{"id":9149,"name":"composer/composer","ecosystem":"packagist","repository_url":"https://github.com/composer/composer","issues_count":217,"created_at":"2025-06-06T22:32:00.627Z","updated_at":"2025-06-06T22:32:00.627Z","purl":"pkg:composer/composer/composer","metadata":{"id":501265,"name":"composer/composer","ecosystem":"packagist","description":"Composer helps you declare, manage and install dependencies of PHP projects. It ensures you have the right stack everywhere.","homepage":"https://getcomposer.org/","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/composer/composer","keywords_array":["package","dependency","autoload"],"namespace":"composer","versions_count":213,"first_release_published_at":"2012-03-01T18:56:08.000Z","latest_release_published_at":"2025-05-13T12:01:37.000Z","latest_release_number":"2.8.9","last_synced_at":"2025-06-07T05:01:18.941Z","created_at":"2022-04-07T09:04:36.698Z","updated_at":"2025-06-07T05:01:18.941Z","registry_url":"https://packagist.org/packages/composer/composer#","install_command":"composer require composer/composer","documentation_url":null,"metadata":{"funding":[{"url":"https://packagist.com","type":"custom"},{"url":"https://github.com/composer","type":"github"},{"url":"https://tidelift.com/funding/github/packagist/composer/composer","type":"tidelift"}]},"repo_metadata":{"id":1542380,"uuid":"1864363","full_name":"composer/composer","owner":"composer","description":"Dependency Manager for PHP","archived":false,"fork":false,"pushed_at":"2024-10-29T15:18:15.000Z","size":27229,"stargazers_count":28607,"open_issues_count":110,"forks_count":4549,"subscribers_count":598,"default_branch":"main","last_synced_at":"2024-10-29T21:01:10.777Z","etag":null,"topics":["composer","dependency-manager","hacktoberfest","package-manager","packages","php"],"latest_commit_sha":null,"homepage":"https://getcomposer.org/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/composer.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2011-06-08T08:53:00.000Z","updated_at":"2024-10-29T15:18:26.000Z","dependencies_parsed_at":"2023-12-20T08:59:31.390Z","dependency_job_id":"910fc650-0546-46e4-8af2-cde6785b7fce","html_url":"https://github.com/composer/composer","commit_stats":null,"previous_names":[],"tags_count":196,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/composer","download_url":"https://codeload.github.com/composer/composer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222132497,"owners_count":16936605,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"composer","name":"Composer","uuid":"837015","kind":"organization","description":"","email":null,"website":"https://getcomposer.org/","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/837015?v=4","repositories_count":19,"last_synced_at":"2024-05-20T14:30:52.893Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/composer","funding_links":["https://github.com/sponsors/composer"],"total_stars":47629,"followers":376,"following":0,"created_at":"2022-11-02T16:30:25.670Z","updated_at":"2024-05-20T14:30:55.804Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/composer","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/composer/repositories"},"tags":[{"name":"2.7.4","sha":"a625e50598e12171d3f60b1149eb530690c43474","kind":"tag","published_at":"2024-04-22T19:17:04.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.7.4","html_url":"https://github.com/composer/composer/releases/tag/2.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.4/manifests"},{"name":"2.7.3","sha":"e49be96f3bccd183c9ff1313686c06cf898ba4be","kind":"tag","published_at":"2024-04-19T19:40:58.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.7.3","html_url":"https://github.com/composer/composer/releases/tag/2.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.3/manifests"},{"name":"2.7.2","sha":"b826edb791571ab1eaf281eb1bd6e181a1192adc","kind":"tag","published_at":"2024-03-11T16:12:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.7.2","html_url":"https://github.com/composer/composer/releases/tag/2.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.2/manifests"},{"name":"2.7.1","sha":"aaf6ed5ccd27c23f79a545e351b4d7842a99d0bc","kind":"tag","published_at":"2024-02-09T14:26:29.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.7.1","html_url":"https://github.com/composer/composer/releases/tag/2.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.1/manifests"},{"name":"2.7.0","sha":"96d107e2bfe61bb9eafe55a9d45bd7faed1dd461","kind":"tag","published_at":"2024-02-08T14:09:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.7.0","html_url":"https://github.com/composer/composer/releases/tag/2.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.7.0/manifests"},{"name":"2.2.23","sha":"d1542e89636abf422fde328cb28d53752efb69e5","kind":"tag","published_at":"2024-02-08T14:08:54.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.23","html_url":"https://github.com/composer/composer/releases/tag/2.2.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.23/manifests"},{"name":"2.6.6","sha":"683557bd2466072777309d039534bb1332d0dda5","kind":"tag","published_at":"2023-12-08T17:32:27.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.6","html_url":"https://github.com/composer/composer/releases/tag/2.6.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.6/manifests"},{"name":"2.6.5","sha":"4b0fe89db9e65b1e64df633a992e70a7a215ab33","kind":"tag","published_at":"2023-10-06T08:11:52.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.5","html_url":"https://github.com/composer/composer/releases/tag/2.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.5/manifests"},{"name":"2.6.4","sha":"d75d17c16a863438027d1d96401cddcd6aa5bb60","kind":"tag","published_at":"2023-09-29T08:54:47.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.4","html_url":"https://github.com/composer/composer/releases/tag/2.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.4/manifests"},{"name":"2.2.22","sha":"fedc76ee3f3e3d57d20993b9f4c5fcfb2f8596aa","kind":"tag","published_at":"2023-09-29T08:53:46.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.22","html_url":"https://github.com/composer/composer/releases/tag/2.2.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.22/manifests"},{"name":"1.10.27","sha":"f8f49191eec76f039b466aa1f161406fe43aff50","kind":"tag","published_at":"2023-09-29T08:50:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.27","html_url":"https://github.com/composer/composer/releases/tag/1.10.27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.27/manifests"},{"name":"2.6.3","sha":"ff477832e6d838a736556d4a39a3b80f4412abfd","kind":"tag","published_at":"2023-09-15T07:38:22.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.3","html_url":"https://github.com/composer/composer/releases/tag/2.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.3/manifests"},{"name":"2.6.2","sha":"623e5e1de055e65bc6c3c61b8348dc4662d75e2b","kind":"tag","published_at":"2023-09-03T12:09:15.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.2","html_url":"https://github.com/composer/composer/releases/tag/2.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.2/manifests"},{"name":"2.6.1","sha":"ee851d6b6bb4bf2e0fbfb22b22b44727cded6f29","kind":"tag","published_at":"2023-09-01T11:53:08.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.1","html_url":"https://github.com/composer/composer/releases/tag/2.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.1/manifests"},{"name":"2.6.0","sha":"ea4222fad9d38d8969fc85c9801e4af2171f0f5d","kind":"tag","published_at":"2023-09-01T08:07:50.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.6.0","html_url":"https://github.com/composer/composer/releases/tag/2.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.6.0/manifests"},{"name":"2.5.8","sha":"4c516146167d1392c8b9b269bb7c24115d262164","kind":"tag","published_at":"2023-06-09T15:13:22.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.8","html_url":"https://github.com/composer/composer/releases/tag/2.5.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.8/manifests"},{"name":"2.5.7","sha":"d477018d3f2ebd76dede3d3988a0b1a7add4d81e","kind":"tag","published_at":"2023-05-24T13:00:42.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.7","html_url":"https://github.com/composer/composer/releases/tag/2.5.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.7/manifests"},{"name":"2.5.6","sha":"f7c05db8b0a66d046203faf3c187e319cd211fae","kind":"tag","published_at":"2023-05-24T07:14:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.6","html_url":"https://github.com/composer/composer/releases/tag/2.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.6/manifests"},{"name":"2.5.5","sha":"c7cffaad16a60636a776017eac5bd8cd0095c32f","kind":"tag","published_at":"2023-03-21T10:50:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.5","html_url":"https://github.com/composer/composer/releases/tag/2.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.5/manifests"},{"name":"2.5.4","sha":"6b67eeea4d72051c369ccdbfb2423a56e2ab51a9","kind":"tag","published_at":"2023-02-15T12:10:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.4","html_url":"https://github.com/composer/composer/releases/tag/2.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.4/manifests"},{"name":"2.2.21","sha":"978198befc71de0b18fc1fc5a472c03b184b504a","kind":"tag","published_at":"2023-02-15T12:07:41.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.21","html_url":"https://github.com/composer/composer/releases/tag/2.2.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.21/manifests"},{"name":"2.2.20","sha":"b4850827d87688465fc3b775c71b2836187538ac","kind":"tag","published_at":"2023-02-10T13:11:11.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.20","html_url":"https://github.com/composer/composer/releases/tag/2.2.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.20/manifests"},{"name":"2.5.3","sha":"607a4c04006ce1d2b6fdfd5467bae3d7ad9ce5ab","kind":"tag","published_at":"2023-02-10T12:23:53.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.3","html_url":"https://github.com/composer/composer/releases/tag/2.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.3/manifests"},{"name":"2.2.19","sha":"30ff21a9af9a10845436abaeeb0bb7276e996d24","kind":"tag","published_at":"2023-02-04T13:54:48.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.19","html_url":"https://github.com/composer/composer/releases/tag/2.2.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.19/manifests"},{"name":"2.5.2","sha":"c76c013c555160410af47c03a0e173518e3f5796","kind":"tag","published_at":"2023-02-04T13:33:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.2","html_url":"https://github.com/composer/composer/releases/tag/2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.2/manifests"},{"name":"2.5.1","sha":"923278ad13e1621946eb76ab2882655d2cc396a4","kind":"tag","published_at":"2022-12-22T14:33:54.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.1","html_url":"https://github.com/composer/composer/releases/tag/2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.1/manifests"},{"name":"2.5.0","sha":"09ef0e3acbb377f28927fa6a527c251da713ebac","kind":"tag","published_at":"2022-12-20T09:44:08.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.5.0","html_url":"https://github.com/composer/composer/releases/tag/2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.5.0/manifests"},{"name":"2.4.4","sha":"e8d9087229bcdbc5867594d3098091412f1130cf","kind":"tag","published_at":"2022-10-27T12:39:29.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.4.4","html_url":"https://github.com/composer/composer/releases/tag/2.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.4/manifests"},{"name":"2.4.3","sha":"b34c0e9a93f2cd688c62ce4dfcc69e13b6ce7aa4","kind":"tag","published_at":"2022-10-14T14:56:47.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.4.3","html_url":"https://github.com/composer/composer/releases/tag/2.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.3/manifests"},{"name":"2.4.2","sha":"7d887621e69a0311eb50aed4a16f7044b2b385b9","kind":"tag","published_at":"2022-09-14T14:11:15.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.4.2","html_url":"https://github.com/composer/composer/releases/tag/2.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.2/manifests"},{"name":"2.4.1","sha":"777d542e3af65f8e7a66a4d98ce7a697da339414","kind":"tag","published_at":"2022-08-20T09:44:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.4.1","html_url":"https://github.com/composer/composer/releases/tag/2.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.1/manifests"},{"name":"2.2.18","sha":"84175907664ca8b73f73f4883e67e886dfefb9f5","kind":"tag","published_at":"2022-08-20T09:33:38.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.18","html_url":"https://github.com/composer/composer/releases/tag/2.2.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.18/manifests"},{"name":"2.4.0","sha":"026d6de6ea2c913974a7756661a3faac135cb36e","kind":"tag","published_at":"2022-08-16T14:10:48.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.4.0","html_url":"https://github.com/composer/composer/releases/tag/2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.0/manifests"},{"name":"2.4.0-RC1","sha":"c08cac5f67ae4cf6f988758c95dd30a6c8107063","kind":"tag","published_at":"2022-07-21T13:46:32.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.4.0-RC1","html_url":"https://github.com/composer/composer/releases/tag/2.4.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.4.0-RC1/manifests"},{"name":"2.3.10","sha":"ebac357c0a41359f3981098729042ed6dedc97ba","kind":"tag","published_at":"2022-07-13T13:48:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.10","html_url":"https://github.com/composer/composer/releases/tag/2.3.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.10/manifests"},{"name":"2.2.17","sha":"a8ab5070fb99396e4710baee286478ad697724c2","kind":"tag","published_at":"2022-07-13T13:27:38.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.17","html_url":"https://github.com/composer/composer/releases/tag/2.2.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.17/manifests"},{"name":"2.3.9","sha":"015f524c9969255a29cdea8890cbd4fec240ee47","kind":"tag","published_at":"2022-07-05T14:52:11.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.9","html_url":"https://github.com/composer/composer/releases/tag/2.3.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.9/manifests"},{"name":"2.2.16","sha":"8c0ee53ff67399b0eec4eee2c5dc5189ec6938a6","kind":"tag","published_at":"2022-07-05T14:50:29.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.16","html_url":"https://github.com/composer/composer/releases/tag/2.2.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.16/manifests"},{"name":"2.3.8","sha":"f69e63262dadd02b3b6edade339c7badda2939c2","kind":"tag","published_at":"2022-07-01T10:10:47.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.8","html_url":"https://github.com/composer/composer/releases/tag/2.3.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.8/manifests"},{"name":"2.2.15","sha":"509dcbd4f8d459e0ef2ef223a231b8c31bceed78","kind":"tag","published_at":"2022-07-01T10:01:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.15","html_url":"https://github.com/composer/composer/releases/tag/2.2.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.15/manifests"},{"name":"2.3.7","sha":"10cd375cf85dede2ff417ceab517ef9a0dc55407","kind":"tag","published_at":"2022-06-06T14:43:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.7","html_url":"https://github.com/composer/composer/releases/tag/2.3.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.7/manifests"},{"name":"2.2.14","sha":"8c7a2d200bb0e66d6fafeff2f9c9a27188e52842","kind":"tag","published_at":"2022-06-06T14:32:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.14","html_url":"https://github.com/composer/composer/releases/tag/2.2.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.14/manifests"},{"name":"2.3.6","sha":"0f43aa1652c447a6bc7c9217ec133313b1d32e72","kind":"tag","published_at":"2022-06-01T19:57:14.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.6","html_url":"https://github.com/composer/composer/releases/tag/2.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.6/manifests"},{"name":"2.2.13","sha":"de11c9819ac45659fb0fafb2e704912f9994ed60","kind":"tag","published_at":"2022-05-25T19:37:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.13","html_url":"https://github.com/composer/composer/releases/tag/2.2.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.13/manifests"},{"name":"2.3.5","sha":"50c47b1f907cfcdb8f072b88164d22b527557ae1","kind":"tag","published_at":"2022-04-13T14:43:01.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.5","html_url":"https://github.com/composer/composer/releases/tag/2.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.5/manifests"},{"name":"2.2.12","sha":"ba61e768b410736efe61df01b61f1ec44f51474f","kind":"tag","published_at":"2022-04-13T14:42:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.12","html_url":"https://github.com/composer/composer/releases/tag/2.2.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.12/manifests"},{"name":"1.10.26","sha":"3e196135eacf9e519a6b00986bc6fe6aff977997","kind":"tag","published_at":"2022-04-13T14:39:57.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.26","html_url":"https://github.com/composer/composer/releases/tag/1.10.26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.26/manifests"},{"name":"2.3.4","sha":"b7a041319947872c4352aa8139f4b4d6dea7130f","kind":"tag","published_at":"2022-04-07T19:16:43.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.4","html_url":"https://github.com/composer/composer/releases/tag/2.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.4/manifests"},{"name":"2.3.3","sha":"b0024890b8650e52d1a29822856b3c95aa393785","kind":"tag","published_at":"2022-04-01T20:15:36.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.3","html_url":"https://github.com/composer/composer/releases/tag/2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.3/manifests"},{"name":"2.2.11","sha":"2f5bcf0480c13b4fa1ac490aa9344e4402507538","kind":"tag","published_at":"2022-04-01T20:00:53.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.11","html_url":"https://github.com/composer/composer/releases/tag/2.2.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.11/manifests"},{"name":"2.3.2","sha":"c3777ea50f5ad561d4796b42fba4d180bb45cf77","kind":"tag","published_at":"2022-03-30T18:45:25.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.2","html_url":"https://github.com/composer/composer/releases/tag/2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.2/manifests"},{"name":"2.3.1","sha":"d6c572e5f5d6d1a27bb7a1fbd1c74f777a26d436","kind":"tag","published_at":"2022-03-30T13:41:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.1","html_url":"https://github.com/composer/composer/releases/tag/2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.1/manifests"},{"name":"2.3.0","sha":"934ee6eed3c3ffd0aeccef7c1d255adcf0752b24","kind":"tag","published_at":"2022-03-30T09:15:36.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.0","html_url":"https://github.com/composer/composer/releases/tag/2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.0/manifests"},{"name":"2.2.10","sha":"18f748df692b6304b5baf077786c003c48e7f990","kind":"tag","published_at":"2022-03-29T19:55:36.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.10","html_url":"https://github.com/composer/composer/releases/tag/2.2.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.10/manifests"},{"name":"2.3.0-RC2","sha":"36dc875e1c6d5ce9411c78aae22b33ac24c86e13","kind":"tag","published_at":"2022-03-20T12:20:49.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.0-RC2","html_url":"https://github.com/composer/composer/releases/tag/2.3.0-RC2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.0-RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.0-RC2/manifests"},{"name":"2.3.0-RC1","sha":"3b150d0ef6454694d074cac2807237894dfd6217","kind":"tag","published_at":"2022-03-16T08:25:47.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.3.0-RC1","html_url":"https://github.com/composer/composer/releases/tag/2.3.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.3.0-RC1/manifests"},{"name":"2.2.9","sha":"07eccf080ad63d55d95a7c9133506db7d9029264","kind":"tag","published_at":"2022-03-15T21:13:38.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.9","html_url":"https://github.com/composer/composer/releases/tag/2.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.9/manifests"},{"name":"2.2.8","sha":"26a587345daa2772bbe2006f13cd9d7f92b242eb","kind":"tag","published_at":"2022-03-15T11:55:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.8","html_url":"https://github.com/composer/composer/releases/tag/2.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.8/manifests"},{"name":"2.2.7","sha":"061d154dfdde157cbf453c4695e6af21c0e93903","kind":"tag","published_at":"2022-02-25T10:12:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.7","html_url":"https://github.com/composer/composer/releases/tag/2.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.7/manifests"},{"name":"2.2.6","sha":"ce785a18c0fb472421e52d958bab339247cb0e82","kind":"tag","published_at":"2022-02-04T16:00:39.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.6","html_url":"https://github.com/composer/composer/releases/tag/2.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.6/manifests"},{"name":"2.2.5","sha":"22c41ef275c7bb64fa28fb2c0871a39666832cb9","kind":"tag","published_at":"2022-01-21T16:25:54.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.5","html_url":"https://github.com/composer/composer/releases/tag/2.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.5/manifests"},{"name":"1.10.25","sha":"892838f84440b4851ec7e57221d52cb65a8991a5","kind":"tag","published_at":"2022-01-21T09:02:15.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.25","html_url":"https://github.com/composer/composer/releases/tag/1.10.25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.25/manifests"},{"name":"2.2.4","sha":"8a5ad75194f901e3b39ece4bbd22cbdabc79ae8f","kind":"tag","published_at":"2022-01-08T11:30:42.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.4","html_url":"https://github.com/composer/composer/releases/tag/2.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.4/manifests"},{"name":"2.2.3","sha":"3c92ba5cdc7d48b7db2dcd197e6fa0e8fa6d9f4a","kind":"tag","published_at":"2021-12-31T11:18:53.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.3","html_url":"https://github.com/composer/composer/releases/tag/2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.3/manifests"},{"name":"2.2.2","sha":"2c1887d4f296d027e383bd2b39e2bff0210bc14f","kind":"tag","published_at":"2021-12-29T13:15:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.2","html_url":"https://github.com/composer/composer/releases/tag/2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.2/manifests"},{"name":"2.2.1","sha":"bbc265e16561ab8e0f5e7cac395ea72640251f0c","kind":"tag","published_at":"2021-12-22T21:21:31.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.1","html_url":"https://github.com/composer/composer/releases/tag/2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.1/manifests"},{"name":"2.2.0","sha":"e174a4c4324f50a6f2de472aa1055c24a2fe2b2a","kind":"tag","published_at":"2021-12-22T10:03:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.0","html_url":"https://github.com/composer/composer/releases/tag/2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.0/manifests"},{"name":"1.10.24","sha":"6dea608377dc5409895d4cfd987947bc0abe154a","kind":"tag","published_at":"2021-12-09T19:06:34.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.24","html_url":"https://github.com/composer/composer/releases/tag/1.10.24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.24/manifests"},{"name":"2.2.0-RC1","sha":"35bba53ebb8c3f3915f149f0befe283151779e4e","kind":"tag","published_at":"2021-12-08T14:17:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.2.0-RC1","html_url":"https://github.com/composer/composer/releases/tag/2.2.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.2.0-RC1/manifests"},{"name":"2.1.14","sha":"cd28fc05b0c9d3beaf58b57018725c4dc15a6446","kind":"tag","published_at":"2021-11-30T09:51:43.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.14","html_url":"https://github.com/composer/composer/releases/tag/2.1.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.14/manifests"},{"name":"2.1.12","sha":"6e3c2b122e0ec41a7e885fcaf19fa15e2e0819a0","kind":"tag","published_at":"2021-11-09T15:02:04.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.12","html_url":"https://github.com/composer/composer/releases/tag/2.1.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.12/manifests"},{"name":"2.1.11","sha":"ddc81bb4718747cc93330ccf832e6be8a6c1d015","kind":"tag","published_at":"2021-11-02T11:10:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.11","html_url":"https://github.com/composer/composer/releases/tag/2.1.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.11/manifests"},{"name":"2.1.10","sha":"ea5f64d1a15c66942979b804c9fb3686be852ca0","kind":"tag","published_at":"2021-10-29T20:34:57.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.10","html_url":"https://github.com/composer/composer/releases/tag/2.1.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.10/manifests"},{"name":"2.1.9","sha":"e558c88f28d102d497adec4852802c0dc14c7077","kind":"tag","published_at":"2021-10-05T07:47:39.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.9","html_url":"https://github.com/composer/composer/releases/tag/2.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.9/manifests"},{"name":"1.10.23","sha":"eb3bae3d3de2e4abd94fa56fbe18355aba0b47ae","kind":"tag","published_at":"2021-10-05T07:44:27.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.23","html_url":"https://github.com/composer/composer/releases/tag/1.10.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.23/manifests"},{"name":"2.1.8","sha":"24d38e9686092de05214cafa187dc282a5d89497","kind":"tag","published_at":"2021-09-15T11:55:15.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.8","html_url":"https://github.com/composer/composer/releases/tag/2.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.8/manifests"},{"name":"2.1.7","sha":"f381e45f0b83a602a315613e08fffe0d8f2288c8","kind":"tag","published_at":"2021-09-14T12:26:01.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.7","html_url":"https://github.com/composer/composer/releases/tag/2.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.7/manifests"},{"name":"2.1.6","sha":"e5cac5f9d2354d08b67f1d21c664ae70d748c603","kind":"tag","published_at":"2021-08-19T15:11:09.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.6","html_url":"https://github.com/composer/composer/releases/tag/2.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.6/manifests"},{"name":"2.1.5","sha":"ac679902e9f66b85a8f9d8c1c88180f609a8745d","kind":"tag","published_at":"2021-07-23T08:35:48.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.5","html_url":"https://github.com/composer/composer/releases/tag/2.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.5/manifests"},{"name":"2.1.4","sha":"5701b38ec6c66dd143658e6aa18e1808d2d5dc4b","kind":"tag","published_at":"2021-07-22T11:55:24.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.4","html_url":"https://github.com/composer/composer/releases/tag/2.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.4/manifests"},{"name":"2.1.3","sha":"fc5c4573aafce3a018eb7f1f8f91cea423970f2e","kind":"tag","published_at":"2021-06-09T14:31:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.3","html_url":"https://github.com/composer/composer/releases/tag/2.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.3/manifests"},{"name":"2.1.2","sha":"1845e6854aa3f37f2c6c24bc525541b00b8b28e4","kind":"tag","published_at":"2021-06-07T14:03:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.2","html_url":"https://github.com/composer/composer/releases/tag/2.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.2/manifests"},{"name":"2.1.1","sha":"e338749d4e6cc97e1136c210ce0212d4a59e3a58","kind":"tag","published_at":"2021-06-04T06:46:47.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.1","html_url":"https://github.com/composer/composer/releases/tag/2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.1/manifests"},{"name":"2.1.0","sha":"59bb0df323c75308e6a72c6c9bc7dc8cc577f1ca","kind":"tag","published_at":"2021-06-03T09:30:10.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.0","html_url":"https://github.com/composer/composer/releases/tag/2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.0/manifests"},{"name":"2.1.0-RC1","sha":"a89b8dc6a61ceadab7b9295cd36249d515cd9ed2","kind":"tag","published_at":"2021-06-02T13:30:43.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.1.0-RC1","html_url":"https://github.com/composer/composer/releases/tag/2.1.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.1.0-RC1/manifests"},{"name":"2.0.14","sha":"92b2ccbef65292ba9f2004271ef47c7231e2eed5","kind":"tag","published_at":"2021-05-21T15:03:37.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.14","html_url":"https://github.com/composer/composer/releases/tag/2.0.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.14/manifests"},{"name":"2.0.13","sha":"986e8b86b7b570632ad0a905c3726c33dd4c0efb","kind":"tag","published_at":"2021-04-27T11:11:09.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.13","html_url":"https://github.com/composer/composer/releases/tag/2.0.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.13/manifests"},{"name":"1.10.22","sha":"28c9dfbe2351635961f670773e8d7b17bc5eda25","kind":"tag","published_at":"2021-04-27T11:10:45.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.22","html_url":"https://github.com/composer/composer/releases/tag/1.10.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.22/manifests"},{"name":"2.0.12","sha":"6c12ce263da71641903e399c3ce8ecb08fd375fb","kind":"tag","published_at":"2021-04-01T08:15:00.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.12","html_url":"https://github.com/composer/composer/releases/tag/2.0.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.12/manifests"},{"name":"1.10.21","sha":"04021432f4a9cbd9351dd166b8c193f42c36a39c","kind":"tag","published_at":"2021-04-01T07:16:36.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.21","html_url":"https://github.com/composer/composer/releases/tag/1.10.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.21/manifests"},{"name":"2.0.11","sha":"a5a5632da0b1c2d6fa9a3b65f1f4e90d1f04abb9","kind":"tag","published_at":"2021-02-24T13:57:24.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.11","html_url":"https://github.com/composer/composer/releases/tag/2.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.11/manifests"},{"name":"2.0.10","sha":"890c79ff096818e762b42c9624ca1df800ab789b","kind":"tag","published_at":"2021-02-23T15:11:38.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.10","html_url":"https://github.com/composer/composer/releases/tag/2.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.10/manifests"},{"name":"2.0.9","sha":"591c2c155cac0d2d7f34af41d3b1e29bcbfc685e","kind":"tag","published_at":"2021-01-27T15:09:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.9","html_url":"https://github.com/composer/composer/releases/tag/2.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.9/manifests"},{"name":"1.10.20","sha":"e55d297525f0ecc805c813a0f63a40114fd670f6","kind":"tag","published_at":"2021-01-27T14:41:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.20","html_url":"https://github.com/composer/composer/releases/tag/1.10.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.20/manifests"},{"name":"1.10.19","sha":"196601d50c08c3fae389a417a7689367fcf37cef","kind":"tag","published_at":"2020-12-04T08:14:17.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.19","html_url":"https://github.com/composer/composer/releases/tag/1.10.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.19/manifests"},{"name":"2.0.8","sha":"62139b2806178adb979d76bd3437534a1a9fd490","kind":"tag","published_at":"2020-12-03T16:20:39.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.8","html_url":"https://github.com/composer/composer/releases/tag/2.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.8/manifests"},{"name":"1.10.18","sha":"0de2d4e9c0ab834c2e660b6f18b9cdefef0bb11f","kind":"tag","published_at":"2020-12-03T16:16:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.18","html_url":"https://github.com/composer/composer/releases/tag/1.10.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.18/manifests"},{"name":"2.0.7","sha":"cbee637510037f293e641857b2a6223d0ea8008d","kind":"tag","published_at":"2020-11-13T16:31:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.7","html_url":"https://github.com/composer/composer/releases/tag/2.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.7/manifests"},{"name":"2.0.6","sha":"d5789bd8e2d852a6b98fe944ca2ff82e921eb43d","kind":"tag","published_at":"2020-11-07T10:21:17.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.6","html_url":"https://github.com/composer/composer/releases/tag/2.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.6/manifests"},{"name":"2.0.5","sha":"0934b44a86d4c43e416674e80cd6c94044cd23b3","kind":"tag","published_at":"2020-11-06T19:57:16.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.5","html_url":"https://github.com/composer/composer/releases/tag/2.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.5/manifests"},{"name":"2.0.4","sha":"4053eab90a7cdf0b81dd93073dc6c18c15d487fd","kind":"tag","published_at":"2020-10-30T21:39:11.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.4","html_url":"https://github.com/composer/composer/releases/tag/2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.4/manifests"},{"name":"1.10.17","sha":"09d42e18394d8594be24e37923031c4b7442a1cb","kind":"tag","published_at":"2020-10-30T21:31:59.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.17","html_url":"https://github.com/composer/composer/releases/tag/1.10.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.17/manifests"},{"name":"2.0.3","sha":"f7eebdd092873f5d63929f21183e69ec9f5e83cd","kind":"tag","published_at":"2020-10-28T14:50:56.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.3","html_url":"https://github.com/composer/composer/releases/tag/2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.3/manifests"},{"name":"2.0.2","sha":"74e8c71026edba786290047199619ac6b6490094","kind":"tag","published_at":"2020-10-25T22:03:59.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.2","html_url":"https://github.com/composer/composer/releases/tag/2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.2/manifests"},{"name":"2.0.1","sha":"66f4e5d49ff52eecb603e7e5b5bb8645204d0658","kind":"tag","published_at":"2020-10-24T18:53:22.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.1","html_url":"https://github.com/composer/composer/releases/tag/2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.1/manifests"},{"name":"2.0.0","sha":"378b34c5e33c71d194f33e1b73a62ba22148ff13","kind":"tag","published_at":"2020-10-24T09:16:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.0","html_url":"https://github.com/composer/composer/releases/tag/2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0/manifests"},{"name":"1.10.16","sha":"217f0272673c72087862c40cf91ac07eb438d778","kind":"tag","published_at":"2020-10-24T07:55:59.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.16","html_url":"https://github.com/composer/composer/releases/tag/1.10.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.16/manifests"},{"name":"2.0.0-RC2","sha":"a0ac42ef3f75a06321361f4396564f65ccf0ed95","kind":"tag","published_at":"2020-10-14T19:34:08.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.0-RC2","html_url":"https://github.com/composer/composer/releases/tag/2.0.0-RC2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-RC2/manifests"},{"name":"1.10.15","sha":"547c9ee73fe26c77af09a0ea16419176b1cdbd12","kind":"tag","published_at":"2020-10-13T13:59:10.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.15","html_url":"https://github.com/composer/composer/releases/tag/1.10.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.15/manifests"},{"name":"1.10.14","sha":"bf81c86045d1c3588043827c015b1557cc5ee363","kind":"tag","published_at":"2020-10-13T12:44:52.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.14","html_url":"https://github.com/composer/composer/releases/tag/1.10.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.14/manifests"},{"name":"2.0.0-RC1","sha":"188d4fffa74861eae5eb875ee396b9f65edcbd89","kind":"tag","published_at":"2020-09-10T13:39:46.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.0-RC1","html_url":"https://github.com/composer/composer/releases/tag/2.0.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-RC1/manifests"},{"name":"1.10.13","sha":"47c841ba3b2d3fc0b4b13282cf029ea18b66d78b","kind":"tag","published_at":"2020-09-09T09:46:35.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.13","html_url":"https://github.com/composer/composer/releases/tag/1.10.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.13/manifests"},{"name":"1.10.12","sha":"a6cc92b39c796ec3fb9a360f9c0e578afc2fc96d","kind":"tag","published_at":"2020-09-08T20:58:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.12","html_url":"https://github.com/composer/composer/releases/tag/1.10.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.12/manifests"},{"name":"1.10.11","sha":"2190b064370df8a464b8cfdcbd3ee48973784e27","kind":"tag","published_at":"2020-09-08T14:53:45.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.11","html_url":"https://github.com/composer/composer/releases/tag/1.10.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.11/manifests"},{"name":"2.0.0-alpha3","sha":"686d84ae1cb5b808bcce0ee41ab5c4e33c1c2c24","kind":"tag","published_at":"2020-08-03T09:52:11.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.0-alpha3","html_url":"https://github.com/composer/composer/releases/tag/2.0.0-alpha3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-alpha3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-alpha3/manifests"},{"name":"1.10.10","sha":"32966a3b1d48bc01472a8321fd6472b44fad033a","kind":"tag","published_at":"2020-08-03T09:35:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.10","html_url":"https://github.com/composer/composer/releases/tag/1.10.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.10/manifests"},{"name":"1.10.9","sha":"83c3250093d5491600a822e176b107a945baf95a","kind":"tag","published_at":"2020-07-16T10:57:00.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.9","html_url":"https://github.com/composer/composer/releases/tag/1.10.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.9/manifests"},{"name":"2.0.0-alpha2","sha":"89958bf29bb97351af6bff697ba6851de03e66f4","kind":"tag","published_at":"2020-06-24T19:36:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.0-alpha2","html_url":"https://github.com/composer/composer/releases/tag/2.0.0-alpha2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-alpha2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-alpha2/manifests"},{"name":"1.10.8","sha":"56e0e094478f30935e9128552188355fa9712291","kind":"tag","published_at":"2020-06-24T19:23:31.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.8","html_url":"https://github.com/composer/composer/releases/tag/1.10.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.8/manifests"},{"name":"2.0.0-alpha1","sha":"fa90c099e9c402bcf83fa83d3276d160cf9986fe","kind":"tag","published_at":"2020-06-03T11:44:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/2.0.0-alpha1","html_url":"https://github.com/composer/composer/releases/tag/2.0.0-alpha1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-alpha1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/2.0.0-alpha1/manifests"},{"name":"1.10.7","sha":"956608ea4f7de9e58c53dfb019d85ae62b193c39","kind":"tag","published_at":"2020-06-03T08:03:57.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.7","html_url":"https://github.com/composer/composer/releases/tag/1.10.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.7/manifests"},{"name":"1.10.6","sha":"be81b9c4735362c26876bdbfd3b5bc7e7f711c88","kind":"tag","published_at":"2020-05-06T08:28:11.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.6","html_url":"https://github.com/composer/composer/releases/tag/1.10.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.6/manifests"},{"name":"1.10.5","sha":"7a4d5b6aa30d2118af27c04f5e897b57156ccfa9","kind":"tag","published_at":"2020-04-10T09:44:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.5","html_url":"https://github.com/composer/composer/releases/tag/1.10.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.5/manifests"},{"name":"1.10.4","sha":"1efa6850b4a1740980346ac3582edf7dfb7899ee","kind":"tag","published_at":"2020-04-09T15:05:50.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.4","html_url":"https://github.com/composer/composer/releases/tag/1.10.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.4/manifests"},{"name":"1.10.3","sha":"0b55f39d2fd6632c43a803a5ace0677f406e342c","kind":"tag","published_at":"2020-04-09T14:26:36.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.3","html_url":"https://github.com/composer/composer/releases/tag/1.10.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.3/manifests"},{"name":"1.10.2","sha":"79c0806d465bf9b179fffeeea18f51e821bfdaad","kind":"tag","published_at":"2020-04-09T14:13:34.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.2","html_url":"https://github.com/composer/composer/releases/tag/1.10.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.2/manifests"},{"name":"1.10.1","sha":"b912a45da3e2b22f5cb5a23e441b697a295ba011","kind":"tag","published_at":"2020-03-13T19:34:29.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.1","html_url":"https://github.com/composer/composer/releases/tag/1.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.1/manifests"},{"name":"1.10.0","sha":"472c917b2a083ec7d2fa25c55fd099d1300e2515","kind":"tag","published_at":"2020-03-10T13:08:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.0","html_url":"https://github.com/composer/composer/releases/tag/1.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.0/manifests"},{"name":"1.10.0-RC","sha":"ec39b4cbb5e012365d70cd95969ea11780d3c1fc","kind":"tag","published_at":"2020-02-14T14:11:30.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.10.0-RC","html_url":"https://github.com/composer/composer/releases/tag/1.10.0-RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.0-RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.10.0-RC/manifests"},{"name":"1.9.3","sha":"1291a16ce3f48bfdeca39d64fca4875098af4d7b","kind":"tag","published_at":"2020-02-04T11:58:49.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.9.3","html_url":"https://github.com/composer/composer/releases/tag/1.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.3/manifests"},{"name":"1.9.2","sha":"7a04aa0201ddaa0b3cf64d41022bd8cdcd7fafeb","kind":"tag","published_at":"2020-01-14T15:30:32.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.9.2","html_url":"https://github.com/composer/composer/releases/tag/1.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.2/manifests"},{"name":"1.9.1","sha":"bb01f2180df87ce7992b8331a68904f80439dd2f","kind":"tag","published_at":"2019-11-01T16:20:18.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.9.1","html_url":"https://github.com/composer/composer/releases/tag/1.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.1/manifests"},{"name":"1.9.0","sha":"314aa57fdcfc942065996f59fb73a8b3f74f3fa5","kind":"tag","published_at":"2019-08-02T18:55:33.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.9.0","html_url":"https://github.com/composer/composer/releases/tag/1.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.9.0/manifests"},{"name":"1.8.6","sha":"19b5f66a0e233eb944f134df34091fe1c5dfcc11","kind":"tag","published_at":"2019-06-11T13:03:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.6","html_url":"https://github.com/composer/composer/releases/tag/1.8.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.6/manifests"},{"name":"1.8.5","sha":"949b116f9e7d98d8d276594fed74b580d125c0e6","kind":"tag","published_at":"2019-04-09T15:46:48.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.5","html_url":"https://github.com/composer/composer/releases/tag/1.8.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.5/manifests"},{"name":"1.8.4","sha":"bc364c2480c17941e2135cfc568fa41794392534","kind":"tag","published_at":"2019-02-11T09:52:11.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.4","html_url":"https://github.com/composer/composer/releases/tag/1.8.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.4/manifests"},{"name":"1.8.3","sha":"a6a3b44581398b7135c7baa0557b7c5b10808b47","kind":"tag","published_at":"2019-01-30T07:31:34.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.3","html_url":"https://github.com/composer/composer/releases/tag/1.8.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.3/manifests"},{"name":"1.8.2","sha":"8fbbbd50703cb792d9743e9096df19aef23883e8","kind":"tag","published_at":"2019-01-29T14:00:54.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.2","html_url":"https://github.com/composer/composer/releases/tag/1.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.2/manifests"},{"name":"1.8.1","sha":"b3a6f3932feec1150d8a73eaec92be4223bae1a9","kind":"tag","published_at":"2019-01-29T13:01:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.1","html_url":"https://github.com/composer/composer/releases/tag/1.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.1/manifests"},{"name":"1.8.0","sha":"d8aef3af866b28786ce9b8647e52c42496436669","kind":"tag","published_at":"2018-12-03T09:31:16.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.8.0","html_url":"https://github.com/composer/composer/releases/tag/1.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.8.0/manifests"},{"name":"1.7.3","sha":"e965b9aaa8854c3067f1ed2ae45f436572d73eb7","kind":"tag","published_at":"2018-11-01T09:05:06.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.7.3","html_url":"https://github.com/composer/composer/releases/tag/1.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.3/manifests"},{"name":"1.7.2","sha":"576aab9b5abb2ed11a1c52353a759363216a4ad2","kind":"tag","published_at":"2018-08-16T14:57:12.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.7.2","html_url":"https://github.com/composer/composer/releases/tag/1.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.2/manifests"},{"name":"1.7.1","sha":"5d9311d4555787c8a57fea15f82471499aedf712","kind":"tag","published_at":"2018-08-07T07:39:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.7.1","html_url":"https://github.com/composer/composer/releases/tag/1.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.1/manifests"},{"name":"1.7.0","sha":"39edb2f375679a4eba19e69e9c9491e302976983","kind":"tag","published_at":"2018-08-03T13:39:07.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.7.0","html_url":"https://github.com/composer/composer/releases/tag/1.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.0/manifests"},{"name":"1.7.0-RC","sha":"3ac3cf82e4aaf6ef560d3faa2bf54e0ff92fb71a","kind":"tag","published_at":"2018-07-24T12:34:13.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.7.0-RC","html_url":"https://github.com/composer/composer/releases/tag/1.7.0-RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.0-RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.7.0-RC/manifests"},{"name":"1.6.5","sha":"b184a92419cc9a9c4c6a09db555a94d441cb11c9","kind":"tag","published_at":"2018-05-04T09:44:59.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.5","html_url":"https://github.com/composer/composer/releases/tag/1.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.5/manifests"},{"name":"1.6.4","sha":"86ad51e8a3c64c9782446aae740a61fc6faa2522","kind":"tag","published_at":"2018-04-13T10:04:25.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.4","html_url":"https://github.com/composer/composer/releases/tag/1.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.4/manifests"},{"name":"1.6.3","sha":"88a69fda0f2187ad8714cedffd7a8872dceaa4c2","kind":"tag","published_at":"2018-01-31T15:28:18.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.3","html_url":"https://github.com/composer/composer/releases/tag/1.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.3/manifests"},{"name":"1.6.2","sha":"db191abd24b0be110c98ba2271ca992e1c70962f","kind":"tag","published_at":"2018-01-05T14:28:42.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.2","html_url":"https://github.com/composer/composer/releases/tag/1.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.2/manifests"},{"name":"1.6.1","sha":"9445e12fb3b3db0c4aaeb8e492dd90c2a42b493c","kind":"tag","published_at":"2018-01-04T13:45:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.1","html_url":"https://github.com/composer/composer/releases/tag/1.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.1/manifests"},{"name":"1.6.0","sha":"87f845d1c14aa22819c51b367ad7e07823f2e2ec","kind":"tag","published_at":"2018-01-04T11:03:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.0","html_url":"https://github.com/composer/composer/releases/tag/1.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.0/manifests"},{"name":"1.6.0-RC","sha":"f76c7a4b91694960c7b6784d639fee11b38e671b","kind":"tag","published_at":"2017-12-19T16:55:46.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.6.0-RC","html_url":"https://github.com/composer/composer/releases/tag/1.6.0-RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.0-RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.6.0-RC/manifests"},{"name":"1.5.6","sha":"4f7f9c12753ec43f1e4629e2a71cabe81f2a4eab","kind":"tag","published_at":"2017-12-18T11:09:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.6","html_url":"https://github.com/composer/composer/releases/tag/1.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.6/manifests"},{"name":"1.5.5","sha":"aab6229c9a4b6731f23b36107c39f4007c290b50","kind":"tag","published_at":"2017-12-01T13:42:57.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.5","html_url":"https://github.com/composer/composer/releases/tag/1.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.5/manifests"},{"name":"1.5.4","sha":"73aa733d2a64afa4713814965e56ee70bf725829","kind":"tag","published_at":"2017-12-01T10:02:18.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.4","html_url":"https://github.com/composer/composer/releases/tag/1.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.4/manifests"},{"name":"1.5.3","sha":"de0c4afd4aeb08171b54b64e63aa61a04b4510ee","kind":"tag","published_at":"2017-11-30T17:29:43.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.3","html_url":"https://github.com/composer/composer/releases/tag/1.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.3/manifests"},{"name":"1.5.2","sha":"c639623fa2178b404ed4bab80f0d1263853fa4ae","kind":"tag","published_at":"2017-09-11T14:59:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.2","html_url":"https://github.com/composer/composer/releases/tag/1.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.2/manifests"},{"name":"1.5.1","sha":"d60a1ff0cb421fcd2811c3f2b57f7e3e2b6c9d0e","kind":"tag","published_at":"2017-08-09T14:07:23.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.1","html_url":"https://github.com/composer/composer/releases/tag/1.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.1/manifests"},{"name":"1.5.0","sha":"6f3310c762b658bca64e060262ea2b1d4a1ec4b0","kind":"tag","published_at":"2017-08-08T09:08:05.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.5.0","html_url":"https://github.com/composer/composer/releases/tag/1.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.5.0/manifests"},{"name":"1.4.3","sha":"62c17fdf79a1f7f42778aed376da9c8cb03e5f62","kind":"tag","published_at":"2017-08-06T13:00:25.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.4.3","html_url":"https://github.com/composer/composer/releases/tag/1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.3/manifests"},{"name":"1.4.2","sha":"489e09ee6c3ba431fbeeef9147afdaeb6f91b647","kind":"tag","published_at":"2017-05-17T06:17:53.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.4.2","html_url":"https://github.com/composer/composer/releases/tag/1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.2/manifests"},{"name":"1.4.1","sha":"7ee2a5e1cf32e9c8439445fe8dce2c046c2abebd","kind":"tag","published_at":"2017-03-10T08:29:45.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.4.1","html_url":"https://github.com/composer/composer/releases/tag/1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.1/manifests"},{"name":"1.4.0","sha":"b19655f1304a3365213204bcf9a9b84476d0d265","kind":"tag","published_at":"2017-03-08T16:51:24.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.4.0","html_url":"https://github.com/composer/composer/releases/tag/1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.4.0/manifests"},{"name":"1.3.3","sha":"989d68725bc8ebf97e795d4feb386f52adb096e3","kind":"tag","published_at":"2017-03-08T10:06:43.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.3.3","html_url":"https://github.com/composer/composer/releases/tag/1.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.3/manifests"},{"name":"1.3.2","sha":"e7569edb4a5eadcbb2e4ad5ed753282260f281df","kind":"tag","published_at":"2017-01-27T17:23:42.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.3.2","html_url":"https://github.com/composer/composer/releases/tag/1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.2/manifests"},{"name":"1.3.1","sha":"91dbca556764dcece45e1ba3aab14de2deaa9fec","kind":"tag","published_at":"2017-01-07T17:08:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.3.1","html_url":"https://github.com/composer/composer/releases/tag/1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.1/manifests"},{"name":"1.3.0","sha":"e53f9e5381e70f76e098136343e27d92601eade7","kind":"tag","published_at":"2016-12-23T23:47:04.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.3.0","html_url":"https://github.com/composer/composer/releases/tag/1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.0/manifests"},{"name":"1.3.0-RC","sha":"a72a8caa9ae569581449cec4a263cf77ead7ecd6","kind":"tag","published_at":"2016-12-11T16:04:50.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.3.0-RC","html_url":"https://github.com/composer/composer/releases/tag/1.3.0-RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.0-RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.3.0-RC/manifests"},{"name":"1.2.4","sha":"7895e4a7e0e05b06e0ebfae96fc154c6a2ba75f0","kind":"tag","published_at":"2016-12-06T21:00:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.2.4","html_url":"https://github.com/composer/composer/releases/tag/1.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.4/manifests"},{"name":"1.2.3","sha":"e7f19286a7e7f940950c9069a0f549d483c30ba7","kind":"tag","published_at":"2016-12-01T13:33:53.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.2.3","html_url":"https://github.com/composer/composer/releases/tag/1.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.3/manifests"},{"name":"1.2.2","sha":"5465af955800fa884a36f66ff65280584988efd0","kind":"tag","published_at":"2016-11-03T16:43:15.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.2.2","html_url":"https://github.com/composer/composer/releases/tag/1.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.2/manifests"},{"name":"1.2.1","sha":"16422c4b1ac4286f7caecf5211136dc073191672","kind":"tag","published_at":"2016-09-12T09:27:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.2.1","html_url":"https://github.com/composer/composer/releases/tag/1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.1/manifests"},{"name":"1.2.0","sha":"b49a006748a460f8dae6500ec80ed021501ce969","kind":"tag","published_at":"2016-07-18T23:28:52.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.2.0","html_url":"https://github.com/composer/composer/releases/tag/1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.0/manifests"},{"name":"1.2.0-RC","sha":"e3c36a766b0791abcbc8876b4a5cb4bde10a5f1b","kind":"tag","published_at":"2016-07-04T16:03:37.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.2.0-RC","html_url":"https://github.com/composer/composer/releases/tag/1.2.0-RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.0-RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.2.0-RC/manifests"},{"name":"1.1.3","sha":"30ab6f1c1753267d181839142fafe022313c3c9a","kind":"tag","published_at":"2016-06-26T14:42:08.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.1.3","html_url":"https://github.com/composer/composer/releases/tag/1.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.3/manifests"},{"name":"1.1.2","sha":"b2cf67b1a575d7e648c742be2454339232ef32b2","kind":"tag","published_at":"2016-05-31T18:48:12.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.1.2","html_url":"https://github.com/composer/composer/releases/tag/1.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.2/manifests"},{"name":"1.1.1","sha":"48156b0fd9888bf528fbe9c9cba6963223cdd584","kind":"tag","published_at":"2016-05-17T11:25:44.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.1.1","html_url":"https://github.com/composer/composer/releases/tag/1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.1/manifests"},{"name":"1.1.0","sha":"2eab5e81fc983cfd262d6a728aa48fca833f1c74","kind":"tag","published_at":"2016-05-10T14:21:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.1.0","html_url":"https://github.com/composer/composer/releases/tag/1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.0/manifests"},{"name":"1.1.0-RC","sha":"94c2a21fe51016758212fa0aebd8add36757f354","kind":"tag","published_at":"2016-04-29T16:32:14.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.1.0-RC","html_url":"https://github.com/composer/composer/releases/tag/1.1.0-RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.0-RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.1.0-RC/manifests"},{"name":"1.0.3","sha":"a4a0546ece469cae984219f920c75437820064ff","kind":"tag","published_at":"2016-04-29T15:30:16.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.3","html_url":"https://github.com/composer/composer/releases/tag/1.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.3/manifests"},{"name":"1.0.2","sha":"a083aa5e0c9b8ad989c622638aa380c1f88a68ec","kind":"tag","published_at":"2016-04-21T11:30:19.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.2","html_url":"https://github.com/composer/composer/releases/tag/1.