Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump yiisoft/yii from 1.1.23 to 1.1.29 #23

Closed
wants to merge 1 commit into from
Closed

Bump yiisoft/yii from 1.1.23 to 1.1.29 #23

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 14, 2023

Bumps yiisoft/yii from 1.1.23 to 1.1.29.

Release notes

Sourced from yiisoft/yii's releases.

Version 1.1.29

https://www.yiiframework.com/news/587/yii-1-1-29-is-released

Version 1.1.28

https://www.yiiframework.com/news/549/yii-1-1-28-is-released-and-security-support-extended

Version 1.1.27

https://www.yiiframework.com/news/510/yii-1-1-27-is-released

Version 1.1.26

https://www.yiiframework.com/news/495/yii-1-1-26-is-released

Version 1.1.25

https://www.yiiframework.com/news/419/yii-1-1-25-is-released

Version 1.1.24

https://www.yiiframework.com/news/369/yii-1-1-24-is-released-and-security-support-extended

Changelog

Sourced from yiisoft/yii's changelog.

Version 1.1.29 November 14, 2023

  • Bug #4516: PHP 8 compatibility: Allow union types and intersection types in action declarations (wtommyw)
  • Bug #4523: Fixed translated in Greek class messages in framework requirements view, which they should not be translated (lourdas)
  • Bug #4534: PHP 8.2 compatibility: Fix deprecated dynamic properties in gii/components/Pear/Text/Diff (mdeweerd, marcovtwout)
  • Bug: CVE-2023-47130. Prevent RCE when deserializing untrusted user input (ma4ter222, marcovtwout)
  • Enh #4529: Exceptions thrown while loading fixture file rows now contain more details (eduardor2k)
  • Enh #4533: Various refactorings applied based on PHAN checks (marcovtwout)

Version 1.1.28 February 28, 2023

  • Bug #4484: Set Last-Modified after sending cache control headers (jannis701, wtommyw)
  • Bug #4491: Fixed limit and Offset not working correctly with MSSQL version 11 (2012) and newer (shnoulle, wtommyw)
  • Bug #4497: PHP 8.1 compatibility: Fix unserialize null in CRedisCache (kenguest, wtommyw)
  • Bug #4499: PHP 8.1 compatibility: Fix deprecation warning in COciSchema (marcovtwout)
  • Bug #4500: PHP 8.1 compatibility: Fix deprecation warnings in CMysql classes (csears123)
  • Bug #4507: PHP 8.1 compatibility: Fix deprecation warning in CWebUser (marcovtwout, wtommyw)
  • Enh #4490: Added support for PostgreSQL 15 (sternix, marcovtwout)
  • Enh #4503: Update tests and code for PHP 8.1 compatibility, stop suppressing deprecation warnings in tests (wtommyw)
  • Enh #4505: Added support for PHP 8.2 (wtommyw)

Version 1.1.27 November 21, 2022

  • Bug: PHP 8.1 compatibility: Fix CFileCache call of file_get_contents (Bregi)
  • Bug: CVE-2022-41922. Prevent RCE when deserializing untrusted user input (fi3wey, marcovtwout)

Version 1.1.26 September 30, 2022

  • Bug #4453: Alpine Linux compatibility: Avoid using GLOB_BRACE in CFileHelper::removeDirectory (ivany4)
  • Enh #4386: Added support for PHP 8.1 (marcovtwout, JonathanArgentao, ivany4, csears123)
  • Enh #4386: Updated HTMLPurifier to version 4.15.0 for PHP 8.1 support (https://github.com/ezyang/htmlpurifier/blob/v4.15.0/NEWS) (marcovtwout)
  • Enh #4392: Added support for SSL to CRedisCache (andres101)

Version 1.1.25 December 13, 2021

  • Bug #4226: Fix for Gii diff displaying "reset() expects parameter 1 to be array, integer given" (LeoZandvliet, marcovtwout)
  • Bug #4369: PHP 8.0 compatibility: Fix warning "Only the first byte will be assigned to the string offset" when generating code with Gii (marcovtwout)
  • Bug #4374: Fix for createUpdateCommand which did not accept just a table name when using MSSQL (c-schmitz)
  • Bug #4380: Prevent fatal errors while validating CSRF token of malformed requests (rob006)
  • Bug #4382: PHP 8.0 compatibility: Fix CFileLogRoute throwing TypeError when logfile cannot be opened (marcovtwout)

Version 1.1.24 June 7, 2021

  • Bug #4339: "There is no active transaction" when transaction is autocommitted (twisted1919)

... (truncated)

Commits
  • f89b76e Release version 1.1.29
  • 37142be Merge pull request from GHSA-mw2w-2hj2-fg8q
  • d687882 FIX: Check the proper value
  • f687987 Merge branch 'advisory-fix-marcovtwout' of github.com:yiisoft/yii-ghsa-mw2w-2...
  • a113037 Change is_string to is_scalar to accept more argument types even though strin...
  • 22c4c2b Merge branch 'master' into advisory-fix-marcovtwout
  • 6d8e867 Merge pull request #4537 from yiisoft/4533-phan-check-improvements
  • 0361fac Merge pull request #4536 from yiisoft/4534-fix-pear-diff-php-deprecations
  • 3719f5d Update CHANGELOG
  • ac88032 Improve formatting
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump yiisoft/yii from 1.1.23 to 1.1.29
f9e4519 
Bumps [yiisoft/yii](https://github.com/yiisoft/yii) from 1.1.23 to 1.1.29.
- [Release notes](https://github.com/yiisoft/yii/releases)
- [Changelog](https://github.com/yiisoft/yii/blob/master/CHANGELOG)
- [Commits](yiisoft/yii@1.1.23...1.1.29)

---
updated-dependencies:
- dependency-name: yiisoft/yii
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Nov 14, 2023
@Bomjman Bomjman mentioned this pull request Feb 6, 2024
Closed
@github-actions GitHub Actions
Copy link

This pull request has conflicts, please resolve those.

@github-actions GitHub Actions
Copy link

This pr is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 10 days.

@github-actions github-actions bot added the stale label Aug 25, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 5, 2024

This pr was closed because it has been stalled for 10 days with no activity.

@github-actions github-actions bot closed this Sep 5, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 5, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/composer/yiisoft/yii-1.1.29 branch September 5, 2024 01:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file php Pull requests that update Php code PR: merge conflicts have arisen stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants