Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump twig/twig from 1.35.0 to 1.43.1 in /test/acceptance/workspaces/composer-app #27

Merged
merged 1 commit into from
Nov 22, 2022
Merged

chore(deps): bump twig/twig from 1.35.0 to 1.43.1 in /test/acceptance/workspaces/composer-app #27

merged 1 commit into from
Nov 22, 2022

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Sep 30, 2022
edited by Jimimaku
Loading

Bumps twig/twig from 1.35.0 to 1.43.1.

Changelog

Sourced from twig/twig's changelog.

1.43.1 (2020-08-05)

  • Fix sandbox not disabled if syntax error occurs within {% sandbox %} tag
  • Fix a regression when not using a space before an operator
  • Restrict callables to closures in filters
  • Allow trailing commas in argument lists (in calls as well as definitions)

1.43.0 (2020-07-05)

  • Throw exception in case non-Traversable data is passed to "filter"
  • Fix context optimization on PHP 7.4
  • Fix PHP 8 compatibility
  • Drop PHP 5.5 5.6, and 7.0 support
  • Fix ambiguous syntax parsing
  • In sandbox, the filter, map and reduce filters require Closures in arrow parameter

1.42.5 (2020-02-11)

  • Fix implementation of case-insensitivity for method names

1.42.4 (2019-11-11)

  • optimized "block('foo') ?? 'bar"
  • added supported for exponential numbers

1.42.3 (2019-08-24)

  • fixed the "split" filter when the delimiter is "0"
  • fixed the "empty" test on Traversable instances
  • fixed cache when opcache is installed but disabled
  • fixed PHP 7.4 compatibility
  • bumped the minimal PHP version to 5.5

1.42.2 (2019-06-18)

  • Display partial output (PHP buffer) when an error occurs in debug mode

1.42.1 (2019-06-04)

  • added support for "Twig\Markup" instances in the "in" test (again)
  • allowed string operators as variables names in assignments

1.42.0 (2019-05-31)

  • fixed the "filter" filter when the argument is \Traversable but does not implement \Iterator (\SimpleXmlElement for instance)
  • fixed a PHP fatal error when calling a macro imported in a block in a nested block
  • fixed a PHP fatal error when calling a macro imported in the template in another macro
  • fixed wrong error message on "import" and "from"

1.41.0 (2019-05-14)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Sep 30, 2022
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@dependabot dependabot bot force-pushed the dependabot/composer/test/acceptance/workspaces/composer-app/twig/twig-1.43.1 branch from fe8519d to 93ca7c9 Compare November 21, 2022 23:46
@dependabot
chore(deps): bump twig/twig in /test/acceptance/workspaces/composer-app
a0b4d8b 
Bumps [twig/twig](https://github.com/twigphp/Twig) from 1.35.0 to 1.43.1.
- [Release notes](https://github.com/twigphp/Twig/releases)
- [Changelog](https://github.com/twigphp/Twig/blob/v1.43.1/CHANGELOG)
- [Commits](twigphp/Twig@v1.35.0...v1.43.1)

---
updated-dependencies:
- dependency-name: twig/twig
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/composer/test/acceptance/workspaces/composer-app/twig/twig-1.43.1 branch from 93ca7c9 to a0b4d8b Compare November 21, 2022 23:46
@guardrails
Copy link

guardrails bot commented Nov 21, 2022
edited by Jimimaku
Loading

⚠️ We detected 1 security issue in this pull request:

Vulnerable Libraries (1)
Severity Details
Critical pkg:composer/twig/twig@v1.43.1@v1.43.1 - no patch available

More info on how to fix Vulnerable Libraries in PHP.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@Jimimaku Jimimaku merged commit 8433f2b into master Nov 22, 2022
@dependabot dependabot bot deleted the dependabot/composer/test/acceptance/workspaces/composer-app/twig/twig-1.43.1 branch November 22, 2022 00:19
@Jimimaku Jimimaku self-assigned this Nov 22, 2022
@snyk-bot snyk-bot mentioned this pull request Dec 1, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Jimimaku Jimimaku

Labels
dependencies Pull requests that update a dependency file php Pull requests that update Php code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@CLAassistant @Jimimaku