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.2/manifests"},{"name":"1.0.1","sha":"de0e25b0d494ace6b571a9205b82d017e5cb9257","kind":"tag","published_at":"2016-04-18T20:14:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.1","html_url":"https://github.com/composer/composer/releases/tag/1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.1/manifests"},{"name":"1.0.0","sha":"32df3aa8cdbdaa16df9491b5e672e81c87f94c78","kind":"tag","published_at":"2016-04-05T12:27:26.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0","html_url":"https://github.com/composer/composer/releases/tag/1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0/manifests"},{"name":"1.0.0-beta2","sha":"91d92c4ff80e4c6573a4dc91aee08e50d2617d30","kind":"tag","published_at":"2016-03-27T15:00:35.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-beta2","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-beta2/manifests"},{"name":"1.0.0-beta1","sha":"5cb2b522637a941d608c58bd522f3b2a7bda4a1c","kind":"tag","published_at":"2016-03-03T15:15:10.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-beta1","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-beta1/manifests"},{"name":"1.0.0-alpha11","sha":"cd9054ce2abd1d06ed0eb1244eba1b2c2af633b6","kind":"tag","published_at":"2015-11-14T16:21:07.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha11","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha11/manifests"},{"name":"1.0.0-alpha10","sha":"775f6cd5c633facf2e7b99611fdcaa900b58ddb7","kind":"commit","published_at":"2015-04-14T21:18:51.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha10","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha10/manifests"},{"name":"1.0.0-alpha9","sha":"eb1ce550ca51134ee619ad3e37f5a0b7e980dd24","kind":"commit","published_at":"2014-12-07T17:15:20.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha9","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha9/manifests"},{"name":"1.0.0-alpha8","sha":"1eb1df44a97fb2daca1bb8b007f3bee012f0aa46","kind":"tag","published_at":"2014-01-06T18:39:59.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha8","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha8/manifests"},{"name":"1.0.0-alpha7","sha":"3e6afd8975b6ff6eb3045ba00e532d6c0e302fe6","kind":"commit","published_at":"2013-05-04T09:15:22.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha7","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha7/manifests"},{"name":"1.0.0-alpha6","sha":"0c8158f47d7dda89226d4e816fee1fb9ac6c1204","kind":"commit","published_at":"2012-10-23T08:54:25.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha6","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha6/manifests"},{"name":"1.0.0-alpha5","sha":"d2ca1a4ef6d728a4ae8eb0b4ac5c37439d85fadb","kind":"commit","published_at":"2012-08-18T15:19:24.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha5","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha5/manifests"},{"name":"1.0.0-alpha4","sha":"2880cb628f1fd3ee0817419b2fc27fff6a46968f","kind":"commit","published_at":"2012-07-04T13:13:14.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha4","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha4/manifests"},{"name":"1.0.0-alpha3","sha":"b28b76f34b94cf116b8af5dcc8585074d4f02ffc","kind":"commit","published_at":"2012-05-13T09:39:40.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha3","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha3/manifests"},{"name":"1.0.0-alpha2","sha":"a2a060752be8cb69b6992ad2df982b512b1bc432","kind":"commit","published_at":"2012-04-03T17:11:28.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha2","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha2/manifests"},{"name":"1.0.0-alpha1","sha":"fd9fb49cdd80692dc3ba3709275426cea35b1471","kind":"commit","published_at":"2012-03-01T18:56:08.000Z","download_url":"https://codeload.github.com/composer/composer/tar.gz/1.0.0-alpha1","html_url":"https://github.com/composer/composer/releases/tag/1.0.0-alpha1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/composer%2Fcomposer/tags/1.0.0-alpha1/manifests"}]},"repo_metadata_updated_at":"2024-10-29T23:40:16.298Z","dependent_packages_count":2610,"downloads":162035323,"downloads_period":"total","dependent_repos_count":35414,"rankings":{"downloads":0.045716017963705884,"dependent_repos_count":0.04791625412238692,"dependent_packages_count":0.015646123795065116,"stargazers_count":0.005622825738851526,"forks_count":0.011001180793405159,"docker_downloads_count":0.13714805389111764,"average":0.043841742717422034},"purl":"pkg:composer/composer/composer","advisories":[{"uuid":"GSA_kwCzR0hTQS1qbTZtLTQ2MzItMzZoZs4AA2Jg","url":"https://github.com/advisories/GHSA-jm6m-4632-36hf","title":"Composer Remote Code Execution vulnerability via web-accessible composer.phar","description":"### Impact\n\nUsers publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be impacted if PHP also has `register_argc_argv` enabled in php.ini.\n\n### Patches\n\n2.6.4, 2.2.22 and 1.10.27 patch this vulnerability.\n\n### Workarounds\n\nMake sure `register_argc_argv` is disabled in php.ini, and avoid publishing composer.phar to the web as this really should not happen.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-09-29T20:39:21.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-jm6m-4632-36hf","https://github.com/composer/composer/commit/4fce14795aba98e40b6c4f5047305aba17a6120d","https://github.com/composer/composer/commit/955a48e6319c8962e5cd421b07c00ab3c728968c","https://github.com/composer/composer/commit/95e091c921037b7b6564942845e7b738f6b95c9c","https://nvd.nist.gov/vuln/detail/CVE-2023-43655","https://lists.debian.org/debian-lts-announce/2024/03/msg00030.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2WKFUO255T3BZTL72TNYJYH2XM5FG","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7AWYAUZNH565NWPIKGEIYBWHYNM5JGAE","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFOPGPW2KS37O3KJWBRGTUWHTXCQXBS2","https://github.com/advisories/GHSA-jm6m-4632-36hf"],"source_kind":"github","identifiers":["GHSA-jm6m-4632-36hf","CVE-2023-43655"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.4","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.6.4"},{"first_patched_version":"2.2.22","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.2.22"},{"first_patched_version":"1.10.27","vulnerable_version_range":"\u003c 1.10.27"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2023-09-29T21:05:59.183Z","updated_at":"2025-02-13T19:16:15.000Z","epss_percentage":0.02866,"epss_percentile":0.8552},{"uuid":"GSA_kwCzR0hTQS1mcnFnLTdnMzgtNmdjZs0WJQ","url":"https://github.com/advisories/GHSA-frqg-7g38-6gcf","title":"Improper escaping of command arguments on Windows leading to command injection","description":"### Impact\nWindows users running Composer to install untrusted dependencies are affected and should definitely upgrade for safety. Other OSs and WSL are not affected. \n\n### Patches\n1.10.23 and 2.1.9 fix the issue\n\n### Workarounds\nNone\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-10-05T20:23:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf","https://nvd.nist.gov/vuln/detail/CVE-2021-41116","https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa","https://www.tenable.com/security/tns-2022-09","https://www.sonarsource.com/blog/securing-developer-tools-package-managers/","https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2021-41116.yaml","https://github.com/advisories/GHSA-frqg-7g38-6gcf"],"source_kind":"github","identifiers":["GHSA-frqg-7g38-6gcf","CVE-2021-41116"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.1.9","vulnerable_version_range":"\u003e= 2.0.0-alpha1, \u003c 2.1.9"},{"first_patched_version":"1.10.23","vulnerable_version_range":"\u003c 1.10.23"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2022-12-21T16:12:45.577Z","updated_at":"2024-02-05T10:33:39.000Z","epss_percentage":0.01344,"epss_percentile":0.78958},{"uuid":"GSA_kwCzR0hTQS03MjVtLXc4MzItcTk3M84AA1_U","url":"https://github.com/advisories/GHSA-725m-w832-q973","title":"Composer allows cache poisoning from other projects built on the same host","description":"Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because of the way that dist packages are cached. The cache key is derived from the package name, the dist type, and certain other data from the package repository (which may simply be a commit hash, and thus can be found by an attacker). Versions through 1.0.0-alpha11 are affected, and 1.0.0 is unaffected.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-09-21T06:30:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2015-8371","https://flyingmana.de/blog_en/2016/02/14/composer_cache_injection_vulnerability_cve_2015_8371.html","https://github.com/FriendsOfPHP/security-advisories/blob/e26be423c5bcfdb38478d2f92d1f928c15afb561/composer/composer/CVE-2015-8371.yaml","https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/composer/composer/CVE-2015-8371.yml","https://github.com/composer/composer","https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2015-8371.yaml","http://flyingmana.de/blog_en/2016/02/14/composer_cache_injection_vulnerability_cve_2015_8371.html","https://github.com/advisories/GHSA-725m-w832-q973"],"source_kind":"github","identifiers":["GHSA-725m-w832-q973","CVE-2015-8371"],"repository_url":"https://gitlab.com/gitlab-org/advisories-community","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"1.0.0","vulnerable_version_range":"\u003c= 1.0.0-alpha11"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2023-09-21T18:05:56.329Z","updated_at":"2024-01-24T10:20:40.000Z","epss_percentage":0.00549,"epss_percentile":0.66682},{"uuid":"GSA_kwCzR0hTQS12OXF2LWM3d20td2dtZs4AA85E","url":"https://github.com/advisories/GHSA-v9qv-c7wm-wgmf","title":"Composer has multiple command injections via malicious git/hg branch names","description":"### Impact\n\nThe `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. So this requires cloning untrusted repositories.\n\n### Patches\n\n2.2.24 for 2.2 LTS or 2.7.7 for mainline\n\n### Workarounds\n\nAvoid cloning potentially compromised repositories.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-06-10T21:36:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-v9qv-c7wm-wgmf","https://github.com/composer/composer/commit/6bd43dff859c597c09bd03a7e7d6443822d0a396","https://github.com/composer/composer/commit/fc57b93603d7d90b71ca8ec77b1c8a9171fdb467","https://nvd.nist.gov/vuln/detail/CVE-2024-35242","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC","https://github.com/advisories/GHSA-v9qv-c7wm-wgmf"],"source_kind":"github","identifiers":["GHSA-v9qv-c7wm-wgmf","CVE-2024-35242"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.7","vulnerable_version_range":"\u003e= 2.3, \u003c 2.7.7"},{"first_patched_version":"2.2.24","vulnerable_version_range":"\u003e= 2.0, \u003c 2.2.24"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2024-06-10T22:05:22.794Z","updated_at":"2025-02-13T18:50:49.000Z","epss_percentage":0.05494,"epss_percentile":0.89624},{"uuid":"GSA_kwCzR0hTQS00N2Y2LTVncTMtdng5Y84AA85F","url":"https://github.com/advisories/GHSA-47f6-5gq3-vx9c","title":"Composer has a command injection via malicious git branch name","description":"### Impact\n\nThe `status`, `reinstall` and `remove` commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code.\n\n### Patches\n\n2.2.24 for 2.2 LTS or 2.7.7 for mainline\n\n### Workarounds\n\nAvoid installing dependencies via git by using `--prefer-dist` or the `preferred-install: dist` config setting.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-06-10T21:36:32.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-47f6-5gq3-vx9c","https://github.com/composer/composer/commit/b93fc6ca437da35ae73d667d0618749c763b67d4","https://github.com/composer/composer/commit/ee28354ca8d33c15949ad7de2ce6656ba3f68704","https://nvd.nist.gov/vuln/detail/CVE-2024-35241","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC","https://www.vicarius.io/vsociety/posts/cve-2024-35241-detect-composer-vulnerability","https://www.vicarius.io/vsociety/posts/cve-2024-35241-mitigate-vulnerable-composer","https://github.com/advisories/GHSA-47f6-5gq3-vx9c"],"source_kind":"github","identifiers":["GHSA-47f6-5gq3-vx9c","CVE-2024-35241"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.7","vulnerable_version_range":"\u003e= 2.3, \u003c 2.7.7"},{"first_patched_version":"2.2.24","vulnerable_version_range":"\u003e= 2.0, \u003c 2.2.24"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2024-06-10T22:05:22.300Z","updated_at":"2025-06-01T01:08:45.071Z","epss_percentage":0.00173,"epss_percentile":0.39499},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1aDgtcGM2aC1qdnZ4","url":"https://github.com/advisories/GHSA-h5h8-pc6h-jvvx","title":"Composer's missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial","description":"URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow commands to be executed in the HgDriver if hg/Mercurial is installed on the system.\n\n### Impact\n- The impact to Composer users directly is limited as the composer.json file is typically under their own control and source download URLs can only be supplied by third party Composer repositories they explicitly trust to download and execute source code from, e.g. Composer plugins.\n- The main impact is to services passing user input to Composer, including Packagist.org and Private Packagist. This allowed users to trigger remote command injection. The vulnerability has been patched on Packagist.org and Private Packagist within 12h of receiving the initial vulnerability report and based on a review of logs, to the best of our knowledge, was not abused by anyone.\n- Other services/tools using VcsRepository/VcsDriver or derivatives may also be vulnerable and should upgrade their composer/composer dependency immediately\n\n### Patches\n1.10.22 and 2.0.13 include patches for this issue.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-04-29T21:52:04.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-h5h8-pc6h-jvvx","https://nvd.nist.gov/vuln/detail/CVE-2021-29472","https://getcomposer.org/","https://www.debian.org/security/2021/dsa-4907","https://lists.debian.org/debian-lts-announce/2021/05/msg00009.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAQUAMGO4Q4BLNZ2OH4CXQD7UK4IO2GE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN3DMFH42BJW45VT6FYF2RXKC26D6VC2/","https://blog.sonarsource.com/php-supply-chain-attack-on-composer/","https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2021-29472.yaml","https://github.com/advisories/GHSA-h5h8-pc6h-jvvx"],"source_kind":"github","identifiers":["GHSA-h5h8-pc6h-jvvx","CVE-2021-29472"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0.13","vulnerable_version_range":"\u003e= 2.0.0-alpha1, \u003c 2.0.13"},{"first_patched_version":"1.10.22","vulnerable_version_range":"\u003c 1.10.22"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2022-12-21T16:13:05.996Z","updated_at":"2024-01-24T10:46:03.000Z","epss_percentage":0.03867,"epss_percentile":0.87564},{"uuid":"GSA_kwCzR0hTQS14N2NyLTZxcjYtMmhoNs0_nA","url":"https://github.com/advisories/GHSA-x7cr-6qr6-2hh6","title":"Missing input validation can lead to command execution in composer","description":"The Composer method `VcsDriver::getFileContent()` with user-controlled `$file` or `$identifier` arguments is susceptible to an argument injection vulnerability. It can be leveraged to gain arbitrary command execution if the Mercurial or the Git driver are used.\n\nThis led to a vulnerability on Packagist.org and Private Packagist, i.e., using the composer.json `readme` field as a vector for injecting parameters into the `$file` argument for the Mercurial driver or via the `$identifier` argument for the Git and Mercurial drivers.\n\nComposer itself can be attacked through branch names by anyone controlling a Git or Mercurial repository, which is explicitly listed by URL in a project's composer.json.\n\nTo the best of our knowledge, this was not actively exploited. The vulnerability has been patched on Packagist.org and Private Packagist within a day of the vulnerability report.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-04-22T20:15:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6","https://nvd.nist.gov/vuln/detail/CVE-2022-24828","https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709","https://www.tenable.com/security/tns-2022-09","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/","https://github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2022-24828.yaml","https://github.com/advisories/GHSA-x7cr-6qr6-2hh6"],"source_kind":"github","identifiers":["GHSA-x7cr-6qr6-2hh6","CVE-2022-24828"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.3.5","vulnerable_version_range":"\u003e= 2.3, \u003c 2.3.5"},{"first_patched_version":"2.2.12","vulnerable_version_range":"\u003e= 2.0, \u003c 2.2.12"},{"first_patched_version":"1.10.26","vulnerable_version_range":"\u003c 1.10.26"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2022-12-21T16:12:30.232Z","updated_at":"2024-01-24T10:22:26.000Z","epss_percentage":0.00504,"epss_percentile":0.64708},{"uuid":"GSA_kwCzR0hTQS03YzZwLTg0OGotd2g1aM4AA5KP","url":"https://github.com/advisories/GHSA-7c6p-848j-wh5h","title":"Composer code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php","description":"### Impact\n\nSeveral files within the local working directory are included during the invocation of Composer and in the context of the executing user.\n\nAs such,  under certain conditions arbitrary code execution may lead to local privilege escalation, provide lateral user movement or malicious code execution when Composer is invoked within a directory with tampered files.\n\nAll Composer CLI commands are affected, including composer.phar's self-update.\n\nThe following are of high risk:\n\n- Composer being run with sudo.\n- Pipelines which may execute Composer on untrusted projects.\n- Shared environments with developers who run Composer individually on the same project.\n\n### Patches\n\n2.7.0, 2.2.23\n\n### Workarounds\n\n- It is advised that the patched versions are applied at the earliest convenience.\n\nWhere not possible, the following should be addressed:\n- Remove all sudo composer privileges for all users to mitigate root privilege escalation.  \n- Avoid running Composer within an untrusted directory, or if needed, verify that the contents of `vendor/composer/InstalledVersions.php` and `vendor/composer/installed.php` do not include untrusted code. \n\nA reset can also be done on these files by the following:\n\n```sh\nrm vendor/composer/installed.php vendor/composer/InstalledVersions.php\ncomposer install --no-scripts --no-plugins\n```","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-02-08T15:06:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h","https://github.com/composer/composer/commit/64e4eb356b159a30c766cd1ea83450a38dc23bf5","https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7","https://nvd.nist.gov/vuln/detail/CVE-2024-24821","https://github.com/advisories/GHSA-7c6p-848j-wh5h"],"source_kind":"github","identifiers":["GHSA-7c6p-848j-wh5h","CVE-2024-24821"],"repository_url":"https://github.com/composer/composer","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.0","vulnerable_version_range":"\u003e= 2.3.0-rc1, \u003c 2.7.0"},{"first_patched_version":"2.2.23","vulnerable_version_range":"\u003e= 2.0.0-alpha1, \u003c 2.2.23"}],"ecosystem":"packagist","package_name":"composer/composer"}],"created_at":"2024-02-08T16:05:17.395Z","updated_at":"2024-02-09T17:49:03.000Z","epss_percentage":0.00065,"epss_percentile":0.2053}],"docker_usage_url":"https://docker.ecosyste.ms/usage/packagist/composer/composer","docker_dependents_count":228,"docker_downloads_count":57082643,"usage_url":"https://repos.ecosyste.ms/usage/packagist/composer/composer","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/packagist/composer/composer/dependencies","status":null,"funding_links":["https://packagist.com","https://github.com/composer","https://tidelift.com/funding/github/packagist/composer/composer","https://github.com/sponsors/composer"],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/packages/composer%2Fcomposer/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/packages/composer%2Fcomposer/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/packages/composer%2Fcomposer/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/packages/composer%2Fcomposer/related_packages","maintainers":[{"uuid":"Seldaek","login":"Seldaek","name":null,"email":null,"url":null,"packages_count":31,"html_url":"https://packagist.org/users/Seldaek","role":null,"created_at":"2022-11-10T10:38:50.154Z","updated_at":"2022-11-10T10:38:50.154Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/maintainers/Seldaek/packages"},{"uuid":"naderman","login":"naderman","name":null,"email":null,"url":null,"packages_count":13,"html_url":"https://packagist.org/users/naderman","role":null,"created_at":"2022-11-10T10:38:50.157Z","updated_at":"2022-11-10T10:38:50.157Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/maintainers/naderman/packages"}],"registry":{"name":"packagist.org","url":"https://packagist.org","ecosystem":"packagist","default":true,"packages_count":457454,"maintainers_count":130158,"namespaces_count":155754,"keywords_count":138273,"github":"packagist","metadata":{"funded_packages_count":29659},"icon_url":"https://github.com/packagist.png","created_at":"2022-04-04T15:19:23.222Z","updated_at":"2025-06-07T05:05:21.270Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/packagist.org/namespaces"}},"unique_repositories_count":128,"unique_repositories_count_past_30_days":4,"recent_issues":[{"uuid":"4544878003","node_id":"PR_kwDOLxQ0PM7gdc18","number":554,"state":"open","title":"Bump composer/composer from 2.9.5 to 2.10.0 in /html","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T01:07:26.000Z","updated_at":"2026-05-29T01:16:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.10.0","repository_url":"https://github.com/composer/composer"}],"path":"/html","ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.10.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.10.0\u003c/h2\u003e\n\u003ch3\u003eRead the \u003ca href=\"https://blog.packagist.com/composer-2-10-release/\"\u003eComposer 2.10 Release Announcement\u003c/a\u003e for more details on the release highlights.\u003c/h3\u003e\n\u003ch3\u003eFull Changelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBC Break / Security: Disabled automatic fallback to source checkout if dist/zip install fails, we have introduced a new \u003ccode\u003esource-fallback\u003c/code\u003e config option as a temporary way to restore the old behavior, but if you need this talk to us as we plan to remove it entirely in 2.11 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12885\"\u003e#12885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBC Break: Minor break for \u003ccode\u003eaudit\u003c/code\u003e consumers, the exit code is now always 0 (success) or 1 if anything failed the audit (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Added dependency policies to block package versions where malware was detected on \u003ccode\u003eupdate\u003c/code\u003e/\u003ccode\u003einstall\u003c/code\u003e or report it with \u003ccode\u003eaudit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened output filtering of URLs to reduce chances of token leaks (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12882\"\u003e#12882\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12886\"\u003e#12886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed handling of uppercase schemes in URL validation that might have allowed https requirement bypass (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12884\"\u003e#12884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Enforce allow-plugins even in non-interactive mode for very old pre-2.2 lock files (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12764\"\u003e#12764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for temporary \u003ccode\u003e--with\u003c/code\u003e constraints with wildcards in the package name for the \u003ccode\u003eupdate\u003c/code\u003e command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12658\"\u003e#12658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--strict-psr-autoloader\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e and \u003ccode\u003eupdate\u003c/code\u003e commands (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12647\"\u003e#12647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esource-fallback\u003c/code\u003e config option to disable or enable source fallback on download failure (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12698\"\u003e#12698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--require\u003c/code\u003e parameter to \u003ccode\u003ecreate-project\u003c/code\u003e to add new packages to the project as it gets installed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12738\"\u003e#12738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized plugin autoloading by avoiding regenerating classmaps for every package per plugin (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12696\"\u003e#12696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized PoolOptimizer memory usage (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12783\"\u003e#12783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized classmap dumping performance\u003c/li\u003e\n\u003cli\u003eDeprecated most of the \u003ccode\u003eaudit\u003c/code\u003e config in favor of the new \u003ccode\u003epolicy\u003c/code\u003e one (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12804\"\u003e#12804\u003c/a\u003e, see \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for the RFC and upgrade docs)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --bump-after-update\u003c/code\u003e to only bump packages that actually were updated (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12733\"\u003e#12733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning being shown when lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12760\"\u003e#12760\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eaudit\u003c/code\u003e command returning a success code when the vendor dir was not present (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12880\"\u003e#12880\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.8...2.10.0\"\u003ehttps://github.com/composer/composer/compare/2.9.8...2.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.10.0-RC2\u003c/h2\u003e\n\u003cp\u003eComposer 2.10 is ready for a release, and we need your help to test it and report any regression.\u003c/p\u003e\n\u003ch3\u003ePlease try it out!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRunning \u003ccode\u003ecomposer self-update --preview\u003c/code\u003e will get you the 2.10.0-RC2\u003c/li\u003e\n\u003cli\u003eRunning \u003ccode\u003ecomposer self-update --stable\u003c/code\u003e will get you back on the latest 2.9 stable release if anything broke.\u003c/li\u003e\n\u003cli\u003eReport any issues you encounter as a new issue specifying you tried the 2.10 RC and please include stack traces \u0026amp; repro details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFull Changelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSince 2.10.0-RC1, fixes in 2.9.6 - 2.9.8, many of which security relevant, are also included\u003c/li\u003e\n\u003cli\u003eSince 2.10.0-RC1 a lot of the new filter list config format was modified - see \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for the latest state of this new feature\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003epolicy\u003c/code\u003e config block to control all security related update/install/audit policies. This replaces and deprecates most of the \u003ccode\u003eaudit\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12804\"\u003e#12804\u003c/a\u003e for implementation, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for RFC/upgrade docs)\u003c/li\u003e\n\u003cli\u003eEnabled blocking of malware packages at \u003ccode\u003einstall\u003c/code\u003e time by default\u003c/li\u003e\n\u003cli\u003eFixed --no-plugins handling regression (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression in startup performance when many scripts are defined (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12832\"\u003e#12832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved classmap dumping performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.10.0] 2026-05-28\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBC Break / Security: Disabled automatic fallback to source checkout if dist/zip install fails, we have introduced a new \u003ccode\u003esource-fallback\u003c/code\u003e config option as a temporary way to restore the old behavior, but if you need this talk to us as we plan to remove it entirely in 2.11 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12885\"\u003e#12885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBC Break: Minor break for \u003ccode\u003eaudit\u003c/code\u003e consumers, the exit code is now always 0 (success) or 1 if anything failed the audit (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened output filtering of URLs to reduce chances of token leaks (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12882\"\u003e#12882\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12886\"\u003e#12886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed handling of uppercase schemes in URL validation that might have allowed https requirement bypass (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12884\"\u003e#12884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eaudit\u003c/code\u003e command returning a success code when the vendor dir was not present (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12880\"\u003e#12880\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.10.0-RC2] 2026-05-20\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSince 2.10.0-RC1, fixes in 2.9.6 - 2.9.8, many of which security relevant, are also included\u003c/li\u003e\n\u003cli\u003eSince 2.10.0-RC1 a lot of the new filter list config format was modified - see \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for the latest state of this new feature\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003epolicy\u003c/code\u003e config block to control all security related update/install/audit policies. This replaces and deprecates most of the \u003ccode\u003eaudit\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12804\"\u003e#12804\u003c/a\u003e for implementation, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for RFC/upgrade docs)\u003c/li\u003e\n\u003cli\u003eEnabled blocking of malware packages at \u003ccode\u003einstall\u003c/code\u003e time by default\u003c/li\u003e\n\u003cli\u003eFixed --no-plugins handling regression (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression in startup performance when many scripts are defined (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12832\"\u003e#12832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved classmap dumping performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.10.0-RC1] 2026-04-01\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Added filter lists to block package versions where malware was detected on \u003ccode\u003eupdate\u003c/code\u003e or report it with \u003ccode\u003eaudit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Enforce allow-plugins even in non-interactive mode for very old pre-2.2 lock files (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12764\"\u003e#12764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for temporary \u003ccode\u003e--with\u003c/code\u003e constraints with wildcards in the package name for the \u003ccode\u003eupdate\u003c/code\u003e command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12658\"\u003e#12658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--strict-psr-autoloader\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e and \u003ccode\u003eupdate\u003c/code\u003e commands (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12647\"\u003e#12647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esource-fallback\u003c/code\u003e config option to disable or enable source fallback on download failure (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12698\"\u003e#12698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--require\u003c/code\u003e parameter to \u003ccode\u003ecreate-project\u003c/code\u003e to add new packages to the project as it gets installed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12738\"\u003e#12738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized plugin autoloading by avoiding regenerating classmaps for every package per plugin (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12696\"\u003e#12696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized PoolOptimizer memory usage (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12783\"\u003e#12783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --bump-after-update\u003c/code\u003e to only bump packages that actually were updated (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12733\"\u003e#12733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning being shown when lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12760\"\u003e#12760\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/c13824d95608b15913a7c0def0a3dea4474b71fc\"\u003e\u003ccode\u003ec13824d\u003c/code\u003e\u003c/a\u003e Release 2.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02449ade6c0e1831ba49da555c37ec6b7f9f7274\"\u003e\u003ccode\u003e02449ad\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/502e66a105bbec332de19d46ebe3f759aba0a61c\"\u003e\u003ccode\u003e502e66a\u003c/code\u003e\u003c/a\u003e Relax token validation on input, and hide more things on output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12886\"\u003e#12886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f95709fb020ad185af6f27e0f3fccf5a1eb62f8\"\u003e\u003ccode\u003e4f95709\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/composer/composer/issues/12874\"\u003e#12874\u003c/a\u003e from cs278/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/b902ec85fa65c799bf3b72cbbae46e8229593985\"\u003e\u003ccode\u003eb902ec8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/composer/composer/issues/12885\"\u003e#12885\u003c/a\u003e from Seldaek/source-fallback-disable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/2fc4bee1ab849dfa8a1713febd9a6282dab16936\"\u003e\u003ccode\u003e2fc4bee\u003c/code\u003e\u003c/a\u003e Add deprecated flag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/54b78ad10bb70cbf10e9ea742bb1f1599e726047\"\u003e\u003ccode\u003e54b78ad\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/composer/composer/issues/12884\"\u003e#12884\u003c/a\u003e from Seldaek/schemefixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5413c3ca0a987f44151968ba7345fe291c0e9f80\"\u003e\u003ccode\u003e5413c3c\u003c/code\u003e\u003c/a\u003e Use 'dependency policy' terminology in docs and user-facing output, drop audi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/f240bbed578cd6acca3731a99591dca7b200cee6\"\u003e\u003ccode\u003ef240bbe\u003c/code\u003e\u003c/a\u003e audit cmd: remove --filtered option, change status code to 0/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/624acb6489e712f5115b52137e43a3a5c3fb3ee0\"\u003e\u003ccode\u003e624acb6\u003c/code\u003e\u003c/a\u003e Use 'dependency policy' terminology in docs and user-facing output\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/isobar-playground/base/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/isobar-playground/base/pull/554","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/isobar-playground%2Fbase/issues/554","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/554/packages"},{"uuid":"4537188223","node_id":"PR_kwDOPqlfLs7gETl7","number":21,"state":"closed","title":"Bump the composer group across 1 directory with 18 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-29T01:03:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-28T02:22:18.000Z","updated_at":"2026-05-29T01:03:50.000Z","time_to_close":81690,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":18,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"symfony/dom-crawler","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/dom-crawler"},{"name":"symfony/web-profiler-bundle","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/web-profiler-bundle"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.382.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/mailer","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/mailer"},{"name":"symfony/monolog-bridge","old_version":"7.3.0","new_version":"7.4.12","repository_url":"https://github.com/symfony/monolog-bridge"},{"name":"symfony/security-http","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/security-http"},{"name":"symfony/yaml","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/yaml"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.23","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [symfony/dom-crawler](https://github.com/symfony/dom-crawler) | `7.3.1` | `7.4.12` |\n| [symfony/web-profiler-bundle](https://github.com/symfony/web-profiler-bundle) | `7.3.1` | `7.4.12` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.382.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/mailer](https://github.com/symfony/mailer) | `7.3.1` | `7.4.12` |\n| [symfony/monolog-bridge](https://github.com/symfony/monolog-bridge) | `7.3.0` | `7.4.12` |\n| [symfony/security-http](https://github.com/symfony/security-http) | `7.3.1` | `7.4.13` |\n| [symfony/yaml](https://github.com/symfony/yaml) | `7.3.1` | `7.4.13` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.23` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/dom-crawler` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/releases\"\u003esymfony/dom-crawler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/dom-crawler/issues/64258\"\u003e#64258\u003c/a\u003e  Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-selects (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity #cve-2026-45071  Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e (\u003ca href=\"https://github.com/alexandre-daubois\"\u003e\u003ccode\u003e@​alexandre-daubois\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62671\"\u003esymfony/symfony#62671\u003c/a\u003e [DomCrawler] Fixing dealing with invalid charset (\u003ca href=\"https://github.com/ThomasLandauer\"\u003e\u003ccode\u003e@​ThomasLandauer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62240\"\u003esymfony/symfony#62240\u003c/a\u003e [DomCrawler] Handle malformed tags in HTML5 parser (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62186\"\u003esymfony/symfony#62186\u003c/a\u003e [DomCrawler] Fix converting HTML5 trees to DOM nodes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62180\"\u003esymfony/symfony#62180\u003c/a\u003e [DomCrawler] Properly ignore errors when using the native HTML5 parser (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeature \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/61475\"\u003esymfony/symfony#61475\u003c/a\u003e [DomCrawler] Use the native HTML5 parser on PHP 8.4 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/blob/8.1/CHANGELOG.md\"\u003esymfony/dom-crawler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e part of the supported public API\u003c/li\u003e\n\u003cli\u003eAlways set \u003ccode\u003eLIBXML_NONET\u003c/code\u003e in \u003ccode\u003eCrawler::addXmlContent()\u003c/code\u003e so external entities cannot trigger network requests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove argument \u003ccode\u003e$useHtml5Parser\u003c/code\u003e of \u003ccode\u003eCrawler\u003c/code\u003e's constructor; the native HTML5 parser is used unconditionally\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisabling HTML5 parsing is deprecated; Symfony 8 will unconditionally use the native HTML5 parser\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextContains\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextSame\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e$useHtml5Parser\u003c/code\u003e argument to \u003ccode\u003eCrawler\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerSelectorCount\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eCrawler::innerText()\u003c/code\u003e return the first non-empty text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eCrawler::parents()\u003c/code\u003e method, use \u003ccode\u003eancestors()\u003c/code\u003e instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawler::innerText\u003c/code\u003e method.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b59b59122690976550fd142c23fab62c84738db6\"\u003e\u003ccode\u003eb59b591\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/7e65f76c28f5ed8d933f2c86698a3e2bf0de1b10\"\u003e\u003ccode\u003e7e65f76\u003c/code\u003e\u003c/a\u003e Merge branch '5.4' into 6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b18373e86fbc4558a206e8055158c8e3e50c4da3\"\u003e\u003ccode\u003eb18373e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/505deba47e489a7694e0b6942df83a358197e921\"\u003e\u003ccode\u003e505deba\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-se...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/f47410019c605a651d000371de7263b70a78c681\"\u003e\u003ccode\u003ef474100\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b4cf17ff405a77341ad86e81e06ff09298f5aa8f\"\u003e\u003ccode\u003eb4cf17f\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/6d86f9727e216e81f9d18d32bc4701d70c9d0ac4\"\u003e\u003ccode\u003e6d86f97\u003c/code\u003e\u003c/a\u003e [Tests] Fix \u0026quot;Incomplete version\u0026quot; PHPUnit warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/04ca269f9c0aca5f41b1230bf1fce4f0928f669a\"\u003e\u003ccode\u003e04ca269\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/eac26cf4833a05a92356d285329bfd63e0e46d64\"\u003e\u003ccode\u003eeac26cf\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/ca5ad736e4366c8b1499bc493fd86d3bb38c93c2\"\u003e\u003ccode\u003eca5ad73\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/web-profiler-bundle` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/releases\"\u003esymfony/web-profiler-bundle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/64172\"\u003e#64172\u003c/a\u003e  Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e (\u003ca href=\"https://github.com/MatTheCat\"\u003e\u003ccode\u003e@​MatTheCat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63930\"\u003e#63930\u003c/a\u003e  Fix toolbar toggle button accessibility (\u003ca href=\"https://github.com/Nitram1123\"\u003e\u003ccode\u003e@​Nitram1123\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63679\"\u003e#63679\u003c/a\u003e  Only decrement pendingRequests when it's more than zero (\u003ca href=\"https://github.com/andyexeter\"\u003e\u003ccode\u003e@​andyexeter\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63526\"\u003e#63526\u003c/a\u003e  Fix Symfony web debug toolbar not being displayed (\u003ca href=\"https://github.com/zoglo\"\u003e\u003ccode\u003e@​zoglo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63315\"\u003e#63315\u003c/a\u003e  Fix EventSource is missing static properties (Oleksii Kozhemiaka)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/62970\"\u003e#62970\u003c/a\u003e  Fix hot reload support (FrankenPHP) (\u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62858\"\u003esymfony/symfony#62858\u003c/a\u003e [WebProfilerBundle] Fix using URL objects with \u003ccode\u003eEventSource\u003c/code\u003e (\u003ca href=\"https://github.com/HypeMC\"\u003e\u003ccode\u003e@​HypeMC\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62441\"\u003esymfony/symfony#62441\u003c/a\u003e [WebProfilerBundle] fix displaying runner (\u003ca href=\"https://github.com/94noni\"\u003e\u003ccode\u003e@​94noni\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/blob/8.1/CHANGELOG.md\"\u003esymfony/web-profiler-bundle's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForward the CSP nonce to \u003ccode\u003eDumpDataCollector\u003c/code\u003e instead of disabling CSP when \u003ccode\u003edump()\u003c/code\u003e is used\u003c/li\u003e\n\u003cli\u003eAdd console command value resolvers durations to Performances panel\u003c/li\u003e\n\u003cli\u003eAdd error indicator to profiler list view for profiles with errors\u003c/li\u003e\n\u003cli\u003eAdd cURL copy paste button in the Request/Response tab\u003c/li\u003e\n\u003cli\u003eAdd support for streamed responses in the debug toolbar\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprofiler.xml\u003c/code\u003e and \u003ccode\u003ewdt.xml\u003c/code\u003e routing configuration files (use their PHP equivalent instead)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method in the profiler\u003c/li\u003e\n\u003cli\u003eAdd support for Server-Sent Events / \u003ccode\u003eEventSource\u003c/code\u003e requests in the debug toolbar\u003c/li\u003e\n\u003cli\u003eAdd support for displaying the application runner class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eprofiler.php\u003c/code\u003e and \u003ccode\u003ewdt.php\u003c/code\u003e routing configuration files (use them instead of their XML equivalent)\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'\n        prefix: /_wdt\n\u003cp\u003eweb_profiler_profiler:\nresource: '\u003ccode\u003e@​WebProfilerBundle/Resources/\u003c/code\u003econfig/routing/profiler.xml'\nprefix: /_profiler\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'\n        prefix: /_wdt\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/558fe81a383302318d9b92f7661deb731153c86e\"\u003e\u003ccode\u003e558fe81\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/066e718f8dfb73c55de43470bb73ebd525343d21\"\u003e\u003ccode\u003e066e718\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/be546fdb34d7a05eb271dfe0bf2370c37472e15c\"\u003e\u003ccode\u003ebe546fd\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/36dd8b8c05da059925c5804641aad9159e5b73e8\"\u003e\u003ccode\u003e36dd8b8\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/7df2f3e74b044afb021458e044bc796f1b482572\"\u003e\u003ccode\u003e7df2f3e\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/242094c35def147d8d9aded1d46e548a4e08c80c\"\u003e\u003ccode\u003e242094c\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/76b684387f28f583fc5888f80453f9054963a5b4\"\u003e\u003ccode\u003e76b6843\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Fix failing test on PHP 8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/4865a22db9b813fa8378e98b161e022f24638d16\"\u003e\u003ccode\u003e4865a22\u003c/code\u003e\u003c/a\u003e CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/cc408ce0c45d1918d08c0c1712cb684dd04c07e0\"\u003e\u003ccode\u003ecc408ce\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/d55784450e7ebceeef3cc2b1c14247ea1b7d4ece\"\u003e\u003ccode\u003ed557844\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.382.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.382.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Api\u003c/code\u003e - Cast generated HTTP header values to strings and validate invalid header values.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SavingsPlans\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizerAutomation\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MainframeModernization\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LocationService\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Omics\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SimpleDBv2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkMailMessageFlow\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SupportApp\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EBS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTDeviceAdvisor\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MarketplaceDeployment\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds shared environment support for Restricted Instance Groups (RIGs) on SageMaker HyperPod, enabling cross-RIG workload scheduling and FSx sharing. This unlocks shared CPU-GPU environments needed for cost-efficient RL training (e.g., Nova Forge). Adds p6 instance support for recommendation jobs\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Add support for Neuron device resource requirements for Amazon ECS\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECRPublic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityIR\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTThingsGraph\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\FIS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EKSAuth\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMakerFeatureStoreRuntime\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataExchange\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Organizations\u003c/code\u003e - AWS Organizations now emits CloudTrail events (AccountJoinedOrganization, AccountDepartedOrganization) to the management account for membership changes, including join and departure method and timestamp.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EventBridge\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WellArchitected\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockDataAutomation\u003c/code\u003e - Matcher Fallback extends the CustomOutputConfiguration for the Document modality in DataAutomationProjects, enabling a fallback blueprint when no match is found. A FALLBACK match status is returned, improving the matching experience and guaranteeing customers always receive CustomOutputResults.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchRUM\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\finspace\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SSMContacts\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\NovaAct\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaLive\u003c/code\u003e - AWS Elemental MediaLive now supports Smart Subtitles, a new caption source that uses AWS Elemental Inference to automatically generate WebVTT and TTML captions from source audio. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ElementalInference\u003c/code\u003e - Added support for smart subtitles in Elemental Inference, enabling automatic generation of subtitles for media content. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizer\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PcaConnectorAd\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LaunchWizard\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTFleetWise\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BCMDashboards\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ResourceExplorer2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DocDBElastic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MPA\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralBenefits\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MemoryDB\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Inspector2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkSpacesWeb\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - OpenSearch will now support multi-segment paths in JWKS URLs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/6844cc6421c47d6b96633ab8039045012acbeb27\"\u003e\u003ccode\u003e6844cc6\u003c/code\u003e\u003c/a\u003e 3.382.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/08fe07450c46e54c25960a062aa66af9c3ba7248\"\u003e\u003ccode\u003e08fe074\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/7ebd05d0ddfd33dcadc5c0f64c4723d570aaf2e3\"\u003e\u003ccode\u003e7ebd05d\u003c/code\u003e\u003c/a\u003e fix: cast generated header values to strings (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3289\"\u003e#3289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d506bdaab8e29b18d31a46be4fe4314af5945432\"\u003e\u003ccode\u003ed506bda\u003c/code\u003e\u003c/a\u003e 3.382.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a2a4d0d4d846c4edd6ddd63242946a8ca0b549b4\"\u003e\u003ccode\u003ea2a4d0d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/38dc43d14db5663f62f7371e5b34d49e6192c2d3\"\u003e\u003ccode\u003e38dc43d\u003c/code\u003e\u003c/a\u003e chore: harden GitHub Actions workflows (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3287\"\u003e#3287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/5b4c1958d7ff9e3284b755d257a1aa1926745f6a\"\u003e\u003ccode\u003e5b4c195\u003c/code\u003e\u003c/a\u003e 3.382.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/e925c2dde5a2a4fa4cce2c8641e02b59b838841f\"\u003e\u003ccode\u003ee925c2d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/3e93512528775f12d0136a78345bac781faee481\"\u003e\u003ccode\u003e3e93512\u003c/code\u003e\u003c/a\u003e Update type to 'feature' in multipart-copy.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3288\"\u003e#3288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ab2ba5794fcfcd9826a462742bc3ef7b9fb1688b\"\u003e\u003ccode\u003eab2ba57\u003c/code\u003e\u003c/a\u003e enhancement: copy object metadata in multipartcopy (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3286\"\u003e#3286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.382.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/cache` from 7.3.1 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/cache/releases\"\u003esymfony/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.12...v7.4.13\"\u003ehttps://github.com/symfony/cache/compare/v7.4.12...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64330\"\u003e#64330\u003c/a\u003e  Fix strlen(null) deprecation on RelayCluster path in RedisTrait::doClear() (\u003ca href=\"https://github.com/signor-pedro\"\u003e\u003ccode\u003e@​signor-pedro\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64336\"\u003e#64336\u003c/a\u003e  Accept '_' and ':' in prefix passed to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.10...v7.4.12\"\u003ehttps://github.com/symfony/cache/compare/v7.4.10...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-45073  Validate the prefix given to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.9...v7.4.10\"\u003ehttps://github.com/symfony/cache/compare/v7.4.9...v7.4.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64122\"\u003e#64122\u003c/a\u003e  Ensure compatibility with Relay extension 0.22.0 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/cache/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64060\"\u003e#64060\u003c/a\u003e  Normalize default_lifetime for pools wrapped by ChainAdapter (\u003ca href=\"https://github.com/ostrolucky\"\u003e\u003ccode\u003e@​ostrolucky\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63964\"\u003e#63964\u003c/a\u003e  Ensure internal state is cleared in TagAwareAdapter::reset() … (\u003ca href=\"https://github.com/KevinMartinsDev\"\u003e\u003ccode\u003e@​KevinMartinsDev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63860\"\u003e#63860\u003c/a\u003e  Fix Psr16Cache::getMultiple() returning wrapper values when using TTL (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/cache/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63818\"\u003e#63818\u003c/a\u003e  Ensure compatibility with Relay extension 0.21.0 (\u003ca href=\"https://github.com/lyrixx\"\u003e\u003ccode\u003e@​lyrixx\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63747\"\u003e#63747\u003c/a\u003e  Fix \u003ccode\u003ePsr16Cache::getMultiple()\u003c/code\u003e returning \u003ccode\u003eValueWrapper\u003c/code\u003e with \u003ccode\u003eTagAwareAdapter\u003c/code\u003e (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63736\"\u003e#63736\u003c/a\u003e  Fix undefined array key when tag save fails in AbstractTagAwareAdapter (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63655\"\u003e#63655\u003c/a\u003e  Fix ChainAdapter ignoring item expiry when propagating to earlier adapters (\u003ca href=\"https://github.com/guillaumeVDP\"\u003e\u003ccode\u003e@​guillaumeVDP\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/cache/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63592\"\u003e#63592\u003c/a\u003e  Add timeout and slot eviction to LockRegistry stampede prevention (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/cache/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63437\"\u003e#63437\u003c/a\u003e  Wrap \u003ccode\u003eDoctrineDbalAdapter::doSave()\u003c/code\u003e in savepoint to prevent transaction poisoning (\u003ca href=\"https://github.com/lacatoire\"\u003e\u003ccode\u003e@​lacatoire\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63391\"\u003e#63391\u003c/a\u003e  Align Redis sentinel auth handling across components (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63324\"\u003e#63324\u003c/a\u003e  Fix DSN auth not passed to Redis/RedisCluster/Relay in RedisTrait (\u003ca href=\"https://github.com/ckrack\"\u003e\u003ccode\u003e@​ckrack\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63306\"\u003e#63306\u003c/a\u003e  Revert \u0026quot;Fix DSN auth not passed to clusters in RedisTrait\u0026quot; (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63272\"\u003e#63272\u003c/a\u003e  Fix forwarding SSL settings to the redis sentinel (\u003ca href=\"https://github.com/CientistaDaWeb\"\u003e\u003ccode\u003e@​CientistaDaWeb\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63230\"\u003e#63230\u003c/a\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/HandyKnox/mautic-marketing/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HandyKnox%2Fmautic-marketing/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4536582465","node_id":"PR_kwDOPrj8Sc7gCWX5","number":16,"state":"closed","title":"Bump the composer group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-28T02:22:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-27T23:57:49.000Z","updated_at":"2026-05-28T02:22:13.000Z","time_to_close":8662,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":17,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"symfony/dom-crawler","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/dom-crawler"},{"name":"symfony/web-profiler-bundle","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/web-profiler-bundle"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.382.