Skip to content

Commit

Permalink
Patch vulnerability advisory (#3966)
Browse files Browse the repository at this point in the history
Seems composer has a vulnerability, see GHSA-7c6p-848j-wh5h

Affected versions
>= 2.0.0-alpha1, < 2.2.23 -- patched in 2.2.23
>= 2.3.0-rc1, < 2.7.0 -- patched in 2.7.0

---

Let's raise the minimum to enforce the latest.

Thank you @PeopleInside for reporting this.

(cherry picked from commit e771b90)
  • Loading branch information
luceos authored and SychO9 committed Feb 22, 2024
1 parent b2044ff commit a52959c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion extensions/package-manager/composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
},
"require": {
"flarum/core": "^1.8",
"composer/composer": "^2.3"
"composer/composer": "^2.7"
},
"require-dev": {
"flarum/testing": "^1.0.0",
Expand Down

0 comments on commit a52959c

Please sign in to comment.