{"id":4793,"name":"composer","ecosystem":"docker","repository_url":"https://github.com/docker-library/official-images","issues_count":227,"created_at":"2025-06-06T16:38:34.716Z","updated_at":"2025-06-06T16:38:34.716Z","purl":"pkg:docker/composer","metadata":{"id":5448935,"name":"library/composer","ecosystem":"docker","description":"Composer is a dependency manager written in and for PHP.","homepage":null,"licenses":"apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/docker-library/official-images","keywords_array":[],"namespace":"library","versions_count":170,"first_release_published_at":"2016-12-01T19:06:34.709Z","latest_release_published_at":"2024-09-07T19:13:45.620Z","latest_release_number":"2.7.9","last_synced_at":"2024-09-24T01:36:17.523Z","created_at":"2022-11-24T17:51:14.975Z","updated_at":"2024-11-20T23:13:31.881Z","registry_url":"https://hub.docker.com/r/library/composer","install_command":"docker pull library/composer","documentation_url":null,"metadata":{},"repo_metadata":{"id":11255494,"uuid":"13655949","full_name":"docker-library/official-images","owner":"docker-library","description":"Primary source of truth for the Docker \"Official Images\" program","archived":false,"fork":false,"pushed_at":"2024-05-22T23:44:17.000Z","size":25973,"stargazers_count":6297,"open_issues_count":45,"forks_count":2294,"subscribers_count":264,"default_branch":"master","last_synced_at":"2024-05-23T00:22:03.916Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://hub.docker.com/u/library","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/docker-library.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE-OF-CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-10-17T17:27:12.000Z","updated_at":"2024-05-28T21:39:39.246Z","dependencies_parsed_at":"2023-01-16T21:01:12.799Z","dependency_job_id":"305d0ae4-e46a-486a-b4b5-95ccf1684a88","html_url":"https://github.com/docker-library/official-images","commit_stats":{"total_commits":15179,"total_committers":792,"mean_commits":19.16540404040404,"dds":0.7892483035773108,"last_synced_commit":"c642268ed9e0120d827d2185e28ae512e3bab68c"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-library%2Fofficial-images","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-library%2Fofficial-images/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-library%2Fofficial-images/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-library%2Fofficial-images/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker-library","download_url":"https://codeload.github.com/docker-library/official-images/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":209395601,"owners_count":15004702,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"docker-library","name":"Docker Official Images","uuid":"7739233","kind":"organization","description":"","email":null,"website":"https://github.com/docker-library/official-images","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/7739233?v=4","repositories_count":49,"last_synced_at":"2024-03-25T23:56:15.896Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/docker-library","funding_links":[],"total_stars":37578,"followers":1554,"following":0,"created_at":"2022-11-02T22:00:48.427Z","updated_at":"2024-03-25T23:56:17.447Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker-library","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker-library/repositories"},"tags":[]},"repo_metadata_updated_at":"2024-09-25T19:30:11.988Z","dependent_packages_count":0,"downloads":164469604,"downloads_period":"total","dependent_repos_count":7,"rankings":{"downloads":0.02325880864988106,"dependent_repos_count":0.20234165293265627,"dependent_packages_count":0.0,"stargazers_count":0.006887801703183662,"forks_count":0.005789746359197861,"docker_downloads_count":null,"average":0.04765560192898377},"purl":"pkg:docker/library%2Fcomposer","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/docker/library/composer","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/docker/library/composer","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/docker/library/composer/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/library%2Fcomposer/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/library%2Fcomposer/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/library%2Fcomposer/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/library%2Fcomposer/related_packages","maintainers":[],"registry":{"name":"hub.docker.com","url":"https://hub.docker.com","ecosystem":"docker","default":true,"packages_count":1001979,"maintainers_count":0,"namespaces_count":411559,"keywords_count":1704,"github":"docker","metadata":{"api_url":"https://registry-1.docker.io","funded_packages_count":257},"icon_url":"https://github.com/docker.png","created_at":"2022-11-24T17:07:36.388Z","updated_at":"2025-06-04T06:07:44.662Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/namespaces"}},"unique_repositories_count":44,"unique_repositories_count_past_30_days":0,"recent_issues":[{"uuid":"4271639902","node_id":"PR_kwDOI_S_fM7SxhAl","number":55,"state":"closed","title":"Bump composer from 2.9.5 to 2.9.7 in /php/http","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-20T23:36:26.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-15T20:56:12.000Z","updated_at":"2026-05-20T23:36:27.000Z","time_to_close":3033614,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":null}],"path":"/php/http","ecosystem":"docker"},"body":"Bumps composer from 2.9.5 to 2.9.7.