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/mailer","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/mailer"},{"name":"symfony/monolog-bridge","old_version":"7.3.0","new_version":"7.4.12","repository_url":"https://github.com/symfony/monolog-bridge"},{"name":"symfony/security-http","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/security-http"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.23","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [symfony/dom-crawler](https://github.com/symfony/dom-crawler) | `7.3.1` | `7.4.12` |\n| [symfony/web-profiler-bundle](https://github.com/symfony/web-profiler-bundle) | `7.3.1` | `7.4.12` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.382.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/mailer](https://github.com/symfony/mailer) | `7.3.1` | `7.4.12` |\n| [symfony/monolog-bridge](https://github.com/symfony/monolog-bridge) | `7.3.0` | `7.4.12` |\n| [symfony/security-http](https://github.com/symfony/security-http) | `7.3.1` | `7.4.13` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.23` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/dom-crawler` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/releases\"\u003esymfony/dom-crawler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/dom-crawler/issues/64258\"\u003e#64258\u003c/a\u003e  Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-selects (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity #cve-2026-45071  Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e (\u003ca href=\"https://github.com/alexandre-daubois\"\u003e\u003ccode\u003e@​alexandre-daubois\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62671\"\u003esymfony/symfony#62671\u003c/a\u003e [DomCrawler] Fixing dealing with invalid charset (\u003ca href=\"https://github.com/ThomasLandauer\"\u003e\u003ccode\u003e@​ThomasLandauer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62240\"\u003esymfony/symfony#62240\u003c/a\u003e [DomCrawler] Handle malformed tags in HTML5 parser (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62186\"\u003esymfony/symfony#62186\u003c/a\u003e [DomCrawler] Fix converting HTML5 trees to DOM nodes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62180\"\u003esymfony/symfony#62180\u003c/a\u003e [DomCrawler] Properly ignore errors when using the native HTML5 parser (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeature \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/61475\"\u003esymfony/symfony#61475\u003c/a\u003e [DomCrawler] Use the native HTML5 parser on PHP 8.4 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/blob/8.1/CHANGELOG.md\"\u003esymfony/dom-crawler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e part of the supported public API\u003c/li\u003e\n\u003cli\u003eAlways set \u003ccode\u003eLIBXML_NONET\u003c/code\u003e in \u003ccode\u003eCrawler::addXmlContent()\u003c/code\u003e so external entities cannot trigger network requests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove argument \u003ccode\u003e$useHtml5Parser\u003c/code\u003e of \u003ccode\u003eCrawler\u003c/code\u003e's constructor; the native HTML5 parser is used unconditionally\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisabling HTML5 parsing is deprecated; Symfony 8 will unconditionally use the native HTML5 parser\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextContains\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextSame\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e$useHtml5Parser\u003c/code\u003e argument to \u003ccode\u003eCrawler\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerSelectorCount\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eCrawler::innerText()\u003c/code\u003e return the first non-empty text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eCrawler::parents()\u003c/code\u003e method, use \u003ccode\u003eancestors()\u003c/code\u003e instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawler::innerText\u003c/code\u003e method.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b59b59122690976550fd142c23fab62c84738db6\"\u003e\u003ccode\u003eb59b591\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/7e65f76c28f5ed8d933f2c86698a3e2bf0de1b10\"\u003e\u003ccode\u003e7e65f76\u003c/code\u003e\u003c/a\u003e Merge branch '5.4' into 6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b18373e86fbc4558a206e8055158c8e3e50c4da3\"\u003e\u003ccode\u003eb18373e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/505deba47e489a7694e0b6942df83a358197e921\"\u003e\u003ccode\u003e505deba\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-se...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/f47410019c605a651d000371de7263b70a78c681\"\u003e\u003ccode\u003ef474100\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b4cf17ff405a77341ad86e81e06ff09298f5aa8f\"\u003e\u003ccode\u003eb4cf17f\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/6d86f9727e216e81f9d18d32bc4701d70c9d0ac4\"\u003e\u003ccode\u003e6d86f97\u003c/code\u003e\u003c/a\u003e [Tests] Fix \u0026quot;Incomplete version\u0026quot; PHPUnit warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/04ca269f9c0aca5f41b1230bf1fce4f0928f669a\"\u003e\u003ccode\u003e04ca269\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/eac26cf4833a05a92356d285329bfd63e0e46d64\"\u003e\u003ccode\u003eeac26cf\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/ca5ad736e4366c8b1499bc493fd86d3bb38c93c2\"\u003e\u003ccode\u003eca5ad73\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/web-profiler-bundle` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/releases\"\u003esymfony/web-profiler-bundle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/64172\"\u003e#64172\u003c/a\u003e  Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e (\u003ca href=\"https://github.com/MatTheCat\"\u003e\u003ccode\u003e@​MatTheCat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63930\"\u003e#63930\u003c/a\u003e  Fix toolbar toggle button accessibility (\u003ca href=\"https://github.com/Nitram1123\"\u003e\u003ccode\u003e@​Nitram1123\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63679\"\u003e#63679\u003c/a\u003e  Only decrement pendingRequests when it's more than zero (\u003ca href=\"https://github.com/andyexeter\"\u003e\u003ccode\u003e@​andyexeter\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63526\"\u003e#63526\u003c/a\u003e  Fix Symfony web debug toolbar not being displayed (\u003ca href=\"https://github.com/zoglo\"\u003e\u003ccode\u003e@​zoglo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63315\"\u003e#63315\u003c/a\u003e  Fix EventSource is missing static properties (Oleksii Kozhemiaka)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/62970\"\u003e#62970\u003c/a\u003e  Fix hot reload support (FrankenPHP) (\u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62858\"\u003esymfony/symfony#62858\u003c/a\u003e [WebProfilerBundle] Fix using URL objects with \u003ccode\u003eEventSource\u003c/code\u003e (\u003ca href=\"https://github.com/HypeMC\"\u003e\u003ccode\u003e@​HypeMC\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62441\"\u003esymfony/symfony#62441\u003c/a\u003e [WebProfilerBundle] fix displaying runner (\u003ca href=\"https://github.com/94noni\"\u003e\u003ccode\u003e@​94noni\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/blob/8.1/CHANGELOG.md\"\u003esymfony/web-profiler-bundle's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForward the CSP nonce to \u003ccode\u003eDumpDataCollector\u003c/code\u003e instead of disabling CSP when \u003ccode\u003edump()\u003c/code\u003e is used\u003c/li\u003e\n\u003cli\u003eAdd console command value resolvers durations to Performances panel\u003c/li\u003e\n\u003cli\u003eAdd error indicator to profiler list view for profiles with errors\u003c/li\u003e\n\u003cli\u003eAdd cURL copy paste button in the Request/Response tab\u003c/li\u003e\n\u003cli\u003eAdd support for streamed responses in the debug toolbar\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprofiler.xml\u003c/code\u003e and \u003ccode\u003ewdt.xml\u003c/code\u003e routing configuration files (use their PHP equivalent instead)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method in the profiler\u003c/li\u003e\n\u003cli\u003eAdd support for Server-Sent Events / \u003ccode\u003eEventSource\u003c/code\u003e requests in the debug toolbar\u003c/li\u003e\n\u003cli\u003eAdd support for displaying the application runner class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eprofiler.php\u003c/code\u003e and \u003ccode\u003ewdt.php\u003c/code\u003e routing configuration files (use them instead of their XML equivalent)\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'\n        prefix: /_wdt\n\u003cp\u003eweb_profiler_profiler:\nresource: '\u003ccode\u003e@​WebProfilerBundle/Resources/\u003c/code\u003econfig/routing/profiler.xml'\nprefix: /_profiler\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'\n        prefix: /_wdt\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/558fe81a383302318d9b92f7661deb731153c86e\"\u003e\u003ccode\u003e558fe81\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/066e718f8dfb73c55de43470bb73ebd525343d21\"\u003e\u003ccode\u003e066e718\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/be546fdb34d7a05eb271dfe0bf2370c37472e15c\"\u003e\u003ccode\u003ebe546fd\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/36dd8b8c05da059925c5804641aad9159e5b73e8\"\u003e\u003ccode\u003e36dd8b8\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/7df2f3e74b044afb021458e044bc796f1b482572\"\u003e\u003ccode\u003e7df2f3e\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/242094c35def147d8d9aded1d46e548a4e08c80c\"\u003e\u003ccode\u003e242094c\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/76b684387f28f583fc5888f80453f9054963a5b4\"\u003e\u003ccode\u003e76b6843\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Fix failing test on PHP 8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/4865a22db9b813fa8378e98b161e022f24638d16\"\u003e\u003ccode\u003e4865a22\u003c/code\u003e\u003c/a\u003e CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/cc408ce0c45d1918d08c0c1712cb684dd04c07e0\"\u003e\u003ccode\u003ecc408ce\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/d55784450e7ebceeef3cc2b1c14247ea1b7d4ece\"\u003e\u003ccode\u003ed557844\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.382.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.382.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Api\u003c/code\u003e - Cast generated HTTP header values to strings and validate invalid header values.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SavingsPlans\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizerAutomation\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MainframeModernization\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LocationService\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Omics\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SimpleDBv2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkMailMessageFlow\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SupportApp\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EBS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTDeviceAdvisor\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MarketplaceDeployment\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds shared environment support for Restricted Instance Groups (RIGs) on SageMaker HyperPod, enabling cross-RIG workload scheduling and FSx sharing. This unlocks shared CPU-GPU environments needed for cost-efficient RL training (e.g., Nova Forge). Adds p6 instance support for recommendation jobs\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Add support for Neuron device resource requirements for Amazon ECS\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECRPublic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityIR\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTThingsGraph\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\FIS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EKSAuth\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMakerFeatureStoreRuntime\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataExchange\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Organizations\u003c/code\u003e - AWS Organizations now emits CloudTrail events (AccountJoinedOrganization, AccountDepartedOrganization) to the management account for membership changes, including join and departure method and timestamp.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EventBridge\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WellArchitected\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockDataAutomation\u003c/code\u003e - Matcher Fallback extends the CustomOutputConfiguration for the Document modality in DataAutomationProjects, enabling a fallback blueprint when no match is found. A FALLBACK match status is returned, improving the matching experience and guaranteeing customers always receive CustomOutputResults.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchRUM\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\finspace\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SSMContacts\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\NovaAct\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaLive\u003c/code\u003e - AWS Elemental MediaLive now supports Smart Subtitles, a new caption source that uses AWS Elemental Inference to automatically generate WebVTT and TTML captions from source audio. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ElementalInference\u003c/code\u003e - Added support for smart subtitles in Elemental Inference, enabling automatic generation of subtitles for media content. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizer\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PcaConnectorAd\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LaunchWizard\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTFleetWise\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BCMDashboards\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ResourceExplorer2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DocDBElastic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MPA\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralBenefits\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MemoryDB\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Inspector2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkSpacesWeb\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - OpenSearch will now support multi-segment paths in JWKS URLs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/6844cc6421c47d6b96633ab8039045012acbeb27\"\u003e\u003ccode\u003e6844cc6\u003c/code\u003e\u003c/a\u003e 3.382.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/08fe07450c46e54c25960a062aa66af9c3ba7248\"\u003e\u003ccode\u003e08fe074\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/7ebd05d0ddfd33dcadc5c0f64c4723d570aaf2e3\"\u003e\u003ccode\u003e7ebd05d\u003c/code\u003e\u003c/a\u003e fix: cast generated header values to strings (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3289\"\u003e#3289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d506bdaab8e29b18d31a46be4fe4314af5945432\"\u003e\u003ccode\u003ed506bda\u003c/code\u003e\u003c/a\u003e 3.382.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a2a4d0d4d846c4edd6ddd63242946a8ca0b549b4\"\u003e\u003ccode\u003ea2a4d0d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/38dc43d14db5663f62f7371e5b34d49e6192c2d3\"\u003e\u003ccode\u003e38dc43d\u003c/code\u003e\u003c/a\u003e chore: harden GitHub Actions workflows (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3287\"\u003e#3287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/5b4c1958d7ff9e3284b755d257a1aa1926745f6a\"\u003e\u003ccode\u003e5b4c195\u003c/code\u003e\u003c/a\u003e 3.382.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/e925c2dde5a2a4fa4cce2c8641e02b59b838841f\"\u003e\u003ccode\u003ee925c2d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/3e93512528775f12d0136a78345bac781faee481\"\u003e\u003ccode\u003e3e93512\u003c/code\u003e\u003c/a\u003e Update type to 'feature' in multipart-copy.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3288\"\u003e#3288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ab2ba5794fcfcd9826a462742bc3ef7b9fb1688b\"\u003e\u003ccode\u003eab2ba57\u003c/code\u003e\u003c/a\u003e enhancement: copy object metadata in multipartcopy (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3286\"\u003e#3286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.382.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/cache` from 7.3.1 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/cache/releases\"\u003esymfony/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.12...v7.4.13\"\u003ehttps://github.com/symfony/cache/compare/v7.4.12...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64330\"\u003e#64330\u003c/a\u003e  Fix strlen(null) deprecation on RelayCluster path in RedisTrait::doClear() (\u003ca href=\"https://github.com/signor-pedro\"\u003e\u003ccode\u003e@​signor-pedro\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64336\"\u003e#64336\u003c/a\u003e  Accept '_' and ':' in prefix passed to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.10...v7.4.12\"\u003ehttps://github.com/symfony/cache/compare/v7.4.10...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-45073  Validate the prefix given to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.9...v7.4.10\"\u003ehttps://github.com/symfony/cache/compare/v7.4.9...v7.4.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64122\"\u003e#64122\u003c/a\u003e  Ensure compatibility with Relay extension 0.22.0 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/cache/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64060\"\u003e#64060\u003c/a\u003e  Normalize default_lifetime for pools wrapped by ChainAdapter (\u003ca href=\"https://github.com/ostrolucky\"\u003e\u003ccode\u003e@​ostrolucky\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63964\"\u003e#63964\u003c/a\u003e  Ensure internal state is cleared in TagAwareAdapter::reset() … (\u003ca href=\"https://github.com/KevinMartinsDev\"\u003e\u003ccode\u003e@​KevinMartinsDev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63860\"\u003e#63860\u003c/a\u003e  Fix Psr16Cache::getMultiple() returning wrapper values when using TTL (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/cache/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63818\"\u003e#63818\u003c/a\u003e  Ensure compatibility with Relay extension 0.21.0 (\u003ca href=\"https://github.com/lyrixx\"\u003e\u003ccode\u003e@​lyrixx\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63747\"\u003e#63747\u003c/a\u003e  Fix \u003ccode\u003ePsr16Cache::getMultiple()\u003c/code\u003e returning \u003ccode\u003eValueWrapper\u003c/code\u003e with \u003ccode\u003eTagAwareAdapter\u003c/code\u003e (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63736\"\u003e#63736\u003c/a\u003e  Fix undefined array key when tag save fails in AbstractTagAwareAdapter (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63655\"\u003e#63655\u003c/a\u003e  Fix ChainAdapter ignoring item expiry when propagating to earlier adapters (\u003ca href=\"https://github.com/guillaumeVDP\"\u003e\u003ccode\u003e@​guillaumeVDP\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/cache/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63592\"\u003e#63592\u003c/a\u003e  Add timeout and slot eviction to LockRegistry stampede prevention (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/cache/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63437\"\u003e#63437\u003c/a\u003e  Wrap \u003ccode\u003eDoctrineDbalAdapter::doSave()\u003c/code\u003e in savepoint to prevent transaction poisoning (\u003ca href=\"https://github.com/lacatoire\"\u003e\u003ccode\u003e@​lacatoire\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63391\"\u003e#63391\u003c/a\u003e  Align Redis sentinel auth handling across components (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63324\"\u003e#63324\u003c/a\u003e  Fix DSN auth not passed to Redis/RedisCluster/Relay in RedisTrait (\u003ca href=\"https://github.com/ckrack\"\u003e\u003ccode\u003e@​ckrack\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63306\"\u003e#63306\u003c/a\u003e  Revert \u0026quot;Fix DSN auth not passed to clusters in RedisTrait\u0026quot; (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63272\"\u003e#63272\u003c/a\u003e  Fix forwarding SSL settings to the redis sentinel (\u003ca href=\"https://github.com/CientistaDaWeb\"\u003e\u003ccode\u003e@​CientistaDaWeb\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://g...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/mautic/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fmautic/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4535821953","node_id":"PR_kwDOPqlfLs7f_3ON","number":15,"state":"closed","title":"Bump the composer group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-27T21:47:03.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-27T21:20:37.000Z","updated_at":"2026-05-27T21:47:05.000Z","time_to_close":1586,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":12,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"symfony/web-profiler-bundle","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/web-profiler-bundle"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.382.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/security-http","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/security-http"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.23","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [symfony/web-profiler-bundle](https://github.com/symfony/web-profiler-bundle) | `7.3.1` | `7.4.12` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.382.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/security-http](https://github.com/symfony/security-http) | `7.3.1` | `7.4.13` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.23` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/web-profiler-bundle` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/releases\"\u003esymfony/web-profiler-bundle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/64172\"\u003e#64172\u003c/a\u003e  Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e (\u003ca href=\"https://github.com/MatTheCat\"\u003e\u003ccode\u003e@​MatTheCat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63930\"\u003e#63930\u003c/a\u003e  Fix toolbar toggle button accessibility (\u003ca href=\"https://github.com/Nitram1123\"\u003e\u003ccode\u003e@​Nitram1123\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63679\"\u003e#63679\u003c/a\u003e  Only decrement pendingRequests when it's more than zero (\u003ca href=\"https://github.com/andyexeter\"\u003e\u003ccode\u003e@​andyexeter\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63526\"\u003e#63526\u003c/a\u003e  Fix Symfony web debug toolbar not being displayed (\u003ca href=\"https://github.com/zoglo\"\u003e\u003ccode\u003e@​zoglo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63315\"\u003e#63315\u003c/a\u003e  Fix EventSource is missing static properties (Oleksii Kozhemiaka)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/62970\"\u003e#62970\u003c/a\u003e  Fix hot reload support (FrankenPHP) (\u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62858\"\u003esymfony/symfony#62858\u003c/a\u003e [WebProfilerBundle] Fix using URL objects with \u003ccode\u003eEventSource\u003c/code\u003e (\u003ca href=\"https://github.com/HypeMC\"\u003e\u003ccode\u003e@​HypeMC\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62441\"\u003esymfony/symfony#62441\u003c/a\u003e [WebProfilerBundle] fix displaying runner (\u003ca href=\"https://github.com/94noni\"\u003e\u003ccode\u003e@​94noni\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/blob/8.1/CHANGELOG.md\"\u003esymfony/web-profiler-bundle's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForward the CSP nonce to \u003ccode\u003eDumpDataCollector\u003c/code\u003e instead of disabling CSP when \u003ccode\u003edump()\u003c/code\u003e is used\u003c/li\u003e\n\u003cli\u003eAdd console command value resolvers durations to Performances panel\u003c/li\u003e\n\u003cli\u003eAdd error indicator to profiler list view for profiles with errors\u003c/li\u003e\n\u003cli\u003eAdd cURL copy paste button in the Request/Response tab\u003c/li\u003e\n\u003cli\u003eAdd support for streamed responses in the debug toolbar\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprofiler.xml\u003c/code\u003e and \u003ccode\u003ewdt.xml\u003c/code\u003e routing configuration files (use their PHP equivalent instead)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method in the profiler\u003c/li\u003e\n\u003cli\u003eAdd support for Server-Sent Events / \u003ccode\u003eEventSource\u003c/code\u003e requests in the debug toolbar\u003c/li\u003e\n\u003cli\u003eAdd support for displaying the application runner class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eprofiler.php\u003c/code\u003e and \u003ccode\u003ewdt.php\u003c/code\u003e routing configuration files (use them instead of their XML equivalent)\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'\n        prefix: /_wdt\n\u003cp\u003eweb_profiler_profiler:\nresource: '\u003ccode\u003e@​WebProfilerBundle/Resources/\u003c/code\u003econfig/routing/profiler.xml'\nprefix: /_profiler\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'\n        prefix: /_wdt\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/558fe81a383302318d9b92f7661deb731153c86e\"\u003e\u003ccode\u003e558fe81\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/066e718f8dfb73c55de43470bb73ebd525343d21\"\u003e\u003ccode\u003e066e718\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/be546fdb34d7a05eb271dfe0bf2370c37472e15c\"\u003e\u003ccode\u003ebe546fd\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/36dd8b8c05da059925c5804641aad9159e5b73e8\"\u003e\u003ccode\u003e36dd8b8\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/7df2f3e74b044afb021458e044bc796f1b482572\"\u003e\u003ccode\u003e7df2f3e\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/242094c35def147d8d9aded1d46e548a4e08c80c\"\u003e\u003ccode\u003e242094c\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/76b684387f28f583fc5888f80453f9054963a5b4\"\u003e\u003ccode\u003e76b6843\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Fix failing test on PHP 8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/4865a22db9b813fa8378e98b161e022f24638d16\"\u003e\u003ccode\u003e4865a22\u003c/code\u003e\u003c/a\u003e CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/cc408ce0c45d1918d08c0c1712cb684dd04c07e0\"\u003e\u003ccode\u003ecc408ce\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/d55784450e7ebceeef3cc2b1c14247ea1b7d4ece\"\u003e\u003ccode\u003ed557844\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.382.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.382.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Api\u003c/code\u003e - Cast generated HTTP header values to strings and validate invalid header values.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SavingsPlans\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizerAutomation\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MainframeModernization\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LocationService\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Omics\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SimpleDBv2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkMailMessageFlow\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SupportApp\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EBS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTDeviceAdvisor\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MarketplaceDeployment\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds shared environment support for Restricted Instance Groups (RIGs) on SageMaker HyperPod, enabling cross-RIG workload scheduling and FSx sharing. This unlocks shared CPU-GPU environments needed for cost-efficient RL training (e.g., Nova Forge). Adds p6 instance support for recommendation jobs\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Add support for Neuron device resource requirements for Amazon ECS\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECRPublic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityIR\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTThingsGraph\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\FIS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EKSAuth\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMakerFeatureStoreRuntime\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataExchange\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Organizations\u003c/code\u003e - AWS Organizations now emits CloudTrail events (AccountJoinedOrganization, AccountDepartedOrganization) to the management account for membership changes, including join and departure method and timestamp.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EventBridge\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WellArchitected\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockDataAutomation\u003c/code\u003e - Matcher Fallback extends the CustomOutputConfiguration for the Document modality in DataAutomationProjects, enabling a fallback blueprint when no match is found. A FALLBACK match status is returned, improving the matching experience and guaranteeing customers always receive CustomOutputResults.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchRUM\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\finspace\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SSMContacts\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\NovaAct\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaLive\u003c/code\u003e - AWS Elemental MediaLive now supports Smart Subtitles, a new caption source that uses AWS Elemental Inference to automatically generate WebVTT and TTML captions from source audio. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ElementalInference\u003c/code\u003e - Added support for smart subtitles in Elemental Inference, enabling automatic generation of subtitles for media content. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizer\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PcaConnectorAd\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LaunchWizard\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTFleetWise\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BCMDashboards\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ResourceExplorer2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DocDBElastic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MPA\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralBenefits\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MemoryDB\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Inspector2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkSpacesWeb\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - OpenSearch will now support multi-segment paths in JWKS URLs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/6844cc6421c47d6b96633ab8039045012acbeb27\"\u003e\u003ccode\u003e6844cc6\u003c/code\u003e\u003c/a\u003e 3.382.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/08fe07450c46e54c25960a062aa66af9c3ba7248\"\u003e\u003ccode\u003e08fe074\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/7ebd05d0ddfd33dcadc5c0f64c4723d570aaf2e3\"\u003e\u003ccode\u003e7ebd05d\u003c/code\u003e\u003c/a\u003e fix: cast generated header values to strings (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3289\"\u003e#3289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d506bdaab8e29b18d31a46be4fe4314af5945432\"\u003e\u003ccode\u003ed506bda\u003c/code\u003e\u003c/a\u003e 3.382.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a2a4d0d4d846c4edd6ddd63242946a8ca0b549b4\"\u003e\u003ccode\u003ea2a4d0d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/38dc43d14db5663f62f7371e5b34d49e6192c2d3\"\u003e\u003ccode\u003e38dc43d\u003c/code\u003e\u003c/a\u003e chore: harden GitHub Actions workflows (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3287\"\u003e#3287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/5b4c1958d7ff9e3284b755d257a1aa1926745f6a\"\u003e\u003ccode\u003e5b4c195\u003c/code\u003e\u003c/a\u003e 3.382.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/e925c2dde5a2a4fa4cce2c8641e02b59b838841f\"\u003e\u003ccode\u003ee925c2d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/3e93512528775f12d0136a78345bac781faee481\"\u003e\u003ccode\u003e3e93512\u003c/code\u003e\u003c/a\u003e Update type to 'feature' in multipart-copy.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3288\"\u003e#3288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ab2ba5794fcfcd9826a462742bc3ef7b9fb1688b\"\u003e\u003ccode\u003eab2ba57\u003c/code\u003e\u003c/a\u003e enhancement: copy object metadata in multipartcopy (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3286\"\u003e#3286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.382.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.13\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-48736  Block IPv6 transition forms in IpUtils::PRIVATE_SUBNETS (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSessionHasFlashMessage\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse::__construct()\u003c/code\u003e now accepts a \u003ccode\u003eResponseHeaderBag\u003c/code\u003e as its third argument\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eParameterBag::getInt()\u003c/code\u003e and \u003ccode\u003eParameterBag::getBoolean()\u003c/code\u003e now throw \u003ccode\u003eUnexpectedValueException\u003c/code\u003e instead of silently returning \u003ccode\u003e0\u003c/code\u003e/\u003ccode\u003efalse\u003c/code\u003e when the value cannot be converted\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/bc354f47c62301e990b7874fa662326368508e2c\"\u003e\u003ccode\u003ebc354f4\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/48d76c29a67a301e0f7779a512bf76417395ffef\"\u003e\u003ccode\u003e48d76c2\u003c/code\u003e\u003c/a\u003e security #cve-2026-48736 [HttpFoundation] Block IPv6 transition forms in IpUt...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fda5ebe3a23cd930790cb70aeac9c58d5a262b09\"\u003e\u003ccode\u003efda5ebe\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5979ae84168d6f551009278ee576676dfb87f90a\"\u003e\u003ccode\u003e5979ae8\u003c/code\u003e\u003c/a\u003e Ignore Doctrine DBAL deprecations that can't be worked around\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/10d5daa7a22d64037a4bd5195d387ecc0d2c5b3c\"\u003e\u003ccode\u003e10d5daa\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix tests for PHP 8.6: session.cookie_samesite=Lax\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/3ebc78a9507545259ec5c71afdc49d4c452e3eda\"\u003e\u003ccode\u003e3ebc78a\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Block IPv6 transition forms in IpUtils::PRIVATE_SUBNETS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/051a9622b64ac1f639665c593afbff1128cddb16\"\u003e\u003ccode\u003e051a962\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5402ad19bef111ffdd076d33d87bd400c0c38243\"\u003e\u003ccode\u003e5402ad1\u003c/code\u003e\u003c/a\u003e Remove wrong documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/c38f205c479a5f74d34034f29e59240e1ec4b795\"\u003e\u003ccode\u003ec38f205\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a762b60b37023abc3fb0d870adbdaa523606a7af\"\u003e\u003ccode\u003ea762b60\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.11...v7.4.13\"\u003ehttps://github.com/symfony/process/compare/v7.4.11...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/64347\"\u003e#64347\u003c/a\u003e  Stop leaking CGI/FastCGI request-context vars to subprocesses (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.8...v7.4.11\"\u003ehttps://github.com/symfony/process/compare/v7.4.8...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/64058\"\u003e#64058\u003c/a\u003e  Ignore array env values before proc_open (\u003ca href=\"https://github.com/dionisvl\"\u003e\u003ccode\u003e@​dionisvl\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github...\n\n_Description has been truncated_","html_url":"https://github.com/HandyKnox/mautic-marketing/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HandyKnox%2Fmautic-marketing/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4479193881","node_id":"PR_kwDOPrj8Sc7dKHaY","number":8,"state":"closed","title":"Bump the composer group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T22:10:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T16:33:51.000Z","updated_at":"2026-05-21T22:11:01.000Z","time_to_close":193027,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":8,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.381.3","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/http-foundation","old_version":"7.3.1","new_version":"7.4.8","repository_url":"https://github.com/symfony/http-foundation"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.381.3` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.1` | `7.4.8` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.22` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.381.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.381.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QuickSight\u003c/code\u003e - Support for dataset enrichment and geo spatial in new data preparation experience\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IVS\u003c/code\u003e - Adds support for up to 3 mediaTailorPlaybackConfiguration objects in an ad configuration resource\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Amazon Connect Cases now supports SLA durations of up to 2 years (1,051,200 minutes), increased from the previous maximum of 90 days (129,600 minutes). This enables you to track long-running service level agreements for cases that require extended resolution timelines.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Evs\u003c/code\u003e - Amazon EVS now supports up to 32 hosts per EVS environment, increasing the previous host limit to allow a larger scale of VMware workload deployments and reduce operational overhead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Amazon ECS now supports Pause lifecycle hooks for service deployments, allowing customers to automatically pause deployments at specified stages and use the new ContinueServiceDeployment API to continue or roll back with confidence.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AccessAnalyzer\u003c/code\u003e - Services manage service-linked analyzers through dedicated APIs - CreateServiceLinkedAnalyzer and DeleteServiceLinkedAnalyzer that separate service-linked specific operations from customer-managed operations. It also shows up in ListAnalyzers and GetAnalyzer responses.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EC2\u003c/code\u003e - Amazon VPC IP Address Manager (IPAM) now supports tags on IPAM pool allocations, enabling all standard tagging features for allocations including tag-on-create.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.381.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\\u003c/code\u003e - Fix circular reference cycles caused by non-static middleware closures implicitly capturing $this in AwsClient, GlacierClient, Route53Client, S3Client, S3MultiRegionClient, and Middleware.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchLogs\u003c/code\u003e - Updating the max limit for start query api parameter.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Enable TCV intake on Opportunity to improve Opportunities Hygiene and downstream revenue attribution.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaPackageV2\u003c/code\u003e - This release adds support for AvailabilityStartTimeConfiguration in MediaPackageV2 DASH manifests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.381.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ManagedGrafana\u003c/code\u003e - Adds support for dual-stack (IPv4 and IPv6) connectivity to Amazon Managed Grafana workspaces. Customers can configure the ipAddressType parameter when creating or updating a workspace to choose between IPv4-only or dual-stack (IPv4 and IPv6) access.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QConnect\u003c/code\u003e - ListModels is an API that returns the available AI models for a Connect Assistant based on its region and AI prompt type.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataZone\u003c/code\u003e - Adds support for SageMaker Unified Studio notebook operations, including notebook import and export\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudFront\u003c/code\u003e - Adding a new boolean for OCSP Revocations in Viewer mTLS Create and Update APIs, and adding a new 'Passthrough' option for TrustStore modes\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Bedrock\u003c/code\u003e - Advanced Prompt Optimization (AdvPO) allows you to optimize and migrate your prompts for any model on Bedrock by automatically evaluating responses and rewriting prompts to improve performance. This release provides a programmatic way to create, get, list, stop, and delete AdvPO jobs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Introducing new option for security groups mapping - with MAP-DHCP the service translates security rules from your source environment with DHCP compatibility.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DatabaseMigrationService\u003c/code\u003e - Add 9 SDK waiters for DMS Schema Conversion async operations. Eliminates manual polling for import, assessment, conversion, export, and creation jobs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - Release --has-databases parameter for AWS Glue get-catalogs API, which filters catalog responses to include only those capable of containing databases, excluding parent catalogs that hold only other catalogs. Remove model-level validation on partition index list size for AWS Glue tables.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.381.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Endpoints\u003c/code\u003e - Introduces endpoint resolution through a BDD rules based evaluation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eAdd BDD-based endpoint resolution alongside the existing Tree Ruletset Evaluator.\u003c/li\u003e\n\u003cli\u003eIntroduce a Bdd package under EndpointV2 namespace containing utilities and components used for resolving an endpoint through BDDs.\u003c/li\u003e\n\u003cli\u003eEnhance the EndpointDefinitionProvider to resolve the endpoint rule definitions by giving preference to BDDs \u0026quot;endpoint-bdd-1.json\u0026quot; rules over tree based rules.\u003c/li\u003e\n\u003cli\u003eEnhance EndpointProviderV2 to support both, BDD endpoint resolution and Tree\nendpoint resolution but also giving preference to BDD resolution.\nHow is it done?\n\u003cul\u003e\n\u003cli\u003eThe parameter $ruleset now supports instances of BddRuleset, besides of array to preserve existent behavior, and when an instance of BddRuleset is present then a BDD Evaluator is instantiated which will be used to resolve the endpoint.\u003c/li\u003e\n\u003cli\u003eOtherwise, if an array or an instance of Ruleset is passed in then, we resolve the endpoint with the Tree based endpoint resolution, which is the current behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd a new method \u0026quot;getActiveParameters\u0026quot; in EndpointProviderV2 that is used by\nthe EndpointV2Middleware to get the active parameters, which internally  it just evaluates which rule set property we should be getting the parameters from, either from $bddRuleset if not null or from $ruleset.\u003c/li\u003e\n\u003cli\u003eEnhance EndpointV2Middleware to consume the new getActiveParameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCampaignsV2\u003c/code\u003e - This release added support for Outbound Campaign timezone detection using all available contact methods\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - AWS Glue now defaults the job timeout to 480 minutes for Glue version 5.0 and later when no timeout value is specified. The default remains 2,880 minutes for Glue version 4.0 and earlier.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Batch\u003c/code\u003e - Adds a billing callout to docs regarding using the CE Scale Down Delay feature\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DSQL\u003c/code\u003e - Added support for Amazon Aurora DSQL change data capture (CDC) streams that deliver row-level database changes to Amazon Kinesis in JSON format. Includes CreateStream, GetStream, ListStreams, and DeleteStream operations.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Lightsail\u003c/code\u003e - Added OriginIpAddressTypeEnum (ipv4, ipv6, dualstack) and ipAddressType field to Origin and InputOrigin structures for Lightsail CDN distributions. Allows customers to specify how the distribution connects to origins, using IPv4, IPv6, or dualstack networking\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCoreControl\u003c/code\u003e - Adds support for read-only summary APIs for Policy Engine, Policy, and Policy Generation resources, enabling metadata retrieval without KMS decryption for AWS Config integration.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BillingConductor\u003c/code\u003e - Add ConflictException to UpdateCustomLineItem operation.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - Adds support for AutomatedSnapshotPauseOptions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralAccount\u003c/code\u003e - Added ServiceQuotaExceededExceptions for Profile operations\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EC2\u003c/code\u003e - Include length limits in the SDK and documentation for text fields in Image (AMI) APIs such as the image name and description\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/989f4776aed2a3b184a5b64046542e8fe66e99e2\"\u003e\u003ccode\u003e989f477\u003c/code\u003e\u003c/a\u003e 3.381.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/8f741343da351f103a98fe3468e08d953cf361d7\"\u003e\u003ccode\u003e8f74134\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ffa8a93faafea878155853ae2caf61871363869d\"\u003e\u003ccode\u003effa8a93\u003c/code\u003e\u003c/a\u003e 3.381.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/8b8177b1c3e5104f722a31b57c646393e74cd2a8\"\u003e\u003ccode\u003e8b8177b\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/600202c07ac7557158629bb460b875688ffc875e\"\u003e\u003ccode\u003e600202c\u003c/code\u003e\u003c/a\u003e fix: break circular reference cycles from non-static closures (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/405affc23ea14950c378d5ae79420302fcb467dc\"\u003e\u003ccode\u003e405affc\u003c/code\u003e\u003c/a\u003e 3.381.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/2648eda3118aa692efbe23b8618124605f12d60f\"\u003e\u003ccode\u003e2648eda\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/c1d3326c6b3d13b9209ae8f1399be0973095b20b\"\u003e\u003ccode\u003ec1d3326\u003c/code\u003e\u003c/a\u003e 3.381.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d070ae900e158a4c5353434c1a1cbc116a6815b5\"\u003e\u003ccode\u003ed070ae9\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/761a190a52fea7a1da9bc3273246e87aa9c77f80\"\u003e\u003ccode\u003e761a190\u003c/code\u003e\u003c/a\u003e feat: endpoints bdd (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3276\"\u003e#3276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.381.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSessionHasFlashMessage\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse::__construct()\u003c/code\u003e now accepts a \u003ccode\u003eResponseHeaderBag\u003c/code\u003e as its third argument\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eParameterBag::getInt()\u003c/code\u003e and \u003ccode\u003eParameterBag::getBoolean()\u003c/code\u003e now throw \u003ccode\u003eUnexpectedValueException\u003c/code\u003e instead of silently returning \u003ccode\u003e0\u003c/code\u003e/\u003ccode\u003efalse\u003c/code\u003e when the value cannot be converted\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/9381209597ec66c25be154cbf2289076e64d1eab\"\u003e\u003ccode\u003e9381209\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f94b3e7b7dafd40e666f0c9ff2084133bae41e81\"\u003e\u003ccode\u003ef94b3e7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cffffd0a2c037117b742b4f8b379a22a2a33f6d2\"\u003e\u003ccode\u003ecffffd0\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix session cookie_lifetime not applied in mock session storage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fd97d5e926e988a363cef56fbbf88c5c528e9065\"\u003e\u003ccode\u003efd97d5e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5bb346d1b4b2a616e5c3d99b3ee4d5810735c535\"\u003e\u003ccode\u003e5bb346d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Handle empty session data in updateTimestamp() to fix compat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/17de1a39c0ed8dc062df993d65c7269502a2ec78\"\u003e\u003ccode\u003e17de1a3\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31b030e12f6662a7016add28fe29b70327dacf86\"\u003e\u003ccode\u003e31b030e\u003c/code\u003e\u003c/a\u003e stop using with*() without expects()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/36ba5c7a025c05a92cd4a753abbe1781442c8414\"\u003e\u003ccode\u003e36ba5c7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31e2a27d480546f031bd4fc6f1ec8a7abdd62bb1\"\u003e\u003ccode\u003e31e2a27\u003c/code\u003e\u003c/a\u003e BinaryFileResponse: always return 206 if Range is valid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/669ac23030db4cc4314e7a9ada4e258752266ec1\"\u003e\u003ccode\u003e669ac23\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.8...v7.4.11\"\u003ehttps://github.com/symfony/process/compare/v7.4.8...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/64058\"\u003e#64058\u003c/a\u003e  Ignore array env values before proc_open (\u003ca href=\"https://github.com/dionisvl\"\u003e\u003ccode\u003e@​dionisvl\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/d9593c9efa40499eb078b81144de42cbc28a31f0\"\u003e\u003ccode\u003ed9593c9\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6c93071cb8c91dce5a41960d125e019e64ef6cb5\"\u003e\u003ccode\u003e6c93071\u003c/code\u003e\u003c/a\u003e [Process] Ignore array env values before proc_open\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/7eab480275d91096356c2217e0d3a1ae46bc4961\"\u003e\u003ccode\u003e7eab480\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/89c0b2214a31fce737e3474a1eb37c20a1b31260\"\u003e\u003ccode\u003e89c0b22\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/e79d4458ee6f2610a35365136713d55e8e8c859a\"\u003e\u003ccode\u003ee79d445\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/7b8e6e883ecdb0d9295cde593081afe8805207c3\"\u003e\u003ccode\u003e7b8e6e8\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/2df4ad6ba902295a6093dbf1c01c98446c36099c\"\u003e\u003ccode\u003e2df4ad6\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/57313310a02ecd61cff81ca37baec68af4dd743f\"\u003e\u003ccode\u003e5731331\u003c/code\u003e\u003c/a\u003e CS fixes - native_function_invocation \u0026amp; static_lambda\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/736ed5259a08c4c503e56dbea9f1ef709f290892\"\u003e\u003ccode\u003e736ed52\u003c/code\u003e\u003c/a\u003e [CS] Back config from 8.1 and apply heredoc_indentation rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/749ba429c9814f698a8ac61ab40de2c5184ae598\"\u003e\u003ccode\u003e749ba42\u003c/code\u003e\u003c/a\u003e Add deprecationTrigger ignoreUndefinedTriggers=\u0026quot;true\u0026quot; in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.0...v7.4.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.8 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--inf...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/mautic/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fmautic/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"4370247700","node_id":"PR_kwDOPVt0zc7Xs1NR","number":121,"state":"closed","title":"Bump composer/composer from 2.9.5 to 2.9.8 in /composer/helpers/v2 in the prod-dependencies group across 1 directory","user":"dependabot[bot]","labels":["dependencies","php","L: php:composer"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T22:50:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-02T22:28:11.000Z","updated_at":"2026-05-19T22:50:29.000Z","time_to_close":1470136,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"}],"path":"/composer/helpers/v2 in the prod-dependencies group across 1 directory","ecosystem":"packagist"},"body":"Bumps the prod-dependencies group with 1 update in the /composer/helpers/v2 directory: [composer/composer](https://github.com/composer/composer).\n\nUpdates `composer/composer` from 2.9.5 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/JaclynCodes/dependabot-core/pull/121","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaclynCodes%2Fdependabot-core/issues/121","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/121/packages"},{"uuid":"4332634915","node_id":"PR_kwDOPWpqaM7VzQ5i","number":84,"state":"open","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-27T01:56:01.000Z","updated_at":"2026-04-27T01:56:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/jazzsequence/satis-server/pull/84","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jazzsequence%2Fsatis-server/issues/84","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/84/packages"},{"uuid":"4287649741","node_id":"PR_kwDOD3agoM7TkLId","number":915,"state":"open","title":"Bump the composer group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","stale","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-18T10:26:29.000Z","updated_at":"2026-05-04T03:37:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":6,"packages":[{"name":"composer/composer","old_version":"2.8.12","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"psy/psysh","old_version":"0.12.10","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"},{"name":"symfony/http-foundation","old_version":"7.3.4","new_version":"7.3.11","repository_url":"https://github.com/symfony/http-foundation"},{"name":"google/protobuf","old_version":"4.32.1","new_version":"4.33.6","repository_url":"https://github.com/protocolbuffers/protobuf-php"},{"name":"phpunit/phpunit","old_version":"11.5.42","new_version":"11.5.55","repository_url":"https://github.com/sebastianbergmann/phpunit"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [composer/composer](https://github.com/composer/composer) | `2.8.12` | `2.9.7` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.10` | `0.12.22` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.4` | `7.3.11` |\n| [google/protobuf](https://github.com/protocolbuffers/protobuf-php) | `4.32.1` | `4.33.6` |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `11.5.42` | `11.5.55` |\n\n\nUpdates `composer/composer` from 2.8.12 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.8.12...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.10 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.10...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62502\"\u003esymfony/symfony#62502\u003c/a\u003e [HttpFoundation] Fix Expires response header for EventStream (\u003ca href=\"https://github.com/4513\"\u003e\u003ccode\u003e@​4513\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62246\"\u003esymfony/symfony#62246\u003c/a\u003e [HttpFoundation] Allow Request::setFormat() to override predefined formats (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62153\"\u003esymfony/symfony#62153\u003c/a\u003e [HttpFoundation] Fix issue where ServerEvent with \u0026quot;0\u0026quot; data is not sent (\u003ca href=\"https://github.com/santysisi\"\u003e\u003ccode\u003e@​santysisi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5347db9d709bb003722abfdc03990f3f21c53db5\"\u003e\u003ccode\u003e5347db9\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f1a490cc9d595ba7ebe684220e625d1e472ad278\"\u003e\u003ccode\u003ef1a490c\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix PdoSessionHandler charset-collation mismatch with the Do...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cc4ae963efd984204c0224605ae821382b791462\"\u003e\u003ccode\u003ecc4ae96\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a7c652d0d0a6be8fbf9dead2e36f31e46c482adf\"\u003e\u003ccode\u003ea7c652d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix double-prefixing of session keys when using redis/memcached\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/66e496a79d33160cecaf1569871a39ec0510fb11\"\u003e\u003ccode\u003e66e496a\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/4a673e9797bf5c2db347ae0e5f7880bb572cc061\"\u003e\u003ccode\u003e4a673e9\u003c/code\u003e\u003c/a\u003e do not use PHPUnit mock objects without configured expectations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/6dc98931a559065ff8f968ae0e461e600a321291\"\u003e\u003ccode\u003e6dc9893\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a35ee6f47e4775179704d7877a8b0da3cb09241a\"\u003e\u003ccode\u003ea35ee6f\u003c/code\u003e\u003c/a\u003e [HttpFoundation][Cache] Fix VARBINARY columns on sqlsrv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/8cdae4e108673e0d3e4f18ef2ee79ff5023beeac\"\u003e\u003ccode\u003e8cdae4e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/0384c62b79d96e9b22d77bc1272c9e83342ba3a6\"\u003e\u003ccode\u003e0384c62\u003c/code\u003e\u003c/a\u003e minor \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/62519\"\u003e#62519\u003c/a\u003e [HttpFoundation] Fix Request getPathInfo docblock (bobvandevijver)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/e579464d74525bf5eca45cbc984126a461879c3e\"\u003e\u003ccode\u003ee579464\u003c/code\u003e\u003c/a\u003e [Process] Ignore invalid env var names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/cbfa8595e86911b7c9dcd6e80e2205e82be86180\"\u003e\u003ccode\u003ecbfa859\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/8541b7308fca001320e90bca8a73a28aa5604a6e\"\u003e\u003ccode\u003e8541b73\u003c/code\u003e\u003c/a\u003e [Process] Fix dealing with broken stdin pipes\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google/protobuf` from 4.32.1 to 4.33.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/84b008c23915ed94536737eae46f41ba3bccfe67\"\u003e\u003ccode\u003e84b008c\u003c/code\u003e\u003c/a\u003e 4.33.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/1debe453db83159b98a38df5a3737feb1e8ef016\"\u003e\u003ccode\u003e1debe45\u003c/code\u003e\u003c/a\u003e 5.34.0 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/3f6644d863943ebedafacfbfff2cb1c967a766b2\"\u003e\u003ccode\u003e3f6644d\u003c/code\u003e\u003c/a\u003e 5.34.0RC2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/6fd2d13a7591515c8d09e6278f1a42a78e1adeac\"\u003e\u003ccode\u003e6fd2d13\u003c/code\u003e\u003c/a\u003e 4.29.