composer(deps-dev): update sylius/sylius requirement from ~1.8.9 to ~1.8.9 || ~1.10.0 #4

dependabot · 2021-06-29T00:17:31Z

Updates the requirements on sylius/sylius to permit the latest version.

Changelog

Sourced from sylius/sylius's changelog.

v1.10.0 (2021-06-28)

Details

No additional changes apart from the ones reported in pre-releases.

v1.10.0-RC.1 (2021-06-28)

TL;DR

This is a security release!

Fixes the follwing vulnerability:

List of order ids, number, items total and token value exposed for unauthorized uses via new API

Details

#12596 Country api resource shouldn't have created/updated at (@kayue)

#12618 [Docs] Fix cookbook for custom entity (@Tomanhez)

#12682 Use Symfony 5.2.* instead of ^5.2 for GitHub Actions (@pamil)

#12683 Improve the UPGRADE file for Sylius v1.10 (@pamil)

#12686 [DOCS] Cookbook for customizing refund process (@arti0090)

#12687 Fix typo and imporve error message (@dantleech)

#12690 [Doctrine] Fix problem with explicitly defining entity managers (@GSadee)

#12698 Fix the build with Symfony 5.3 (@pamil)

#12699 [Documentation] Update templates directory in Themes doc (@CoderMaggie)

#12701 Delay Sylius 1.10 release by two weeks (@pamil)

#12702 [Documentation] Fix Refund Process Cookbook (@GSadee)

#12706 [Documentation] Tweaks on the refunds process cookbook (@CoderMaggie, @GSadee)

#12707 [Documentation] Fix links in the refunds process cookbook (@GSadee)

#12709 Fix the build after upgrade to Symfony 5.3 in GitHub Actions (@pamil)

#12715 [Dql] Add parameter instead of hardcoding it in where statement (@SirDomin)

#12720 [DQL] Change hardcoded enabled value to parameter in where statements (@GSadee)

#12725 Bring back testing for Symfony ^5.2 (@pamil)

#12726 [DQL] Change hardcoded tracked value to parameter in where statements (@lchrusciel)

#12731 Add cookbook with how to change tax address (@arti0090)

#12732 Remove unnecessary note about conflict with api-platform/core (@GSadee)

#12733 Bring back conflict to symfony/polyfill-mbstring (@GSadee)

#12734 Revert "Bring back conflict to symfony/polyfill-mbstring" (@GSadee)

#12736 Force Symfony 5.2.* on GitHub Actions (@pamil)

#12747 [Docs] Move AdminApi docs to AdminApiBundle (@Tomanhez)

#12748 [Documentation][Refund] Add cookbook about refund customization with improvements (@AdamKasp, @GSadee)

v1.10.0-BETA.1 (2021-05-27)

Details

#12578 [API][Shop] Remove channel pricing from shop (@lchrusciel, @SirDomin)

#12602 [Refactor] Unification of buses (@SirDomin)

... (truncated)

Commits

a367bc0 Change application's version to v1.10.0
e5ca5d2 Generate changelog for v1.10.0
41a46f7 Change application's version to v1.10.0-DEV
d3d117b Generate changelog for v1.10.0-RC.1
a3ddd36 Change application's version to v1.10.0-RC.1
54b7872 Merge branch '1.9' into 1.10
b8b1e2a Change application's version to v1.9.6-DEV
2e2b895 Fix the security advisory PR
27271bd Generate changelog for v1.9.5
eed10bd Change application's version to v1.9.5
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [sylius/sylius](https://github.com/Sylius/Sylius) to permit the latest version. - [Release notes](https://github.com/Sylius/Sylius/releases) - [Changelog](https://github.com/Sylius/Sylius/blob/master/CHANGELOG-1.10.md) - [Commits](Sylius/Sylius@v1.8.9...v1.10.0) --- updated-dependencies: - dependency-name: sylius/sylius dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Jun 29, 2021

dependabot bot mentioned this pull request Jun 29, 2021

composer(deps-dev): update sylius/sylius requirement from ~1.8.9 to ~1.8.9 || ~1.9.0 #1

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

composer(deps-dev): update sylius/sylius requirement from ~1.8.9 to ~1.8.9 || ~1.10.0 #4

composer(deps-dev): update sylius/sylius requirement from ~1.8.9 to ~1.8.9 || ~1.10.0 #4

dependabot bot commented on behalf of github Jun 29, 2021 •

edited

Loading

composer(deps-dev): update sylius/sylius requirement from ~1.8.9 to ~1.8.9 || ~1.10.0 #4

Are you sure you want to change the base?

composer(deps-dev): update sylius/sylius requirement from ~1.8.9 to ~1.8.9 || ~1.10.0 #4

Conversation

dependabot bot commented on behalf of github Jun 29, 2021 • edited Loading

v1.10.0 (2021-06-28)

Details

v1.10.0-RC.1 (2021-06-28)

TL;DR

Details

v1.10.0-BETA.1 (2021-05-27)

Details

dependabot bot commented on behalf of github Jun 29, 2021 •

edited

Loading