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ajsalemo/dapr-state-management-examples/pull/55","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ajsalemo%2Fdapr-state-management-examples/issues/55","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/55/packages"},{"uuid":"4251072891","node_id":"PR_kwDOKKC4lc7R245X","number":1043,"state":"closed","title":"build(deps): bump composer from `743aebe` to `698d380`","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-14T10:25:34.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-13T03:34:34.000Z","updated_at":"2026-04-14T10:25:44.000Z","time_to_close":111060,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"composer","old_version":"`743aebe`","new_version":"`698d380`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `743aebe` to `698d380`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.5\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/VerifiedJoseph/intruder-alert/pull/1043","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/VerifiedJoseph%2Fintruder-alert/issues/1043","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1043/packages"},{"uuid":"4018922431","node_id":"PR_kwDOI0Hfus7HuQHA","number":6,"state":"closed","title":"Bump composer from 2.5.8 to 2.9.5 in /xdebug-custom-image","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-21T00:56:41.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-03T22:00:55.000Z","updated_at":"2026-04-21T00:56:43.000Z","time_to_close":4157746,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.5.8","new_version":"2.9.5","repository_url":null}],"path":"/xdebug-custom-image","ecosystem":"docker"},"body":"Bumps composer from 2.5.8 to 2.9.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.5.8\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ajsalemo/php-profiler-examples/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ajsalemo%2Fphp-profiler-examples/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"3881106788","node_id":"PR_kwDOAeqnyM7AqwQn","number":1414,"state":"open","title":"Bump composer from 2.9.3 to 2.9.5","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-01T04:03:46.000Z","updated_at":"2026-02-01T04:04:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.3","new_version":"2.9.5","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.3 to 2.9.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.3\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/lansuite/lansuite/pull/1414","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lansuite%2Flansuite/issues/1414","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1414/packages"},{"uuid":"3876951434","node_id":"PR_kwDOIep_yM7AdZIC","number":44,"state":"closed","title":"Bump composer from 2.9.1 to 2.9.5","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-02T08:27:00.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-30T18:52:52.000Z","updated_at":"2026-02-02T08:27:02.000Z","time_to_close":221648,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.5","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/reload_github-security-jira/pull/44","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Freload_github-security-jira/issues/44","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/44/packages"},{"uuid":"3845913902","node_id":"PR_kwDODQYzPM6-2gZf","number":521,"state":"open","title":"Bump composer from 2.9.1 to 2.9.4","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-23T05:32:03.000Z","updated_at":"2026-01-28T07:37:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.4","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.4.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/github-security-jira/pull/521","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fgithub-security-jira/issues/521","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/521/packages"},{"uuid":"3782442461","node_id":"PR_kwDOIep_yM67lROw","number":42,"state":"closed","title":"Bump composer from 2.9.1 to 2.9.3","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-23T18:52:53.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-05T18:15:29.000Z","updated_at":"2026-01-23T18:52:54.000Z","time_to_close":1557444,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.3","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.3.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/reload_github-security-jira/pull/42","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Freload_github-security-jira/issues/42","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/42/packages"},{"uuid":"3742821956","node_id":"PR_kwDOBUrhCs65k8Zh","number":410,"state":"open","title":"Bump composer from `8b4d59f` to `307e4af`","user":"dependabot[bot]","labels":["dependencies","docker","size/XS"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-18T12:00:44.000Z","updated_at":"2025-12-18T12:07:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`8b4d59f`","new_version":"`307e4af`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `8b4d59f` to `307e4af`.\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| composer | [\u003e 2.0.8, \u003c 2.1] |\n\u003c/details\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.2\u0026new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/spejder/msml/pull/410","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/spejder%2Fmsml/issues/410","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/410/packages"},{"uuid":"3662586845","node_id":"PR_kwDOJP8GiM61ZK6o","number":742,"state":"closed","title":"Dockerfile(deps): Bump composer from 2.8.12 to 2.9.2","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":["davidrjenni"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-04T20:42:37.