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/ebe8010a61b2ae0cff0d246fe1c4d44e9f7dfa6d\"\u003e\u003ccode\u003eebe8010\u003c/code\u003e\u003c/a\u003e 4.33.5 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/a217acb35241a96fd6d6280e2b2540c30bd028f7\"\u003e\u003ccode\u003ea217acb\u003c/code\u003e\u003c/a\u003e 5.34.0RC1 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/22d28025cda0d223a2e48c2e16c5284ecc9f5402\"\u003e\u003ccode\u003e22d2802\u003c/code\u003e\u003c/a\u003e 4.33.4 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/281537d44d6c270606354e65bfa75a0969dbd629\"\u003e\u003ccode\u003e281537d\u003c/code\u003e\u003c/a\u003e 4.33.3 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/fbd96b7bf1343f4b0d8fb358526c7ba4d72f1318\"\u003e\u003ccode\u003efbd96b7\u003c/code\u003e\u003c/a\u003e 4.33.2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/0cd73ccf0cd26c3e72299cce1ea6144091a57e12\"\u003e\u003ccode\u003e0cd73cc\u003c/code\u003e\u003c/a\u003e 4.33.1 sync\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protocolbuffers/protobuf-php/compare/v4.32.1...v4.33.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phpunit/phpunit` from 11.5.42 to 11.5.55\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 11.5.55\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.54\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.53\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.52\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/11.5.55/ChangeLog-11.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[11.5.55] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.54] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.53] - 2026-02-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.52] - 2026-02-08\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.51] - 2026-02-05\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6488\"\u003e#6488\u003c/a\u003e: Allow disabling issue trigger identification for improved performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6486\"\u003e#6486\u003c/a\u003e: Incorrect file name reported for errors for test methods declared in traits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6490\"\u003e#6490\u003c/a\u003e: Incorrect test count when tests are skipped in before-class method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.50] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.49] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6362\"\u003e#6362\u003c/a\u003e: Manually instantiated test doubles are broken since PHPUnit 11.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6470\"\u003e#6470\u003c/a\u003e: Infinite recursion in \u003ccode\u003eCount::getCountOf()\u003c/code\u003e for unusal implementations of \u003ccode\u003eIterator\u003c/code\u003e or \u003ccode\u003eIteratorAggregate\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.48] - 2026-01-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/adc7262fccc12de2b30f12a8aa0b33775d814f00\"\u003e\u003ccode\u003eadc7262\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0f31bcfdab285459bfee3eb7af8218aaeb0c09d5\"\u003e\u003ccode\u003e0f31bcf\u003c/code\u003e\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/eb7d132e95d824bbfd728eb2c8589191424f178a\"\u003e\u003ccode\u003eeb7d132\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0325337f13bed9a5a2dcf3dbb1d1216596d8c932\"\u003e\u003ccode\u003e0325337\u003c/code\u003e\u003c/a\u003e Update ChangeLog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/24136927c3b8bee3b289a56144e7b340556bd194\"\u003e\u003ccode\u003e2413692\u003c/code\u003e\u003c/a\u003e Classify issue trigger as \u0026quot;unknown\u0026quot; only when it is not \u0026quot;self\u0026quot;, \u0026quot;direct\u0026quot;, or ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/8811c224c7dded079e3c72eeb3a5794cd8cffd8e\"\u003e\u003ccode\u003e8811c22\u003c/code\u003e\u003c/a\u003e Test all possible combinations (even if not all of them make sense)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/79f11ae1a161217845766f21435ee8bb6dc12c6b\"\u003e\u003ccode\u003e79f11ae\u003c/code\u003e\u003c/a\u003e Remove IssueTrigger::unknown()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/6589f445de2a4abbc24812d0b81fe2d5423e95e6\"\u003e\u003ccode\u003e6589f44\u003c/code\u003e\u003c/a\u003e Fall back to null instead of Code::ThirdParty when we cannot classify a file ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a64de8a9d42fe67e785b401e2dfaf472ef18f682\"\u003e\u003ccode\u003ea64de8a\u003c/code\u003e\u003c/a\u003e Narrow type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a2300423541356160a40f8dc327cb73f65bb78eb\"\u003e\u003ccode\u003ea230042\u003c/code\u003e\u003c/a\u003e Resurrect test that got lost while reorganizing tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/11.5.42...11.5.55\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| phpunit/phpunit | [\u003e= 10.a, \u003c 11] |\n\u003c/details\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/acquia/drupal-recommended-project/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/acquia/drupal-recommended-project/pull/915","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/acquia%2Fdrupal-recommended-project/issues/915","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/915/packages"},{"uuid":"4287012344","node_id":"PR_kwDOPrj8Sc7TiPCR","number":4,"state":"closed","title":"Bump the composer group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-28T22:56:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-18T06:20:20.000Z","updated_at":"2026-04-28T22:56:16.000Z","time_to_close":923754,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":7,"packages":[{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.379.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.67","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/http-foundation","old_version":"7.3.1","new_version":"7.4.8","repository_url":"https://github.com/symfony/http-foundation"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.379.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.7` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.67` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.1` | `7.4.8` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.22` |\n\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.379.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.379.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCampaignsV2\u003c/code\u003e - This release adds support for campaign entry limits configuration and hourly refresh frequency in Amazon Connect Outbound Campaigns.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\STS\u003c/code\u003e - The STS client now supports configuring SigV4a through the auth scheme preference setting. SigV4a uses asymmetric cryptography, enabling customers using long-term IAM credentials to continue making STS API calls even when a region is isolated from the partition leader.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\GroundStation\u003c/code\u003e - Adds support for updating contacts, listing antennas, and listing ground station reservations. New API operations - UpdateContact, ListContactVersions, DescribeContactVersion, ListAntennas, and ListGroundStationReservations.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CleanRooms\u003c/code\u003e - This release adds support for configurable spark properties for Cleanrooms PySpark workloads.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Neptune\u003c/code\u003e - Improving Documentation for Neptune\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds support for providing NetworkInterface for efa enabled instances and Simplified cluster creation for Slurm-orchestrated clusters with optional Lifecycle Script (LCS) configuration.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QuickSight\u003c/code\u003e - Public release of dashboard customization summary, S3 Tables data source type, Athena cross-account connector, custom sorting for controls, and AI-powered analysis generation.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - ImportDiskImage API adds registerImageOptions for Secure Boot control and custom UEFI data. It adds windowsConfiguration for selecting a specific edition from multi-image .wim files during ISO import.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Fixes in SDK for customers using TestCase APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataZone\u003c/code\u003e - Launching SMUS IAM domain SDK support\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchLogs\u003c/code\u003e - Endpoint update for CloudWatch Logs Streaming APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CognitoIdentityProvider\u003c/code\u003e - Adds support for passkey-based multi-factor authentication in Cognito User Pools. Users can authenticate securely using FIDO2-compliant passkeys with user verification, enabling passwordless MFA flows while maintaining backward compatibility with password-based authentication\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - Amazon Connect Customer Profiles adds RecommenderSchema CRUD APIs for custom ML training columns. CreateRecommender and CreateRecommenderFilter now accept optional RecommenderSchemaName.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Added error handling for service quota limits\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Deprecate the userId from the Chat operations. This update also removes support of AllowVendedLogDeliveryForResource API from AWS SDKs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatch\u003c/code\u003e - Update documentation of alarm mute rules start and end date fields\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing NamespacePath in AgentCore Memory to support hierarchical prefix based memory record retrieval.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AutoScaling\u003c/code\u003e - This release adds support for specifying Availability Zone IDs as an alternative to Availability Zone names when creating or updating Auto Scaling groups.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for Elemental Inference powered smart crop feature, enabling video verticalization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\drs\u003c/code\u003e - Updating regex for identification of AWS Regions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RDS\u003c/code\u003e - Adds a new DescribeServerlessV2PlatformVersions API to describe platform version properties for Aurora Serverless v2. Also introduces a new valid maintenance action value for serverless platform version updates.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - This release updates the Amazon Connect Rules CRUD APIs to support a new EventSourceName - OnEmailAnalysisAvailable. Use this event source to trigger rules when conversational analytics results are available for email contacts.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AppStream\u003c/code\u003e - Add content redirection to Update Stack\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Interconnect\u003c/code\u003e - Initial release of AWS Interconnect -- a managed private connectivity service that enables you to create high-speed network connections between your AWS Virtual Private Clouds (VPCs) and your VPCs on other public clouds or your on-premise networks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - This release introduces changes to SegmentDefinition APIs to support sorting by attributes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Deadline\u003c/code\u003e - Adds GetMonitorSettings and UpdateMonitorSettings APIs to Deadline Cloud. Enables reading and writing monitor settings as key-value pairs (up to 64 keys per monitor). UpdateMonitorSettings supports upsert and delete (via empty value) semantics and is idempotent.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - AWS Glue now defaults to Glue version 5.1 for newly created jobs if the Glue version is not specified in the request, and UpdateJob now preserves the existing Glue version of a job when the Glue version is not specified in the update request.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityHub\u003c/code\u003e - Provide organizational unit scoping capability for GetFindingsV2, GetFindingStatisticsV2, GetResourcesV2, GetResourcesStatisticsV2 APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Macie2\u003c/code\u003e - This release adds an optional expectedBucketOwner field to the Macie S3 export configuration, allowing customers to verify bucket ownership before Macie writes results to the destination bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Conversational Analytics for Email\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Support new SageMaker StartClusterHealthCheck API for on-demand DHC on Hyperpod EKS cluster. Support updated CreateCluster, UpdateCluster, DescribeCluster, BatchAddClusterNodes APIs for flexible instance group on HyperPod cluster\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - Image pipelines can now automatically apply tags to images they create. Set the imageTags property when creating or updating your pipelines to get started.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for MV-HEVC video output and clear lead for AV1 DRM output.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Devops Agent now supports associate Splunk, Datadog and custom MCP server to an Agent Space.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Minor updates to exceptions for completeness\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adds optional health check configuration for Responder Gateways with ASG Managed Endpoints. When provided, RTB Fabric continuously probes customers' instance IPs and routes traffic only to healthy ones, reducing errors during deployments, scaling events, and instance failures.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ObservabilityAdmin\u003c/code\u003e - CloudWatch Observability Admin adds support for multi-region telemetry evaluation and telemetry enablement rules.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RedshiftDataAPIService\u003c/code\u003e - The BatchExecuteStatement API now supports named SQL parameters, enabling secure batch queries with parameterized values. This enhancement helps prevent SQL injection vulnerabilities and improves query reusability.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCoreControl\u003c/code\u003e - Initial release for CRUDL in AgentCore Registry Service\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Release support for g7e instance types for SageMaker HyperPod\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing support for SearchRegistryRecords API on AgentCoreRegistry\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/45c385619d43e54ede8daca211960c345d3ff3b7\"\u003e\u003ccode\u003e45c3856\u003c/code\u003e\u003c/a\u003e 3.379.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/597bd6fa35e00e5fa889d7e9451523f0391fe4e8\"\u003e\u003ccode\u003e597bd6f\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/261bfa48bb4dc0d9a8d0dcb5af7c329d97de7acc\"\u003e\u003ccode\u003e261bfa4\u003c/code\u003e\u003c/a\u003e 3.379.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/bba9281cd25d16938c6214719152e0b047688201\"\u003e\u003ccode\u003ebba9281\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/f17f0ec7d98aa9f155d30eb910c63d00226b056c\"\u003e\u003ccode\u003ef17f0ec\u003c/code\u003e\u003c/a\u003e S3Client: fix 'recieved' -\u0026gt; 'received' typo in internal-error message (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3273\"\u003e#3273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/fcaf9c7dd8df8281b1a820f4db31a6115af8373b\"\u003e\u003ccode\u003efcaf9c7\u003c/code\u003e\u003c/a\u003e Bump actions/github-script from 8 to 9 (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3270\"\u003e#3270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a50c3cc2c59f5ebeb56cbe170e6f144034b252b6\"\u003e\u003ccode\u003ea50c3cc\u003c/code\u003e\u003c/a\u003e 3.379.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/2bedd2cd7ff0ddf8f3b840ca09e3c5ec63451a08\"\u003e\u003ccode\u003e2bedd2c\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/df2a6c362ddce2ede3ac3a8286f5788847e614b4\"\u003e\u003ccode\u003edf2a6c3\u003c/code\u003e\u003c/a\u003e 3.378.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/82e7b1576d7ceedf3db0d5b1080b0e21a18d13f0\"\u003e\u003ccode\u003e82e7b15\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.379.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.67\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.67\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.66\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eVersion 2.1.65\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eVersion 2.1.66\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2024-01-05  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.65):\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.64):\n\u003cul\u003e\n\u003cli\u003e[css] re-fix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3584\"\u003e#3584\u003c/a\u003e css error and CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/5e463d1384972dffcb736ad3c94f35af10656ca2\"\u003e\u003ccode\u003e5e463d1\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2b7574ca4b95e95b6639d7a865ba49ac00f32015\"\u003e\u003ccode\u003e2b7574c\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/486bbbe4b898484e1526db46d8bb8808c5b5f37b\"\u003e\u003ccode\u003e486bbbe\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/561386b3274f394b590691452a85b99ad354644b\"\u003e\u003ccode\u003e561386b\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/78488951e44d69e8b9e4e849f8268df408632a6c\"\u003e\u003ccode\u003e7848895\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.66\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/82067d8dfcdb2e4668badab20df1acd4b18f10ad\"\u003e\u003ccode\u003e82067d8\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-675864b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/844a164d4049d2f2b12204ed6351214533bb867f\"\u003e\u003ccode\u003e844a164\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2f97105f101c90b23dda5b1f7a2d75303ac1d056\"\u003e\u003ccode\u003e2f97105\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5c622cf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/695212107064f0277831cc4b87ed2e0f158d9558\"\u003e\u003ccode\u003e6952121\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-a381e3a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/724fe3c33344e05d7fa2a892f1a009d301886a5f\"\u003e\u003ccode\u003e724fe3c\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5fc559b\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.67\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$requests\u003c/code\u003e parameter to \u003ccode\u003eRequestStack::__construct()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e parameters to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/9381209597ec66c25be154cbf2289076e64d1eab\"\u003e\u003ccode\u003e9381209\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f94b3e7b7dafd40e666f0c9ff2084133bae41e81\"\u003e\u003ccode\u003ef94b3e7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cffffd0a2c037117b742b4f8b379a22a2a33f6d2\"\u003e\u003ccode\u003ecffffd0\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix session cookie_lifetime not applied in mock session storage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fd97d5e926e988a363cef56fbbf88c5c528e9065\"\u003e\u003ccode\u003efd97d5e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5bb346d1b4b2a616e5c3d99b3ee4d5810735c535\"\u003e\u003ccode\u003e5bb346d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Handle empty session data in updateTimestamp() to fix compat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/17de1a39c0ed8dc062df993d65c7269502a2ec78\"\u003e\u003ccode\u003e17de1a3\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31b030e12f6662a7016add28fe29b70327dacf86\"\u003e\u003ccode\u003e31b030e\u003c/code\u003e\u003c/a\u003e stop using with*() without expects()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/36ba5c7a025c05a92cd4a753abbe1781442c8414\"\u003e\u003ccode\u003e36ba5c7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31e2a27d480546f031bd4fc6f1ec8a7abdd62bb1\"\u003e\u003ccode\u003e31e2a27\u003c/code\u003e\u003c/a\u003e BinaryFileResponse: always return 206 if Range is valid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/669ac23030db4cc4314e7a9ada4e258752266ec1\"\u003e\u003ccode\u003e669ac23\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/60f19cd3badc8de688421e21e4305eba50f8089a\"\u003e\u003ccode\u003e60f19cd\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/95b070ee7180a0d49d48786fccf3b935c01d6f3b\"\u003e\u003ccode\u003e95b070e\u003c/code\u003e\u003c/a\u003e [Process] Throw InvalidArgumentException when env block exceeds Windows limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/608476f4604102976d687c483ac63a79ba18cc97\"\u003e\u003ccode\u003e608476f\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/626f07a53f4b4e2f00e11824cc29f928d797783b\"\u003e\u003ccode\u003e626f07a\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/f532042054c29ec9181b94ec5d5a42736c052eb1\"\u003e\u003ccode\u003ef532042\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.0...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.8 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.8...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dporkka/mautic/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/dporkka/mautic/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fmautic/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4287010242","node_id":"PR_kwDOPqlfLs7TiOqy","number":7,"state":"closed","title":"Bump the composer group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-28T22:56:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-18T06:19:29.000Z","updated_at":"2026-04-28T22:56:47.000Z","time_to_close":923836,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":7,"packages":[{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.379.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.67","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/http-foundation","old_version":"7.3.1","new_version":"7.4.8","repository_url":"https://github.com/symfony/http-foundation"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.379.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.7` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.67` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.1` | `7.4.8` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.22` |\n\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.379.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.379.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCampaignsV2\u003c/code\u003e - This release adds support for campaign entry limits configuration and hourly refresh frequency in Amazon Connect Outbound Campaigns.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\STS\u003c/code\u003e - The STS client now supports configuring SigV4a through the auth scheme preference setting. SigV4a uses asymmetric cryptography, enabling customers using long-term IAM credentials to continue making STS API calls even when a region is isolated from the partition leader.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\GroundStation\u003c/code\u003e - Adds support for updating contacts, listing antennas, and listing ground station reservations. New API operations - UpdateContact, ListContactVersions, DescribeContactVersion, ListAntennas, and ListGroundStationReservations.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CleanRooms\u003c/code\u003e - This release adds support for configurable spark properties for Cleanrooms PySpark workloads.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Neptune\u003c/code\u003e - Improving Documentation for Neptune\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds support for providing NetworkInterface for efa enabled instances and Simplified cluster creation for Slurm-orchestrated clusters with optional Lifecycle Script (LCS) configuration.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QuickSight\u003c/code\u003e - Public release of dashboard customization summary, S3 Tables data source type, Athena cross-account connector, custom sorting for controls, and AI-powered analysis generation.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - ImportDiskImage API adds registerImageOptions for Secure Boot control and custom UEFI data. It adds windowsConfiguration for selecting a specific edition from multi-image .wim files during ISO import.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Fixes in SDK for customers using TestCase APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataZone\u003c/code\u003e - Launching SMUS IAM domain SDK support\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchLogs\u003c/code\u003e - Endpoint update for CloudWatch Logs Streaming APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CognitoIdentityProvider\u003c/code\u003e - Adds support for passkey-based multi-factor authentication in Cognito User Pools. Users can authenticate securely using FIDO2-compliant passkeys with user verification, enabling passwordless MFA flows while maintaining backward compatibility with password-based authentication\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - Amazon Connect Customer Profiles adds RecommenderSchema CRUD APIs for custom ML training columns. CreateRecommender and CreateRecommenderFilter now accept optional RecommenderSchemaName.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Added error handling for service quota limits\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Deprecate the userId from the Chat operations. This update also removes support of AllowVendedLogDeliveryForResource API from AWS SDKs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatch\u003c/code\u003e - Update documentation of alarm mute rules start and end date fields\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing NamespacePath in AgentCore Memory to support hierarchical prefix based memory record retrieval.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AutoScaling\u003c/code\u003e - This release adds support for specifying Availability Zone IDs as an alternative to Availability Zone names when creating or updating Auto Scaling groups.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for Elemental Inference powered smart crop feature, enabling video verticalization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\drs\u003c/code\u003e - Updating regex for identification of AWS Regions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RDS\u003c/code\u003e - Adds a new DescribeServerlessV2PlatformVersions API to describe platform version properties for Aurora Serverless v2. Also introduces a new valid maintenance action value for serverless platform version updates.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - This release updates the Amazon Connect Rules CRUD APIs to support a new EventSourceName - OnEmailAnalysisAvailable. Use this event source to trigger rules when conversational analytics results are available for email contacts.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AppStream\u003c/code\u003e - Add content redirection to Update Stack\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Interconnect\u003c/code\u003e - Initial release of AWS Interconnect -- a managed private connectivity service that enables you to create high-speed network connections between your AWS Virtual Private Clouds (VPCs) and your VPCs on other public clouds or your on-premise networks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - This release introduces changes to SegmentDefinition APIs to support sorting by attributes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Deadline\u003c/code\u003e - Adds GetMonitorSettings and UpdateMonitorSettings APIs to Deadline Cloud. Enables reading and writing monitor settings as key-value pairs (up to 64 keys per monitor). UpdateMonitorSettings supports upsert and delete (via empty value) semantics and is idempotent.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - AWS Glue now defaults to Glue version 5.1 for newly created jobs if the Glue version is not specified in the request, and UpdateJob now preserves the existing Glue version of a job when the Glue version is not specified in the update request.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityHub\u003c/code\u003e - Provide organizational unit scoping capability for GetFindingsV2, GetFindingStatisticsV2, GetResourcesV2, GetResourcesStatisticsV2 APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Macie2\u003c/code\u003e - This release adds an optional expectedBucketOwner field to the Macie S3 export configuration, allowing customers to verify bucket ownership before Macie writes results to the destination bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Conversational Analytics for Email\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Support new SageMaker StartClusterHealthCheck API for on-demand DHC on Hyperpod EKS cluster. Support updated CreateCluster, UpdateCluster, DescribeCluster, BatchAddClusterNodes APIs for flexible instance group on HyperPod cluster\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - Image pipelines can now automatically apply tags to images they create. Set the imageTags property when creating or updating your pipelines to get started.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for MV-HEVC video output and clear lead for AV1 DRM output.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Devops Agent now supports associate Splunk, Datadog and custom MCP server to an Agent Space.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Minor updates to exceptions for completeness\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adds optional health check configuration for Responder Gateways with ASG Managed Endpoints. When provided, RTB Fabric continuously probes customers' instance IPs and routes traffic only to healthy ones, reducing errors during deployments, scaling events, and instance failures.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ObservabilityAdmin\u003c/code\u003e - CloudWatch Observability Admin adds support for multi-region telemetry evaluation and telemetry enablement rules.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RedshiftDataAPIService\u003c/code\u003e - The BatchExecuteStatement API now supports named SQL parameters, enabling secure batch queries with parameterized values. This enhancement helps prevent SQL injection vulnerabilities and improves query reusability.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCoreControl\u003c/code\u003e - Initial release for CRUDL in AgentCore Registry Service\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Release support for g7e instance types for SageMaker HyperPod\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing support for SearchRegistryRecords API on AgentCoreRegistry\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/45c385619d43e54ede8daca211960c345d3ff3b7\"\u003e\u003ccode\u003e45c3856\u003c/code\u003e\u003c/a\u003e 3.379.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/597bd6fa35e00e5fa889d7e9451523f0391fe4e8\"\u003e\u003ccode\u003e597bd6f\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/261bfa48bb4dc0d9a8d0dcb5af7c329d97de7acc\"\u003e\u003ccode\u003e261bfa4\u003c/code\u003e\u003c/a\u003e 3.379.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/bba9281cd25d16938c6214719152e0b047688201\"\u003e\u003ccode\u003ebba9281\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/f17f0ec7d98aa9f155d30eb910c63d00226b056c\"\u003e\u003ccode\u003ef17f0ec\u003c/code\u003e\u003c/a\u003e S3Client: fix 'recieved' -\u0026gt; 'received' typo in internal-error message (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3273\"\u003e#3273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/fcaf9c7dd8df8281b1a820f4db31a6115af8373b\"\u003e\u003ccode\u003efcaf9c7\u003c/code\u003e\u003c/a\u003e Bump actions/github-script from 8 to 9 (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3270\"\u003e#3270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a50c3cc2c59f5ebeb56cbe170e6f144034b252b6\"\u003e\u003ccode\u003ea50c3cc\u003c/code\u003e\u003c/a\u003e 3.379.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/2bedd2cd7ff0ddf8f3b840ca09e3c5ec63451a08\"\u003e\u003ccode\u003e2bedd2c\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/df2a6c362ddce2ede3ac3a8286f5788847e614b4\"\u003e\u003ccode\u003edf2a6c3\u003c/code\u003e\u003c/a\u003e 3.378.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/82e7b1576d7ceedf3db0d5b1080b0e21a18d13f0\"\u003e\u003ccode\u003e82e7b15\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.379.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.67\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.67\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.66\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eVersion 2.1.65\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eVersion 2.1.66\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2024-01-05  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.65):\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.64):\n\u003cul\u003e\n\u003cli\u003e[css] re-fix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3584\"\u003e#3584\u003c/a\u003e css error and CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/5e463d1384972dffcb736ad3c94f35af10656ca2\"\u003e\u003ccode\u003e5e463d1\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2b7574ca4b95e95b6639d7a865ba49ac00f32015\"\u003e\u003ccode\u003e2b7574c\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/486bbbe4b898484e1526db46d8bb8808c5b5f37b\"\u003e\u003ccode\u003e486bbbe\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/561386b3274f394b590691452a85b99ad354644b\"\u003e\u003ccode\u003e561386b\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/78488951e44d69e8b9e4e849f8268df408632a6c\"\u003e\u003ccode\u003e7848895\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.66\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/82067d8dfcdb2e4668badab20df1acd4b18f10ad\"\u003e\u003ccode\u003e82067d8\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-675864b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/844a164d4049d2f2b12204ed6351214533bb867f\"\u003e\u003ccode\u003e844a164\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2f97105f101c90b23dda5b1f7a2d75303ac1d056\"\u003e\u003ccode\u003e2f97105\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5c622cf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/695212107064f0277831cc4b87ed2e0f158d9558\"\u003e\u003ccode\u003e6952121\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-a381e3a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/724fe3c33344e05d7fa2a892f1a009d301886a5f\"\u003e\u003ccode\u003e724fe3c\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5fc559b\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.67\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$requests\u003c/code\u003e parameter to \u003ccode\u003eRequestStack::__construct()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e parameters to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/9381209597ec66c25be154cbf2289076e64d1eab\"\u003e\u003ccode\u003e9381209\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f94b3e7b7dafd40e666f0c9ff2084133bae41e81\"\u003e\u003ccode\u003ef94b3e7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cffffd0a2c037117b742b4f8b379a22a2a33f6d2\"\u003e\u003ccode\u003ecffffd0\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix session cookie_lifetime not applied in mock session storage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fd97d5e926e988a363cef56fbbf88c5c528e9065\"\u003e\u003ccode\u003efd97d5e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5bb346d1b4b2a616e5c3d99b3ee4d5810735c535\"\u003e\u003ccode\u003e5bb346d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Handle empty session data in updateTimestamp() to fix compat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/17de1a39c0ed8dc062df993d65c7269502a2ec78\"\u003e\u003ccode\u003e17de1a3\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31b030e12f6662a7016add28fe29b70327dacf86\"\u003e\u003ccode\u003e31b030e\u003c/code\u003e\u003c/a\u003e stop using with*() without expects()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/36ba5c7a025c05a92cd4a753abbe1781442c8414\"\u003e\u003ccode\u003e36ba5c7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31e2a27d480546f031bd4fc6f1ec8a7abdd62bb1\"\u003e\u003ccode\u003e31e2a27\u003c/code\u003e\u003c/a\u003e BinaryFileResponse: always return 206 if Range is valid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/669ac23030db4cc4314e7a9ada4e258752266ec1\"\u003e\u003ccode\u003e669ac23\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/60f19cd3badc8de688421e21e4305eba50f8089a\"\u003e\u003ccode\u003e60f19cd\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/95b070ee7180a0d49d48786fccf3b935c01d6f3b\"\u003e\u003ccode\u003e95b070e\u003c/code\u003e\u003c/a\u003e [Process] Throw InvalidArgumentException when env block exceeds Windows limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/608476f4604102976d687c483ac63a79ba18cc97\"\u003e\u003ccode\u003e608476f\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/626f07a53f4b4e2f00e11824cc29f928d797783b\"\u003e\u003ccode\u003e626f07a\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/f532042054c29ec9181b94ec5d5a42736c052eb1\"\u003e\u003ccode\u003ef532042\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.0...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.8 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.8...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/HandyKnox/mautic-marketing/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/HandyKnox/mautic-marketing/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HandyKnox%2Fmautic-marketing/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4264497750","node_id":"PR_kwDOCd4K7M7SbUcB","number":370,"state":"closed","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["Dependencies 📦","PHP 🐘","dependencies","php"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-19T18:28:10.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:43.000Z","updated_at":"2026-04-19T18:28:19.000Z","time_to_close":425547,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WyriHaximus/php-async-test-utilities/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/WyriHaximus/php-async-test-utilities/pull/370","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/WyriHaximus%2Fphp-async-test-utilities/issues/370","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/370/packages"},{"uuid":"4264497505","node_id":"PR_kwDOB9ib6M7SbUYz","number":86,"state":"closed","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["Dependencies 📦","PHP 🐘","dependencies","php"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-19T20:22:47.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:40.000Z","updated_at":"2026-04-19T20:22:49.000Z","time_to_close":432427,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WyriHaximus/php-psr-3-context-logger/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/WyriHaximus/php-psr-3-context-logger/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/WyriHaximus%2Fphp-psr-3-context-logger/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"},{"uuid":"4264496682","node_id":"PR_kwDORaHe5c7SbUNW","number":10,"state":"open","title":"chore(deps-dev): bump composer/composer from 2.9.5 to 2.9.7 in the composer group across 1 directory","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:32.000Z","updated_at":"2026-04-14T20:15:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":"the composer group across 1 directory","ecosystem":"packagist"},"body":"Bumps the composer group with 1 update in the / directory: [composer/composer](https://github.com/composer/composer).\n\nUpdates `composer/composer` from 2.9.5 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/NguyenThanhPhucne/open_crm/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/NguyenThanhPhucne/open_crm/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NguyenThanhPhucne%2Fopen_crm/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4264496631","node_id":"PR_kwDOD3sQbc7SbUMn","number":1982,"state":"open","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:31.000Z","updated_at":"2026-04-20T12:11:46.831Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/acquia/cli/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/acquia/cli/pull/1982","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/acquia%2Fcli/issues/1982","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1982/packages"},{"uuid":"4264496529","node_id":"PR_kwDOBY2OQc7SbULP","number":14719,"state":"closed","title":"build(deps): bump composer/composer from 2.9.5 to 2.9.6 in /composer/helpers/v2","user":"dependabot[bot]","labels":["dependencies","L: php:composer","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T17:13:21.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:30.000Z","updated_at":"2026-05-19T17:13:24.000Z","time_to_close":3013071,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.6","repository_url":"https://github.com/composer/composer"}],"path":"/composer/helpers/v2","ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.6.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/91f077050c13e49e22554b991c81378ce8b5ee16\"\u003e\u003ccode\u003e91f0770\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/d836b901648dfb0f8c94c02bbd91bb68a25e16d8\"\u003e\u003ccode\u003ed836b90\u003c/code\u003e\u003c/a\u003e Fix fossil driver identifier validation for getFileContent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/028a251c3fec3d561f8728506411581c9093dd70\"\u003e\u003ccode\u003e028a251\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5e08c764257b5ab0948af93010a39bd5644b153d\"\u003e\u003ccode\u003e5e08c76\u003c/code\u003e\u003c/a\u003e Fix fossil update call when calling it with valid branch names like --dry-run...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dependabot/dependabot-core/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot/dependabot-core/pull/14719","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot%2Fdependabot-core/issues/14719","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14719/packages"},{"uuid":"4264493721","node_id":"PR_kwDOGq44Rc7SbTkn","number":1088,"state":"closed","title":"chore(deps-dev): bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-21T03:06:44.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:14:59.000Z","updated_at":"2026-04-21T03:06:46.000Z","time_to_close":543105,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/UN-OCHA/response-site/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/UN-OCHA/response-site/pull/1088","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/UN-OCHA%2Fresponse-site/issues/1088","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1088/packages"},{"uuid":"4264493431","node_id":"PR_kwDON4ub4c7SbTgX","number":12,"state":"closed","title":"Bump the composer group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-17T23:16:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:14:57.000Z","updated_at":"2026-04-17T23:16:38.000Z","time_to_close":270099,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":2,"packages":[{"name":"composer/composer","old_version":"2.9.3","new_version":"2.9.6","repository_url":"https://github.com/composer/composer"},{"name":"league/commonmark","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/thephpleague/commonmark"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 2 updates in the /workbench directory: [composer/composer](https://github.com/composer/composer) and [league/commonmark](https://github.com/thephpleague/commonmark).\n\nUpdates `composer/composer` from 2.9.3 to 2.9.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/91f077050c13e49e22554b991c81378ce8b5ee16\"\u003e\u003ccode\u003e91f0770\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/d836b901648dfb0f8c94c02bbd91bb68a25e16d8\"\u003e\u003ccode\u003ed836b90\u003c/code\u003e\u003c/a\u003e Fix fossil driver identifier validation for getFileContent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/028a251c3fec3d561f8728506411581c9093dd70\"\u003e\u003ccode\u003e028a251\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5e08c764257b5ab0948af93010a39bd5644b153d\"\u003e\u003ccode\u003e5e08c76\u003c/code\u003e\u003c/a\u003e Fix fossil update call when calling it with valid branch names like --dry-run...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `league/commonmark` from 2.8.0 to 2.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/thephpleague/commonmark/releases\"\u003eleague/commonmark's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.8.2\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where the \u003ccode\u003eallowed_domains\u003c/code\u003e setting for the \u003ccode\u003eEmbed\u003c/code\u003e extension can be bypassed, resulting in a possible SSRF and XSS vulnerabilities.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDomainFilteringAdapter\u003c/code\u003e hostname boundary bypass where domains like \u003ccode\u003eyoutube.com.evil\u003c/code\u003e could match an allowlist entry for \u003ccode\u003eyoutube.com\u003c/code\u003e (GHSA-hh8v-hgvp-g3f5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/thephpleague/commonmark/compare/2.8.1...2.8.2\"\u003ehttps://github.com/thephpleague/commonmark/compare/2.8.1...2.8.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.8.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where \u003ccode\u003eDisallowedRawHtml\u003c/code\u003e can be bypassed, resulting in a possible cross-site scripting (XSS) vulnerability.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDisallowedRawHtmlRenderer\u003c/code\u003e not blocking raw HTML tags with trailing ASCII whitespace (\u003ca href=\"https://github.com/thephpleague/commonmark/security/advisories/GHSA-4v6x-c7xx-hw9f\"\u003eGHSA-4v6x-c7xx-hw9f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed PHP 8.5 deprecation (\u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1107\"\u003e#1107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kocal\"\u003e\u003ccode\u003e@​Kocal\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/pull/1106\"\u003ethephpleague/commonmark#1106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/freost\"\u003e\u003ccode\u003e@​freost\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/pull/1107\"\u003ethephpleague/commonmark#1107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/thephpleague/commonmark/compare/2.8.0...2.8.1\"\u003ehttps://github.com/thephpleague/commonmark/compare/2.8.0...2.8.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/thephpleague/commonmark/blob/2.8/CHANGELOG.md\"\u003eleague/commonmark's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.8.2] - 2026-03-19\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where the \u003ccode\u003eallowed_domains\u003c/code\u003e setting for the \u003ccode\u003eEmbed\u003c/code\u003e extension can be bypassed, resulting in a possible SSRF and XSS vulnerabilities.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDomainFilteringAdapter\u003c/code\u003e hostname boundary bypass where domains like \u003ccode\u003eyoutube.com.evil\u003c/code\u003e could match an allowlist entry for \u003ccode\u003eyoutube.com\u003c/code\u003e (GHSA-hh8v-hgvp-g3f5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.8.1] - 2026-03-05\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where \u003ccode\u003eDisallowedRawHtml\u003c/code\u003e can be bypassed, resulting in a possible cross-site scripting (XSS) vulnerability.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDisallowedRawHtmlRenderer\u003c/code\u003e not blocking raw HTML tags with trailing ASCII whitespace (GHSA-4v6x-c7xx-hw9f)\u003c/li\u003e\n\u003cli\u003eFixed PHP 8.5 deprecation (\u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1107\"\u003e#1107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/59fb075d2101740c337c7216e3f32b36c204218b\"\u003e\u003ccode\u003e59fb075\u003c/code\u003e\u003c/a\u003e Fix DomainFilteringAdapter hostname boundary bypass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/74b4487b524eaacd34b4e87313f6028671e15562\"\u003e\u003ccode\u003e74b4487\u003c/code\u003e\u003c/a\u003e Document dangers of enabling an unsafe php.ini setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/84b1ca48347efdbe775426f108622a42735a6579\"\u003e\u003ccode\u003e84b1ca4\u003c/code\u003e\u003c/a\u003e Almost forgot this entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/bcf54f5a38cf8e42cca45248b04caba13317459f\"\u003e\u003ccode\u003ebcf54f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/7a68ed1c6765bd2650fed6d9857985bdfe655c71\"\u003e\u003ccode\u003e7a68ed1\u003c/code\u003e\u003c/a\u003e Prepare to release 2.8.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/5c0c4c8fe5a31e8260be99e0afad7136a27c79e6\"\u003e\u003ccode\u003e5c0c4c8\u003c/code\u003e\u003c/a\u003e Fix DisallowedRawHtml bypass via newline/tab in tag names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/f6e74434dd1a91f195f80cb0184b746a4187272a\"\u003e\u003ccode\u003ef6e7443\u003c/code\u003e\u003c/a\u003e Add regression test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/0719b6744cc68bc8b037fb30db86b62ec370c557\"\u003e\u003ccode\u003e0719b67\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1107\"\u003e#1107\u003c/a\u003e from freost/fix-php85-deprecation-error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/63ff2e0b12742f379803b5f21aa6f5b50abcd412\"\u003e\u003ccode\u003e63ff2e0\u003c/code\u003e\u003c/a\u003e Fix PHP 8.5 deprecation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/8608e9c006d9f44acf8d983b126a813bd8def780\"\u003e\u003ccode\u003e8608e9c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1106\"\u003e#1106\u003c/a\u003e from Kocal/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/thephpleague/commonmark/compare/2.8.0...2.8.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pixelated-au/streamline/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/pixelated-au/streamline/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pixelated-au%2Fstreamline/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4264492662","node_id":"PR_kwDON2y7z87SbTWD","number":90,"state":"closed","title":"Bump the composer group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T03:18:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:14:46.000Z","updated_at":"2026-05-26T03:18:35.000Z","time_to_close":3567827,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":2,"packages":[{"name":"composer/composer","old_version":"2.9.3","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"psy/psysh","old_version":"0.12.18","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 2 updates in the / directory: [composer/composer](https://github.com/composer/composer) and [psy/psysh](https://github.com/bobthecow/psysh).\n\nUpdates `composer/composer` from 2.9.3 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.18 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.18...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EncoreDigitalGroup/laravel-stripe/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/EncoreDigitalGroup/laravel-stripe/pull/90","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EncoreDigitalGroup%2Flaravel-stripe/issues/90","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/90/packages"},{"uuid":"4264454109","node_id":"PR_kwDOLFRCj87SbLLF","number":16,"state":"closed","title":"Bump composer/composer from 2.6.5 to 2.9.6","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-18T00:36:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:06:49.000Z","updated_at":"2026-05-18T00:36:50.000Z","time_to_close":2867399,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.6.5","new_version":"2.9.6","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.6.5 to 2.9.6.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling audit.ignore to support CVE ids while doing security blocking, but advisory IDs are still preferred for performance reasons (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12624\"\u003e#12624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed partial updates failing when another package in the lock file has a known security advisory (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12626\"\u003e#12626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/91f077050c13e49e22554b991c81378ce8b5ee16\"\u003e\u003ccode\u003e91f0770\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/d836b901648dfb0f8c94c02bbd91bb68a25e16d8\"\u003e\u003ccode\u003ed836b90\u003c/code\u003e\u003c/a\u003e Fix fossil driver identifier validation for getFileContent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/028a251c3fec3d561f8728506411581c9093dd70\"\u003e\u003ccode\u003e028a251\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5e08c764257b5ab0948af93010a39bd5644b153d\"\u003e\u003ccode\u003e5e08c76\u003c/code\u003e\u003c/a\u003e Fix fossil update call when calling it with valid branch names like --dry-run...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.6.5...2.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.6.5\u0026new-version=2.9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/wibesoft-company/packeton/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/wibesoft-company/packeton/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/wibesoft-company%2Fpacketon/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4138780128","node_id":"PR_kwDOD3agoM7Nf_tQ","number":906,"state":"closed","title":"Bump the composer group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","stale","php"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-18T03:37:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T21:49:36.000Z","updated_at":"2026-04-18T03:37:08.000Z","time_to_close":2008049,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":6,"packages":[{"name":"composer/composer","old_version":"2.8.12","new_version":"2.9.5","repository_url":"https://github.com/composer/composer"},{"name":"psy/psysh","old_version":"0.12.10","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"},{"name":"symfony/http-foundation","old_version":"7.3.4","new_version":"7.3.11","repository_url":"https://github.com/symfony/http-foundation"},{"name":"google/protobuf","old_version":"4.32.1","new_version":"4.33.6","repository_url":"https://github.com/protocolbuffers/protobuf-php"},{"name":"phpunit/phpunit","old_version":"11.5.42","new_version":"11.5.55","repository_url":"https://github.com/sebastianbergmann/phpunit"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [composer/composer](https://github.com/composer/composer) | `2.8.12` | `2.9.5` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.10` | `0.12.22` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.4` | `7.3.11` |\n| [google/protobuf](https://github.com/protocolbuffers/protobuf-php) | `4.32.1` | `4.33.6` |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `11.5.42` | `11.5.55` |\n\n\nUpdates `composer/composer` from 2.8.12 to 2.9.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling audit.ignore to support CVE ids while doing security blocking, but advisory IDs are still preferred for performance reasons (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12624\"\u003e#12624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed partial updates failing when another package in the lock file has a known security advisory (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12626\"\u003e#12626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.1...2.9.2\"\u003ehttps://github.com/composer/composer/compare/2.9.1...2.9.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression in phpunit binary proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12601\"\u003e#12601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed script handler autoloading issues (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12606\"\u003e#12606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed null call of Command::setDescription in some cases (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12605\"\u003e#12605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed --prefer-lowest builds sometimes failing due to the filtering of versions with known vulnerabilities (\u003ca href=\"https://github.com/composer/composer/discussions/12603\"\u003e#12603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.0...2.9.1\"\u003ehttps://github.com/composer/composer/compare/2.9.0...2.