2020-11-27T00:39:34+00:00"
},
{
"name": "symfony/yaml",
@ -7504,16 +7576,16 @@
},
{
"name": "symfony/phpunit-bridge",
"version": "v5.1.8",
"version": "v5.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/phpunit-bridge.git",
"reference": "61744927348cd391ac12f7c6b70544991275845c"
"reference": "92a76ca5e64effd41ce111b8f476144dfa29f1f0"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/phpunit-bridge/zipball/61744927348cd391ac12f7c6b70544991275845c",
"reference": "61744927348cd391ac12f7c6b70544991275845c",
"url": "https://api.github.com/repos/symfony/phpunit-bridge/zipball/92a76ca5e64effd41ce111b8f476144dfa29f1f0",
"reference": "92a76ca5e64effd41ce111b8f476144dfa29f1f0",
"shasum": ""
},
"require": {
@ -7523,7 +7595,8 @@
"phpunit/phpunit": "<4.8.35|<5.4.3,>=5.0|<6.4,>=6.0|9.1.2"
},
"require-dev": {
"symfony/deprecation-contracts": "^2.1"
"symfony/deprecation-contracts": "^2.1",
"symfony/error-handler": "^4.4|^5.0"
},
"suggest": {
"symfony/error-handler": "For tracking deprecated interfaces usages at runtime with DebugClassLoader"
@ -7566,7 +7639,7 @@
"description": "Symfony PHPUnit Bridge",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/phpunit-bridge/tree/v5.1.8"
"source": "https://github.com/symfony/phpunit-bridge/tree/v5.2.0"
},
"funding": [
{
@ -7582,7 +7655,7 @@
"type": "tidelift"
}
],
"time": "2020-10-24T15:53:55+00:00"
"time": "2020-11-27T00:39:34+00:00"
},
{
"name": "theseer/tokenizer",

5
composer/Metapackage/CoreRecommended/composer.json
View File

@ -37,13 +37,14 @@
"symfony/console": "v4.4.16",
"symfony/debug": "v4.4.16",
"symfony/dependency-injection": "v4.4.16",
"symfony/deprecation-contracts": "v2.2.0",
"symfony/error-handler": "v4.4.16",
"symfony/event-dispatcher": "v4.4.16",
"symfony/event-dispatcher-contracts": "v1.1.9",
"symfony/http-client-contracts": "v2.3.1",
"symfony/http-foundation": "v4.4.16",
"symfony/http-kernel": "v4.4.16",
"symfony/mime": "v5.1.8",
"symfony/mime": "v5.2.0",
"symfony/polyfill-ctype": "v1.20.0",
"symfony/polyfill-iconv": "v1.20.0",
"symfony/polyfill-intl-idn": "v1.20.0",
@ -58,7 +59,7 @@
"symfony/translation": "v4.4.16",
"symfony/translation-contracts": "v2.3.0",
"symfony/validator": "v4.4.16",
"symfony/var-dumper": "v5.1.8",
"symfony/var-dumper": "v5.2.0",
"symfony/yaml": "v4.4.16",
"twig/twig": "v2.14.1",
"typo3/phar-stream-wrapper": "v3.1.6"

2
composer/Metapackage/PinnedDevDependencies/composer.json
View File

@ -59,7 +59,7 @@
"symfony/filesystem": "v4.4.16",
"symfony/finder": "v4.4.16",
"symfony/lock": "v4.4.16",
"symfony/phpunit-bridge": "v5.1.8",
"symfony/phpunit-bridge": "v5.2.0",
"theseer/tokenizer": "1.2.0",
"webmozart/assert": "1.9.1"
}