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-25T11:06:02.000Z","updated_at":"2025-12-04T20:42:42.000Z","time_to_close":812195,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Dockerfile(deps): Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9.2","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.2.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/davidrjenni/scip-php/pull/742","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidrjenni%2Fscip-php/issues/742","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/742/packages"},{"uuid":"3657450745","node_id":"PR_kwDODJlY9M61H4SS","number":1788,"state":"closed","title":"Bump composer from `7384cf9` to `ea704a5` in /docker","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-11-27T11:43:52.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-24T07:28:09.000Z","updated_at":"2025-11-27T11:44:30.000Z","time_to_close":274543,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`7384cf9`","new_version":"`ea704a5`","repository_url":null}],"path":"/docker","ecosystem":"docker"},"body":"Bumps composer from `7384cf9` to `ea704a5`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9\u0026new-version=2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/open-telemetry/opentelemetry-php/pull/1788","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-telemetry%2Fopentelemetry-php/issues/1788","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1788/packages"},{"uuid":"3652643248","node_id":"PR_kwDOLcM7cs604Lcb","number":194,"state":"open","title":"Bump composer from 2.8.12 to 2.9","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-21T18:11:54.000Z","updated_at":"2025-11-21T18:14:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/aguilita1/SampleSyncApp/pull/194","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aguilita1%2FSampleSyncApp/issues/194","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/194/packages"},{"uuid":"3650217452","node_id":"PR_kwDODQYzPM60v_G8","number":516,"state":"open","title":"Bump composer from 2.9.1 to 2.9.2","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-21T05:00:45.000Z","updated_at":"2025-11-28T08:43:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.2","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.2.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/github-security-jira/pull/516","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fgithub-security-jira/issues/516","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/516/packages"},{"uuid":"3626656224","node_id":"PR_kwDOLcM7cs6zgwfF","number":187,"state":"open","title":"Bump composer from 2.8.12 to 2.9.1","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-14T18:12:17.000Z","updated_at":"2025-11-21T20:01:07.077Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9.1","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.1.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/aguilita1/SampleSyncApp/pull/187","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aguilita1%2FSampleSyncApp/issues/187","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/187/packages"},{"uuid":"3624298367","node_id":"PR_kwDODJlY9M6zYv3m","number":1772,"state":"open","title":"Bump composer from 2.8 to 2.9 in /docker","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-14T07:17:21.000Z","updated_at":"2025-11-14T07:19:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8","new_version":"2.9","repository_url":null}],"path":"/docker","ecosystem":"docker"},"body":"Bumps composer from 2.8 to 2.9.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8\u0026new-version=2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/open-telemetry/opentelemetry-php/pull/1772","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-telemetry%2Fopentelemetry-php/issues/1772","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1772/packages"},{"uuid":"3623685960","node_id":"PR_kwDOGWxxis6zW2v8","number":504,"state":"open","title":"Bump composer from 2.8.12 to 2.9.1","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-14T03:08:04.000Z","updated_at":"2025-11-14T05:10:41.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9.1","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.1.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/drupal-security-jira/pull/504","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fdrupal-security-jira/issues/504","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/504/packages"},{"uuid":"2878375294","node_id":"PR_kwDOCd6SH86rkIV-","number":369,"state":"closed","title":"ci(deps): bump composer from 2.8.10 to 2.8.12 in /tests","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":["superflyxxi"],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-10-03T21:00:49.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T14:01:15.000Z","updated_at":"2025-10-03T21:00:49.000Z","time_to_close":197974,"merged_at":"2025-10-03T21:00:49.000Z","merged_by":"superflyxxi","closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"composer","old_version":"2.8.10","new_version":"2.8.12","repository_url":null}],"path":"/tests","ecosystem":"docker"},"body":"Bumps composer from 2.8.10 to 2.8.12.