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling audit.ignore to support CVE ids while doing security blocking, but advisory IDs are still preferred for performance reasons (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12624\"\u003e#12624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed partial updates failing when another package in the lock file has a known security advisory (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12626\"\u003e#12626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.1] 2025-11-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression in phpunit binary proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12601\"\u003e#12601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed script handler autoloading issues (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12606\"\u003e#12606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed null call of Command::setDescription in some cases (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12605\"\u003e#12605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed --prefer-lowest builds sometimes failing due to the filtering of versions with known vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12603\"\u003e#12603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.0] 2025-11-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a couple minor issues with --bump-after-update (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12598\"\u003e#12598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVarious docs fixes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.0-RC1] 2025-11-07\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/72a8f8e653710e18d83e5dd531eb5a71fc3223e6\"\u003e\u003ccode\u003e72a8f8e\u003c/code\u003e\u003c/a\u003e Release 2.9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/6b54088098356bbb0631e875b9f35553758f00d5\"\u003e\u003ccode\u003e6b54088\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f0976b827fc81b991d502634f9b551cfe61603e\"\u003e\u003ccode\u003e3f0976b\u003c/code\u003e\u003c/a\u003e Update baseline\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5b44d62508c32906dedda4c9ee5429f2bbe5b7b0\"\u003e\u003ccode\u003e5b44d62\u003c/code\u003e\u003c/a\u003e Fix detection of 7z when it is installed as 7za\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4c49f46d57c58c7f1c0fa165078abeb8549b4441\"\u003e\u003ccode\u003e4c49f46\u003c/code\u003e\u003c/a\u003e Bump actions/attest-build-provenance from 3.1.0 to 3.2.0 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12728\"\u003e#12728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e6022328165b2b3d663a5523029d6717887a78b8\"\u003e\u003ccode\u003ee602232\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 6.0.1 to 6.0.2 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12729\"\u003e#12729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/06c273b3de49a5d9a2fab7787c1cfd99590c94cc\"\u003e\u003ccode\u003e06c273b\u003c/code\u003e\u003c/a\u003e Add support for PIE list of download-url-methods (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9861166fb61724999a72ec5dbc947fed557d8763\"\u003e\u003ccode\u003e9861166\u003c/code\u003e\u003c/a\u003e Update symfony/process to fix \u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/2102496eb4fdc04bfd64870e5ffb6e4599f5870a\"\u003e\u003ccode\u003e2102496\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Work around issue with msys/rmdir on windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/defa1bb2ee520c276d839613d9287fcf441c79e4\"\u003e\u003ccode\u003edefa1bb\u003c/code\u003e\u003c/a\u003e Add info about downloading using gh util\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.8.12...2.9.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.10 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.10...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62502\"\u003esymfony/symfony#62502\u003c/a\u003e [HttpFoundation] Fix Expires response header for EventStream (\u003ca href=\"https://github.com/4513\"\u003e\u003ccode\u003e@​4513\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62246\"\u003esymfony/symfony#62246\u003c/a\u003e [HttpFoundation] Allow Request::setFormat() to override predefined formats (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62153\"\u003esymfony/symfony#62153\u003c/a\u003e [HttpFoundation] Fix issue where ServerEvent with \u0026quot;0\u0026quot; data is not sent (\u003ca href=\"https://github.com/santysisi\"\u003e\u003ccode\u003e@​santysisi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5347db9d709bb003722abfdc03990f3f21c53db5\"\u003e\u003ccode\u003e5347db9\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f1a490cc9d595ba7ebe684220e625d1e472ad278\"\u003e\u003ccode\u003ef1a490c\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix PdoSessionHandler charset-collation mismatch with the Do...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cc4ae963efd984204c0224605ae821382b791462\"\u003e\u003ccode\u003ecc4ae96\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a7c652d0d0a6be8fbf9dead2e36f31e46c482adf\"\u003e\u003ccode\u003ea7c652d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix double-prefixing of session keys when using redis/memcached\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/66e496a79d33160cecaf1569871a39ec0510fb11\"\u003e\u003ccode\u003e66e496a\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/4a673e9797bf5c2db347ae0e5f7880bb572cc061\"\u003e\u003ccode\u003e4a673e9\u003c/code\u003e\u003c/a\u003e do not use PHPUnit mock objects without configured expectations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/6dc98931a559065ff8f968ae0e461e600a321291\"\u003e\u003ccode\u003e6dc9893\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a35ee6f47e4775179704d7877a8b0da3cb09241a\"\u003e\u003ccode\u003ea35ee6f\u003c/code\u003e\u003c/a\u003e [HttpFoundation][Cache] Fix VARBINARY columns on sqlsrv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/8cdae4e108673e0d3e4f18ef2ee79ff5023beeac\"\u003e\u003ccode\u003e8cdae4e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/0384c62b79d96e9b22d77bc1272c9e83342ba3a6\"\u003e\u003ccode\u003e0384c62\u003c/code\u003e\u003c/a\u003e minor \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/62519\"\u003e#62519\u003c/a\u003e [HttpFoundation] Fix Request getPathInfo docblock (bobvandevijver)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/e579464d74525bf5eca45cbc984126a461879c3e\"\u003e\u003ccode\u003ee579464\u003c/code\u003e\u003c/a\u003e [Process] Ignore invalid env var names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/cbfa8595e86911b7c9dcd6e80e2205e82be86180\"\u003e\u003ccode\u003ecbfa859\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/8541b7308fca001320e90bca8a73a28aa5604a6e\"\u003e\u003ccode\u003e8541b73\u003c/code\u003e\u003c/a\u003e [Process] Fix dealing with broken stdin pipes\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google/protobuf` from 4.32.1 to 4.33.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/84b008c23915ed94536737eae46f41ba3bccfe67\"\u003e\u003ccode\u003e84b008c\u003c/code\u003e\u003c/a\u003e 4.33.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/1debe453db83159b98a38df5a3737feb1e8ef016\"\u003e\u003ccode\u003e1debe45\u003c/code\u003e\u003c/a\u003e 5.34.0 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/3f6644d863943ebedafacfbfff2cb1c967a766b2\"\u003e\u003ccode\u003e3f6644d\u003c/code\u003e\u003c/a\u003e 5.34.0RC2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/6fd2d13a7591515c8d09e6278f1a42a78e1adeac\"\u003e\u003ccode\u003e6fd2d13\u003c/code\u003e\u003c/a\u003e 4.29.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/ebe8010a61b2ae0cff0d246fe1c4d44e9f7dfa6d\"\u003e\u003ccode\u003eebe8010\u003c/code\u003e\u003c/a\u003e 4.33.5 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/a217acb35241a96fd6d6280e2b2540c30bd028f7\"\u003e\u003ccode\u003ea217acb\u003c/code\u003e\u003c/a\u003e 5.34.0RC1 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/22d28025cda0d223a2e48c2e16c5284ecc9f5402\"\u003e\u003ccode\u003e22d2802\u003c/code\u003e\u003c/a\u003e 4.33.4 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/281537d44d6c270606354e65bfa75a0969dbd629\"\u003e\u003ccode\u003e281537d\u003c/code\u003e\u003c/a\u003e 4.33.3 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/fbd96b7bf1343f4b0d8fb358526c7ba4d72f1318\"\u003e\u003ccode\u003efbd96b7\u003c/code\u003e\u003c/a\u003e 4.33.2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/0cd73ccf0cd26c3e72299cce1ea6144091a57e12\"\u003e\u003ccode\u003e0cd73cc\u003c/code\u003e\u003c/a\u003e 4.33.1 sync\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protocolbuffers/protobuf-php/compare/v4.32.1...v4.33.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phpunit/phpunit` from 11.5.42 to 11.5.55\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 11.5.55\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.54\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.53\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.52\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/11.5.55/ChangeLog-11.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[11.5.55] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.54] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.53] - 2026-02-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.52] - 2026-02-08\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.51] - 2026-02-05\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6488\"\u003e#6488\u003c/a\u003e: Allow disabling issue trigger identification for improved performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6486\"\u003e#6486\u003c/a\u003e: Incorrect file name reported for errors for test methods declared in traits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6490\"\u003e#6490\u003c/a\u003e: Incorrect test count when tests are skipped in before-class method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.50] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.49] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6362\"\u003e#6362\u003c/a\u003e: Manually instantiated test doubles are broken since PHPUnit 11.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6470\"\u003e#6470\u003c/a\u003e: Infinite recursion in \u003ccode\u003eCount::getCountOf()\u003c/code\u003e for unusal implementations of \u003ccode\u003eIterator\u003c/code\u003e or \u003ccode\u003eIteratorAggregate\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.48] - 2026-01-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/adc7262fccc12de2b30f12a8aa0b33775d814f00\"\u003e\u003ccode\u003eadc7262\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0f31bcfdab285459bfee3eb7af8218aaeb0c09d5\"\u003e\u003ccode\u003e0f31bcf\u003c/code\u003e\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/eb7d132e95d824bbfd728eb2c8589191424f178a\"\u003e\u003ccode\u003eeb7d132\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0325337f13bed9a5a2dcf3dbb1d1216596d8c932\"\u003e\u003ccode\u003e0325337\u003c/code\u003e\u003c/a\u003e Update ChangeLog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/24136927c3b8bee3b289a56144e7b340556bd194\"\u003e\u003ccode\u003e2413692\u003c/code\u003e\u003c/a\u003e Classify issue trigger as \u0026quot;unknown\u0026quot; only when it is not \u0026quot;self\u0026quot;, \u0026quot;direct\u0026quot;, or ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/8811c224c7dded079e3c72eeb3a5794cd8cffd8e\"\u003e\u003ccode\u003e8811c22\u003c/code\u003e\u003c/a\u003e Test all possible combinations (even if not all of them make sense)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/79f11ae1a161217845766f21435ee8bb6dc12c6b\"\u003e\u003ccode\u003e79f11ae\u003c/code\u003e\u003c/a\u003e Remove IssueTrigger::unknown()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/6589f445de2a4abbc24812d0b81fe2d5423e95e6\"\u003e\u003ccode\u003e6589f44\u003c/code\u003e\u003c/a\u003e Fall back to null instead of Code::ThirdParty when we cannot classify a file ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a64de8a9d42fe67e785b401e2dfaf472ef18f682\"\u003e\u003ccode\u003ea64de8a\u003c/code\u003e\u003c/a\u003e Narrow type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a2300423541356160a40f8dc327cb73f65bb78eb\"\u003e\u003ccode\u003ea230042\u003c/code\u003e\u003c/a\u003e Resurrect test that got lost while reorganizing tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/11.5.42...11.5.55\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| phpunit/phpunit | [\u003e= 10.a, \u003c 11] |\n\u003c/details\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/acquia/drupal-recommended-project/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/acquia/drupal-recommended-project/pull/906","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/acquia%2Fdrupal-recommended-project/issues/906","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/906/packages"}],"issue_packages":[{"old_version":"2.9.5","new_version":"2.10.0","update_type":"minor","path":"/html","pr_created_at":"2026-05-29T01:07:26.000Z","version_change":"2.9.5 → 2.10.0","issue":{"uuid":"4544878003","node_id":"PR_kwDOLxQ0PM7gdc18","number":554,"state":"open","title":"Bump composer/composer from 2.9.5 to 2.10.0 in /html","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T01:07:26.000Z","updated_at":"2026-05-29T01:16:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.10.0","repository_url":"https://github.com/composer/composer"}],"path":"/html","ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.10.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.10.0\u003c/h2\u003e\n\u003ch3\u003eRead the \u003ca href=\"https://blog.packagist.com/composer-2-10-release/\"\u003eComposer 2.10 Release Announcement\u003c/a\u003e for more details on the release highlights.\u003c/h3\u003e\n\u003ch3\u003eFull Changelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBC Break / Security: Disabled automatic fallback to source checkout if dist/zip install fails, we have introduced a new \u003ccode\u003esource-fallback\u003c/code\u003e config option as a temporary way to restore the old behavior, but if you need this talk to us as we plan to remove it entirely in 2.11 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12885\"\u003e#12885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBC Break: Minor break for \u003ccode\u003eaudit\u003c/code\u003e consumers, the exit code is now always 0 (success) or 1 if anything failed the audit (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Added dependency policies to block package versions where malware was detected on \u003ccode\u003eupdate\u003c/code\u003e/\u003ccode\u003einstall\u003c/code\u003e or report it with \u003ccode\u003eaudit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened output filtering of URLs to reduce chances of token leaks (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12882\"\u003e#12882\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12886\"\u003e#12886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed handling of uppercase schemes in URL validation that might have allowed https requirement bypass (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12884\"\u003e#12884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Enforce allow-plugins even in non-interactive mode for very old pre-2.2 lock files (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12764\"\u003e#12764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for temporary \u003ccode\u003e--with\u003c/code\u003e constraints with wildcards in the package name for the \u003ccode\u003eupdate\u003c/code\u003e command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12658\"\u003e#12658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--strict-psr-autoloader\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e and \u003ccode\u003eupdate\u003c/code\u003e commands (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12647\"\u003e#12647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esource-fallback\u003c/code\u003e config option to disable or enable source fallback on download failure (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12698\"\u003e#12698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--require\u003c/code\u003e parameter to \u003ccode\u003ecreate-project\u003c/code\u003e to add new packages to the project as it gets installed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12738\"\u003e#12738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized plugin autoloading by avoiding regenerating classmaps for every package per plugin (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12696\"\u003e#12696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized PoolOptimizer memory usage (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12783\"\u003e#12783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized classmap dumping performance\u003c/li\u003e\n\u003cli\u003eDeprecated most of the \u003ccode\u003eaudit\u003c/code\u003e config in favor of the new \u003ccode\u003epolicy\u003c/code\u003e one (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12804\"\u003e#12804\u003c/a\u003e, see \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for the RFC and upgrade docs)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --bump-after-update\u003c/code\u003e to only bump packages that actually were updated (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12733\"\u003e#12733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning being shown when lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12760\"\u003e#12760\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eaudit\u003c/code\u003e command returning a success code when the vendor dir was not present (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12880\"\u003e#12880\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.8...2.10.0\"\u003ehttps://github.com/composer/composer/compare/2.9.8...2.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.10.0-RC2\u003c/h2\u003e\n\u003cp\u003eComposer 2.10 is ready for a release, and we need your help to test it and report any regression.\u003c/p\u003e\n\u003ch3\u003ePlease try it out!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRunning \u003ccode\u003ecomposer self-update --preview\u003c/code\u003e will get you the 2.10.0-RC2\u003c/li\u003e\n\u003cli\u003eRunning \u003ccode\u003ecomposer self-update --stable\u003c/code\u003e will get you back on the latest 2.9 stable release if anything broke.\u003c/li\u003e\n\u003cli\u003eReport any issues you encounter as a new issue specifying you tried the 2.10 RC and please include stack traces \u0026amp; repro details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFull Changelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSince 2.10.0-RC1, fixes in 2.9.6 - 2.9.8, many of which security relevant, are also included\u003c/li\u003e\n\u003cli\u003eSince 2.10.0-RC1 a lot of the new filter list config format was modified - see \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for the latest state of this new feature\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003epolicy\u003c/code\u003e config block to control all security related update/install/audit policies. This replaces and deprecates most of the \u003ccode\u003eaudit\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12804\"\u003e#12804\u003c/a\u003e for implementation, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for RFC/upgrade docs)\u003c/li\u003e\n\u003cli\u003eEnabled blocking of malware packages at \u003ccode\u003einstall\u003c/code\u003e time by default\u003c/li\u003e\n\u003cli\u003eFixed --no-plugins handling regression (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression in startup performance when many scripts are defined (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12832\"\u003e#12832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved classmap dumping performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.10.0] 2026-05-28\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBC Break / Security: Disabled automatic fallback to source checkout if dist/zip install fails, we have introduced a new \u003ccode\u003esource-fallback\u003c/code\u003e config option as a temporary way to restore the old behavior, but if you need this talk to us as we plan to remove it entirely in 2.11 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12885\"\u003e#12885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBC Break: Minor break for \u003ccode\u003eaudit\u003c/code\u003e consumers, the exit code is now always 0 (success) or 1 if anything failed the audit (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened output filtering of URLs to reduce chances of token leaks (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12882\"\u003e#12882\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12886\"\u003e#12886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed handling of uppercase schemes in URL validation that might have allowed https requirement bypass (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12884\"\u003e#12884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eaudit\u003c/code\u003e command returning a success code when the vendor dir was not present (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12880\"\u003e#12880\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.10.0-RC2] 2026-05-20\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSince 2.10.0-RC1, fixes in 2.9.6 - 2.9.8, many of which security relevant, are also included\u003c/li\u003e\n\u003cli\u003eSince 2.10.0-RC1 a lot of the new filter list config format was modified - see \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for the latest state of this new feature\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003epolicy\u003c/code\u003e config block to control all security related update/install/audit policies. This replaces and deprecates most of the \u003ccode\u003eaudit\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12804\"\u003e#12804\u003c/a\u003e for implementation, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e for RFC/upgrade docs)\u003c/li\u003e\n\u003cli\u003eEnabled blocking of malware packages at \u003ccode\u003einstall\u003c/code\u003e time by default\u003c/li\u003e\n\u003cli\u003eFixed --no-plugins handling regression (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression in startup performance when many scripts are defined (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12832\"\u003e#12832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved classmap dumping performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.10.0-RC1] 2026-04-01\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Added filter lists to block package versions where malware was detected on \u003ccode\u003eupdate\u003c/code\u003e or report it with \u003ccode\u003eaudit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12786\"\u003e#12786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Enforce allow-plugins even in non-interactive mode for very old pre-2.2 lock files (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12764\"\u003e#12764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for temporary \u003ccode\u003e--with\u003c/code\u003e constraints with wildcards in the package name for the \u003ccode\u003eupdate\u003c/code\u003e command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12658\"\u003e#12658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--strict-psr-autoloader\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e and \u003ccode\u003eupdate\u003c/code\u003e commands (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12647\"\u003e#12647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esource-fallback\u003c/code\u003e config option to disable or enable source fallback on download failure (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12698\"\u003e#12698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003e--require\u003c/code\u003e parameter to \u003ccode\u003ecreate-project\u003c/code\u003e to add new packages to the project as it gets installed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12738\"\u003e#12738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized plugin autoloading by avoiding regenerating classmaps for every package per plugin (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12696\"\u003e#12696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimized PoolOptimizer memory usage (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12783\"\u003e#12783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --bump-after-update\u003c/code\u003e to only bump packages that actually were updated (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12733\"\u003e#12733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning being shown when lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12760\"\u003e#12760\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/c13824d95608b15913a7c0def0a3dea4474b71fc\"\u003e\u003ccode\u003ec13824d\u003c/code\u003e\u003c/a\u003e Release 2.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02449ade6c0e1831ba49da555c37ec6b7f9f7274\"\u003e\u003ccode\u003e02449ad\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/502e66a105bbec332de19d46ebe3f759aba0a61c\"\u003e\u003ccode\u003e502e66a\u003c/code\u003e\u003c/a\u003e Relax token validation on input, and hide more things on output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12886\"\u003e#12886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f95709fb020ad185af6f27e0f3fccf5a1eb62f8\"\u003e\u003ccode\u003e4f95709\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/composer/composer/issues/12874\"\u003e#12874\u003c/a\u003e from cs278/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/b902ec85fa65c799bf3b72cbbae46e8229593985\"\u003e\u003ccode\u003eb902ec8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/composer/composer/issues/12885\"\u003e#12885\u003c/a\u003e from Seldaek/source-fallback-disable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/2fc4bee1ab849dfa8a1713febd9a6282dab16936\"\u003e\u003ccode\u003e2fc4bee\u003c/code\u003e\u003c/a\u003e Add deprecated flag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/54b78ad10bb70cbf10e9ea742bb1f1599e726047\"\u003e\u003ccode\u003e54b78ad\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/composer/composer/issues/12884\"\u003e#12884\u003c/a\u003e from Seldaek/schemefixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5413c3ca0a987f44151968ba7345fe291c0e9f80\"\u003e\u003ccode\u003e5413c3c\u003c/code\u003e\u003c/a\u003e Use 'dependency policy' terminology in docs and user-facing output, drop audi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/f240bbed578cd6acca3731a99591dca7b200cee6\"\u003e\u003ccode\u003ef240bbe\u003c/code\u003e\u003c/a\u003e audit cmd: remove --filtered option, change status code to 0/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/624acb6489e712f5115b52137e43a3a5c3fb3ee0\"\u003e\u003ccode\u003e624acb6\u003c/code\u003e\u003c/a\u003e Use 'dependency policy' terminology in docs and user-facing output\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/isobar-playground/base/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/isobar-playground/base/pull/554","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/isobar-playground%2Fbase/issues/554","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/554/packages"}},{"old_version":"2.7.7","new_version":"2.9.8","update_type":"minor","path":null,"pr_created_at":"2026-05-28T02:22:18.000Z","version_change":"2.7.7 → 2.9.8","issue":{"uuid":"4537188223","node_id":"PR_kwDOPqlfLs7gETl7","number":21,"state":"closed","title":"Bump the composer group across 1 directory with 18 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-29T01:03:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-28T02:22:18.000Z","updated_at":"2026-05-29T01:03:50.000Z","time_to_close":81690,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":18,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"symfony/dom-crawler","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/dom-crawler"},{"name":"symfony/web-profiler-bundle","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/web-profiler-bundle"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.382.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/mailer","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/mailer"},{"name":"symfony/monolog-bridge","old_version":"7.3.0","new_version":"7.4.12","repository_url":"https://github.com/symfony/monolog-bridge"},{"name":"symfony/security-http","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/security-http"},{"name":"symfony/yaml","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/yaml"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.23","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [symfony/dom-crawler](https://github.com/symfony/dom-crawler) | `7.3.1` | `7.4.12` |\n| [symfony/web-profiler-bundle](https://github.com/symfony/web-profiler-bundle) | `7.3.1` | `7.4.12` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.382.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/mailer](https://github.com/symfony/mailer) | `7.3.1` | `7.4.12` |\n| [symfony/monolog-bridge](https://github.com/symfony/monolog-bridge) | `7.3.0` | `7.4.12` |\n| [symfony/security-http](https://github.com/symfony/security-http) | `7.3.1` | `7.4.13` |\n| [symfony/yaml](https://github.com/symfony/yaml) | `7.3.1` | `7.4.13` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.23` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/dom-crawler` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/releases\"\u003esymfony/dom-crawler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/dom-crawler/issues/64258\"\u003e#64258\u003c/a\u003e  Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-selects (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity #cve-2026-45071  Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e (\u003ca href=\"https://github.com/alexandre-daubois\"\u003e\u003ccode\u003e@​alexandre-daubois\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62671\"\u003esymfony/symfony#62671\u003c/a\u003e [DomCrawler] Fixing dealing with invalid charset (\u003ca href=\"https://github.com/ThomasLandauer\"\u003e\u003ccode\u003e@​ThomasLandauer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62240\"\u003esymfony/symfony#62240\u003c/a\u003e [DomCrawler] Handle malformed tags in HTML5 parser (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62186\"\u003esymfony/symfony#62186\u003c/a\u003e [DomCrawler] Fix converting HTML5 trees to DOM nodes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62180\"\u003esymfony/symfony#62180\u003c/a\u003e [DomCrawler] Properly ignore errors when using the native HTML5 parser (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeature \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/61475\"\u003esymfony/symfony#61475\u003c/a\u003e [DomCrawler] Use the native HTML5 parser on PHP 8.4 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/blob/8.1/CHANGELOG.md\"\u003esymfony/dom-crawler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e part of the supported public API\u003c/li\u003e\n\u003cli\u003eAlways set \u003ccode\u003eLIBXML_NONET\u003c/code\u003e in \u003ccode\u003eCrawler::addXmlContent()\u003c/code\u003e so external entities cannot trigger network requests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove argument \u003ccode\u003e$useHtml5Parser\u003c/code\u003e of \u003ccode\u003eCrawler\u003c/code\u003e's constructor; the native HTML5 parser is used unconditionally\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisabling HTML5 parsing is deprecated; Symfony 8 will unconditionally use the native HTML5 parser\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextContains\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextSame\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e$useHtml5Parser\u003c/code\u003e argument to \u003ccode\u003eCrawler\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerSelectorCount\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eCrawler::innerText()\u003c/code\u003e return the first non-empty text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eCrawler::parents()\u003c/code\u003e method, use \u003ccode\u003eancestors()\u003c/code\u003e instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawler::innerText\u003c/code\u003e method.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b59b59122690976550fd142c23fab62c84738db6\"\u003e\u003ccode\u003eb59b591\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/7e65f76c28f5ed8d933f2c86698a3e2bf0de1b10\"\u003e\u003ccode\u003e7e65f76\u003c/code\u003e\u003c/a\u003e Merge branch '5.4' into 6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b18373e86fbc4558a206e8055158c8e3e50c4da3\"\u003e\u003ccode\u003eb18373e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/505deba47e489a7694e0b6942df83a358197e921\"\u003e\u003ccode\u003e505deba\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-se...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/f47410019c605a651d000371de7263b70a78c681\"\u003e\u003ccode\u003ef474100\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b4cf17ff405a77341ad86e81e06ff09298f5aa8f\"\u003e\u003ccode\u003eb4cf17f\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/6d86f9727e216e81f9d18d32bc4701d70c9d0ac4\"\u003e\u003ccode\u003e6d86f97\u003c/code\u003e\u003c/a\u003e [Tests] Fix \u0026quot;Incomplete version\u0026quot; PHPUnit warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/04ca269f9c0aca5f41b1230bf1fce4f0928f669a\"\u003e\u003ccode\u003e04ca269\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/eac26cf4833a05a92356d285329bfd63e0e46d64\"\u003e\u003ccode\u003eeac26cf\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/ca5ad736e4366c8b1499bc493fd86d3bb38c93c2\"\u003e\u003ccode\u003eca5ad73\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/web-profiler-bundle` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/releases\"\u003esymfony/web-profiler-bundle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/64172\"\u003e#64172\u003c/a\u003e  Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e (\u003ca href=\"https://github.com/MatTheCat\"\u003e\u003ccode\u003e@​MatTheCat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63930\"\u003e#63930\u003c/a\u003e  Fix toolbar toggle button accessibility (\u003ca href=\"https://github.com/Nitram1123\"\u003e\u003ccode\u003e@​Nitram1123\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63679\"\u003e#63679\u003c/a\u003e  Only decrement pendingRequests when it's more than zero (\u003ca href=\"https://github.com/andyexeter\"\u003e\u003ccode\u003e@​andyexeter\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63526\"\u003e#63526\u003c/a\u003e  Fix Symfony web debug toolbar not being displayed (\u003ca href=\"https://github.com/zoglo\"\u003e\u003ccode\u003e@​zoglo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63315\"\u003e#63315\u003c/a\u003e  Fix EventSource is missing static properties (Oleksii Kozhemiaka)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/62970\"\u003e#62970\u003c/a\u003e  Fix hot reload support (FrankenPHP) (\u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62858\"\u003esymfony/symfony#62858\u003c/a\u003e [WebProfilerBundle] Fix using URL objects with \u003ccode\u003eEventSource\u003c/code\u003e (\u003ca href=\"https://github.com/HypeMC\"\u003e\u003ccode\u003e@​HypeMC\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62441\"\u003esymfony/symfony#62441\u003c/a\u003e [WebProfilerBundle] fix displaying runner (\u003ca href=\"https://github.com/94noni\"\u003e\u003ccode\u003e@​94noni\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/blob/8.1/CHANGELOG.md\"\u003esymfony/web-profiler-bundle's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForward the CSP nonce to \u003ccode\u003eDumpDataCollector\u003c/code\u003e instead of disabling CSP when \u003ccode\u003edump()\u003c/code\u003e is used\u003c/li\u003e\n\u003cli\u003eAdd console command value resolvers durations to Performances panel\u003c/li\u003e\n\u003cli\u003eAdd error indicator to profiler list view for profiles with errors\u003c/li\u003e\n\u003cli\u003eAdd cURL copy paste button in the Request/Response tab\u003c/li\u003e\n\u003cli\u003eAdd support for streamed responses in the debug toolbar\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprofiler.xml\u003c/code\u003e and \u003ccode\u003ewdt.xml\u003c/code\u003e routing configuration files (use their PHP equivalent instead)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method in the profiler\u003c/li\u003e\n\u003cli\u003eAdd support for Server-Sent Events / \u003ccode\u003eEventSource\u003c/code\u003e requests in the debug toolbar\u003c/li\u003e\n\u003cli\u003eAdd support for displaying the application runner class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eprofiler.php\u003c/code\u003e and \u003ccode\u003ewdt.php\u003c/code\u003e routing configuration files (use them instead of their XML equivalent)\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'\n        prefix: /_wdt\n\u003cp\u003eweb_profiler_profiler:\nresource: '\u003ccode\u003e@​WebProfilerBundle/Resources/\u003c/code\u003econfig/routing/profiler.xml'\nprefix: /_profiler\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'\n        prefix: /_wdt\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/558fe81a383302318d9b92f7661deb731153c86e\"\u003e\u003ccode\u003e558fe81\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/066e718f8dfb73c55de43470bb73ebd525343d21\"\u003e\u003ccode\u003e066e718\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/be546fdb34d7a05eb271dfe0bf2370c37472e15c\"\u003e\u003ccode\u003ebe546fd\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/36dd8b8c05da059925c5804641aad9159e5b73e8\"\u003e\u003ccode\u003e36dd8b8\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/7df2f3e74b044afb021458e044bc796f1b482572\"\u003e\u003ccode\u003e7df2f3e\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/242094c35def147d8d9aded1d46e548a4e08c80c\"\u003e\u003ccode\u003e242094c\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/76b684387f28f583fc5888f80453f9054963a5b4\"\u003e\u003ccode\u003e76b6843\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Fix failing test on PHP 8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/4865a22db9b813fa8378e98b161e022f24638d16\"\u003e\u003ccode\u003e4865a22\u003c/code\u003e\u003c/a\u003e CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/cc408ce0c45d1918d08c0c1712cb684dd04c07e0\"\u003e\u003ccode\u003ecc408ce\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/d55784450e7ebceeef3cc2b1c14247ea1b7d4ece\"\u003e\u003ccode\u003ed557844\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.382.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.382.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Api\u003c/code\u003e - Cast generated HTTP header values to strings and validate invalid header values.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SavingsPlans\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizerAutomation\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MainframeModernization\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LocationService\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Omics\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SimpleDBv2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkMailMessageFlow\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SupportApp\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EBS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTDeviceAdvisor\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MarketplaceDeployment\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds shared environment support for Restricted Instance Groups (RIGs) on SageMaker HyperPod, enabling cross-RIG workload scheduling and FSx sharing. This unlocks shared CPU-GPU environments needed for cost-efficient RL training (e.g., Nova Forge). Adds p6 instance support for recommendation jobs\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Add support for Neuron device resource requirements for Amazon ECS\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECRPublic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityIR\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTThingsGraph\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\FIS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EKSAuth\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMakerFeatureStoreRuntime\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataExchange\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Organizations\u003c/code\u003e - AWS Organizations now emits CloudTrail events (AccountJoinedOrganization, AccountDepartedOrganization) to the management account for membership changes, including join and departure method and timestamp.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EventBridge\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WellArchitected\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockDataAutomation\u003c/code\u003e - Matcher Fallback extends the CustomOutputConfiguration for the Document modality in DataAutomationProjects, enabling a fallback blueprint when no match is found. A FALLBACK match status is returned, improving the matching experience and guaranteeing customers always receive CustomOutputResults.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchRUM\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\finspace\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SSMContacts\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\NovaAct\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaLive\u003c/code\u003e - AWS Elemental MediaLive now supports Smart Subtitles, a new caption source that uses AWS Elemental Inference to automatically generate WebVTT and TTML captions from source audio. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ElementalInference\u003c/code\u003e - Added support for smart subtitles in Elemental Inference, enabling automatic generation of subtitles for media content. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizer\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PcaConnectorAd\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LaunchWizard\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTFleetWise\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BCMDashboards\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ResourceExplorer2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DocDBElastic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MPA\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralBenefits\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MemoryDB\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Inspector2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkSpacesWeb\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - OpenSearch will now support multi-segment paths in JWKS URLs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/6844cc6421c47d6b96633ab8039045012acbeb27\"\u003e\u003ccode\u003e6844cc6\u003c/code\u003e\u003c/a\u003e 3.382.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/08fe07450c46e54c25960a062aa66af9c3ba7248\"\u003e\u003ccode\u003e08fe074\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/7ebd05d0ddfd33dcadc5c0f64c4723d570aaf2e3\"\u003e\u003ccode\u003e7ebd05d\u003c/code\u003e\u003c/a\u003e fix: cast generated header values to strings (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3289\"\u003e#3289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d506bdaab8e29b18d31a46be4fe4314af5945432\"\u003e\u003ccode\u003ed506bda\u003c/code\u003e\u003c/a\u003e 3.382.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a2a4d0d4d846c4edd6ddd63242946a8ca0b549b4\"\u003e\u003ccode\u003ea2a4d0d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/38dc43d14db5663f62f7371e5b34d49e6192c2d3\"\u003e\u003ccode\u003e38dc43d\u003c/code\u003e\u003c/a\u003e chore: harden GitHub Actions workflows (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3287\"\u003e#3287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/5b4c1958d7ff9e3284b755d257a1aa1926745f6a\"\u003e\u003ccode\u003e5b4c195\u003c/code\u003e\u003c/a\u003e 3.382.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/e925c2dde5a2a4fa4cce2c8641e02b59b838841f\"\u003e\u003ccode\u003ee925c2d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/3e93512528775f12d0136a78345bac781faee481\"\u003e\u003ccode\u003e3e93512\u003c/code\u003e\u003c/a\u003e Update type to 'feature' in multipart-copy.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3288\"\u003e#3288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ab2ba5794fcfcd9826a462742bc3ef7b9fb1688b\"\u003e\u003ccode\u003eab2ba57\u003c/code\u003e\u003c/a\u003e enhancement: copy object metadata in multipartcopy (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3286\"\u003e#3286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.382.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/cache` from 7.3.1 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/cache/releases\"\u003esymfony/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.12...v7.4.13\"\u003ehttps://github.com/symfony/cache/compare/v7.4.12...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64330\"\u003e#64330\u003c/a\u003e  Fix strlen(null) deprecation on RelayCluster path in RedisTrait::doClear() (\u003ca href=\"https://github.com/signor-pedro\"\u003e\u003ccode\u003e@​signor-pedro\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64336\"\u003e#64336\u003c/a\u003e  Accept '_' and ':' in prefix passed to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.10...v7.4.12\"\u003ehttps://github.com/symfony/cache/compare/v7.4.10...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-45073  Validate the prefix given to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.9...v7.4.10\"\u003ehttps://github.com/symfony/cache/compare/v7.4.9...v7.4.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64122\"\u003e#64122\u003c/a\u003e  Ensure compatibility with Relay extension 0.22.0 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/cache/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64060\"\u003e#64060\u003c/a\u003e  Normalize default_lifetime for pools wrapped by ChainAdapter (\u003ca href=\"https://github.com/ostrolucky\"\u003e\u003ccode\u003e@​ostrolucky\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63964\"\u003e#63964\u003c/a\u003e  Ensure internal state is cleared in TagAwareAdapter::reset() … (\u003ca href=\"https://github.com/KevinMartinsDev\"\u003e\u003ccode\u003e@​KevinMartinsDev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63860\"\u003e#63860\u003c/a\u003e  Fix Psr16Cache::getMultiple() returning wrapper values when using TTL (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/cache/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63818\"\u003e#63818\u003c/a\u003e  Ensure compatibility with Relay extension 0.21.0 (\u003ca href=\"https://github.com/lyrixx\"\u003e\u003ccode\u003e@​lyrixx\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63747\"\u003e#63747\u003c/a\u003e  Fix \u003ccode\u003ePsr16Cache::getMultiple()\u003c/code\u003e returning \u003ccode\u003eValueWrapper\u003c/code\u003e with \u003ccode\u003eTagAwareAdapter\u003c/code\u003e (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63736\"\u003e#63736\u003c/a\u003e  Fix undefined array key when tag save fails in AbstractTagAwareAdapter (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63655\"\u003e#63655\u003c/a\u003e  Fix ChainAdapter ignoring item expiry when propagating to earlier adapters (\u003ca href=\"https://github.com/guillaumeVDP\"\u003e\u003ccode\u003e@​guillaumeVDP\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/cache/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63592\"\u003e#63592\u003c/a\u003e  Add timeout and slot eviction to LockRegistry stampede prevention (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/cache/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63437\"\u003e#63437\u003c/a\u003e  Wrap \u003ccode\u003eDoctrineDbalAdapter::doSave()\u003c/code\u003e in savepoint to prevent transaction poisoning (\u003ca href=\"https://github.com/lacatoire\"\u003e\u003ccode\u003e@​lacatoire\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63391\"\u003e#63391\u003c/a\u003e  Align Redis sentinel auth handling across components (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63324\"\u003e#63324\u003c/a\u003e  Fix DSN auth not passed to Redis/RedisCluster/Relay in RedisTrait (\u003ca href=\"https://github.com/ckrack\"\u003e\u003ccode\u003e@​ckrack\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63306\"\u003e#63306\u003c/a\u003e  Revert \u0026quot;Fix DSN auth not passed to clusters in RedisTrait\u0026quot; (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63272\"\u003e#63272\u003c/a\u003e  Fix forwarding SSL settings to the redis sentinel (\u003ca href=\"https://github.com/CientistaDaWeb\"\u003e\u003ccode\u003e@​CientistaDaWeb\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63230\"\u003e#63230\u003c/a\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/HandyKnox/mautic-marketing/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HandyKnox%2Fmautic-marketing/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"2.7.7","new_version":"2.9.8","update_type":"minor","path":null,"pr_created_at":"2026-05-27T23:57:49.000Z","version_change":"2.7.7 → 2.9.8","issue":{"uuid":"4536582465","node_id":"PR_kwDOPrj8Sc7gCWX5","number":16,"state":"closed","title":"Bump the composer group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-28T02:22:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-27T23:57:49.000Z","updated_at":"2026-05-28T02:22:13.000Z","time_to_close":8662,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":17,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"symfony/dom-crawler","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/dom-crawler"},{"name":"symfony/web-profiler-bundle","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/web-profiler-bundle"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.382.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/mailer","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/mailer"},{"name":"symfony/monolog-bridge","old_version":"7.3.0","new_version":"7.4.12","repository_url":"https://github.com/symfony/monolog-bridge"},{"name":"symfony/security-http","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/security-http"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.23","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [symfony/dom-crawler](https://github.com/symfony/dom-crawler) | `7.3.1` | `7.4.12` |\n| [symfony/web-profiler-bundle](https://github.com/symfony/web-profiler-bundle) | `7.3.1` | `7.4.12` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.382.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/mailer](https://github.com/symfony/mailer) | `7.3.1` | `7.4.12` |\n| [symfony/monolog-bridge](https://github.com/symfony/monolog-bridge) | `7.3.0` | `7.4.12` |\n| [symfony/security-http](https://github.com/symfony/security-http) | `7.3.1` | `7.4.13` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.23` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/dom-crawler` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/releases\"\u003esymfony/dom-crawler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.1...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/dom-crawler/issues/64258\"\u003e#64258\u003c/a\u003e  Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-selects (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity #cve-2026-45071  Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e (\u003ca href=\"https://github.com/alexandre-daubois\"\u003e\u003ccode\u003e@​alexandre-daubois\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62671\"\u003esymfony/symfony#62671\u003c/a\u003e [DomCrawler] Fixing dealing with invalid charset (\u003ca href=\"https://github.com/ThomasLandauer\"\u003e\u003ccode\u003e@​ThomasLandauer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.4.0-BETA1...v7.4.0-BETA2\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62240\"\u003esymfony/symfony#62240\u003c/a\u003e [DomCrawler] Handle malformed tags in HTML5 parser (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62186\"\u003esymfony/symfony#62186\u003c/a\u003e [DomCrawler] Fix converting HTML5 trees to DOM nodes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62180\"\u003esymfony/symfony#62180\u003c/a\u003e [DomCrawler] Properly ignore errors when using the native HTML5 parser (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeature \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/61475\"\u003esymfony/symfony#61475\u003c/a\u003e [DomCrawler] Use the native HTML5 parser on PHP 8.4 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/dom-crawler/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/dom-crawler/blob/8.1/CHANGELOG.md\"\u003esymfony/dom-crawler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e part of the supported public API\u003c/li\u003e\n\u003cli\u003eAlways set \u003ccode\u003eLIBXML_NONET\u003c/code\u003e in \u003ccode\u003eCrawler::addXmlContent()\u003c/code\u003e so external entities cannot trigger network requests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove argument \u003ccode\u003e$useHtml5Parser\u003c/code\u003e of \u003ccode\u003eCrawler\u003c/code\u003e's constructor; the native HTML5 parser is used unconditionally\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisabling HTML5 parsing is deprecated; Symfony 8 will unconditionally use the native HTML5 parser\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextContains\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerAnySelectorTextSame\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$default\u003c/code\u003e to \u003ccode\u003eCrawler::attr()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e$useHtml5Parser\u003c/code\u003e argument to \u003ccode\u003eCrawler\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawlerSelectorCount\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$normalizeWhitespace\u003c/code\u003e to \u003ccode\u003eCrawler::innerText()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eCrawler::innerText()\u003c/code\u003e return the first non-empty text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eCrawler::parents()\u003c/code\u003e method, use \u003ccode\u003eancestors()\u003c/code\u003e instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eCrawler::innerText\u003c/code\u003e method.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b59b59122690976550fd142c23fab62c84738db6\"\u003e\u003ccode\u003eb59b591\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/7e65f76c28f5ed8d933f2c86698a3e2bf0de1b10\"\u003e\u003ccode\u003e7e65f76\u003c/code\u003e\u003c/a\u003e Merge branch '5.4' into 6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b18373e86fbc4558a206e8055158c8e3e50c4da3\"\u003e\u003ccode\u003eb18373e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/505deba47e489a7694e0b6942df83a358197e921\"\u003e\u003ccode\u003e505deba\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix \u003ccode\u003eChoiceFormField::addChoice()\u003c/code\u003e clobbering values on multi-se...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/f47410019c605a651d000371de7263b70a78c681\"\u003e\u003ccode\u003ef474100\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/b4cf17ff405a77341ad86e81e06ff09298f5aa8f\"\u003e\u003ccode\u003eb4cf17f\u003c/code\u003e\u003c/a\u003e [DomCrawler] Fix XXE in addXmlContent() by not enabling \u003ccode\u003evalidateOnParse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/6d86f9727e216e81f9d18d32bc4701d70c9d0ac4\"\u003e\u003ccode\u003e6d86f97\u003c/code\u003e\u003c/a\u003e [Tests] Fix \u0026quot;Incomplete version\u0026quot; PHPUnit warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/04ca269f9c0aca5f41b1230bf1fce4f0928f669a\"\u003e\u003ccode\u003e04ca269\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/eac26cf4833a05a92356d285329bfd63e0e46d64\"\u003e\u003ccode\u003eeac26cf\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/dom-crawler/commit/ca5ad736e4366c8b1499bc493fd86d3bb38c93c2\"\u003e\u003ccode\u003eca5ad73\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/dom-crawler/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/web-profiler-bundle` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/releases\"\u003esymfony/web-profiler-bundle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/64172\"\u003e#64172\u003c/a\u003e  Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e (\u003ca href=\"https://github.com/MatTheCat\"\u003e\u003ccode\u003e@​MatTheCat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63930\"\u003e#63930\u003c/a\u003e  Fix toolbar toggle button accessibility (\u003ca href=\"https://github.com/Nitram1123\"\u003e\u003ccode\u003e@​Nitram1123\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63679\"\u003e#63679\u003c/a\u003e  Only decrement pendingRequests when it's more than zero (\u003ca href=\"https://github.com/andyexeter\"\u003e\u003ccode\u003e@​andyexeter\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63526\"\u003e#63526\u003c/a\u003e  Fix Symfony web debug toolbar not being displayed (\u003ca href=\"https://github.com/zoglo\"\u003e\u003ccode\u003e@​zoglo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63315\"\u003e#63315\u003c/a\u003e  Fix EventSource is missing static properties (Oleksii Kozhemiaka)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/62970\"\u003e#62970\u003c/a\u003e  Fix hot reload support (FrankenPHP) (\u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62858\"\u003esymfony/symfony#62858\u003c/a\u003e [WebProfilerBundle] Fix using URL objects with \u003ccode\u003eEventSource\u003c/code\u003e (\u003ca href=\"https://github.com/HypeMC\"\u003e\u003ccode\u003e@​HypeMC\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62441\"\u003esymfony/symfony#62441\u003c/a\u003e [WebProfilerBundle] fix displaying runner (\u003ca href=\"https://github.com/94noni\"\u003e\u003ccode\u003e@​94noni\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/blob/8.1/CHANGELOG.md\"\u003esymfony/web-profiler-bundle's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForward the CSP nonce to \u003ccode\u003eDumpDataCollector\u003c/code\u003e instead of disabling CSP when \u003ccode\u003edump()\u003c/code\u003e is used\u003c/li\u003e\n\u003cli\u003eAdd console command value resolvers durations to Performances panel\u003c/li\u003e\n\u003cli\u003eAdd error indicator to profiler list view for profiles with errors\u003c/li\u003e\n\u003cli\u003eAdd cURL copy paste button in the Request/Response tab\u003c/li\u003e\n\u003cli\u003eAdd support for streamed responses in the debug toolbar\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprofiler.xml\u003c/code\u003e and \u003ccode\u003ewdt.xml\u003c/code\u003e routing configuration files (use their PHP equivalent instead)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method in the profiler\u003c/li\u003e\n\u003cli\u003eAdd support for Server-Sent Events / \u003ccode\u003eEventSource\u003c/code\u003e requests in the debug toolbar\u003c/li\u003e\n\u003cli\u003eAdd support for displaying the application runner class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eprofiler.php\u003c/code\u003e and \u003ccode\u003ewdt.php\u003c/code\u003e routing configuration files (use them instead of their XML equivalent)\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'\n        prefix: /_wdt\n\u003cp\u003eweb_profiler_profiler:\nresource: '\u003ccode\u003e@​WebProfilerBundle/Resources/\u003c/code\u003econfig/routing/profiler.xml'\nprefix: /_profiler\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'\n        prefix: /_wdt\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/558fe81a383302318d9b92f7661deb731153c86e\"\u003e\u003ccode\u003e558fe81\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/066e718f8dfb73c55de43470bb73ebd525343d21\"\u003e\u003ccode\u003e066e718\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/be546fdb34d7a05eb271dfe0bf2370c37472e15c\"\u003e\u003ccode\u003ebe546fd\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/36dd8b8c05da059925c5804641aad9159e5b73e8\"\u003e\u003ccode\u003e36dd8b8\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/7df2f3e74b044afb021458e044bc796f1b482572\"\u003e\u003ccode\u003e7df2f3e\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/242094c35def147d8d9aded1d46e548a4e08c80c\"\u003e\u003ccode\u003e242094c\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/76b684387f28f583fc5888f80453f9054963a5b4\"\u003e\u003ccode\u003e76b6843\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Fix failing test on PHP 8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/4865a22db9b813fa8378e98b161e022f24638d16\"\u003e\u003ccode\u003e4865a22\u003c/code\u003e\u003c/a\u003e CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/cc408ce0c45d1918d08c0c1712cb684dd04c07e0\"\u003e\u003ccode\u003ecc408ce\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/d55784450e7ebceeef3cc2b1c14247ea1b7d4ece\"\u003e\u003ccode\u003ed557844\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.382.