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.10\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/superflyxxi/video-converter/pull/369","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/superflyxxi%2Fvideo-converter/issues/369","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/369/packages"},{"uuid":"2876770099","node_id":"PR_kwDOAeqnyM6reAcz","number":1381,"state":"open","title":"Bump composer from 2.8.11 to 2.8.12","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T04:02:28.000Z","updated_at":"2025-10-01T04:02:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.11","new_version":"2.8.12","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.11 to 2.8.12.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.11\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/lansuite/lansuite/pull/1381","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lansuite%2Flansuite/issues/1381","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1381/packages"},{"uuid":"2870925741","node_id":"PR_kwDOBUrhCs6rHtmt","number":386,"state":"closed","title":"Bump composer from `90e11ce` to `adca13b`","user":"dependabot[bot]","labels":["dependencies","docker","size/XS"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-29T14:50:42.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-29T14:40:10.000Z","updated_at":"2025-09-29T14:50:42.000Z","time_to_close":632,"merged_at":"2025-09-29T14:50:42.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`90e11ce`","new_version":"`adca13b`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `90e11ce` to `adca13b`.\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| composer | [\u003e 2.0.8, \u003c 2.1] |\n\u003c/details\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/spejder/msml/pull/386","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/spejder%2Fmsml/issues/386","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/386/packages"},{"uuid":"2870899934","node_id":"PR_kwDOJP8GiM6rHnTe","number":706,"state":"closed","title":"Dockerfile(deps): Bump composer from `90e11ce` to `adca13b`","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":["davidrjenni"],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-29T14:36:14.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-29T14:33:17.000Z","updated_at":"2025-09-29T14:36:14.000Z","time_to_close":177,"merged_at":"2025-09-29T14:36:13.000Z","merged_by":"davidrjenni","closed_by":null,"dependency_metadata":{"prefix":"Dockerfile(deps): Bump","packages":[{"name":"composer","old_version":"`90e11ce`","new_version":"`adca13b`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `90e11ce` to `adca13b`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/davidrjenni/scip-php/pull/706","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidrjenni%2Fscip-php/issues/706","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/706/packages"},{"uuid":"2868965873","node_id":"PR_kwDODQYzPM6rAPHx","number":504,"state":"closed","title":"Bump composer from `90e11ce` to `adca13b`","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-29T05:11:18.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-29T04:19:02.000Z","updated_at":"2025-09-29T05:11:18.000Z","time_to_close":3136,"merged_at":"2025-09-29T05:11:18.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`90e11ce`","new_version":"`adca13b`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `90e11ce` to `adca13b`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/github-security-jira/pull/504","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fgithub-security-jira/issues/504","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/504/packages"}],"issue_packages":[{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":"/php/http","pr_created_at":"2026-04-15T20:56:12.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4271639902","node_id":"PR_kwDOI_S_fM7SxhAl","number":55,"state":"closed","title":"Bump composer from 2.9.5 to 2.9.7 in /php/http","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-20T23:36:26.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-15T20:56:12.000Z","updated_at":"2026-05-20T23:36:27.000Z","time_to_close":3033614,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":null}],"path":"/php/http","ecosystem":"docker"},"body":"Bumps composer from 2.9.5 to 2.9.7.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ajsalemo/dapr-state-management-examples/pull/55","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ajsalemo%2Fdapr-state-management-examples/issues/55","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/55/packages"}},{"old_version":"`743aebe`","new_version":"`698d380`","update_type":null,"path":null,"pr_created_at":"2026-04-13T03:34:34.000Z","version_change":"`743aebe` → `698d380`","issue":{"uuid":"4251072891","node_id":"PR_kwDOKKC4lc7R245X","number":1043,"state":"closed","title":"build(deps): bump composer from `743aebe` to `698d380`","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-14T10:25:34.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-13T03:34:34.000Z","updated_at":"2026-04-14T10:25:44.000Z","time_to_close":111060,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"composer","old_version":"`743aebe`","new_version":"`698d380`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `743aebe` to `698d380`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.5\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/VerifiedJoseph/intruder-alert/pull/1043","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/VerifiedJoseph%2Fintruder-alert/issues/1043","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1043/packages"}},{"old_version":"2.5.8","new_version":"2.9.5","update_type":"minor","path":"/xdebug-custom-image","pr_created_at":"2026-03-03T22:00:55.000Z","version_change":"2.5.8 → 2.9.5","issue":{"uuid":"4018922431","node_id":"PR_kwDOI0Hfus7HuQHA","number":6,"state":"closed","title":"Bump composer from 2.5.8 to 2.9.5 in /xdebug-custom-image","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-21T00:56:41.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-03T22:00:55.000Z","updated_at":"2026-04-21T00:56:43.000Z","time_to_close":4157746,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.5.8","new_version":"2.9.5","repository_url":null}],"path":"/xdebug-custom-image","ecosystem":"docker"},"body":"Bumps composer from 2.5.8 to 2.9.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.5.8\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ajsalemo/php-profiler-examples/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ajsalemo%2Fphp-profiler-examples/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"2.9.3","new_version":"2.9.5","update_type":"patch","path":null,"pr_created_at":"2026-02-01T04:03:46.000Z","version_change":"2.9.3 → 2.9.5","issue":{"uuid":"3881106788","node_id":"PR_kwDOAeqnyM7AqwQn","number":1414,"state":"open","title":"Bump composer from 2.9.3 to 2.9.5","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-01T04:03:46.000Z","updated_at":"2026-02-01T04:04:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.3","new_version":"2.9.5","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.3 to 2.9.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.3\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/lansuite/lansuite/pull/1414","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lansuite%2Flansuite/issues/1414","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1414/packages"}},{"old_version":"2.9.1","new_version":"2.9.5","update_type":"patch","path":null,"pr_created_at":"2026-01-30T18:52:52.000Z","version_change":"2.9.1 → 2.9.5","issue":{"uuid":"3876951434","node_id":"PR_kwDOIep_yM7AdZIC","number":44,"state":"closed","title":"Bump composer from 2.9.1 to 2.9.5","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-02T08:27:00.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-30T18:52:52.000Z","updated_at":"2026-02-02T08:27:02.000Z","time_to_close":221648,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.5","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/reload_github-security-jira/pull/44","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Freload_github-security-jira/issues/44","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/44/packages"}},{"old_version":"2.9.1","new_version":"2.9.4","update_type":"patch","path":null,"pr_created_at":"2026-01-23T05:32:03.000Z","version_change":"2.9.1 → 2.9.4","issue":{"uuid":"3845913902","node_id":"PR_kwDODQYzPM6-2gZf","number":521,"state":"open","title":"Bump composer from 2.9.1 to 2.9.4","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-23T05:32:03.000Z","updated_at":"2026-01-28T07:37:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.4","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.4.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/github-security-jira/pull/521","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fgithub-security-jira/issues/521","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/521/packages"}},{"old_version":"2.9.1","new_version":"2.9.3","update_type":"patch","path":null,"pr_created_at":"2026-01-05T18:15:29.000Z","version_change":"2.9.1 → 2.9.3","issue":{"uuid":"3782442461","node_id":"PR_kwDOIep_yM67lROw","number":42,"state":"closed","title":"Bump composer from 2.9.1 to 2.9.3","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-23T18:52:53.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-05T18:15:29.000Z","updated_at":"2026-01-23T18:52:54.000Z","time_to_close":1557444,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.3","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.3.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/reload_github-security-jira/pull/42","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Freload_github-security-jira/issues/42","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/42/packages"}},{"old_version":"`8b4d59f`","new_version":"`307e4af`","update_type":null,"path":null,"pr_created_at":"2025-12-18T12:00:44.000Z","version_change":"`8b4d59f` → `307e4af`","issue":{"uuid":"3742821956","node_id":"PR_kwDOBUrhCs65k8Zh","number":410,"state":"open","title":"Bump composer from `8b4d59f` to `307e4af`","user":"dependabot[bot]","labels":["dependencies","docker","size/XS"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-18T12:00:44.000Z","updated_at":"2025-12-18T12:07:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`8b4d59f`","new_version":"`307e4af`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `8b4d59f` to `307e4af`.\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| composer | [\u003e 2.0.8, \u003c 2.1] |\n\u003c/details\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.2\u0026new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/spejder/msml/pull/410","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/spejder%2Fmsml/issues/410","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/410/packages"}},{"old_version":"2.8.12","new_version":"2.9.2","update_type":"minor","path":null,"pr_created_at":"2025-11-25T11:06:02.000Z","version_change":"2.8.12 → 2.9.2","issue":{"uuid":"3662586845","node_id":"PR_kwDOJP8GiM61ZK6o","number":742,"state":"closed","title":"Dockerfile(deps): Bump composer from 2.8.12 to 2.9.2","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":["davidrjenni"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-04T20:42:37.