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.382.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Api\u003c/code\u003e - Cast generated HTTP header values to strings and validate invalid header values.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SavingsPlans\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizerAutomation\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MainframeModernization\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LocationService\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Omics\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SimpleDBv2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkMailMessageFlow\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SupportApp\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EBS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTDeviceAdvisor\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MarketplaceDeployment\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds shared environment support for Restricted Instance Groups (RIGs) on SageMaker HyperPod, enabling cross-RIG workload scheduling and FSx sharing. This unlocks shared CPU-GPU environments needed for cost-efficient RL training (e.g., Nova Forge). Adds p6 instance support for recommendation jobs\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Add support for Neuron device resource requirements for Amazon ECS\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECRPublic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityIR\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTThingsGraph\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\FIS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EKSAuth\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMakerFeatureStoreRuntime\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataExchange\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Organizations\u003c/code\u003e - AWS Organizations now emits CloudTrail events (AccountJoinedOrganization, AccountDepartedOrganization) to the management account for membership changes, including join and departure method and timestamp.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EventBridge\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WellArchitected\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockDataAutomation\u003c/code\u003e - Matcher Fallback extends the CustomOutputConfiguration for the Document modality in DataAutomationProjects, enabling a fallback blueprint when no match is found. A FALLBACK match status is returned, improving the matching experience and guaranteeing customers always receive CustomOutputResults.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchRUM\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\finspace\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SSMContacts\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\NovaAct\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaLive\u003c/code\u003e - AWS Elemental MediaLive now supports Smart Subtitles, a new caption source that uses AWS Elemental Inference to automatically generate WebVTT and TTML captions from source audio. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ElementalInference\u003c/code\u003e - Added support for smart subtitles in Elemental Inference, enabling automatic generation of subtitles for media content. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizer\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PcaConnectorAd\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LaunchWizard\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTFleetWise\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BCMDashboards\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ResourceExplorer2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DocDBElastic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MPA\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralBenefits\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MemoryDB\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Inspector2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkSpacesWeb\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - OpenSearch will now support multi-segment paths in JWKS URLs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/6844cc6421c47d6b96633ab8039045012acbeb27\"\u003e\u003ccode\u003e6844cc6\u003c/code\u003e\u003c/a\u003e 3.382.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/08fe07450c46e54c25960a062aa66af9c3ba7248\"\u003e\u003ccode\u003e08fe074\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/7ebd05d0ddfd33dcadc5c0f64c4723d570aaf2e3\"\u003e\u003ccode\u003e7ebd05d\u003c/code\u003e\u003c/a\u003e fix: cast generated header values to strings (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3289\"\u003e#3289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d506bdaab8e29b18d31a46be4fe4314af5945432\"\u003e\u003ccode\u003ed506bda\u003c/code\u003e\u003c/a\u003e 3.382.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a2a4d0d4d846c4edd6ddd63242946a8ca0b549b4\"\u003e\u003ccode\u003ea2a4d0d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/38dc43d14db5663f62f7371e5b34d49e6192c2d3\"\u003e\u003ccode\u003e38dc43d\u003c/code\u003e\u003c/a\u003e chore: harden GitHub Actions workflows (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3287\"\u003e#3287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/5b4c1958d7ff9e3284b755d257a1aa1926745f6a\"\u003e\u003ccode\u003e5b4c195\u003c/code\u003e\u003c/a\u003e 3.382.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/e925c2dde5a2a4fa4cce2c8641e02b59b838841f\"\u003e\u003ccode\u003ee925c2d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/3e93512528775f12d0136a78345bac781faee481\"\u003e\u003ccode\u003e3e93512\u003c/code\u003e\u003c/a\u003e Update type to 'feature' in multipart-copy.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3288\"\u003e#3288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ab2ba5794fcfcd9826a462742bc3ef7b9fb1688b\"\u003e\u003ccode\u003eab2ba57\u003c/code\u003e\u003c/a\u003e enhancement: copy object metadata in multipartcopy (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3286\"\u003e#3286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.382.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/cache` from 7.3.1 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/cache/releases\"\u003esymfony/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.12...v7.4.13\"\u003ehttps://github.com/symfony/cache/compare/v7.4.12...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64330\"\u003e#64330\u003c/a\u003e  Fix strlen(null) deprecation on RelayCluster path in RedisTrait::doClear() (\u003ca href=\"https://github.com/signor-pedro\"\u003e\u003ccode\u003e@​signor-pedro\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64336\"\u003e#64336\u003c/a\u003e  Accept '_' and ':' in prefix passed to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.10...v7.4.12\"\u003ehttps://github.com/symfony/cache/compare/v7.4.10...v7.4.12\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-45073  Validate the prefix given to AbstractAdapter::clear() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.9...v7.4.10\"\u003ehttps://github.com/symfony/cache/compare/v7.4.9...v7.4.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64122\"\u003e#64122\u003c/a\u003e  Ensure compatibility with Relay extension 0.22.0 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/cache/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/64060\"\u003e#64060\u003c/a\u003e  Normalize default_lifetime for pools wrapped by ChainAdapter (\u003ca href=\"https://github.com/ostrolucky\"\u003e\u003ccode\u003e@​ostrolucky\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63964\"\u003e#63964\u003c/a\u003e  Ensure internal state is cleared in TagAwareAdapter::reset() … (\u003ca href=\"https://github.com/KevinMartinsDev\"\u003e\u003ccode\u003e@​KevinMartinsDev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63860\"\u003e#63860\u003c/a\u003e  Fix Psr16Cache::getMultiple() returning wrapper values when using TTL (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/cache/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63818\"\u003e#63818\u003c/a\u003e  Ensure compatibility with Relay extension 0.21.0 (\u003ca href=\"https://github.com/lyrixx\"\u003e\u003ccode\u003e@​lyrixx\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63747\"\u003e#63747\u003c/a\u003e  Fix \u003ccode\u003ePsr16Cache::getMultiple()\u003c/code\u003e returning \u003ccode\u003eValueWrapper\u003c/code\u003e with \u003ccode\u003eTagAwareAdapter\u003c/code\u003e (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63736\"\u003e#63736\u003c/a\u003e  Fix undefined array key when tag save fails in AbstractTagAwareAdapter (\u003ca href=\"https://github.com/pcescon\"\u003e\u003ccode\u003e@​pcescon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63655\"\u003e#63655\u003c/a\u003e  Fix ChainAdapter ignoring item expiry when propagating to earlier adapters (\u003ca href=\"https://github.com/guillaumeVDP\"\u003e\u003ccode\u003e@​guillaumeVDP\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/cache/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63592\"\u003e#63592\u003c/a\u003e  Add timeout and slot eviction to LockRegistry stampede prevention (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/cache/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/cache/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63437\"\u003e#63437\u003c/a\u003e  Wrap \u003ccode\u003eDoctrineDbalAdapter::doSave()\u003c/code\u003e in savepoint to prevent transaction poisoning (\u003ca href=\"https://github.com/lacatoire\"\u003e\u003ccode\u003e@​lacatoire\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63391\"\u003e#63391\u003c/a\u003e  Align Redis sentinel auth handling across components (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63324\"\u003e#63324\u003c/a\u003e  Fix DSN auth not passed to Redis/RedisCluster/Relay in RedisTrait (\u003ca href=\"https://github.com/ckrack\"\u003e\u003ccode\u003e@​ckrack\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63306\"\u003e#63306\u003c/a\u003e  Revert \u0026quot;Fix DSN auth not passed to clusters in RedisTrait\u0026quot; (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63272\"\u003e#63272\u003c/a\u003e  Fix forwarding SSL settings to the redis sentinel (\u003ca href=\"https://github.com/CientistaDaWeb\"\u003e\u003ccode\u003e@​CientistaDaWeb\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/cache/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://g...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/mautic/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fmautic/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"2.7.7","new_version":"2.9.8","update_type":"minor","path":null,"pr_created_at":"2026-05-27T21:20:37.000Z","version_change":"2.7.7 → 2.9.8","issue":{"uuid":"4535821953","node_id":"PR_kwDOPqlfLs7f_3ON","number":15,"state":"closed","title":"Bump the composer group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-27T21:47:03.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-27T21:20:37.000Z","updated_at":"2026-05-27T21:47:05.000Z","time_to_close":1586,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":12,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"symfony/web-profiler-bundle","old_version":"7.3.1","new_version":"7.4.12","repository_url":"https://github.com/symfony/web-profiler-bundle"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.382.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/security-http","old_version":"7.3.1","new_version":"7.4.13","repository_url":"https://github.com/symfony/security-http"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.23","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [symfony/web-profiler-bundle](https://github.com/symfony/web-profiler-bundle) | `7.3.1` | `7.4.12` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.382.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/security-http](https://github.com/symfony/security-http) | `7.3.1` | `7.4.13` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.23` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/web-profiler-bundle` from 7.3.1 to 7.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/releases\"\u003esymfony/web-profiler-bundle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.9...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/64172\"\u003e#64172\u003c/a\u003e  Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e (\u003ca href=\"https://github.com/MatTheCat\"\u003e\u003ccode\u003e@​MatTheCat\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.8...v7.4.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63930\"\u003e#63930\u003c/a\u003e  Fix toolbar toggle button accessibility (\u003ca href=\"https://github.com/Nitram1123\"\u003e\u003ccode\u003e@​Nitram1123\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63679\"\u003e#63679\u003c/a\u003e  Only decrement pendingRequests when it's more than zero (\u003ca href=\"https://github.com/andyexeter\"\u003e\u003ccode\u003e@​andyexeter\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63526\"\u003e#63526\u003c/a\u003e  Fix Symfony web debug toolbar not being displayed (\u003ca href=\"https://github.com/zoglo\"\u003e\u003ccode\u003e@​zoglo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/63315\"\u003e#63315\u003c/a\u003e  Fix EventSource is missing static properties (Oleksii Kozhemiaka)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/web-profiler-bundle/issues/62970\"\u003e#62970\u003c/a\u003e  Fix hot reload support (FrankenPHP) (\u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62858\"\u003esymfony/symfony#62858\u003c/a\u003e [WebProfilerBundle] Fix using URL objects with \u003ccode\u003eEventSource\u003c/code\u003e (\u003ca href=\"https://github.com/HypeMC\"\u003e\u003ccode\u003e@​HypeMC\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\"\u003ehttps://github.com/symfony/web-profiler-bundle/compare/v7.4.0-RC2...v7.4.0-RC3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62441\"\u003esymfony/symfony#62441\u003c/a\u003e [WebProfilerBundle] fix displaying runner (\u003ca href=\"https://github.com/94noni\"\u003e\u003ccode\u003e@​94noni\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/web-profiler-bundle/blob/8.1/CHANGELOG.md\"\u003esymfony/web-profiler-bundle's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForward the CSP nonce to \u003ccode\u003eDumpDataCollector\u003c/code\u003e instead of disabling CSP when \u003ccode\u003edump()\u003c/code\u003e is used\u003c/li\u003e\n\u003cli\u003eAdd console command value resolvers durations to Performances panel\u003c/li\u003e\n\u003cli\u003eAdd error indicator to profiler list view for profiles with errors\u003c/li\u003e\n\u003cli\u003eAdd cURL copy paste button in the Request/Response tab\u003c/li\u003e\n\u003cli\u003eAdd support for streamed responses in the debug toolbar\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprofiler.xml\u003c/code\u003e and \u003ccode\u003ewdt.xml\u003c/code\u003e routing configuration files (use their PHP equivalent instead)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method in the profiler\u003c/li\u003e\n\u003cli\u003eAdd support for Server-Sent Events / \u003ccode\u003eEventSource\u003c/code\u003e requests in the debug toolbar\u003c/li\u003e\n\u003cli\u003eAdd support for displaying the application runner class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eprofiler.php\u003c/code\u003e and \u003ccode\u003ewdt.php\u003c/code\u003e routing configuration files (use them instead of their XML equivalent)\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'\n        prefix: /_wdt\n\u003cp\u003eweb_profiler_profiler:\nresource: '\u003ccode\u003e@​WebProfilerBundle/Resources/\u003c/code\u003econfig/routing/profiler.xml'\nprefix: /_profiler\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003ewhen@dev:\n    web_profiler_wdt:\n        resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'\n        prefix: /_wdt\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/558fe81a383302318d9b92f7661deb731153c86e\"\u003e\u003ccode\u003e558fe81\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/066e718f8dfb73c55de43470bb73ebd525343d21\"\u003e\u003ccode\u003e066e718\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/be546fdb34d7a05eb271dfe0bf2370c37472e15c\"\u003e\u003ccode\u003ebe546fd\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Don’t try to access \u003ccode\u003eRawMessage::$headers\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/36dd8b8c05da059925c5804641aad9159e5b73e8\"\u003e\u003ccode\u003e36dd8b8\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/7df2f3e74b044afb021458e044bc796f1b482572\"\u003e\u003ccode\u003e7df2f3e\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/242094c35def147d8d9aded1d46e548a4e08c80c\"\u003e\u003ccode\u003e242094c\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/76b684387f28f583fc5888f80453f9054963a5b4\"\u003e\u003ccode\u003e76b6843\u003c/code\u003e\u003c/a\u003e [WebProfilerBundle] Fix failing test on PHP 8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/4865a22db9b813fa8378e98b161e022f24638d16\"\u003e\u003ccode\u003e4865a22\u003c/code\u003e\u003c/a\u003e CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/cc408ce0c45d1918d08c0c1712cb684dd04c07e0\"\u003e\u003ccode\u003ecc408ce\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/web-profiler-bundle/commit/d55784450e7ebceeef3cc2b1c14247ea1b7d4ece\"\u003e\u003ccode\u003ed557844\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/web-profiler-bundle/compare/v7.3.1...v7.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.382.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.382.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Api\u003c/code\u003e - Cast generated HTTP header values to strings and validate invalid header values.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SavingsPlans\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizerAutomation\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MainframeModernization\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LocationService\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Omics\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SimpleDBv2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkMailMessageFlow\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SupportApp\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EBS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTDeviceAdvisor\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MarketplaceDeployment\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds shared environment support for Restricted Instance Groups (RIGs) on SageMaker HyperPod, enabling cross-RIG workload scheduling and FSx sharing. This unlocks shared CPU-GPU environments needed for cost-efficient RL training (e.g., Nova Forge). Adds p6 instance support for recommendation jobs\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Add support for Neuron device resource requirements for Amazon ECS\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECRPublic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityIR\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTThingsGraph\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\FIS\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EKSAuth\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMakerFeatureStoreRuntime\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataExchange\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Organizations\u003c/code\u003e - AWS Organizations now emits CloudTrail events (AccountJoinedOrganization, AccountDepartedOrganization) to the management account for membership changes, including join and departure method and timestamp.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EventBridge\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WellArchitected\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockDataAutomation\u003c/code\u003e - Matcher Fallback extends the CustomOutputConfiguration for the Document modality in DataAutomationProjects, enabling a fallback blueprint when no match is found. A FALLBACK match status is returned, improving the matching experience and guaranteeing customers always receive CustomOutputResults.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchRUM\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\finspace\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SSMContacts\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\NovaAct\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaLive\u003c/code\u003e - AWS Elemental MediaLive now supports Smart Subtitles, a new caption source that uses AWS Elemental Inference to automatically generate WebVTT and TTML captions from source audio. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ElementalInference\u003c/code\u003e - Added support for smart subtitles in Elemental Inference, enabling automatic generation of subtitles for media content. Available in English, Spanish, French, German, Italian, and Portuguese.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ComputeOptimizer\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PcaConnectorAd\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\LaunchWizard\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IoTFleetWise\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BCMDashboards\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ResourceExplorer2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DocDBElastic\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MPA\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralBenefits\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MemoryDB\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Inspector2\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\WorkSpacesWeb\u003c/code\u003e - Adding new BDD representation of endpoint ruleset\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - OpenSearch will now support multi-segment paths in JWKS URLs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/6844cc6421c47d6b96633ab8039045012acbeb27\"\u003e\u003ccode\u003e6844cc6\u003c/code\u003e\u003c/a\u003e 3.382.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/08fe07450c46e54c25960a062aa66af9c3ba7248\"\u003e\u003ccode\u003e08fe074\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/7ebd05d0ddfd33dcadc5c0f64c4723d570aaf2e3\"\u003e\u003ccode\u003e7ebd05d\u003c/code\u003e\u003c/a\u003e fix: cast generated header values to strings (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3289\"\u003e#3289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d506bdaab8e29b18d31a46be4fe4314af5945432\"\u003e\u003ccode\u003ed506bda\u003c/code\u003e\u003c/a\u003e 3.382.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a2a4d0d4d846c4edd6ddd63242946a8ca0b549b4\"\u003e\u003ccode\u003ea2a4d0d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/38dc43d14db5663f62f7371e5b34d49e6192c2d3\"\u003e\u003ccode\u003e38dc43d\u003c/code\u003e\u003c/a\u003e chore: harden GitHub Actions workflows (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3287\"\u003e#3287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/5b4c1958d7ff9e3284b755d257a1aa1926745f6a\"\u003e\u003ccode\u003e5b4c195\u003c/code\u003e\u003c/a\u003e 3.382.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/e925c2dde5a2a4fa4cce2c8641e02b59b838841f\"\u003e\u003ccode\u003ee925c2d\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/3e93512528775f12d0136a78345bac781faee481\"\u003e\u003ccode\u003e3e93512\u003c/code\u003e\u003c/a\u003e Update type to 'feature' in multipart-copy.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3288\"\u003e#3288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ab2ba5794fcfcd9826a462742bc3ef7b9fb1688b\"\u003e\u003ccode\u003eab2ba57\u003c/code\u003e\u003c/a\u003e enhancement: copy object metadata in multipartcopy (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3286\"\u003e#3286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.382.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.13\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-48736  Block IPv6 transition forms in IpUtils::PRIVATE_SUBNETS (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSessionHasFlashMessage\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse::__construct()\u003c/code\u003e now accepts a \u003ccode\u003eResponseHeaderBag\u003c/code\u003e as its third argument\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eParameterBag::getInt()\u003c/code\u003e and \u003ccode\u003eParameterBag::getBoolean()\u003c/code\u003e now throw \u003ccode\u003eUnexpectedValueException\u003c/code\u003e instead of silently returning \u003ccode\u003e0\u003c/code\u003e/\u003ccode\u003efalse\u003c/code\u003e when the value cannot be converted\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/bc354f47c62301e990b7874fa662326368508e2c\"\u003e\u003ccode\u003ebc354f4\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/48d76c29a67a301e0f7779a512bf76417395ffef\"\u003e\u003ccode\u003e48d76c2\u003c/code\u003e\u003c/a\u003e security #cve-2026-48736 [HttpFoundation] Block IPv6 transition forms in IpUt...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fda5ebe3a23cd930790cb70aeac9c58d5a262b09\"\u003e\u003ccode\u003efda5ebe\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5979ae84168d6f551009278ee576676dfb87f90a\"\u003e\u003ccode\u003e5979ae8\u003c/code\u003e\u003c/a\u003e Ignore Doctrine DBAL deprecations that can't be worked around\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/10d5daa7a22d64037a4bd5195d387ecc0d2c5b3c\"\u003e\u003ccode\u003e10d5daa\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix tests for PHP 8.6: session.cookie_samesite=Lax\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/3ebc78a9507545259ec5c71afdc49d4c452e3eda\"\u003e\u003ccode\u003e3ebc78a\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Block IPv6 transition forms in IpUtils::PRIVATE_SUBNETS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/051a9622b64ac1f639665c593afbff1128cddb16\"\u003e\u003ccode\u003e051a962\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5402ad19bef111ffdd076d33d87bd400c0c38243\"\u003e\u003ccode\u003e5402ad1\u003c/code\u003e\u003c/a\u003e Remove wrong documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/c38f205c479a5f74d34034f29e59240e1ec4b795\"\u003e\u003ccode\u003ec38f205\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a762b60b37023abc3fb0d870adbdaa523606a7af\"\u003e\u003ccode\u003ea762b60\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.13\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.11...v7.4.13\"\u003ehttps://github.com/symfony/process/compare/v7.4.11...v7.4.13\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/64347\"\u003e#64347\u003c/a\u003e  Stop leaking CGI/FastCGI request-context vars to subprocesses (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.8...v7.4.11\"\u003ehttps://github.com/symfony/process/compare/v7.4.8...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/64058\"\u003e#64058\u003c/a\u003e  Ignore array env values before proc_open (\u003ca href=\"https://github.com/dionisvl\"\u003e\u003ccode\u003e@​dionisvl\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github...\n\n_Description has been truncated_","html_url":"https://github.com/HandyKnox/mautic-marketing/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HandyKnox%2Fmautic-marketing/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"2.7.7","new_version":"2.9.8","update_type":"minor","path":null,"pr_created_at":"2026-05-19T16:33:51.000Z","version_change":"2.7.7 → 2.9.8","issue":{"uuid":"4479193881","node_id":"PR_kwDOPrj8Sc7dKHaY","number":8,"state":"closed","title":"Bump the composer group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T22:10:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T16:33:51.000Z","updated_at":"2026-05-21T22:11:01.000Z","time_to_close":193027,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":8,"packages":[{"name":"phpunit/phpunit","old_version":"10.5.45","new_version":"10.5.62","repository_url":"https://github.com/sebastianbergmann/phpunit"},{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.381.3","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.69","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/http-foundation","old_version":"7.3.1","new_version":"7.4.8","repository_url":"https://github.com/symfony/http-foundation"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `10.5.45` | `10.5.62` |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.381.3` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.8` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.69` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.1` | `7.4.8` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.22` |\n\n\nUpdates `phpunit/phpunit` from 10.5.45 to 10.5.62\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 10.5.62\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.61\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.60\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 10.5.59\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 10.5 in the \u003ca href=\"https://docs.phpunit.de/en/10.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/10.5.62/ChangeLog-10.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[10.5.62] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.61] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePHPUnit\\Framework\\MockObject\u003c/code\u003e exceptions are now subtypes of \u003ccode\u003ePHPUnit\\Exception\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.60] - 2025-12-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with PHP 8.4 to work around PHP-Scoper issue \u003ca href=\"https://redirect.github.com/humbug/php-scoper/issues/1139\"\u003e#1139\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.59] - 2025-12-01\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6338\"\u003e#6338\u003c/a\u003e: Removed code from \u003ccode\u003ePHPUnit\\Runner\\TestSuiteSorter\u003c/code\u003e that was only used in the tests for this class\u003c/li\u003e\n\u003cli\u003eUpdated list of deprecated PHP configuration settings for PHP 8.4, PHP 8.5, and PHP 8.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.58] - 2025-09-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6368\"\u003e#6368\u003c/a\u003e: \u003ccode\u003efailOnPhpunitWarning=\u0026quot;false\u0026quot;\u003c/code\u003e has no effect\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.57] - 2025-09-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.56] - 2025-09-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes; \u003ccode\u003ephpunit.phar\u003c/code\u003e rebuilt with updated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.55] - 2025-09-14\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6366\"\u003e#6366\u003c/a\u003e: Exclude \u003ccode\u003e__sleep()\u003c/code\u003e and \u003ccode\u003e__wakeup()\u003c/code\u003e from test double code generation on PHP \u0026gt;= 8.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.54] - 2025-09-11\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not use \u003ccode\u003e__sleep()\u003c/code\u003e method (which will be deprecated in PHP 8.5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[10.5.53] - 2025-08-20\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3f7dd5066ebde5809296a81f0b19e8b00e5aab49\"\u003e\u003ccode\u003e3f7dd50\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/9c95cf0cdfdc72e74597aa0cf3c4769ed32b83f0\"\u003e\u003ccode\u003e9c95cf0\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/fea06253ecc0a32faf787bd31b261f56f351d049\"\u003e\u003ccode\u003efea0625\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1a677f663f09de85b97e1a7d03823890594cdba9\"\u003e\u003ccode\u003e1a677f6\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1015741814413c156abb0f53d7db7bbd03c6e858\"\u003e\u003ccode\u003e1015741\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/e5cda18b342c4e346d47c6e6cc5c51c0e681c8fd\"\u003e\u003ccode\u003ee5cda18\u003c/code\u003e\u003c/a\u003e Fix bad merge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a8b932bd41c5a6d689b2751f1be68406c97ea55c\"\u003e\u003ccode\u003ea8b932b\u003c/code\u003e\u003c/a\u003e Merge branch '9.6' into 10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/1cce5f3ac2eec234cc0ce2f90ab9d5b80b240bea\"\u003e\u003ccode\u003e1cce5f3\u003c/code\u003e\u003c/a\u003e Merge branch '8.5' into 9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/3141742e00620e2968d3d2e732d320de76685fda\"\u003e\u003ccode\u003e3141742\u003c/code\u003e\u003c/a\u003e Do not run PHPT test when its temporary file for code coverage information ex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0b3170aaebeb461133937cfd92e5beb0348c0a2b\"\u003e\u003ccode\u003e0b3170a\u003c/code\u003e\u003c/a\u003e We do not need to unserialize() objects here\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/10.5.45...10.5.62\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.381.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.381.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QuickSight\u003c/code\u003e - Support for dataset enrichment and geo spatial in new data preparation experience\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\IVS\u003c/code\u003e - Adds support for up to 3 mediaTailorPlaybackConfiguration objects in an ad configuration resource\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Amazon Connect Cases now supports SLA durations of up to 2 years (1,051,200 minutes), increased from the previous maximum of 90 days (129,600 minutes). This enables you to track long-running service level agreements for cases that require extended resolution timelines.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Evs\u003c/code\u003e - Amazon EVS now supports up to 32 hosts per EVS environment, increasing the previous host limit to allow a larger scale of VMware workload deployments and reduce operational overhead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Amazon ECS now supports Pause lifecycle hooks for service deployments, allowing customers to automatically pause deployments at specified stages and use the new ContinueServiceDeployment API to continue or roll back with confidence.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AccessAnalyzer\u003c/code\u003e - Services manage service-linked analyzers through dedicated APIs - CreateServiceLinkedAnalyzer and DeleteServiceLinkedAnalyzer that separate service-linked specific operations from customer-managed operations. It also shows up in ListAnalyzers and GetAnalyzer responses.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EC2\u003c/code\u003e - Amazon VPC IP Address Manager (IPAM) now supports tags on IPAM pool allocations, enabling all standard tagging features for allocations including tag-on-create.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.381.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\\u003c/code\u003e - Fix circular reference cycles caused by non-static middleware closures implicitly capturing $this in AwsClient, GlacierClient, Route53Client, S3Client, S3MultiRegionClient, and Middleware.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchLogs\u003c/code\u003e - Updating the max limit for start query api parameter.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralSelling\u003c/code\u003e - Enable TCV intake on Opportunity to improve Opportunities Hygiene and downstream revenue attribution.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaPackageV2\u003c/code\u003e - This release adds support for AvailabilityStartTimeConfiguration in MediaPackageV2 DASH manifests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.381.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ManagedGrafana\u003c/code\u003e - Adds support for dual-stack (IPv4 and IPv6) connectivity to Amazon Managed Grafana workspaces. Customers can configure the ipAddressType parameter when creating or updating a workspace to choose between IPv4-only or dual-stack (IPv4 and IPv6) access.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QConnect\u003c/code\u003e - ListModels is an API that returns the available AI models for a Connect Assistant based on its region and AI prompt type.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataZone\u003c/code\u003e - Adds support for SageMaker Unified Studio notebook operations, including notebook import and export\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudFront\u003c/code\u003e - Adding a new boolean for OCSP Revocations in Viewer mTLS Create and Update APIs, and adding a new 'Passthrough' option for TrustStore modes\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Bedrock\u003c/code\u003e - Advanced Prompt Optimization (AdvPO) allows you to optimize and migrate your prompts for any model on Bedrock by automatically evaluating responses and rewriting prompts to improve performance. This release provides a programmatic way to create, get, list, stop, and delete AdvPO jobs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\mgn\u003c/code\u003e - Introducing new option for security groups mapping - with MAP-DHCP the service translates security rules from your source environment with DHCP compatibility.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DatabaseMigrationService\u003c/code\u003e - Add 9 SDK waiters for DMS Schema Conversion async operations. Eliminates manual polling for import, assessment, conversion, export, and creation jobs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - Release --has-databases parameter for AWS Glue get-catalogs API, which filters catalog responses to include only those capable of containing databases, excluding parent catalogs that hold only other catalogs. Remove model-level validation on partition index list size for AWS Glue tables.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.381.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Endpoints\u003c/code\u003e - Introduces endpoint resolution through a BDD rules based evaluation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eAdd BDD-based endpoint resolution alongside the existing Tree Ruletset Evaluator.\u003c/li\u003e\n\u003cli\u003eIntroduce a Bdd package under EndpointV2 namespace containing utilities and components used for resolving an endpoint through BDDs.\u003c/li\u003e\n\u003cli\u003eEnhance the EndpointDefinitionProvider to resolve the endpoint rule definitions by giving preference to BDDs \u0026quot;endpoint-bdd-1.json\u0026quot; rules over tree based rules.\u003c/li\u003e\n\u003cli\u003eEnhance EndpointProviderV2 to support both, BDD endpoint resolution and Tree\nendpoint resolution but also giving preference to BDD resolution.\nHow is it done?\n\u003cul\u003e\n\u003cli\u003eThe parameter $ruleset now supports instances of BddRuleset, besides of array to preserve existent behavior, and when an instance of BddRuleset is present then a BDD Evaluator is instantiated which will be used to resolve the endpoint.\u003c/li\u003e\n\u003cli\u003eOtherwise, if an array or an instance of Ruleset is passed in then, we resolve the endpoint with the Tree based endpoint resolution, which is the current behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd a new method \u0026quot;getActiveParameters\u0026quot; in EndpointProviderV2 that is used by\nthe EndpointV2Middleware to get the active parameters, which internally  it just evaluates which rule set property we should be getting the parameters from, either from $bddRuleset if not null or from $ruleset.\u003c/li\u003e\n\u003cli\u003eEnhance EndpointV2Middleware to consume the new getActiveParameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCampaignsV2\u003c/code\u003e - This release added support for Outbound Campaign timezone detection using all available contact methods\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - AWS Glue now defaults the job timeout to 480 minutes for Glue version 5.0 and later when no timeout value is specified. The default remains 2,880 minutes for Glue version 4.0 and earlier.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Batch\u003c/code\u003e - Adds a billing callout to docs regarding using the CE Scale Down Delay feature\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DSQL\u003c/code\u003e - Added support for Amazon Aurora DSQL change data capture (CDC) streams that deliver row-level database changes to Amazon Kinesis in JSON format. Includes CreateStream, GetStream, ListStreams, and DeleteStream operations.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Lightsail\u003c/code\u003e - Added OriginIpAddressTypeEnum (ipv4, ipv6, dualstack) and ipAddressType field to Origin and InputOrigin structures for Lightsail CDN distributions. Allows customers to specify how the distribution connects to origins, using IPv4, IPv6, or dualstack networking\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCoreControl\u003c/code\u003e - Adds support for read-only summary APIs for Policy Engine, Policy, and Policy Generation resources, enabling metadata retrieval without KMS decryption for AWS Config integration.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BillingConductor\u003c/code\u003e - Add ConflictException to UpdateCustomLineItem operation.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\OpenSearchService\u003c/code\u003e - Adds support for AutomatedSnapshotPauseOptions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\PartnerCentralAccount\u003c/code\u003e - Added ServiceQuotaExceededExceptions for Profile operations\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\EC2\u003c/code\u003e - Include length limits in the SDK and documentation for text fields in Image (AMI) APIs such as the image name and description\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/989f4776aed2a3b184a5b64046542e8fe66e99e2\"\u003e\u003ccode\u003e989f477\u003c/code\u003e\u003c/a\u003e 3.381.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/8f741343da351f103a98fe3468e08d953cf361d7\"\u003e\u003ccode\u003e8f74134\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/ffa8a93faafea878155853ae2caf61871363869d\"\u003e\u003ccode\u003effa8a93\u003c/code\u003e\u003c/a\u003e 3.381.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/8b8177b1c3e5104f722a31b57c646393e74cd2a8\"\u003e\u003ccode\u003e8b8177b\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/600202c07ac7557158629bb460b875688ffc875e\"\u003e\u003ccode\u003e600202c\u003c/code\u003e\u003c/a\u003e fix: break circular reference cycles from non-static closures (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/405affc23ea14950c378d5ae79420302fcb467dc\"\u003e\u003ccode\u003e405affc\u003c/code\u003e\u003c/a\u003e 3.381.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/2648eda3118aa692efbe23b8618124605f12d60f\"\u003e\u003ccode\u003e2648eda\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/c1d3326c6b3d13b9209ae8f1399be0973095b20b\"\u003e\u003ccode\u003ec1d3326\u003c/code\u003e\u003c/a\u003e 3.381.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/d070ae900e158a4c5353434c1a1cbc116a6815b5\"\u003e\u003ccode\u003ed070ae9\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/761a190a52fea7a1da9bc3273246e87aa9c77f80\"\u003e\u003ccode\u003e761a190\u003c/code\u003e\u003c/a\u003e feat: endpoints bdd (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3276\"\u003e#3276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.381.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.69\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.69\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.68\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.67...2.1.68\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.69):\n\u003cul\u003e\n\u003cli\u003eOnly fixes a release error; there are no changes to the functionality.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-05-07  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.68):\n\u003cul\u003e\n\u003cli\u003eFixing bug where uploading large files sometimes fails (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3761\"\u003e#3761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incorrect URL generation in getContentUrl() (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epressing minimized button ( - ) on the editor while the editor is maximized will close the editor (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3737\"\u003e#3737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate deprecated php type casts (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3739\"\u003e#3739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mime): normalize MIME mappings and regenerate elFinder.mimetypes.js\u003c/li\u003e\n\u003cli\u003eUpdate Russian translation and authorship details (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(dev): add MIME mapping generator script\u003c/li\u003e\n\u003cli\u003eUse Array.isArray instead of $.isArray (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3771\"\u003e#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded \u0026quot;SVG image\u0026quot; \u0026amp; \u0026quot;WEBP image\u0026quot; file type description to \u0026quot;Kind\u0026quot; column when in list view (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3738\"\u003e#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrectly urlencode path in setcookie(); fix Studio-42#3538 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3754\"\u003e#3754\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md\u003c/li\u003e\n\u003cli\u003efix: Pixo Image Editor JS path\u003c/li\u003e\n\u003cli\u003eupdate: [css] change font-size of preview\u003c/li\u003e\n\u003cli\u003efix: improve PHP 8 compatibility in session, cURL, and callback handling (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare elFinder for jQuery 4 sup (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3781\"\u003e#3781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: example html, js\u003c/li\u003e\n\u003cli\u003ebuild: add elfinder-minimal\u003c/li\u003e\n\u003cli\u003efeat(editor): add signed callback state storage for external save handlers\u003c/li\u003e\n\u003cli\u003efix(connector): add CSRF token validation and refresh flow\u003c/li\u003e\n\u003cli\u003efix(connector): refine CSRF token refresh timing and protected commands\u003c/li\u003e\n\u003cli\u003efix(js): guard CSRF reload check when xhr is missing\u003c/li\u003e\n\u003cli\u003efix(onedrive): prefer cached Graph download URLs for file access\u003c/li\u003e\n\u003cli\u003ePreserve i18n keys in mount errors\u003c/li\u003e\n\u003cli\u003efix:\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3782\"\u003e#3782\u003c/a\u003e avoid E_STRICT on PHP 8.4+\u003c/li\u003e\n\u003cli\u003eUpdate safe CDN versions for external JS libs\u003c/li\u003e\n\u003cli\u003eNormalize MPD text/xml MIME type\u003c/li\u003e\n\u003cli\u003e[i18n:ja] Update elfinder.ja.js\u003c/li\u003e\n\u003cli\u003efix(connector): normalize PHP error handling and mount failures\u003c/li\u003e\n\u003cli\u003echore(js): update default CDN library versions\u003c/li\u003e\n\u003cli\u003echore: ignore local IDE project files\u003c/li\u003e\n\u003cli\u003edocs: fix correct the incorrect date\u003c/li\u003e\n\u003cli\u003e[security] [VD:MySQL] normalize numeric object ids for SQL usage\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2026-04-17  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/8f2c3ffafcdd52cf4515f1eec172f4eee44552ad\"\u003e\u003ccode\u003e8f2c3ff\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.69\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/0ceddfa31dad41aa5cb394492c44f8382c7042d5\"\u003e\u003ccode\u003e0ceddfa\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/28af5275b3e1a2dd9b45d6ddb14c9c67bc4c5f9a\"\u003e\u003ccode\u003e28af527\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-37f02ff51\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c6824bca4c3a07d8d7704711ae27c9ee042fc983\"\u003e\u003ccode\u003ec6824bc\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.68\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/9600a9a3f5cf1cd97dbb478060e4e8fd87a6f17c\"\u003e\u003ccode\u003e9600a9a\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/d03a9c7ad84ce0b6c33f25c2eb570e7d13d07fe9\"\u003e\u003ccode\u003ed03a9c7\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-94b5e89b0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/c602dbff3f7095e5dc890c1352a2b18b67046265\"\u003e\u003ccode\u003ec602dbf\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-1ed673a0b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/22223f3dc75047b106d2c938b6821c49748c7e30\"\u003e\u003ccode\u003e22223f3\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-baf5feec0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/e4b414af69b6d55d41000b52e3b2162d77e545f8\"\u003e\u003ccode\u003ee4b414a\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-bf852fb75\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/6155d27abba41cac739e1ff7ce5176ec01f3ec06\"\u003e\u003ccode\u003e6155d27\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-344d7c5e9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.69\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSessionHasFlashMessage\u003c/code\u003e test constraint\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse::__construct()\u003c/code\u003e now accepts a \u003ccode\u003eResponseHeaderBag\u003c/code\u003e as its third argument\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eParameterBag::getInt()\u003c/code\u003e and \u003ccode\u003eParameterBag::getBoolean()\u003c/code\u003e now throw \u003ccode\u003eUnexpectedValueException\u003c/code\u003e instead of silently returning \u003ccode\u003e0\u003c/code\u003e/\u003ccode\u003efalse\u003c/code\u003e when the value cannot be converted\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/9381209597ec66c25be154cbf2289076e64d1eab\"\u003e\u003ccode\u003e9381209\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f94b3e7b7dafd40e666f0c9ff2084133bae41e81\"\u003e\u003ccode\u003ef94b3e7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cffffd0a2c037117b742b4f8b379a22a2a33f6d2\"\u003e\u003ccode\u003ecffffd0\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix session cookie_lifetime not applied in mock session storage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fd97d5e926e988a363cef56fbbf88c5c528e9065\"\u003e\u003ccode\u003efd97d5e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5bb346d1b4b2a616e5c3d99b3ee4d5810735c535\"\u003e\u003ccode\u003e5bb346d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Handle empty session data in updateTimestamp() to fix compat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/17de1a39c0ed8dc062df993d65c7269502a2ec78\"\u003e\u003ccode\u003e17de1a3\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31b030e12f6662a7016add28fe29b70327dacf86\"\u003e\u003ccode\u003e31b030e\u003c/code\u003e\u003c/a\u003e stop using with*() without expects()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/36ba5c7a025c05a92cd4a753abbe1781442c8414\"\u003e\u003ccode\u003e36ba5c7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31e2a27d480546f031bd4fc6f1ec8a7abdd62bb1\"\u003e\u003ccode\u003e31e2a27\u003c/code\u003e\u003c/a\u003e BinaryFileResponse: always return 206 if Range is valid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/669ac23030db4cc4314e7a9ada4e258752266ec1\"\u003e\u003ccode\u003e669ac23\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.8...v7.4.11\"\u003ehttps://github.com/symfony/process/compare/v7.4.8...v7.4.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/64058\"\u003e#64058\u003c/a\u003e  Ignore array env values before proc_open (\u003ca href=\"https://github.com/dionisvl\"\u003e\u003ccode\u003e@​dionisvl\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/d9593c9efa40499eb078b81144de42cbc28a31f0\"\u003e\u003ccode\u003ed9593c9\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6c93071cb8c91dce5a41960d125e019e64ef6cb5\"\u003e\u003ccode\u003e6c93071\u003c/code\u003e\u003c/a\u003e [Process] Ignore array env values before proc_open\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/7eab480275d91096356c2217e0d3a1ae46bc4961\"\u003e\u003ccode\u003e7eab480\u003c/code\u003e\u003c/a\u003e [7.4] Remove usages of named arguments in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/89c0b2214a31fce737e3474a1eb37c20a1b31260\"\u003e\u003ccode\u003e89c0b22\u003c/code\u003e\u003c/a\u003e Update XSD references in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/e79d4458ee6f2610a35365136713d55e8e8c859a\"\u003e\u003ccode\u003ee79d445\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/7b8e6e883ecdb0d9295cde593081afe8805207c3\"\u003e\u003ccode\u003e7b8e6e8\u003c/code\u003e\u003c/a\u003e More CS fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/2df4ad6ba902295a6093dbf1c01c98446c36099c\"\u003e\u003ccode\u003e2df4ad6\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/57313310a02ecd61cff81ca37baec68af4dd743f\"\u003e\u003ccode\u003e5731331\u003c/code\u003e\u003c/a\u003e CS fixes - native_function_invocation \u0026amp; static_lambda\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/736ed5259a08c4c503e56dbea9f1ef709f290892\"\u003e\u003ccode\u003e736ed52\u003c/code\u003e\u003c/a\u003e [CS] Back config from 8.1 and apply heredoc_indentation rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/749ba429c9814f698a8ac61ab40de2c5184ae598\"\u003e\u003ccode\u003e749ba42\u003c/code\u003e\u003c/a\u003e Add deprecationTrigger ignoreUndefinedTriggers=\u0026quot;true\u0026quot; in phpunit.xml.dist files\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.0...v7.4.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.8 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--inf...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/mautic/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fmautic/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"2.9.5","new_version":"2.9.8","update_type":"patch","path":"/composer/helpers/v2 in the prod-dependencies group across 1 directory","pr_created_at":"2026-05-02T22:28:11.000Z","version_change":"2.9.5 → 2.9.8","issue":{"uuid":"4370247700","node_id":"PR_kwDOPVt0zc7Xs1NR","number":121,"state":"closed","title":"Bump composer/composer from 2.9.5 to 2.9.8 in /composer/helpers/v2 in the prod-dependencies group across 1 directory","user":"dependabot[bot]","labels":["dependencies","php","L: php:composer"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T22:50:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-02T22:28:11.000Z","updated_at":"2026-05-19T22:50:29.000Z","time_to_close":1470136,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.8","repository_url":"https://github.com/composer/composer"}],"path":"/composer/helpers/v2 in the prod-dependencies group across 1 directory","ecosystem":"packagist"},"body":"Bumps the prod-dependencies group with 1 update in the /composer/helpers/v2 directory: [composer/composer](https://github.com/composer/composer).\n\nUpdates `composer/composer` from 2.9.5 to 2.9.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (\u003ca href=\"https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\"\u003ehttps://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2\u003c/a\u003e / CVE-2026-45793)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.7...2.9.8\"\u003ehttps://github.com/composer/composer/compare/2.9.7...2.9.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.8] 2026-05-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/39ee8baff8e97a1b657bbfcd6a236ff93a5efbb2\"\u003e\u003ccode\u003e39ee8ba\u003c/code\u003e\u003c/a\u003e Release 2.9.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fa0f839011f5fdf20af5fa2c0fd485ad0ebb6632\"\u003e\u003ccode\u003efa0f839\u003c/code\u003e\u003c/a\u003e Fix ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd6cda27aa11f565aa2d0fa2ade191ed74e3d158\"\u003e\u003ccode\u003ebd6cda2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f5e7f9fbfa541137d6d1d5643ec3b718e9d5039\"\u003e\u003ccode\u003e3f5e7f9\u003c/code\u003e\u003c/a\u003e Fix regexp to support new GitHub installation tokens format (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12853\"\u003e#12853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4bdb77926affdcad0c3c1bac59e99aadfaf91f82\"\u003e\u003ccode\u003e4bdb779\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/JaclynCodes/dependabot-core/pull/121","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaclynCodes%2Fdependabot-core/issues/121","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/121/packages"}},{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":null,"pr_created_at":"2026-04-27T01:56:01.