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-25T11:06:02.000Z","updated_at":"2025-12-04T20:42:42.000Z","time_to_close":812195,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Dockerfile(deps): Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9.2","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.2.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/davidrjenni/scip-php/pull/742","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidrjenni%2Fscip-php/issues/742","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/742/packages"}},{"old_version":"`7384cf9`","new_version":"`ea704a5`","update_type":null,"path":"/docker","pr_created_at":"2025-11-24T07:28:09.000Z","version_change":"`7384cf9` → `ea704a5`","issue":{"uuid":"3657450745","node_id":"PR_kwDODJlY9M61H4SS","number":1788,"state":"closed","title":"Bump composer from `7384cf9` to `ea704a5` in /docker","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-11-27T11:43:52.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-24T07:28:09.000Z","updated_at":"2025-11-27T11:44:30.000Z","time_to_close":274543,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`7384cf9`","new_version":"`ea704a5`","repository_url":null}],"path":"/docker","ecosystem":"docker"},"body":"Bumps composer from `7384cf9` to `ea704a5`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9\u0026new-version=2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/open-telemetry/opentelemetry-php/pull/1788","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-telemetry%2Fopentelemetry-php/issues/1788","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1788/packages"}},{"old_version":"2.8.12","new_version":"2.9","update_type":null,"path":null,"pr_created_at":"2025-11-21T18:11:54.000Z","version_change":"2.8.12 → 2.9","issue":{"uuid":"3652643248","node_id":"PR_kwDOLcM7cs604Lcb","number":194,"state":"open","title":"Bump composer from 2.8.12 to 2.9","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-21T18:11:54.000Z","updated_at":"2025-11-21T18:14:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/aguilita1/SampleSyncApp/pull/194","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aguilita1%2FSampleSyncApp/issues/194","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/194/packages"}},{"old_version":"2.9.1","new_version":"2.9.2","update_type":"patch","path":null,"pr_created_at":"2025-11-21T05:00:45.000Z","version_change":"2.9.1 → 2.9.2","issue":{"uuid":"3650217452","node_id":"PR_kwDODQYzPM60v_G8","number":516,"state":"open","title":"Bump composer from 2.9.1 to 2.9.2","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-21T05:00:45.000Z","updated_at":"2025-11-28T08:43:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.9.1","new_version":"2.9.2","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.9.1 to 2.9.2.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.9.1\u0026new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/github-security-jira/pull/516","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fgithub-security-jira/issues/516","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/516/packages"}},{"old_version":"2.8.12","new_version":"2.9.1","update_type":"minor","path":null,"pr_created_at":"2025-11-14T18:12:17.000Z","version_change":"2.8.12 → 2.9.1","issue":{"uuid":"3626656224","node_id":"PR_kwDOLcM7cs6zgwfF","number":187,"state":"open","title":"Bump composer from 2.8.12 to 2.9.1","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-14T18:12:17.000Z","updated_at":"2025-11-21T20:01:07.077Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9.1","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.1.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/aguilita1/SampleSyncApp/pull/187","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aguilita1%2FSampleSyncApp/issues/187","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/187/packages"}},{"old_version":"2.8","new_version":"2.9","update_type":null,"path":"/docker","pr_created_at":"2025-11-14T07:17:21.000Z","version_change":"2.8 → 2.9","issue":{"uuid":"3624298367","node_id":"PR_kwDODJlY9M6zYv3m","number":1772,"state":"open","title":"Bump composer from 2.8 to 2.9 in /docker","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-14T07:17:21.000Z","updated_at":"2025-11-14T07:19:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8","new_version":"2.9","repository_url":null}],"path":"/docker","ecosystem":"docker"},"body":"Bumps composer from 2.8 to 2.9.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8\u0026new-version=2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/open-telemetry/opentelemetry-php/pull/1772","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-telemetry%2Fopentelemetry-php/issues/1772","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1772/packages"}},{"old_version":"2.8.12","new_version":"2.9.1","update_type":"minor","path":null,"pr_created_at":"2025-11-14T03:08:04.000Z","version_change":"2.8.12 → 2.9.1","issue":{"uuid":"3623685960","node_id":"PR_kwDOGWxxis6zW2v8","number":504,"state":"open","title":"Bump composer from 2.8.12 to 2.9.1","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-14T03:08:04.000Z","updated_at":"2025-11-14T05:10:41.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.12","new_version":"2.9.1","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.12 to 2.9.1.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/drupal-security-jira/pull/504","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fdrupal-security-jira/issues/504","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/504/packages"}},{"old_version":"2.8.10","new_version":"2.8.12","update_type":"patch","path":"/tests","pr_created_at":"2025-10-01T14:01:15.000Z","version_change":"2.8.10 → 2.8.12","issue":{"uuid":"2878375294","node_id":"PR_kwDOCd6SH86rkIV-","number":369,"state":"closed","title":"ci(deps): bump composer from 2.8.10 to 2.8.12 in /tests","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":["superflyxxi"],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-10-03T21:00:49.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T14:01:15.000Z","updated_at":"2025-10-03T21:00:49.000Z","time_to_close":197974,"merged_at":"2025-10-03T21:00:49.000Z","merged_by":"superflyxxi","closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"composer","old_version":"2.8.10","new_version":"2.8.12","repository_url":null}],"path":"/tests","ecosystem":"docker"},"body":"Bumps composer from 2.8.10 to 2.8.12.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.10\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/superflyxxi/video-converter/pull/369","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/superflyxxi%2Fvideo-converter/issues/369","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/369/packages"}},{"old_version":"2.8.11","new_version":"2.8.12","update_type":"patch","path":null,"pr_created_at":"2025-10-01T04:02:28.000Z","version_change":"2.8.11 → 2.8.12","issue":{"uuid":"2876770099","node_id":"PR_kwDOAeqnyM6reAcz","number":1381,"state":"open","title":"Bump composer from 2.8.11 to 2.8.12","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T04:02:28.000Z","updated_at":"2025-10-01T04:02:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"2.8.11","new_version":"2.8.12","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from 2.8.11 to 2.8.12.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.11\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/lansuite/lansuite/pull/1381","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lansuite%2Flansuite/issues/1381","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1381/packages"}},{"old_version":"`90e11ce`","new_version":"`adca13b`","update_type":null,"path":null,"pr_created_at":"2025-09-29T14:40:10.000Z","version_change":"`90e11ce` → `adca13b`","issue":{"uuid":"2870925741","node_id":"PR_kwDOBUrhCs6rHtmt","number":386,"state":"closed","title":"Bump composer from `90e11ce` to `adca13b`","user":"dependabot[bot]","labels":["dependencies","docker","size/XS"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-29T14:50:42.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-29T14:40:10.000Z","updated_at":"2025-09-29T14:50:42.000Z","time_to_close":632,"merged_at":"2025-09-29T14:50:42.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`90e11ce`","new_version":"`adca13b`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `90e11ce` to `adca13b`.\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| composer | [\u003e 2.0.8, \u003c 2.1] |\n\u003c/details\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/spejder/msml/pull/386","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/spejder%2Fmsml/issues/386","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/386/packages"}},{"old_version":"`90e11ce`","new_version":"`adca13b`","update_type":null,"path":null,"pr_created_at":"2025-09-29T14:33:17.000Z","version_change":"`90e11ce` → `adca13b`","issue":{"uuid":"2870899934","node_id":"PR_kwDOJP8GiM6rHnTe","number":706,"state":"closed","title":"Dockerfile(deps): Bump composer from `90e11ce` to `adca13b`","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":["davidrjenni"],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-29T14:36:14.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-29T14:33:17.000Z","updated_at":"2025-09-29T14:36:14.000Z","time_to_close":177,"merged_at":"2025-09-29T14:36:13.000Z","merged_by":"davidrjenni","closed_by":null,"dependency_metadata":{"prefix":"Dockerfile(deps): Bump","packages":[{"name":"composer","old_version":"`90e11ce`","new_version":"`adca13b`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `90e11ce` to `adca13b`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/davidrjenni/scip-php/pull/706","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidrjenni%2Fscip-php/issues/706","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/706/packages"}},{"old_version":"`90e11ce`","new_version":"`adca13b`","update_type":null,"path":null,"pr_created_at":"2025-09-29T04:19:02.000Z","version_change":"`90e11ce` → `adca13b`","issue":{"uuid":"2868965873","node_id":"PR_kwDODQYzPM6rAPHx","number":504,"state":"closed","title":"Bump composer from `90e11ce` to `adca13b`","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-29T05:11:18.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-29T04:19:02.000Z","updated_at":"2025-09-29T05:11:18.000Z","time_to_close":3136,"merged_at":"2025-09-29T05:11:18.000Z","merged_by":"dependabot[bot]","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer","old_version":"`90e11ce`","new_version":"`adca13b`","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps composer from `90e11ce` to `adca13b`.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer\u0026package-manager=docker\u0026previous-version=2.8.12\u0026new-version=2.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/reload/github-security-jira/pull/504","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/reload%2Fgithub-security-jira/issues/504","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/504/packages"}}]}