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4332634915","node_id":"PR_kwDOPWpqaM7VzQ5i","number":84,"state":"open","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-27T01:56:01.000Z","updated_at":"2026-04-27T01:56:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/jazzsequence/satis-server/pull/84","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jazzsequence%2Fsatis-server/issues/84","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/84/packages"}},{"old_version":"2.8.12","new_version":"2.9.7","update_type":"minor","path":null,"pr_created_at":"2026-04-18T10:26:29.000Z","version_change":"2.8.12 → 2.9.7","issue":{"uuid":"4287649741","node_id":"PR_kwDOD3agoM7TkLId","number":915,"state":"open","title":"Bump the composer group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","stale","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-18T10:26:29.000Z","updated_at":"2026-05-04T03:37:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":6,"packages":[{"name":"composer/composer","old_version":"2.8.12","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"psy/psysh","old_version":"0.12.10","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"},{"name":"symfony/http-foundation","old_version":"7.3.4","new_version":"7.3.11","repository_url":"https://github.com/symfony/http-foundation"},{"name":"google/protobuf","old_version":"4.32.1","new_version":"4.33.6","repository_url":"https://github.com/protocolbuffers/protobuf-php"},{"name":"phpunit/phpunit","old_version":"11.5.42","new_version":"11.5.55","repository_url":"https://github.com/sebastianbergmann/phpunit"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [composer/composer](https://github.com/composer/composer) | `2.8.12` | `2.9.7` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.10` | `0.12.22` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.4` | `7.3.11` |\n| [google/protobuf](https://github.com/protocolbuffers/protobuf-php) | `4.32.1` | `4.33.6` |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `11.5.42` | `11.5.55` |\n\n\nUpdates `composer/composer` from 2.8.12 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.8.12...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.10 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.10...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62502\"\u003esymfony/symfony#62502\u003c/a\u003e [HttpFoundation] Fix Expires response header for EventStream (\u003ca href=\"https://github.com/4513\"\u003e\u003ccode\u003e@​4513\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62246\"\u003esymfony/symfony#62246\u003c/a\u003e [HttpFoundation] Allow Request::setFormat() to override predefined formats (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62153\"\u003esymfony/symfony#62153\u003c/a\u003e [HttpFoundation] Fix issue where ServerEvent with \u0026quot;0\u0026quot; data is not sent (\u003ca href=\"https://github.com/santysisi\"\u003e\u003ccode\u003e@​santysisi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5347db9d709bb003722abfdc03990f3f21c53db5\"\u003e\u003ccode\u003e5347db9\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f1a490cc9d595ba7ebe684220e625d1e472ad278\"\u003e\u003ccode\u003ef1a490c\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix PdoSessionHandler charset-collation mismatch with the Do...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cc4ae963efd984204c0224605ae821382b791462\"\u003e\u003ccode\u003ecc4ae96\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a7c652d0d0a6be8fbf9dead2e36f31e46c482adf\"\u003e\u003ccode\u003ea7c652d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix double-prefixing of session keys when using redis/memcached\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/66e496a79d33160cecaf1569871a39ec0510fb11\"\u003e\u003ccode\u003e66e496a\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/4a673e9797bf5c2db347ae0e5f7880bb572cc061\"\u003e\u003ccode\u003e4a673e9\u003c/code\u003e\u003c/a\u003e do not use PHPUnit mock objects without configured expectations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/6dc98931a559065ff8f968ae0e461e600a321291\"\u003e\u003ccode\u003e6dc9893\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a35ee6f47e4775179704d7877a8b0da3cb09241a\"\u003e\u003ccode\u003ea35ee6f\u003c/code\u003e\u003c/a\u003e [HttpFoundation][Cache] Fix VARBINARY columns on sqlsrv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/8cdae4e108673e0d3e4f18ef2ee79ff5023beeac\"\u003e\u003ccode\u003e8cdae4e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/0384c62b79d96e9b22d77bc1272c9e83342ba3a6\"\u003e\u003ccode\u003e0384c62\u003c/code\u003e\u003c/a\u003e minor \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/62519\"\u003e#62519\u003c/a\u003e [HttpFoundation] Fix Request getPathInfo docblock (bobvandevijver)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/e579464d74525bf5eca45cbc984126a461879c3e\"\u003e\u003ccode\u003ee579464\u003c/code\u003e\u003c/a\u003e [Process] Ignore invalid env var names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/cbfa8595e86911b7c9dcd6e80e2205e82be86180\"\u003e\u003ccode\u003ecbfa859\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/8541b7308fca001320e90bca8a73a28aa5604a6e\"\u003e\u003ccode\u003e8541b73\u003c/code\u003e\u003c/a\u003e [Process] Fix dealing with broken stdin pipes\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google/protobuf` from 4.32.1 to 4.33.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/84b008c23915ed94536737eae46f41ba3bccfe67\"\u003e\u003ccode\u003e84b008c\u003c/code\u003e\u003c/a\u003e 4.33.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/1debe453db83159b98a38df5a3737feb1e8ef016\"\u003e\u003ccode\u003e1debe45\u003c/code\u003e\u003c/a\u003e 5.34.0 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/3f6644d863943ebedafacfbfff2cb1c967a766b2\"\u003e\u003ccode\u003e3f6644d\u003c/code\u003e\u003c/a\u003e 5.34.0RC2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/6fd2d13a7591515c8d09e6278f1a42a78e1adeac\"\u003e\u003ccode\u003e6fd2d13\u003c/code\u003e\u003c/a\u003e 4.29.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/ebe8010a61b2ae0cff0d246fe1c4d44e9f7dfa6d\"\u003e\u003ccode\u003eebe8010\u003c/code\u003e\u003c/a\u003e 4.33.5 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/a217acb35241a96fd6d6280e2b2540c30bd028f7\"\u003e\u003ccode\u003ea217acb\u003c/code\u003e\u003c/a\u003e 5.34.0RC1 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/22d28025cda0d223a2e48c2e16c5284ecc9f5402\"\u003e\u003ccode\u003e22d2802\u003c/code\u003e\u003c/a\u003e 4.33.4 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/281537d44d6c270606354e65bfa75a0969dbd629\"\u003e\u003ccode\u003e281537d\u003c/code\u003e\u003c/a\u003e 4.33.3 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/fbd96b7bf1343f4b0d8fb358526c7ba4d72f1318\"\u003e\u003ccode\u003efbd96b7\u003c/code\u003e\u003c/a\u003e 4.33.2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/0cd73ccf0cd26c3e72299cce1ea6144091a57e12\"\u003e\u003ccode\u003e0cd73cc\u003c/code\u003e\u003c/a\u003e 4.33.1 sync\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protocolbuffers/protobuf-php/compare/v4.32.1...v4.33.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phpunit/phpunit` from 11.5.42 to 11.5.55\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 11.5.55\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.54\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.53\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.52\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/11.5.55/ChangeLog-11.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[11.5.55] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.54] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.53] - 2026-02-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.52] - 2026-02-08\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.51] - 2026-02-05\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6488\"\u003e#6488\u003c/a\u003e: Allow disabling issue trigger identification for improved performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6486\"\u003e#6486\u003c/a\u003e: Incorrect file name reported for errors for test methods declared in traits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6490\"\u003e#6490\u003c/a\u003e: Incorrect test count when tests are skipped in before-class method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.50] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.49] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6362\"\u003e#6362\u003c/a\u003e: Manually instantiated test doubles are broken since PHPUnit 11.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6470\"\u003e#6470\u003c/a\u003e: Infinite recursion in \u003ccode\u003eCount::getCountOf()\u003c/code\u003e for unusal implementations of \u003ccode\u003eIterator\u003c/code\u003e or \u003ccode\u003eIteratorAggregate\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.48] - 2026-01-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/adc7262fccc12de2b30f12a8aa0b33775d814f00\"\u003e\u003ccode\u003eadc7262\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0f31bcfdab285459bfee3eb7af8218aaeb0c09d5\"\u003e\u003ccode\u003e0f31bcf\u003c/code\u003e\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/eb7d132e95d824bbfd728eb2c8589191424f178a\"\u003e\u003ccode\u003eeb7d132\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0325337f13bed9a5a2dcf3dbb1d1216596d8c932\"\u003e\u003ccode\u003e0325337\u003c/code\u003e\u003c/a\u003e Update ChangeLog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/24136927c3b8bee3b289a56144e7b340556bd194\"\u003e\u003ccode\u003e2413692\u003c/code\u003e\u003c/a\u003e Classify issue trigger as \u0026quot;unknown\u0026quot; only when it is not \u0026quot;self\u0026quot;, \u0026quot;direct\u0026quot;, or ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/8811c224c7dded079e3c72eeb3a5794cd8cffd8e\"\u003e\u003ccode\u003e8811c22\u003c/code\u003e\u003c/a\u003e Test all possible combinations (even if not all of them make sense)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/79f11ae1a161217845766f21435ee8bb6dc12c6b\"\u003e\u003ccode\u003e79f11ae\u003c/code\u003e\u003c/a\u003e Remove IssueTrigger::unknown()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/6589f445de2a4abbc24812d0b81fe2d5423e95e6\"\u003e\u003ccode\u003e6589f44\u003c/code\u003e\u003c/a\u003e Fall back to null instead of Code::ThirdParty when we cannot classify a file ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a64de8a9d42fe67e785b401e2dfaf472ef18f682\"\u003e\u003ccode\u003ea64de8a\u003c/code\u003e\u003c/a\u003e Narrow type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a2300423541356160a40f8dc327cb73f65bb78eb\"\u003e\u003ccode\u003ea230042\u003c/code\u003e\u003c/a\u003e Resurrect test that got lost while reorganizing tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/11.5.42...11.5.55\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| phpunit/phpunit | [\u003e= 10.a, \u003c 11] |\n\u003c/details\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/acquia/drupal-recommended-project/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/acquia/drupal-recommended-project/pull/915","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/acquia%2Fdrupal-recommended-project/issues/915","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/915/packages"}},{"old_version":"2.7.7","new_version":"2.9.7","update_type":"minor","path":null,"pr_created_at":"2026-04-18T06:20:20.000Z","version_change":"2.7.7 → 2.9.7","issue":{"uuid":"4287012344","node_id":"PR_kwDOPrj8Sc7TiPCR","number":4,"state":"closed","title":"Bump the composer group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-28T22:56:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-18T06:20:20.000Z","updated_at":"2026-04-28T22:56:16.000Z","time_to_close":923754,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":7,"packages":[{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.379.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.67","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/http-foundation","old_version":"7.3.1","new_version":"7.4.8","repository_url":"https://github.com/symfony/http-foundation"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.379.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.7` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.67` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.1` | `7.4.8` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.22` |\n\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.379.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.379.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCampaignsV2\u003c/code\u003e - This release adds support for campaign entry limits configuration and hourly refresh frequency in Amazon Connect Outbound Campaigns.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\STS\u003c/code\u003e - The STS client now supports configuring SigV4a through the auth scheme preference setting. SigV4a uses asymmetric cryptography, enabling customers using long-term IAM credentials to continue making STS API calls even when a region is isolated from the partition leader.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\GroundStation\u003c/code\u003e - Adds support for updating contacts, listing antennas, and listing ground station reservations. New API operations - UpdateContact, ListContactVersions, DescribeContactVersion, ListAntennas, and ListGroundStationReservations.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CleanRooms\u003c/code\u003e - This release adds support for configurable spark properties for Cleanrooms PySpark workloads.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Neptune\u003c/code\u003e - Improving Documentation for Neptune\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds support for providing NetworkInterface for efa enabled instances and Simplified cluster creation for Slurm-orchestrated clusters with optional Lifecycle Script (LCS) configuration.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QuickSight\u003c/code\u003e - Public release of dashboard customization summary, S3 Tables data source type, Athena cross-account connector, custom sorting for controls, and AI-powered analysis generation.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - ImportDiskImage API adds registerImageOptions for Secure Boot control and custom UEFI data. It adds windowsConfiguration for selecting a specific edition from multi-image .wim files during ISO import.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Fixes in SDK for customers using TestCase APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataZone\u003c/code\u003e - Launching SMUS IAM domain SDK support\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchLogs\u003c/code\u003e - Endpoint update for CloudWatch Logs Streaming APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CognitoIdentityProvider\u003c/code\u003e - Adds support for passkey-based multi-factor authentication in Cognito User Pools. Users can authenticate securely using FIDO2-compliant passkeys with user verification, enabling passwordless MFA flows while maintaining backward compatibility with password-based authentication\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - Amazon Connect Customer Profiles adds RecommenderSchema CRUD APIs for custom ML training columns. CreateRecommender and CreateRecommenderFilter now accept optional RecommenderSchemaName.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Added error handling for service quota limits\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Deprecate the userId from the Chat operations. This update also removes support of AllowVendedLogDeliveryForResource API from AWS SDKs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatch\u003c/code\u003e - Update documentation of alarm mute rules start and end date fields\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing NamespacePath in AgentCore Memory to support hierarchical prefix based memory record retrieval.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AutoScaling\u003c/code\u003e - This release adds support for specifying Availability Zone IDs as an alternative to Availability Zone names when creating or updating Auto Scaling groups.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for Elemental Inference powered smart crop feature, enabling video verticalization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\drs\u003c/code\u003e - Updating regex for identification of AWS Regions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RDS\u003c/code\u003e - Adds a new DescribeServerlessV2PlatformVersions API to describe platform version properties for Aurora Serverless v2. Also introduces a new valid maintenance action value for serverless platform version updates.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - This release updates the Amazon Connect Rules CRUD APIs to support a new EventSourceName - OnEmailAnalysisAvailable. Use this event source to trigger rules when conversational analytics results are available for email contacts.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AppStream\u003c/code\u003e - Add content redirection to Update Stack\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Interconnect\u003c/code\u003e - Initial release of AWS Interconnect -- a managed private connectivity service that enables you to create high-speed network connections between your AWS Virtual Private Clouds (VPCs) and your VPCs on other public clouds or your on-premise networks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - This release introduces changes to SegmentDefinition APIs to support sorting by attributes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Deadline\u003c/code\u003e - Adds GetMonitorSettings and UpdateMonitorSettings APIs to Deadline Cloud. Enables reading and writing monitor settings as key-value pairs (up to 64 keys per monitor). UpdateMonitorSettings supports upsert and delete (via empty value) semantics and is idempotent.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - AWS Glue now defaults to Glue version 5.1 for newly created jobs if the Glue version is not specified in the request, and UpdateJob now preserves the existing Glue version of a job when the Glue version is not specified in the update request.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityHub\u003c/code\u003e - Provide organizational unit scoping capability for GetFindingsV2, GetFindingStatisticsV2, GetResourcesV2, GetResourcesStatisticsV2 APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Macie2\u003c/code\u003e - This release adds an optional expectedBucketOwner field to the Macie S3 export configuration, allowing customers to verify bucket ownership before Macie writes results to the destination bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Conversational Analytics for Email\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Support new SageMaker StartClusterHealthCheck API for on-demand DHC on Hyperpod EKS cluster. Support updated CreateCluster, UpdateCluster, DescribeCluster, BatchAddClusterNodes APIs for flexible instance group on HyperPod cluster\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - Image pipelines can now automatically apply tags to images they create. Set the imageTags property when creating or updating your pipelines to get started.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for MV-HEVC video output and clear lead for AV1 DRM output.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Devops Agent now supports associate Splunk, Datadog and custom MCP server to an Agent Space.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Minor updates to exceptions for completeness\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adds optional health check configuration for Responder Gateways with ASG Managed Endpoints. When provided, RTB Fabric continuously probes customers' instance IPs and routes traffic only to healthy ones, reducing errors during deployments, scaling events, and instance failures.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ObservabilityAdmin\u003c/code\u003e - CloudWatch Observability Admin adds support for multi-region telemetry evaluation and telemetry enablement rules.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RedshiftDataAPIService\u003c/code\u003e - The BatchExecuteStatement API now supports named SQL parameters, enabling secure batch queries with parameterized values. This enhancement helps prevent SQL injection vulnerabilities and improves query reusability.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCoreControl\u003c/code\u003e - Initial release for CRUDL in AgentCore Registry Service\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Release support for g7e instance types for SageMaker HyperPod\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing support for SearchRegistryRecords API on AgentCoreRegistry\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/45c385619d43e54ede8daca211960c345d3ff3b7\"\u003e\u003ccode\u003e45c3856\u003c/code\u003e\u003c/a\u003e 3.379.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/597bd6fa35e00e5fa889d7e9451523f0391fe4e8\"\u003e\u003ccode\u003e597bd6f\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/261bfa48bb4dc0d9a8d0dcb5af7c329d97de7acc\"\u003e\u003ccode\u003e261bfa4\u003c/code\u003e\u003c/a\u003e 3.379.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/bba9281cd25d16938c6214719152e0b047688201\"\u003e\u003ccode\u003ebba9281\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/f17f0ec7d98aa9f155d30eb910c63d00226b056c\"\u003e\u003ccode\u003ef17f0ec\u003c/code\u003e\u003c/a\u003e S3Client: fix 'recieved' -\u0026gt; 'received' typo in internal-error message (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3273\"\u003e#3273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/fcaf9c7dd8df8281b1a820f4db31a6115af8373b\"\u003e\u003ccode\u003efcaf9c7\u003c/code\u003e\u003c/a\u003e Bump actions/github-script from 8 to 9 (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3270\"\u003e#3270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a50c3cc2c59f5ebeb56cbe170e6f144034b252b6\"\u003e\u003ccode\u003ea50c3cc\u003c/code\u003e\u003c/a\u003e 3.379.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/2bedd2cd7ff0ddf8f3b840ca09e3c5ec63451a08\"\u003e\u003ccode\u003e2bedd2c\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/df2a6c362ddce2ede3ac3a8286f5788847e614b4\"\u003e\u003ccode\u003edf2a6c3\u003c/code\u003e\u003c/a\u003e 3.378.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/82e7b1576d7ceedf3db0d5b1080b0e21a18d13f0\"\u003e\u003ccode\u003e82e7b15\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.379.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.67\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.67\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.66\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eVersion 2.1.65\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eVersion 2.1.66\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2024-01-05  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.65):\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.64):\n\u003cul\u003e\n\u003cli\u003e[css] re-fix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3584\"\u003e#3584\u003c/a\u003e css error and CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/5e463d1384972dffcb736ad3c94f35af10656ca2\"\u003e\u003ccode\u003e5e463d1\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2b7574ca4b95e95b6639d7a865ba49ac00f32015\"\u003e\u003ccode\u003e2b7574c\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/486bbbe4b898484e1526db46d8bb8808c5b5f37b\"\u003e\u003ccode\u003e486bbbe\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/561386b3274f394b590691452a85b99ad354644b\"\u003e\u003ccode\u003e561386b\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/78488951e44d69e8b9e4e849f8268df408632a6c\"\u003e\u003ccode\u003e7848895\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.66\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/82067d8dfcdb2e4668badab20df1acd4b18f10ad\"\u003e\u003ccode\u003e82067d8\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-675864b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/844a164d4049d2f2b12204ed6351214533bb867f\"\u003e\u003ccode\u003e844a164\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2f97105f101c90b23dda5b1f7a2d75303ac1d056\"\u003e\u003ccode\u003e2f97105\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5c622cf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/695212107064f0277831cc4b87ed2e0f158d9558\"\u003e\u003ccode\u003e6952121\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-a381e3a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/724fe3c33344e05d7fa2a892f1a009d301886a5f\"\u003e\u003ccode\u003e724fe3c\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5fc559b\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.67\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$requests\u003c/code\u003e parameter to \u003ccode\u003eRequestStack::__construct()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e parameters to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/9381209597ec66c25be154cbf2289076e64d1eab\"\u003e\u003ccode\u003e9381209\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f94b3e7b7dafd40e666f0c9ff2084133bae41e81\"\u003e\u003ccode\u003ef94b3e7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cffffd0a2c037117b742b4f8b379a22a2a33f6d2\"\u003e\u003ccode\u003ecffffd0\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix session cookie_lifetime not applied in mock session storage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fd97d5e926e988a363cef56fbbf88c5c528e9065\"\u003e\u003ccode\u003efd97d5e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5bb346d1b4b2a616e5c3d99b3ee4d5810735c535\"\u003e\u003ccode\u003e5bb346d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Handle empty session data in updateTimestamp() to fix compat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/17de1a39c0ed8dc062df993d65c7269502a2ec78\"\u003e\u003ccode\u003e17de1a3\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31b030e12f6662a7016add28fe29b70327dacf86\"\u003e\u003ccode\u003e31b030e\u003c/code\u003e\u003c/a\u003e stop using with*() without expects()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/36ba5c7a025c05a92cd4a753abbe1781442c8414\"\u003e\u003ccode\u003e36ba5c7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31e2a27d480546f031bd4fc6f1ec8a7abdd62bb1\"\u003e\u003ccode\u003e31e2a27\u003c/code\u003e\u003c/a\u003e BinaryFileResponse: always return 206 if Range is valid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/669ac23030db4cc4314e7a9ada4e258752266ec1\"\u003e\u003ccode\u003e669ac23\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/60f19cd3badc8de688421e21e4305eba50f8089a\"\u003e\u003ccode\u003e60f19cd\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/95b070ee7180a0d49d48786fccf3b935c01d6f3b\"\u003e\u003ccode\u003e95b070e\u003c/code\u003e\u003c/a\u003e [Process] Throw InvalidArgumentException when env block exceeds Windows limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/608476f4604102976d687c483ac63a79ba18cc97\"\u003e\u003ccode\u003e608476f\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/626f07a53f4b4e2f00e11824cc29f928d797783b\"\u003e\u003ccode\u003e626f07a\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/f532042054c29ec9181b94ec5d5a42736c052eb1\"\u003e\u003ccode\u003ef532042\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.0...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.8 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.8...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dporkka/mautic/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/dporkka/mautic/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fmautic/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"2.7.7","new_version":"2.9.7","update_type":"minor","path":null,"pr_created_at":"2026-04-18T06:19:29.000Z","version_change":"2.7.7 → 2.9.7","issue":{"uuid":"4287010242","node_id":"PR_kwDOPqlfLs7TiOqy","number":7,"state":"closed","title":"Bump the composer group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-28T22:56:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-18T06:19:29.000Z","updated_at":"2026-04-28T22:56:47.000Z","time_to_close":923836,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":7,"packages":[{"name":"aws/aws-sdk-php","old_version":"3.298.2","new_version":"3.379.2","repository_url":"https://github.com/aws/aws-sdk-php"},{"name":"composer/composer","old_version":"2.7.7","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"robrichards/xmlseclibs","old_version":"3.1.1","new_version":"3.1.5","repository_url":"https://github.com/robrichards/xmlseclibs"},{"name":"studio-42/elfinder","old_version":"2.1.65","new_version":"2.1.67","repository_url":"https://github.com/Studio-42/elFinder"},{"name":"symfony/http-foundation","old_version":"7.3.1","new_version":"7.4.8","repository_url":"https://github.com/symfony/http-foundation"},{"name":"psy/psysh","old_version":"0.12.8","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [aws/aws-sdk-php](https://github.com/aws/aws-sdk-php) | `3.298.2` | `3.379.2` |\n| [composer/composer](https://github.com/composer/composer) | `2.7.7` | `2.9.7` |\n| [robrichards/xmlseclibs](https://github.com/robrichards/xmlseclibs) | `3.1.1` | `3.1.5` |\n| [studio-42/elfinder](https://github.com/Studio-42/elFinder) | `2.1.65` | `2.1.67` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.1` | `7.4.8` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.8` | `0.12.22` |\n\n\nUpdates `aws/aws-sdk-php` from 3.298.2 to 3.379.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-php/releases\"\u003eaws/aws-sdk-php's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.379.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCampaignsV2\u003c/code\u003e - This release adds support for campaign entry limits configuration and hourly refresh frequency in Amazon Connect Outbound Campaigns.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\STS\u003c/code\u003e - The STS client now supports configuring SigV4a through the auth scheme preference setting. SigV4a uses asymmetric cryptography, enabling customers using long-term IAM credentials to continue making STS API calls even when a region is isolated from the partition leader.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\GroundStation\u003c/code\u003e - Adds support for updating contacts, listing antennas, and listing ground station reservations. New API operations - UpdateContact, ListContactVersions, DescribeContactVersion, ListAntennas, and ListGroundStationReservations.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CleanRooms\u003c/code\u003e - This release adds support for configurable spark properties for Cleanrooms PySpark workloads.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Neptune\u003c/code\u003e - Improving Documentation for Neptune\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Adds support for providing NetworkInterface for efa enabled instances and Simplified cluster creation for Slurm-orchestrated clusters with optional Lifecycle Script (LCS) configuration.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\QuickSight\u003c/code\u003e - Public release of dashboard customization summary, S3 Tables data source type, Athena cross-account connector, custom sorting for controls, and AI-powered analysis generation.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - ImportDiskImage API adds registerImageOptions for Secure Boot control and custom UEFI data. It adds windowsConfiguration for selecting a specific edition from multi-image .wim files during ISO import.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Fixes in SDK for customers using TestCase APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DataZone\u003c/code\u003e - Launching SMUS IAM domain SDK support\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatchLogs\u003c/code\u003e - Endpoint update for CloudWatch Logs Streaming APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CognitoIdentityProvider\u003c/code\u003e - Adds support for passkey-based multi-factor authentication in Cognito User Pools. Users can authenticate securely using FIDO2-compliant passkeys with user verification, enabling passwordless MFA flows while maintaining backward compatibility with password-based authentication\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - Amazon Connect Customer Profiles adds RecommenderSchema CRUD APIs for custom ML training columns. CreateRecommender and CreateRecommenderFilter now accept optional RecommenderSchemaName.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ConnectCases\u003c/code\u003e - Added error handling for service quota limits\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Deprecate the userId from the Chat operations. This update also removes support of AllowVendedLogDeliveryForResource API from AWS SDKs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CloudWatch\u003c/code\u003e - Update documentation of alarm mute rules start and end date fields\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing NamespacePath in AgentCore Memory to support hierarchical prefix based memory record retrieval.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AutoScaling\u003c/code\u003e - This release adds support for specifying Availability Zone IDs as an alternative to Availability Zone names when creating or updating Auto Scaling groups.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for Elemental Inference powered smart crop feature, enabling video verticalization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\drs\u003c/code\u003e - Updating regex for identification of AWS Regions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RDS\u003c/code\u003e - Adds a new DescribeServerlessV2PlatformVersions API to describe platform version properties for Aurora Serverless v2. Also introduces a new valid maintenance action value for serverless platform version updates.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - This release updates the Amazon Connect Rules CRUD APIs to support a new EventSourceName - OnEmailAnalysisAvailable. Use this event source to trigger rules when conversational analytics results are available for email contacts.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\AppStream\u003c/code\u003e - Add content redirection to Update Stack\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.379.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Interconnect\u003c/code\u003e - Initial release of AWS Interconnect -- a managed private connectivity service that enables you to create high-speed network connections between your AWS Virtual Private Clouds (VPCs) and your VPCs on other public clouds or your on-premise networks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\CustomerProfiles\u003c/code\u003e - This release introduces changes to SegmentDefinition APIs to support sorting by attributes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Deadline\u003c/code\u003e - Adds GetMonitorSettings and UpdateMonitorSettings APIs to Deadline Cloud. Enables reading and writing monitor settings as key-value pairs (up to 64 keys per monitor). UpdateMonitorSettings supports upsert and delete (via empty value) semantics and is idempotent.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Glue\u003c/code\u003e - AWS Glue now defaults to Glue version 5.1 for newly created jobs if the Glue version is not specified in the request, and UpdateJob now preserves the existing Glue version of a job when the Glue version is not specified in the update request.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SecurityHub\u003c/code\u003e - Provide organizational unit scoping capability for GetFindingsV2, GetFindingStatisticsV2, GetResourcesV2, GetResourcesStatisticsV2 APIs.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Macie2\u003c/code\u003e - This release adds an optional expectedBucketOwner field to the Macie S3 export configuration, allowing customers to verify bucket ownership before Macie writes results to the destination bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\Connect\u003c/code\u003e - Conversational Analytics for Email\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Support new SageMaker StartClusterHealthCheck API for on-demand DHC on Hyperpod EKS cluster. Support updated CreateCluster, UpdateCluster, DescribeCluster, BatchAddClusterNodes APIs for flexible instance group on HyperPod cluster\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\imagebuilder\u003c/code\u003e - Image pipelines can now automatically apply tags to images they create. Set the imageTags property when creating or updating your pipelines to get started.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\MediaConvert\u003c/code\u003e - Adds support for MV-HEVC video output and clear lead for AV1 DRM output.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\DevOpsAgent\u003c/code\u003e - Devops Agent now supports associate Splunk, Datadog and custom MCP server to an Agent Space.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ECS\u003c/code\u003e - Minor updates to exceptions for completeness\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RTBFabric\u003c/code\u003e - Adds optional health check configuration for Responder Gateways with ASG Managed Endpoints. When provided, RTB Fabric continuously probes customers' instance IPs and routes traffic only to healthy ones, reducing errors during deployments, scaling events, and instance failures.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\ObservabilityAdmin\u003c/code\u003e - CloudWatch Observability Admin adds support for multi-region telemetry evaluation and telemetry enablement rules.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.378.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAws\\RedshiftDataAPIService\u003c/code\u003e - The BatchExecuteStatement API now supports named SQL parameters, enabling secure batch queries with parameterized values. This enhancement helps prevent SQL injection vulnerabilities and improves query reusability.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCoreControl\u003c/code\u003e - Initial release for CRUDL in AgentCore Registry Service\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\SageMaker\u003c/code\u003e - Release support for g7e instance types for SageMaker HyperPod\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAws\\BedrockAgentCore\u003c/code\u003e - Introducing support for SearchRegistryRecords API on AgentCoreRegistry\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/45c385619d43e54ede8daca211960c345d3ff3b7\"\u003e\u003ccode\u003e45c3856\u003c/code\u003e\u003c/a\u003e 3.379.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/597bd6fa35e00e5fa889d7e9451523f0391fe4e8\"\u003e\u003ccode\u003e597bd6f\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/261bfa48bb4dc0d9a8d0dcb5af7c329d97de7acc\"\u003e\u003ccode\u003e261bfa4\u003c/code\u003e\u003c/a\u003e 3.379.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/bba9281cd25d16938c6214719152e0b047688201\"\u003e\u003ccode\u003ebba9281\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/f17f0ec7d98aa9f155d30eb910c63d00226b056c\"\u003e\u003ccode\u003ef17f0ec\u003c/code\u003e\u003c/a\u003e S3Client: fix 'recieved' -\u0026gt; 'received' typo in internal-error message (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3273\"\u003e#3273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/fcaf9c7dd8df8281b1a820f4db31a6115af8373b\"\u003e\u003ccode\u003efcaf9c7\u003c/code\u003e\u003c/a\u003e Bump actions/github-script from 8 to 9 (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-php/issues/3270\"\u003e#3270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/a50c3cc2c59f5ebeb56cbe170e6f144034b252b6\"\u003e\u003ccode\u003ea50c3cc\u003c/code\u003e\u003c/a\u003e 3.379.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/2bedd2cd7ff0ddf8f3b840ca09e3c5ec63451a08\"\u003e\u003ccode\u003e2bedd2c\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/df2a6c362ddce2ede3ac3a8286f5788847e614b4\"\u003e\u003ccode\u003edf2a6c3\u003c/code\u003e\u003c/a\u003e 3.378.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-php/commit/82e7b1576d7ceedf3db0d5b1080b0e21a18d13f0\"\u003e\u003ccode\u003e82e7b15\u003c/code\u003e\u003c/a\u003e Update models for release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-php/compare/3.298.2...3.379.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `composer/composer` from 2.7.7 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.7.7...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `robrichards/xmlseclibs` from 3.1.1 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/releases\"\u003erobrichards/xmlseclibs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eValidate AES-GCM Authentication Tag\u003c/p\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003efix canonicalization error\u003c/p\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eRemoves BC breaking change\u003c/p\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eAdd tab to list of whitespace values to remove from cert\nloadKey should check return value for openssl_get_privatekey\nSwitch to GitHub actions\nSupport OAEP (from unreleased 3.1.1)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/robrichards/xmlseclibs/blob/master/CHANGELOG.txt\"\u003erobrichards/xmlseclibs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003exmlseclibs.php\n|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n12, Dec 2026, 3.1.5\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate AES-GCM Authentication Tag (Sideni)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e08, Dec 2025, 3.1.4\nSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix canonicalization bypass error (d0ge)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.3\nBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eremove loadKey check due to BC issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e20, Nov 2024, 3.1.2\nImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tab to list of whitespace values to remove from cert. refs \u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eloadKey should check return value for openssl_get_privatekey (sammarshallou)\u003c/li\u003e\n\u003cli\u003eSwitch to GitHub actions (SharkMachine)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e05, Sep 2020, 3.1.1\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport OAEP (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix AES128 (iggyvolz)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests for older PHP\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e22, Apr 2020, 3.1.0\nFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport AES-GCM. Requires PHP 7.1. (François Kooman)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Travis tests for older PHP versions.\u003c/li\u003e\n\u003cli\u003eUse DOMElement interface to fix some IDEs reporting documentation errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e06, Nov 2019, 3.0.4\nSecurity Improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsure only a single SignedInfo element exists within a signature during\nverification. Refs CVE-2019-3465.\nBug Fixes:\u003c/li\u003e\n\u003cli\u003eFix variable casing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e15, Nov 2018, 3.0.3\nBug Fixes:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92\"\u003e\u003ccode\u003e03062be\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/bc87389224c6de95802b505e5265b0ec2c5bcdbd\"\u003e\u003ccode\u003ebc87389\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/2bdfd742624d739dfadbd415f00181b4a77aaf07\"\u003e\u003ccode\u003e2bdfd74\u003c/code\u003e\u003c/a\u003e remove BC breaking code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/56361cc2970162539ffbaaaaecb8127a715f380f\"\u003e\u003ccode\u003e56361cc\u003c/code\u003e\u003c/a\u003e Update date and prep for 3.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/cf50b5023964550d714df76ba9adf21eb6fdaa35\"\u003e\u003ccode\u003ecf50b50\u003c/code\u003e\u003c/a\u003e ci: Use GitHub Actions V3 (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/e899d2b5bbe071455c00601b886a373890390d83\"\u003e\u003ccode\u003ee899d2b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/158c73571e395d7e50b366ebc6821a2affcbdaae\"\u003e\u003ccode\u003e158c735\u003c/code\u003e\u003c/a\u003e loadKey should check return value for openssl_get_privatekey (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/ebeaef13e861f216a83ba6ac46e1b6155762cc14\"\u003e\u003ccode\u003eebeaef1\u003c/code\u003e\u003c/a\u003e Add tab to whitespaces to remove (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/61657f3c510fe061b6f00169366eed4cdde8f0c9\"\u003e\u003ccode\u003e61657f3\u003c/code\u003e\u003c/a\u003e Switch to GitHub actions (\u003ca href=\"https://redirect.github.com/robrichards/xmlseclibs/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robrichards/xmlseclibs/commit/a268e601bc47493a42a70f050c0661f1fd592bb9\"\u003e\u003ccode\u003ea268e60\u003c/code\u003e\u003c/a\u003e Fix subject name.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/robrichards/xmlseclibs/compare/3.1.1...3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `studio-42/elfinder` from 2.1.65 to 2.1.67\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/releases\"\u003estudio-42/elfinder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.1.67\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.66...2.1.67\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.1.66\u003c/h2\u003e\n\u003ch3\u003eChanges form previous version\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\"\u003ehttps://github.com/Studio-42/elFinder/compare/2.1.64...2.1.66\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eVersion 2.1.65\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eVersion 2.1.66\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Studio-42/elFinder/blob/master/Changelog\"\u003estudio-42/elfinder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.67):\n[security] fix command injection vulnerability in \u003ccode\u003eresize\u003c/code\u003e background color handling when using the ImageMagick CLI backend\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2025-08-28  Naoki Sawada\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.66):\n\u003cul\u003e\n\u003cli\u003e[PHP 8.4] Fix: Curl \u003ccode\u003eCURLOPT_BINARYTRANSFER\u003c/code\u003e deprecated\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3629\"\u003e#3629\u003c/a\u003e from Ayesh/php84-curl-depr\u003c/li\u003e\n\u003cli\u003etranslate to Chinese\u003c/li\u003e\n\u003cli\u003eUpdate zh_CN.js\u003c/li\u003e\n\u003cli\u003eUpdate Chinese help\u003c/li\u003e\n\u003cli\u003efix name\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ko.js\u003c/li\u003e\n\u003cli\u003etry copy / deleting folder if moving it doesn't work\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3636\"\u003e#3636\u003c/a\u003e from vfishv/master\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3647\"\u003e#3647\u003c/a\u003e from allity/patch-1\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3653\"\u003e#3653\u003c/a\u003e from terrafrost/branch-1\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3637\"\u003e#3637\u003c/a\u003e FILTER_SANITIZE_STRING is deprecated (PHP 8.1)\u003c/li\u003e\n\u003cli\u003eAllow image URL in theme manifest.json to be a relative link as well\u003c/li\u003e\n\u003cli\u003eUpdate elfinder.ru.js\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3677\"\u003e#3677\u003c/a\u003e from blutorange/feat-relative-image-link-in-theme-manifest\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3682\"\u003e#3682\u003c/a\u003e from Ruslan-Aleev/patch-1\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3684\"\u003e#3684\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3685\"\u003e#3685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[OneDrive] fix Content URL\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3667\"\u003e#3667\u003c/a\u003e where the Content URL could be invalid\u003c/li\u003e\n\u003cli\u003e[VD:core] Check if copying was successful when moving files in copy + delete mode\u003c/li\u003e\n\u003cli\u003eFix CVE-2025-0818 (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3723\"\u003e#3723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3689\"\u003e#3689\u003c/a\u003e, fm.sync removes unavailable volumes. (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3690\"\u003e#3690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[VD:SFTP] Make compatible with phpseclib version 2 or 3 when returned from connectCallback($options) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3687\"\u003e#3687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd font mime kinds (WOFF, WOFF2, EOT, SFNT, generic font/*) (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3691\"\u003e#3691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore posted message that are not intended for ElFinder (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3692\"\u003e#3692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option to rename command to disable alias rename (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd option commandsOptions.edit.confirmUnsavedBeforeClose (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3698\"\u003e#3698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix build for Windows environment (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3699\"\u003e#3699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReplace usage of deprecated \u003ccode\u003eE_STRICT\u003c/code\u003e constant (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u0026quot;WEBP\u0026quot; to File mimetype to kind mapping (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3712\"\u003e#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix translation mistakes and unification (\u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3719\"\u003e#3719\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2024-01-05  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.65):\n\u003cul\u003e\n\u003cli\u003e[js] update CDNs\u003c/li\u003e\n\u003cli\u003e[php:editors] Zoho API update\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eelFinder (2.1.64):\n\u003cul\u003e\n\u003cli\u003e[css] re-fix \u003ca href=\"https://redirect.github.com/Studio-42/elFinder/issues/3584\"\u003e#3584\u003c/a\u003e css error and CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e2023-12-20  Naoki Sawada  \u003ca href=\"mailto:hypweb+elfinder@gmail.com\"\u003ehypweb+elfinder@gmail.com\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/5e463d1384972dffcb736ad3c94f35af10656ca2\"\u003e\u003ccode\u003e5e463d1\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2b7574ca4b95e95b6639d7a865ba49ac00f32015\"\u003e\u003ccode\u003e2b7574c\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/486bbbe4b898484e1526db46d8bb8808c5b5f37b\"\u003e\u003ccode\u003e486bbbe\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.67\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/561386b3274f394b590691452a85b99ad354644b\"\u003e\u003ccode\u003e561386b\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/78488951e44d69e8b9e4e849f8268df408632a6c\"\u003e\u003ccode\u003e7848895\u003c/code\u003e\u003c/a\u003e release elFinder version 2.1.66\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/82067d8dfcdb2e4668badab20df1acd4b18f10ad\"\u003e\u003ccode\u003e82067d8\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-675864b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/844a164d4049d2f2b12204ed6351214533bb867f\"\u003e\u003ccode\u003e844a164\u003c/code\u003e\u003c/a\u003e merge master README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/2f97105f101c90b23dda5b1f7a2d75303ac1d056\"\u003e\u003ccode\u003e2f97105\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5c622cf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/695212107064f0277831cc4b87ed2e0f158d9558\"\u003e\u003ccode\u003e6952121\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-a381e3a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Studio-42/elFinder/commit/724fe3c33344e05d7fa2a892f1a009d301886a5f\"\u003e\u003ccode\u003e724fe3c\u003c/code\u003e\u003c/a\u003e src build elFinder-2.1-5fc559b\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Studio-42/elFinder/compare/2.1.65...2.1.67\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.1 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.6...v7.4.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63603\"\u003e#63603\u003c/a\u003e  Fix session cookie_lifetime not applied in mock session storage (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.5...v7.4.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63448\"\u003e#63448\u003c/a\u003e  Handle empty session data in updateTimestamp() to fix compat with PHP 8.6 (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63319\"\u003e#63319\u003c/a\u003e  BinaryFileResponse: always return 206 if Range is valid (\u003ca href=\"https://github.com/Jimbolino\"\u003e\u003ccode\u003e@​Jimbolino\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63262\"\u003e#63262\u003c/a\u003e  Reject invalid paths (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/54304\"\u003e#54304\u003c/a\u003e  When calling UploadedFile::getErrorMessage() to a file which has no error and is uploaded successfully, it should not return an error (\u003ca href=\"https://github.com/ArmCyber\"\u003e\u003ccode\u003e@​ArmCyber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63230\"\u003e#63230\u003c/a\u003e  fix engine declaration on mysql pdo table creations (\u003ca href=\"https://github.com/tandev\"\u003e\u003ccode\u003e@​tandev\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0...v7.4.1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62663\"\u003esymfony/symfony#62663\u003c/a\u003e [HttpFoundation] Improve logic in Request::createFromGlobals() (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/blob/8.1/CHANGELOG.md\"\u003esymfony/http-foundation's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCHANGELOG\u003c/h1\u003e\n\u003ch2\u003e8.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBinaryFileResponse::shouldDeleteFileAfterSend()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate setting public properties of \u003ccode\u003eRequest\u003c/code\u003e and \u003ccode\u003eResponse\u003c/code\u003e objects directly; use setters or constructor arguments instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop HTTP method override support for methods GET, HEAD, CONNECT and TRACE\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$subtypeFallback\u003c/code\u003e to \u003ccode\u003eRequest::getFormat()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove the following deprecated session options from \u003ccode\u003eNativeSessionStorage\u003c/code\u003e: \u003ccode\u003ereferer_check\u003c/code\u003e, \u003ccode\u003euse_only_cookies\u003c/code\u003e, \u003ccode\u003euse_trans_sid\u003c/code\u003e, \u003ccode\u003esid_length\u003c/code\u003e, \u003ccode\u003esid_bits_per_character\u003c/code\u003e, \u003ccode\u003etrans_sid_hosts\u003c/code\u003e, \u003ccode\u003etrans_sid_tags\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTrigger PHP warning when using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eAdd arguments \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$partitioned\u003c/code\u003e to \u003ccode\u003eResponseHeaderBag::clearCookie()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd argument \u003ccode\u003e$expiration\u003c/code\u003e to \u003ccode\u003eUriSigner::sign()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eRemove accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e#[WithHttpStatus]\u003c/code\u003e to define status codes: 404 for \u003ccode\u003eSignedUriException\u003c/code\u003e and 403 for \u003ccode\u003eExpiredSignedUriException\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003eQUERY\u003c/code\u003e HTTP method\u003c/li\u003e\n\u003cli\u003eAdd support for structured MIME suffix\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRequest::set/getAllowedHttpMethodOverride()\u003c/code\u003e to list which HTTP methods can be overridden\u003c/li\u003e\n\u003cli\u003eDeprecate using \u003ccode\u003eRequest::sendHeaders()\u003c/code\u003e after headers have already been sent; use a \u003ccode\u003eStreamedResponse\u003c/code\u003e instead\u003c/li\u003e\n\u003cli\u003eDeprecate method \u003ccode\u003eRequest::get()\u003c/code\u003e, use properties \u003ccode\u003e-\u0026gt;attributes\u003c/code\u003e, \u003ccode\u003equery\u003c/code\u003e or \u003ccode\u003erequest\u003c/code\u003e directly instead\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eRequest::createFromGlobals()\u003c/code\u003e parse the body of PUT, DELETE, PATCH and QUERY requests\u003c/li\u003e\n\u003cli\u003eDeprecate HTTP method override for methods GET, HEAD, CONNECT and TRACE; it will be ignored in Symfony 8.0\u003c/li\u003e\n\u003cli\u003eDeprecate accepting null \u003ccode\u003e$format\u003c/code\u003e argument to \u003ccode\u003eRequest::setFormat()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for iterable of string in \u003ccode\u003eStreamedResponse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eEventStreamResponse\u003c/code\u003e and \u003ccode\u003eServerEvent\u003c/code\u003e classes to streamline server event streaming\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003evalkey:\u003c/code\u003e / \u003ccode\u003evalkeys:\u003c/code\u003e schemes for sessions\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest::getPreferredLanguage()\u003c/code\u003e now favors a more preferred language above exactly matching a locale\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eUriSigner\u003c/code\u003e to use a \u003ccode\u003eClockInterface\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eUriSigner::verify()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$requests\u003c/code\u003e parameter to \u003ccode\u003eRequestStack::__construct()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional \u003ccode\u003e$v4Bytes\u003c/code\u003e and \u003ccode\u003e$v6Bytes\u003c/code\u003e parameters to \u003ccode\u003eIpUtils::anonymize()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/9381209597ec66c25be154cbf2289076e64d1eab\"\u003e\u003ccode\u003e9381209\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f94b3e7b7dafd40e666f0c9ff2084133bae41e81\"\u003e\u003ccode\u003ef94b3e7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cffffd0a2c037117b742b4f8b379a22a2a33f6d2\"\u003e\u003ccode\u003ecffffd0\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix session cookie_lifetime not applied in mock session storage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/fd97d5e926e988a363cef56fbbf88c5c528e9065\"\u003e\u003ccode\u003efd97d5e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5bb346d1b4b2a616e5c3d99b3ee4d5810735c535\"\u003e\u003ccode\u003e5bb346d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Handle empty session data in updateTimestamp() to fix compat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/17de1a39c0ed8dc062df993d65c7269502a2ec78\"\u003e\u003ccode\u003e17de1a3\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31b030e12f6662a7016add28fe29b70327dacf86\"\u003e\u003ccode\u003e31b030e\u003c/code\u003e\u003c/a\u003e stop using with*() without expects()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/36ba5c7a025c05a92cd4a753abbe1781442c8414\"\u003e\u003ccode\u003e36ba5c7\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/31e2a27d480546f031bd4fc6f1ec8a7abdd62bb1\"\u003e\u003ccode\u003e31e2a27\u003c/code\u003e\u003c/a\u003e BinaryFileResponse: always return 206 if Range is valid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/669ac23030db4cc4314e7a9ada4e258752266ec1\"\u003e\u003ccode\u003e669ac23\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.1...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.0 to 7.4.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.4.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.7...v7.4.8\"\u003ehttps://github.com/symfony/process/compare/v7.4.7...v7.4.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63611\"\u003e#63611\u003c/a\u003e  Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.4...v7.4.5\"\u003ehttps://github.com/symfony/process/compare/v7.4.4...v7.4.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.3...v7.4.4\"\u003ehttps://github.com/symfony/process/compare/v7.4.3...v7.4.4\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.2...v7.4.3\"\u003ehttps://github.com/symfony/process/compare/v7.4.2...v7.4.3\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-RC3...v7.4.0\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-RC1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\"\u003ehttps://github.com/symfony/process/compare/v7.4.0-BETA2...v7.4.0-RC1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.4.0-BETA1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\"\u003ehttps://github.com/symfony/process/compare/v7.3.4...v7.4.0-BETA1\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/60f19cd3badc8de688421e21e4305eba50f8089a\"\u003e\u003ccode\u003e60f19cd\u003c/code\u003e\u003c/a\u003e Configure deprecation triggers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/95b070ee7180a0d49d48786fccf3b935c01d6f3b\"\u003e\u003ccode\u003e95b070e\u003c/code\u003e\u003c/a\u003e [Process] Throw InvalidArgumentException when env block exceeds Windows limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/608476f4604102976d687c483ac63a79ba18cc97\"\u003e\u003ccode\u003e608476f\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/626f07a53f4b4e2f00e11824cc29f928d797783b\"\u003e\u003ccode\u003e626f07a\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/f532042054c29ec9181b94ec5d5a42736c052eb1\"\u003e\u003ccode\u003ef532042\u003c/code\u003e\u003c/a\u003e Merge branch '7.3' into 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.0...v7.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.8 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.8...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/HandyKnox/mautic-marketing/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/HandyKnox/mautic-marketing/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HandyKnox%2Fmautic-marketing/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":null,"pr_created_at":"2026-04-14T20:15:43.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4264497750","node_id":"PR_kwDOCd4K7M7SbUcB","number":370,"state":"closed","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["Dependencies 📦","PHP 🐘","dependencies","php"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-19T18:28:10.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:43.000Z","updated_at":"2026-04-19T18:28:19.000Z","time_to_close":425547,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WyriHaximus/php-async-test-utilities/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/WyriHaximus/php-async-test-utilities/pull/370","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/WyriHaximus%2Fphp-async-test-utilities/issues/370","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/370/packages"}},{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":null,"pr_created_at":"2026-04-14T20:15:40.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4264497505","node_id":"PR_kwDOB9ib6M7SbUYz","number":86,"state":"closed","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["Dependencies 📦","PHP 🐘","dependencies","php"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-19T20:22:47.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:40.000Z","updated_at":"2026-04-19T20:22:49.000Z","time_to_close":432427,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WyriHaximus/php-psr-3-context-logger/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/WyriHaximus/php-psr-3-context-logger/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/WyriHaximus%2Fphp-psr-3-context-logger/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"}},{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":"the composer group across 1 directory","pr_created_at":"2026-04-14T20:15:32.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4264496682","node_id":"PR_kwDORaHe5c7SbUNW","number":10,"state":"open","title":"chore(deps-dev): bump composer/composer from 2.9.5 to 2.9.7 in the composer group across 1 directory","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:32.000Z","updated_at":"2026-04-14T20:15:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":"the composer group across 1 directory","ecosystem":"packagist"},"body":"Bumps the composer group with 1 update in the / directory: [composer/composer](https://github.com/composer/composer).\n\nUpdates `composer/composer` from 2.9.5 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/NguyenThanhPhucne/open_crm/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/NguyenThanhPhucne/open_crm/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NguyenThanhPhucne%2Fopen_crm/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":null,"pr_created_at":"2026-04-14T20:15:31.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4264496631","node_id":"PR_kwDOD3sQbc7SbUMn","number":1982,"state":"open","title":"Bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:31.000Z","updated_at":"2026-04-20T12:11:46.831Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/acquia/cli/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/acquia/cli/pull/1982","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/acquia%2Fcli/issues/1982","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1982/packages"}},{"old_version":"2.9.5","new_version":"2.9.6","update_type":"patch","path":"/composer/helpers/v2","pr_created_at":"2026-04-14T20:15:30.000Z","version_change":"2.9.5 → 2.9.6","issue":{"uuid":"4264496529","node_id":"PR_kwDOBY2OQc7SbULP","number":14719,"state":"closed","title":"build(deps): bump composer/composer from 2.9.5 to 2.9.6 in /composer/helpers/v2","user":"dependabot[bot]","labels":["dependencies","L: php:composer","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T17:13:21.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:15:30.000Z","updated_at":"2026-05-19T17:13:24.000Z","time_to_close":3013071,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.6","repository_url":"https://github.com/composer/composer"}],"path":"/composer/helpers/v2","ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.6.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/91f077050c13e49e22554b991c81378ce8b5ee16\"\u003e\u003ccode\u003e91f0770\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/d836b901648dfb0f8c94c02bbd91bb68a25e16d8\"\u003e\u003ccode\u003ed836b90\u003c/code\u003e\u003c/a\u003e Fix fossil driver identifier validation for getFileContent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/028a251c3fec3d561f8728506411581c9093dd70\"\u003e\u003ccode\u003e028a251\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5e08c764257b5ab0948af93010a39bd5644b153d\"\u003e\u003ccode\u003e5e08c76\u003c/code\u003e\u003c/a\u003e Fix fossil update call when calling it with valid branch names like --dry-run...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dependabot/dependabot-core/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot/dependabot-core/pull/14719","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot%2Fdependabot-core/issues/14719","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14719/packages"}},{"old_version":"2.9.5","new_version":"2.9.7","update_type":"patch","path":null,"pr_created_at":"2026-04-14T20:14:59.000Z","version_change":"2.9.5 → 2.9.7","issue":{"uuid":"4264493721","node_id":"PR_kwDOGq44Rc7SbTkn","number":1088,"state":"closed","title":"chore(deps-dev): bump composer/composer from 2.9.5 to 2.9.7","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-21T03:06:44.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:14:59.000Z","updated_at":"2026-04-21T03:06:46.000Z","time_to_close":543105,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"composer/composer","old_version":"2.9.5","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.9.5 to 2.9.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.9.5\u0026new-version=2.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/UN-OCHA/response-site/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/UN-OCHA/response-site/pull/1088","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/UN-OCHA%2Fresponse-site/issues/1088","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1088/packages"}},{"old_version":"2.9.3","new_version":"2.9.6","update_type":"patch","path":null,"pr_created_at":"2026-04-14T20:14:57.000Z","version_change":"2.9.3 → 2.9.6","issue":{"uuid":"4264493431","node_id":"PR_kwDON4ub4c7SbTgX","number":12,"state":"closed","title":"Bump the composer group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-17T23:16:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:14:57.000Z","updated_at":"2026-04-17T23:16:38.000Z","time_to_close":270099,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":2,"packages":[{"name":"composer/composer","old_version":"2.9.3","new_version":"2.9.6","repository_url":"https://github.com/composer/composer"},{"name":"league/commonmark","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/thephpleague/commonmark"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 2 updates in the /workbench directory: [composer/composer](https://github.com/composer/composer) and [league/commonmark](https://github.com/thephpleague/commonmark).\n\nUpdates `composer/composer` from 2.9.3 to 2.9.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/91f077050c13e49e22554b991c81378ce8b5ee16\"\u003e\u003ccode\u003e91f0770\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/d836b901648dfb0f8c94c02bbd91bb68a25e16d8\"\u003e\u003ccode\u003ed836b90\u003c/code\u003e\u003c/a\u003e Fix fossil driver identifier validation for getFileContent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/028a251c3fec3d561f8728506411581c9093dd70\"\u003e\u003ccode\u003e028a251\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5e08c764257b5ab0948af93010a39bd5644b153d\"\u003e\u003ccode\u003e5e08c76\u003c/code\u003e\u003c/a\u003e Fix fossil update call when calling it with valid branch names like --dry-run...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `league/commonmark` from 2.8.0 to 2.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/thephpleague/commonmark/releases\"\u003eleague/commonmark's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.8.2\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where the \u003ccode\u003eallowed_domains\u003c/code\u003e setting for the \u003ccode\u003eEmbed\u003c/code\u003e extension can be bypassed, resulting in a possible SSRF and XSS vulnerabilities.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDomainFilteringAdapter\u003c/code\u003e hostname boundary bypass where domains like \u003ccode\u003eyoutube.com.evil\u003c/code\u003e could match an allowlist entry for \u003ccode\u003eyoutube.com\u003c/code\u003e (GHSA-hh8v-hgvp-g3f5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/thephpleague/commonmark/compare/2.8.1...2.8.2\"\u003ehttps://github.com/thephpleague/commonmark/compare/2.8.1...2.8.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.8.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where \u003ccode\u003eDisallowedRawHtml\u003c/code\u003e can be bypassed, resulting in a possible cross-site scripting (XSS) vulnerability.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDisallowedRawHtmlRenderer\u003c/code\u003e not blocking raw HTML tags with trailing ASCII whitespace (\u003ca href=\"https://github.com/thephpleague/commonmark/security/advisories/GHSA-4v6x-c7xx-hw9f\"\u003eGHSA-4v6x-c7xx-hw9f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed PHP 8.5 deprecation (\u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1107\"\u003e#1107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kocal\"\u003e\u003ccode\u003e@​Kocal\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/pull/1106\"\u003ethephpleague/commonmark#1106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/freost\"\u003e\u003ccode\u003e@​freost\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/pull/1107\"\u003ethephpleague/commonmark#1107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/thephpleague/commonmark/compare/2.8.0...2.8.1\"\u003ehttps://github.com/thephpleague/commonmark/compare/2.8.0...2.8.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/thephpleague/commonmark/blob/2.8/CHANGELOG.md\"\u003eleague/commonmark's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.8.2] - 2026-03-19\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where the \u003ccode\u003eallowed_domains\u003c/code\u003e setting for the \u003ccode\u003eEmbed\u003c/code\u003e extension can be bypassed, resulting in a possible SSRF and XSS vulnerabilities.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDomainFilteringAdapter\u003c/code\u003e hostname boundary bypass where domains like \u003ccode\u003eyoutube.com.evil\u003c/code\u003e could match an allowlist entry for \u003ccode\u003eyoutube.com\u003c/code\u003e (GHSA-hh8v-hgvp-g3f5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.8.1] - 2026-03-05\u003c/h2\u003e\n\u003cp\u003eThis is a \u003cstrong\u003esecurity release\u003c/strong\u003e to address an issue where \u003ccode\u003eDisallowedRawHtml\u003c/code\u003e can be bypassed, resulting in a possible cross-site scripting (XSS) vulnerability.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eDisallowedRawHtmlRenderer\u003c/code\u003e not blocking raw HTML tags with trailing ASCII whitespace (GHSA-4v6x-c7xx-hw9f)\u003c/li\u003e\n\u003cli\u003eFixed PHP 8.5 deprecation (\u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1107\"\u003e#1107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/59fb075d2101740c337c7216e3f32b36c204218b\"\u003e\u003ccode\u003e59fb075\u003c/code\u003e\u003c/a\u003e Fix DomainFilteringAdapter hostname boundary bypass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/74b4487b524eaacd34b4e87313f6028671e15562\"\u003e\u003ccode\u003e74b4487\u003c/code\u003e\u003c/a\u003e Document dangers of enabling an unsafe php.ini setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/84b1ca48347efdbe775426f108622a42735a6579\"\u003e\u003ccode\u003e84b1ca4\u003c/code\u003e\u003c/a\u003e Almost forgot this entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/bcf54f5a38cf8e42cca45248b04caba13317459f\"\u003e\u003ccode\u003ebcf54f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/7a68ed1c6765bd2650fed6d9857985bdfe655c71\"\u003e\u003ccode\u003e7a68ed1\u003c/code\u003e\u003c/a\u003e Prepare to release 2.8.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/5c0c4c8fe5a31e8260be99e0afad7136a27c79e6\"\u003e\u003ccode\u003e5c0c4c8\u003c/code\u003e\u003c/a\u003e Fix DisallowedRawHtml bypass via newline/tab in tag names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/f6e74434dd1a91f195f80cb0184b746a4187272a\"\u003e\u003ccode\u003ef6e7443\u003c/code\u003e\u003c/a\u003e Add regression test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/0719b6744cc68bc8b037fb30db86b62ec370c557\"\u003e\u003ccode\u003e0719b67\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1107\"\u003e#1107\u003c/a\u003e from freost/fix-php85-deprecation-error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/63ff2e0b12742f379803b5f21aa6f5b50abcd412\"\u003e\u003ccode\u003e63ff2e0\u003c/code\u003e\u003c/a\u003e Fix PHP 8.5 deprecation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thephpleague/commonmark/commit/8608e9c006d9f44acf8d983b126a813bd8def780\"\u003e\u003ccode\u003e8608e9c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/thephpleague/commonmark/issues/1106\"\u003e#1106\u003c/a\u003e from Kocal/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/thephpleague/commonmark/compare/2.8.0...2.8.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pixelated-au/streamline/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/pixelated-au/streamline/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pixelated-au%2Fstreamline/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"2.9.3","new_version":"2.9.7","update_type":"patch","path":null,"pr_created_at":"2026-04-14T20:14:46.000Z","version_change":"2.9.3 → 2.9.7","issue":{"uuid":"4264492662","node_id":"PR_kwDON2y7z87SbTWD","number":90,"state":"closed","title":"Bump the composer group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T03:18:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:14:46.000Z","updated_at":"2026-05-26T03:18:35.000Z","time_to_close":3567827,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":2,"packages":[{"name":"composer/composer","old_version":"2.9.3","new_version":"2.9.7","repository_url":"https://github.com/composer/composer"},{"name":"psy/psysh","old_version":"0.12.18","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 2 updates in the / directory: [composer/composer](https://github.com/composer/composer) and [psy/psysh](https://github.com/bobthecow/psysh).\n\nUpdates `composer/composer` from 2.9.3 to 2.9.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.6...2.9.7\"\u003ehttps://github.com/composer/composer/compare/2.9.6...2.9.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.7] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes regression calling custom script command aliases that are called a substring of a composer command (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12802\"\u003e#12802\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/82a2fbd1372a98d7915cfb092acf05207d9b4113\"\u003e\u003ccode\u003e82a2fbd\u003c/code\u003e\u003c/a\u003e Release 2.9.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/02265b26796b3d7771770bc7dbd92db7a5fac3ed\"\u003e\u003ccode\u003e02265b2\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/ca0612e27a327aa5e1b27503ec32d1f7dab1fc10\"\u003e\u003ccode\u003eca0612e\u003c/code\u003e\u003c/a\u003e Fixes custom script command aliases regression when a script is called a subs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/bd695eec61437e910196381489cea2990fa280eb\"\u003e\u003ccode\u003ebd695ee\u003c/code\u003e\u003c/a\u003e Reverting release version changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.18 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.18...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EncoreDigitalGroup/laravel-stripe/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/EncoreDigitalGroup/laravel-stripe/pull/90","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EncoreDigitalGroup%2Flaravel-stripe/issues/90","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/90/packages"}},{"old_version":"2.6.5","new_version":"2.9.6","update_type":"minor","path":null,"pr_created_at":"2026-04-14T20:06:49.000Z","version_change":"2.6.5 → 2.9.6","issue":{"uuid":"4264454109","node_id":"PR_kwDOLFRCj87SbLLF","number":16,"state":"closed","title":"Bump composer/composer from 2.6.5 to 2.9.6","user":"dependabot[bot]","labels":["dependencies","php"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-18T00:36:48.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T20:06:49.000Z","updated_at":"2026-05-18T00:36:50.000Z","time_to_close":2867399,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"composer/composer","old_version":"2.6.5","new_version":"2.9.6","repository_url":"https://github.com/composer/composer"}],"path":null,"ecosystem":"packagist"},"body":"Bumps [composer/composer](https://github.com/composer/composer) from 2.6.5 to 2.9.6.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.5...2.9.6\"\u003ehttps://github.com/composer/composer/compare/2.9.5...2.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.6] 2026-04-14\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)\u003c/li\u003e\n\u003cli\u003eSecurity: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)\u003c/li\u003e\n\u003cli\u003eSecurity: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with \u003ccode\u003e-\u003c/code\u003e do not cause issues (6621d45, d836b90, 5e08c764)\u003c/li\u003e\n\u003cli\u003eFixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed GitHub API authentication errors not being visible to the user (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12737\"\u003e#12737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed some platform package parsing failing when Composer runs in web SAPIs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed error reporting for clarity when a constraint cannot be parsed (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12743\"\u003e#12743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling audit.ignore to support CVE ids while doing security blocking, but advisory IDs are still preferred for performance reasons (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12624\"\u003e#12624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed partial updates failing when another package in the lock file has a known security advisory (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12626\"\u003e#12626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9afc32c056d65f9bc4af64ca2aa264a0a38568e5\"\u003e\u003ccode\u003e9afc32c\u003c/code\u003e\u003c/a\u003e Release 2.9.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e00073c3d424708644e45480d929933de922c4d9\"\u003e\u003ccode\u003ee00073c\u003c/code\u003e\u003c/a\u003e Fix some perforce type issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4fcc13d428f28479b01f757341aadd625412b454\"\u003e\u003ccode\u003e4fcc13d\u003c/code\u003e\u003c/a\u003e Convert perforce util to use array process args to avoid injections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/fd82721e1bdbded81dbc2b5acaa2f54d7513964f\"\u003e\u003ccode\u003efd82721\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/15f2541d942f3958930bbe86d11cd9c7bd4d2830\"\u003e\u003ccode\u003e15f2541\u003c/code\u003e\u003c/a\u003e Fix --no-plugins handling regression in \u003ca href=\"https://redirect.github.com/composer/composer/issues/12758\"\u003e#12758\u003c/a\u003e, fixes \u003ca href=\"https://redirect.github.com/composer/composer/issues/12789\"\u003e#12789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4f02616e6fba3b1baf8d45725f847841b44fc15c\"\u003e\u003ccode\u003e4f02616\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/91f077050c13e49e22554b991c81378ce8b5ee16\"\u003e\u003ccode\u003e91f0770\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/d836b901648dfb0f8c94c02bbd91bb68a25e16d8\"\u003e\u003ccode\u003ed836b90\u003c/code\u003e\u003c/a\u003e Fix fossil driver identifier validation for getFileContent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/028a251c3fec3d561f8728506411581c9093dd70\"\u003e\u003ccode\u003e028a251\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5e08c764257b5ab0948af93010a39bd5644b153d\"\u003e\u003ccode\u003e5e08c76\u003c/code\u003e\u003c/a\u003e Fix fossil update call when calling it with valid branch names like --dry-run...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.6.5...2.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=composer/composer\u0026package-manager=composer\u0026previous-version=2.6.5\u0026new-version=2.9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/wibesoft-company/packeton/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/wibesoft-company/packeton/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/wibesoft-company%2Fpacketon/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"2.8.12","new_version":"2.9.5","update_type":"minor","path":null,"pr_created_at":"2026-03-25T21:49:36.000Z","version_change":"2.8.12 → 2.9.5","issue":{"uuid":"4138780128","node_id":"PR_kwDOD3agoM7Nf_tQ","number":906,"state":"closed","title":"Bump the composer group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","stale","php"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-18T03:37:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T21:49:36.000Z","updated_at":"2026-04-18T03:37:08.000Z","time_to_close":2008049,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"composer","update_count":6,"packages":[{"name":"composer/composer","old_version":"2.8.12","new_version":"2.9.5","repository_url":"https://github.com/composer/composer"},{"name":"psy/psysh","old_version":"0.12.10","new_version":"0.12.22","repository_url":"https://github.com/bobthecow/psysh"},{"name":"symfony/http-foundation","old_version":"7.3.4","new_version":"7.3.11","repository_url":"https://github.com/symfony/http-foundation"},{"name":"google/protobuf","old_version":"4.32.1","new_version":"4.33.6","repository_url":"https://github.com/protocolbuffers/protobuf-php"},{"name":"phpunit/phpunit","old_version":"11.5.42","new_version":"11.5.55","repository_url":"https://github.com/sebastianbergmann/phpunit"}],"path":null,"ecosystem":"packagist"},"body":"Bumps the composer group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [composer/composer](https://github.com/composer/composer) | `2.8.12` | `2.9.5` |\n| [psy/psysh](https://github.com/bobthecow/psysh) | `0.12.10` | `0.12.22` |\n| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `7.3.4` | `7.3.11` |\n| [google/protobuf](https://github.com/protocolbuffers/protobuf-php) | `4.32.1` | `4.33.6` |\n| [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) | `11.5.42` | `11.5.55` |\n\n\nUpdates `composer/composer` from 2.8.12 to 2.9.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/releases\"\u003ecomposer/composer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.4...2.9.5\"\u003ehttps://github.com/composer/composer/compare/2.9.4...2.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.3...2.9.4\"\u003ehttps://github.com/composer/composer/compare/2.9.3...2.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.2...2.9.3\"\u003ehttps://github.com/composer/composer/compare/2.9.2...2.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling audit.ignore to support CVE ids while doing security blocking, but advisory IDs are still preferred for performance reasons (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12624\"\u003e#12624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed partial updates failing when another package in the lock file has a known security advisory (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12626\"\u003e#12626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.1...2.9.2\"\u003ehttps://github.com/composer/composer/compare/2.9.1...2.9.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression in phpunit binary proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12601\"\u003e#12601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed script handler autoloading issues (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12606\"\u003e#12606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed null call of Command::setDescription in some cases (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12605\"\u003e#12605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed --prefer-lowest builds sometimes failing due to the filtering of versions with known vulnerabilities (\u003ca href=\"https://github.com/composer/composer/discussions/12603\"\u003e#12603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/composer/composer/compare/2.9.0...2.9.1\"\u003ehttps://github.com/composer/composer/compare/2.9.0...2.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.9.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/composer/composer/blob/main/CHANGELOG.md\"\u003ecomposer/composer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e[2.9.5] 2026-01-29\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for new \u003ccode\u003epie\u003c/code\u003e \u003ccode\u003edownload-url-methods\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed detection of 7z when installed as 7za on some linux systems (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12731\"\u003e#12731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed warning because of the symfony/process CVE, 2.9.4 had a workaround already\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.4] 2026-01-22\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded active plugins to the diagnose command output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12706\"\u003e#12706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTP/3\u003c/code\u003e causing issues with proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12699\"\u003e#12699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eshow\u003c/code\u003e command regression with long descriptions containing unicode characters (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12704\"\u003e#12704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed regression handling invalid unicode sequences in output (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12707\"\u003e#12707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003egit rev-list\u003c/code\u003e usages to support older pre-2.33 git versions (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12705\"\u003e#12705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue handling paths with \u003ccode\u003e=\u003c/code\u003e in them on Windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.3] 2025-12-30\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCOMPOSER_NO_SECURITY_BLOCKING\u003c/code\u003e env var not being respected for \u003ccode\u003eupdates\u003c/code\u003e done via the \u003ccode\u003einstall\u003c/code\u003e command, and added \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to \u003ccode\u003einstall\u003c/code\u003e as well (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12677\"\u003e#12677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eupdate --lock\u003c/code\u003e / \u003ccode\u003eupdate mirrors\u003c/code\u003e not working when locked packages contain vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eclient-certificate\u003c/code\u003e authentication implementation (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12667\"\u003e#12667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ephp-ext\u003c/code\u003e schema not being validated in ValidatingArrayLoader (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed crash when \u003ccode\u003e--bump-after-update\u003c/code\u003e is used and the lock file is disabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12660\"\u003e#12660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed support for SecureTransport + LibreSSL on macOS (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12615\"\u003e#12615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed display of reasons for why advisories are ignored (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12668\"\u003e#12668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed compatibility issues when git has log.showSignature enabled (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12666\"\u003e#12666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed curl downloader not retrying when a timeout (err 28) failure occurs (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed EventDispatcher requiring a full Composer instance to function (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12629\"\u003e#12629\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.2] 2025-11-19\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new \u003ccode\u003e--no-security-blocking\u003c/code\u003e flag to disable/configure security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12617\"\u003e#12617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded a way to set \u003ca href=\"https://getcomposer.org/doc/06-config.md#detailed-format-with-apply-scope-\"\u003e\u003ccode\u003eaudit \u0026gt; ignore\u003c/code\u003e\u003c/a\u003e to act only on audits or only on security blocking (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12618\"\u003e#12618\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/composer/composer/issues/12612\"\u003e#12612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003econfig\u003c/code\u003e command not being able to set the new audit settings (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12609\"\u003e#12609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling audit.ignore to support CVE ids while doing security blocking, but advisory IDs are still preferred for performance reasons (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12624\"\u003e#12624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed partial updates failing when another package in the lock file has a known security advisory (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12626\"\u003e#12626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.1] 2025-11-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression in phpunit binary proxies (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12601\"\u003e#12601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed script handler autoloading issues (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12606\"\u003e#12606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed null call of Command::setDescription in some cases (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12605\"\u003e#12605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed --prefer-lowest builds sometimes failing due to the filtering of versions with known vulnerabilities (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12603\"\u003e#12603\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.0] 2025-11-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a couple minor issues with --bump-after-update (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12598\"\u003e#12598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVarious docs fixes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e[2.9.0-RC1] 2025-11-07\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/72a8f8e653710e18d83e5dd531eb5a71fc3223e6\"\u003e\u003ccode\u003e72a8f8e\u003c/code\u003e\u003c/a\u003e Release 2.9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/6b54088098356bbb0631e875b9f35553758f00d5\"\u003e\u003ccode\u003e6b54088\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/3f0976b827fc81b991d502634f9b551cfe61603e\"\u003e\u003ccode\u003e3f0976b\u003c/code\u003e\u003c/a\u003e Update baseline\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/5b44d62508c32906dedda4c9ee5429f2bbe5b7b0\"\u003e\u003ccode\u003e5b44d62\u003c/code\u003e\u003c/a\u003e Fix detection of 7z when it is installed as 7za\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/4c49f46d57c58c7f1c0fa165078abeb8549b4441\"\u003e\u003ccode\u003e4c49f46\u003c/code\u003e\u003c/a\u003e Bump actions/attest-build-provenance from 3.1.0 to 3.2.0 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12728\"\u003e#12728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/e6022328165b2b3d663a5523029d6717887a78b8\"\u003e\u003ccode\u003ee602232\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 6.0.1 to 6.0.2 (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12729\"\u003e#12729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/06c273b3de49a5d9a2fab7787c1cfd99590c94cc\"\u003e\u003ccode\u003e06c273b\u003c/code\u003e\u003c/a\u003e Add support for PIE list of download-url-methods (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12727\"\u003e#12727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/9861166fb61724999a72ec5dbc947fed557d8763\"\u003e\u003ccode\u003e9861166\u003c/code\u003e\u003c/a\u003e Update symfony/process to fix \u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/2102496eb4fdc04bfd64870e5ffb6e4599f5870a\"\u003e\u003ccode\u003e2102496\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Work around issue with msys/rmdir on windows (\u003ca href=\"https://redirect.github.com/composer/composer/issues/12726\"\u003e#12726\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/composer/composer/commit/defa1bb2ee520c276d839613d9287fcf441c79e4\"\u003e\u003ccode\u003edefa1bb\u003c/code\u003e\u003c/a\u003e Add info about downloading using gh util\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/composer/composer/compare/2.8.12...2.9.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `psy/psysh` from 0.12.10 to 0.12.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bobthecow/psysh/releases\"\u003epsy/psysh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePsySH v0.12.22\u003c/h2\u003e\n\u003ch2\u003eRuntime config and clipboard support\u003c/h2\u003e\n\u003cp\u003ePsySH has a new \u003ccode\u003econfig\u003c/code\u003e command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like \u003ccode\u003epager\u003c/code\u003e, \u003ccode\u003etheme\u003c/code\u003e, \u003ccode\u003everbosity\u003c/code\u003e, \u003ccode\u003euseSuggestions\u003c/code\u003e, \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e, \u003ccode\u003eclipboardCommand\u003c/code\u003e, and \u003ccode\u003esemicolonsSuppressReturn\u003c/code\u003e without restarting the shell. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThere’s also a new \u003ccode\u003ecopy\u003c/code\u003e command for copying the last result (\u003ccode\u003e$_\u003c/code\u003e) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.\u003c/p\u003e\n\u003cp\u003eConfigure with \u003ccode\u003eclipboardCommand\u003c/code\u003e or \u003ccode\u003euseOsc52Clipboard\u003c/code\u003e in your config.\u003c/p\u003e\n\u003ch2\u003eSemicolon-based return suppression\u003c/h2\u003e\n\u003cp\u003eOptionally suppress return values by ending a statement with \u003ccode\u003e;\u003c/code\u003e, similar to MATLAB/Octave behavior. Supports a \u003ccode\u003e'double'\u003c/code\u003e mode requiring \u003ccode\u003e;;\u003c/code\u003e for suppression (if \u003ccode\u003erequireSemicolons\u003c/code\u003e is also enabled, both \u003ccode\u003etrue\u003c/code\u003e and \u003ccode\u003e'double'\u003c/code\u003e require \u003ccode\u003e;;\u003c/code\u003e).\u003c/p\u003e\n\u003cpre lang=\"php\"\u003e\u003ccode\u003e'semicolonsSuppressReturn' =\u0026gt; true,\r\n'semicolonsSuppressReturn' =\u0026gt; 'double', // Always require ;; to suppress\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eOutput and exception display improvements\u003c/h2\u003e\n\u003cp\u003eStrings are now valid PHP!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/351\"\u003e#351\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/568\"\u003e#568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMultiline strings are rendered using heredoc-style output rather than triple-quoted strings \u003ccode\u003e\u0026quot;\u0026quot;\u0026quot;\u003c/code\u003e. The old format is available via \u003ccode\u003euseDeprecatedMultilineStrings\u003c/code\u003e until the next major release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding an \u003ccode\u003eexceptionDetails\u003c/code\u003e callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes \u003ca href=\"https://redirect.github.com/bobthecow/psysh/issues/648\"\u003e#648\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA few other improvements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore consistent compact (and non-compact) output spacing.\u003c/li\u003e\n\u003cli\u003eResponsive \u003ccode\u003ehelp\u003c/code\u003e layout adapts to terminal width.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBetter completion for everyone\u003c/h2\u003e\n\u003cp\u003eLegacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.\u003c/p\u003e\n\u003cp\u003eCommands can now define their own argument completions via \u003ccode\u003eCommandArgumentCompletionAware\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eInteractive readline polish\u003c/h2\u003e\n\u003cp\u003eNew in the experimental interactive readline:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLive syntax highlighting\u003c/strong\u003e — code is highlighted as you type. Can be disabled via \u003ccode\u003euseSyntaxHighlighting\u003c/code\u003e if you don't like colors, I guess.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAllman-style indenting\u003c/strong\u003e — opening brackets on a new line get proper indentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImproved auto-dedent\u003c/strong\u003e — closing brackets automatically reduce indentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003epsy\\info()\u003c/code\u003e and \u003ccode\u003e--info\u003c/code\u003e also report more detail about readline and autocomplete state.\u003c/p\u003e\n\u003cp\u003eRun psysh with \u003ccode\u003e--experimental-readline\u003c/code\u003e and try it out. It's getting kind of awesome!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/3be75d5b9244936dd4ac62ade2bfb004d13acf0f\"\u003e\u003ccode\u003e3be75d5\u003c/code\u003e\u003c/a\u003e Merge branch 'release/v0.12.22'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/8042a8fec59c72b9a9b5586f9bfe79e26c069aeb\"\u003e\u003ccode\u003e8042a8f\u003c/code\u003e\u003c/a\u003e Bump to v0.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/fd4cb699ef9df41ecd48f175edde3feaf4d8d794\"\u003e\u003ccode\u003efd4cb69\u003c/code\u003e\u003c/a\u003e Fix phan warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/2b350a413b82010f6e88fbb794aa7364d5ca9ecf\"\u003e\u003ccode\u003e2b350a4\u003c/code\u003e\u003c/a\u003e Fix throw special casing in really old php-parser versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/193e14994706fbe344291741bed2215622b1a659\"\u003e\u003ccode\u003e193e149\u003c/code\u003e\u003c/a\u003e Fix a code cleaner bug with \u003ccode\u003ethrow new Exception\u003c/code\u003e in PHP 7.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f583f74b314459c5f838095ce7a341fdd81690b2\"\u003e\u003ccode\u003ef583f74\u003c/code\u003e\u003c/a\u003e Restore VarDumper hard-ref handling, suppress link-only markers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/1e6a0d6e8800e0d82c86b85b7de9e37ac65a74fd\"\u003e\u003ccode\u003e1e6a0d6\u003c/code\u003e\u003c/a\u003e Prefer use statements over FQNs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/484e600e2ac5f0e403796863865de6d8a6a66ebd\"\u003e\u003ccode\u003e484e600\u003c/code\u003e\u003c/a\u003e Simplify theme identity, no-op updates when unchanged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/f01e492b18146675b218061c0c31b13fe58e3a9a\"\u003e\u003ccode\u003ef01e492\u003c/code\u003e\u003c/a\u003e Standardize test temp dir creation and cleanup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bobthecow/psysh/commit/6f33aea84464ed64b0c684c78fedf1f6620483d8\"\u003e\u003ccode\u003e6f33aea\u003c/code\u003e\u003c/a\u003e Add token-based fallback for incomplete member completion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bobthecow/psysh/compare/v0.12.10...v0.12.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/http-foundation` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/http-foundation/releases\"\u003esymfony/http-foundation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63137\"\u003e#63137\u003c/a\u003e  Fix PdoSessionHandler charset-collation mismatch with the Doctrine DBAL (\u003ca href=\"https://github.com/samy-mahmoudi\"\u003e\u003ccode\u003e@​samy-mahmoudi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/63012\"\u003e#63012\u003c/a\u003e  Fix double-prefixing of session keys when using redis/memcached (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62799\"\u003esymfony/symfony#62799\u003c/a\u003e [Cache][HttpFoundation] Fix VARBINARY columns on sqlsrv (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.8\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.7...v7.3.8\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62502\"\u003esymfony/symfony#62502\u003c/a\u003e [HttpFoundation] Fix Expires response header for EventStream (\u003ca href=\"https://github.com/4513\"\u003e\u003ccode\u003e@​4513\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62287\"\u003esymfony/symfony#62287\u003c/a\u003e [HttpFoundation] Fix AcceptHeader overwrites items with different parameters (\u003ca href=\"https://github.com/yoeunes\"\u003e\u003ccode\u003e@​yoeunes\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.7\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.6...v7.3.7\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eno significant changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.5...v7.3.6\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62324\"\u003esymfony/symfony#62324\u003c/a\u003e [HttpFoundation] Fix parsing hosts and schemes in URLs (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62246\"\u003esymfony/symfony#62246\u003c/a\u003e [HttpFoundation] Allow Request::setFormat() to override predefined formats (\u003ca href=\"https://github.com/longwave\"\u003e\u003ccode\u003e@​longwave\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\"\u003ehttps://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.5\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62153\"\u003esymfony/symfony#62153\u003c/a\u003e [HttpFoundation] Fix issue where ServerEvent with \u0026quot;0\u0026quot; data is not sent (\u003ca href=\"https://github.com/santysisi\"\u003e\u003ccode\u003e@​santysisi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/5347db9d709bb003722abfdc03990f3f21c53db5\"\u003e\u003ccode\u003e5347db9\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/f1a490cc9d595ba7ebe684220e625d1e472ad278\"\u003e\u003ccode\u003ef1a490c\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix PdoSessionHandler charset-collation mismatch with the Do...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/cc4ae963efd984204c0224605ae821382b791462\"\u003e\u003ccode\u003ecc4ae96\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a7c652d0d0a6be8fbf9dead2e36f31e46c482adf\"\u003e\u003ccode\u003ea7c652d\u003c/code\u003e\u003c/a\u003e [HttpFoundation] Fix double-prefixing of session keys when using redis/memcached\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/66e496a79d33160cecaf1569871a39ec0510fb11\"\u003e\u003ccode\u003e66e496a\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/4a673e9797bf5c2db347ae0e5f7880bb572cc061\"\u003e\u003ccode\u003e4a673e9\u003c/code\u003e\u003c/a\u003e do not use PHPUnit mock objects without configured expectations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/6dc98931a559065ff8f968ae0e461e600a321291\"\u003e\u003ccode\u003e6dc9893\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/a35ee6f47e4775179704d7877a8b0da3cb09241a\"\u003e\u003ccode\u003ea35ee6f\u003c/code\u003e\u003c/a\u003e [HttpFoundation][Cache] Fix VARBINARY columns on sqlsrv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/8cdae4e108673e0d3e4f18ef2ee79ff5023beeac\"\u003e\u003ccode\u003e8cdae4e\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/http-foundation/commit/0384c62b79d96e9b22d77bc1272c9e83342ba3a6\"\u003e\u003ccode\u003e0384c62\u003c/code\u003e\u003c/a\u003e minor \u003ca href=\"https://redirect.github.com/symfony/http-foundation/issues/62519\"\u003e#62519\u003c/a\u003e [HttpFoundation] Fix Request getPathInfo docblock (bobvandevijver)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/symfony/http-foundation/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `symfony/process` from 7.3.4 to 7.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/symfony/process/releases\"\u003esymfony/process's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.10...v7.3.11\"\u003ehttps://github.com/symfony/process/compare/v7.3.10...v7.3.11\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity #cve-2026-24739  Fix escaping for MSYS on Windows (nicolas-grekas)\u003c/li\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63164\"\u003e#63164\u003c/a\u003e  Fix escaping for MSYS on Windows (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.9...v7.3.10\"\u003ehttps://github.com/symfony/process/compare/v7.3.9...v7.3.10\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/process/issues/63004\"\u003e#63004\u003c/a\u003e  Ignore invalid env var names (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.3.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e (\u003ca href=\"https://github.com/symfony/process/compare/v7.3.8...v7.3.9\"\u003ehttps://github.com/symfony/process/compare/v7.3.8...v7.3.9\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ebug \u003ca href=\"https://redirect.github.com/symfony/symfony/issues/62775\"\u003esymfony/symfony#62775\u003c/a\u003e [Process] Fix dealing with broken stdin pipes (\u003ca href=\"https://github.com/nicolas-grekas\"\u003e\u003ccode\u003e@​nicolas-grekas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/81fe4ea2c3b8677fa2adfd8e48ba42374ede0e3b\"\u003e\u003ccode\u003e81fe4ea\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c46e854e79b52d07666e43924a20cb6dc546644e\"\u003e\u003ccode\u003ec46e854\u003c/code\u003e\u003c/a\u003e [Process] Fix escaping for MSYS on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/4424bc14e7dedec472440cc991f961f22343caaa\"\u003e\u003ccode\u003e4424bc1\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/c593135be689b21e6164b1e8f6f5dbf1506b065c\"\u003e\u003ccode\u003ec593135\u003c/code\u003e\u003c/a\u003e [Process] Adjust Process mustRun method phpdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/6d13a9300772cf6f22f490574b80d9bf3481d07a\"\u003e\u003ccode\u003e6d13a93\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/e579464d74525bf5eca45cbc984126a461879c3e\"\u003e\u003ccode\u003ee579464\u003c/code\u003e\u003c/a\u003e [Process] Ignore invalid env var names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/cbfa8595e86911b7c9dcd6e80e2205e82be86180\"\u003e\u003ccode\u003ecbfa859\u003c/code\u003e\u003c/a\u003e Merge branch '6.4' into 7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/symfony/process/commit/8541b7308fca001320e90bca8a73a28aa5604a6e\"\u003e\u003ccode\u003e8541b73\u003c/code\u003e\u003c/a\u003e [Process] Fix dealing with broken stdin pipes\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/symfony/process/compare/v7.3.4...v7.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google/protobuf` from 4.32.1 to 4.33.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/84b008c23915ed94536737eae46f41ba3bccfe67\"\u003e\u003ccode\u003e84b008c\u003c/code\u003e\u003c/a\u003e 4.33.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/1debe453db83159b98a38df5a3737feb1e8ef016\"\u003e\u003ccode\u003e1debe45\u003c/code\u003e\u003c/a\u003e 5.34.0 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/3f6644d863943ebedafacfbfff2cb1c967a766b2\"\u003e\u003ccode\u003e3f6644d\u003c/code\u003e\u003c/a\u003e 5.34.0RC2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/6fd2d13a7591515c8d09e6278f1a42a78e1adeac\"\u003e\u003ccode\u003e6fd2d13\u003c/code\u003e\u003c/a\u003e 4.29.6 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/ebe8010a61b2ae0cff0d246fe1c4d44e9f7dfa6d\"\u003e\u003ccode\u003eebe8010\u003c/code\u003e\u003c/a\u003e 4.33.5 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/a217acb35241a96fd6d6280e2b2540c30bd028f7\"\u003e\u003ccode\u003ea217acb\u003c/code\u003e\u003c/a\u003e 5.34.0RC1 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/22d28025cda0d223a2e48c2e16c5284ecc9f5402\"\u003e\u003ccode\u003e22d2802\u003c/code\u003e\u003c/a\u003e 4.33.4 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/281537d44d6c270606354e65bfa75a0969dbd629\"\u003e\u003ccode\u003e281537d\u003c/code\u003e\u003c/a\u003e 4.33.3 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/fbd96b7bf1343f4b0d8fb358526c7ba4d72f1318\"\u003e\u003ccode\u003efbd96b7\u003c/code\u003e\u003c/a\u003e 4.33.2 sync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protocolbuffers/protobuf-php/commit/0cd73ccf0cd26c3e72299cce1ea6144091a57e12\"\u003e\u003ccode\u003e0cd73cc\u003c/code\u003e\u003c/a\u003e 4.33.1 sync\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protocolbuffers/protobuf-php/compare/v4.32.1...v4.33.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phpunit/phpunit` from 11.5.42 to 11.5.55\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/releases\"\u003ephpunit/phpunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ePHPUnit 11.5.55\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.54\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.53\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003ch4\u003eKeep up to date with PHPUnit:\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eYou can follow \u003ca href=\"https://phpc.social/@phpunit\"\u003e\u003ccode\u003e@​phpunit@phpc.social\u003c/code\u003e\u003c/a\u003e to stay up to date with PHPUnit's development.\u003c/li\u003e\n\u003cli\u003eYou can subscribe to the \u003ca href=\"https://phpunit.de/newsletter\"\u003ePHPUnit Updates\u003c/a\u003e newsletter to receive updates about and tips for PHPUnit.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePHPUnit 11.5.52\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eLearn how to install or update PHPUnit 11.5 in the \u003ca href=\"https://docs.phpunit.de/en/11.5/installation.html\"\u003edocumentation\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sebastianbergmann/phpunit/blob/11.5.55/ChangeLog-11.5.md\"\u003ephpunit/phpunit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[11.5.55] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e: Performance regression in PHPUnit 11.5.54, PHPUnit 12.5.13, and PHPUnit 13.0.4\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.54] - 2026-02-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6489\"\u003e#6489\u003c/a\u003e: Classification of self/direct/indirect deprecation triggers is not aligned with Symfony's bridge for PHPUnit\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.53] - 2026-02-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6503\"\u003e#6503\u003c/a\u003e: Temporary file used by \u003ccode\u003eSourceMapper\u003c/code\u003e may be deleted prematurely when multiple PHPUnit processes run in parallel\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.52] - 2026-02-08\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6495\"\u003e#6495\u003c/a\u003e: Source map for issue trigger identification is regenerated in process isolation child processes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.51] - 2026-02-05\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6488\"\u003e#6488\u003c/a\u003e: Allow disabling issue trigger identification for improved performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6486\"\u003e#6486\u003c/a\u003e: Incorrect file name reported for errors for test methods declared in traits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/pull/6490\"\u003e#6490\u003c/a\u003e: Incorrect test count when tests are skipped in before-class method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.50] - 2026-01-27\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTo prevent Poisoned Pipeline Execution (PPE) attacks using prepared \u003ccode\u003e.coverage\u003c/code\u003e files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.49] - 2026-01-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6362\"\u003e#6362\u003c/a\u003e: Manually instantiated test doubles are broken since PHPUnit 11.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6470\"\u003e#6470\u003c/a\u003e: Infinite recursion in \u003ccode\u003eCount::getCountOf()\u003c/code\u003e for unusal implementations of \u003ccode\u003eIterator\u003c/code\u003e or \u003ccode\u003eIteratorAggregate\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[11.5.48] - 2026-01-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/adc7262fccc12de2b30f12a8aa0b33775d814f00\"\u003e\u003ccode\u003eadc7262\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0f31bcfdab285459bfee3eb7af8218aaeb0c09d5\"\u003e\u003ccode\u003e0f31bcf\u003c/code\u003e\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/sebastianbergmann/phpunit/issues/6521\"\u003e#6521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/eb7d132e95d824bbfd728eb2c8589191424f178a\"\u003e\u003ccode\u003eeb7d132\u003c/code\u003e\u003c/a\u003e Prepare release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/0325337f13bed9a5a2dcf3dbb1d1216596d8c932\"\u003e\u003ccode\u003e0325337\u003c/code\u003e\u003c/a\u003e Update ChangeLog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/24136927c3b8bee3b289a56144e7b340556bd194\"\u003e\u003ccode\u003e2413692\u003c/code\u003e\u003c/a\u003e Classify issue trigger as \u0026quot;unknown\u0026quot; only when it is not \u0026quot;self\u0026quot;, \u0026quot;direct\u0026quot;, or ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/8811c224c7dded079e3c72eeb3a5794cd8cffd8e\"\u003e\u003ccode\u003e8811c22\u003c/code\u003e\u003c/a\u003e Test all possible combinations (even if not all of them make sense)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/79f11ae1a161217845766f21435ee8bb6dc12c6b\"\u003e\u003ccode\u003e79f11ae\u003c/code\u003e\u003c/a\u003e Remove IssueTrigger::unknown()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/6589f445de2a4abbc24812d0b81fe2d5423e95e6\"\u003e\u003ccode\u003e6589f44\u003c/code\u003e\u003c/a\u003e Fall back to null instead of Code::ThirdParty when we cannot classify a file ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a64de8a9d42fe67e785b401e2dfaf472ef18f682\"\u003e\u003ccode\u003ea64de8a\u003c/code\u003e\u003c/a\u003e Narrow type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sebastianbergmann/phpunit/commit/a2300423541356160a40f8dc327cb73f65bb78eb\"\u003e\u003ccode\u003ea230042\u003c/code\u003e\u003c/a\u003e Resurrect test that got lost while reorganizing tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sebastianbergmann/phpunit/compare/11.5.42...11.5.55\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eMost Recent Ignore Conditions Applied to This Pull Request\u003c/summary\u003e\n\n| Dependency Name | Ignore Conditions |\n| --- | --- |\n| phpunit/phpunit | [\u003e= 10.a, \u003c 11] |\n\u003c/details\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/acquia/drupal-recommended-project/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/acquia/drupal-recommended-project/pull/906","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/acquia%2Fdrupal-recommended-project/issues/906","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/906/packages"}}]}