Skip to content

Bump the php-prod group across 1 directory with 9 updates #462

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the php-prod group across 1 directory with 9 updates #462

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2025
edited
Loading

Bumps the php-prod group with 8 updates in the / directory:

Package From To
doctrine/annotations 2.0.1 2.0.2
guzzlehttp/guzzle 7.8.1 7.10.0
incenteev/composer-parameter-handler 2.2.0 2.3.0
jms/translation-bundle 2.3.0 2.6.0
knplabs/knp-paginator-bundle 6.4.0 6.10.0
nelmio/security-bundle 3.3.0 3.6.0
surfnet/stepup-saml-bundle 6.1.0 6.2.0
twig/extra-bundle 3.13.0 3.22.1

Updates doctrine/annotations from 2.0.1 to 2.0.2

Release notes

Sourced from doctrine/annotations's releases.

2.0.2

Release Notes for 2.0.2

2.0.x bugfix release (patch)

2.0.2

  • Total issues resolved: 0
  • Total pull requests resolved: 2
  • Total contributors: 2

Improvement

Documentation

Changes from Lower Branches

  • This release includes all changes of the 1.14.4 release
Commits

Updates guzzlehttp/guzzle from 7.8.1 to 7.10.0

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.10.0

Added

  • Support for PHP 8.5

Changed

  • Adjusted guzzlehttp/promises version constraint to ^2.3
  • Adjusted guzzlehttp/psr7 version constraint to ^2.8

Release 7.9.3

Changed

  • Remove explicit content-length header for GET requests
  • Improve compatibility with bad servers for boolean cookie values

Release 7.9.2

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

Release 7.9.1

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

Release 7.9.0

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

Release 7.8.2

Added

  • Support for PHP 8.4
Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.10.0 - 2025-08-23

Added

  • Support for PHP 8.5

Changed

  • Adjusted guzzlehttp/promises version constraint to ^2.3
  • Adjusted guzzlehttp/psr7 version constraint to ^2.8

7.9.3 - 2025-03-27

Changed

  • Remove explicit content-length header for GET requests
  • Improve compatibility with bad servers for boolean cookie values

7.9.2 - 2024-07-24

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

7.9.1 - 2024-07-19

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

7.9.0 - 2024-07-18

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

7.8.2 - 2024-07-18

Added

  • Support for PHP 8.4
Commits
  • b51ac70 Release 7.10.0
  • af24c69 Use the http_get_last_response_headers function (#3301)
  • 2be2ee8 Remove obsolete reference capturing of $http_response_header (#3294)
  • c6420f2 Add PHP 8.5 support (#3300)
  • 7b2f29f Release 7.9.3
  • 8f68d9f Improve compatibility with bad servers for boolean cookie values (#3281)
  • 234747f Remove explicit content-length header for GET requests (#3278)
  • d28a072 testHandlesGarbageHttpServerGracefully: Split test between PHP <= 8.1 and >...
  • 41f5ce7 CS fixes
  • 0811cfd SA upgrades
  • Additional commits viewable in compare view

Updates incenteev/composer-parameter-handler from 2.2.0 to 2.3.0

Release notes

Sourced from incenteev/composer-parameter-handler's releases.

2.3.0

  • Add support for symfony/yaml 8
  • Fix PHP 8.5 deprecations
Changelog

Sourced from incenteev/composer-parameter-handler's changelog.

2.3.0 (2025-11-26)

  • Add support for symfony/yaml 8
  • Fix PHP 8.5 deprecations
Commits

Updates jms/translation-bundle from 2.3.0 to 2.6.0

Release notes

Sourced from jms/translation-bundle's releases.

2.6.0

What's Changed

Kudos to @​deguif for his contributions!

Full Changelog: schmittjoh/JMSTranslationBundle@2.5.0...2.6.0

2.5.0

What's Changed

Full Changelog: schmittjoh/JMSTranslationBundle@2.4.0...2.5.0

2.4.0

What's Changed

Full Changelog: schmittjoh/JMSTranslationBundle@2.3.0...2.4.0

Commits
  • 2a51f8a Merge pull request #611 from deguif/remove-twig-legacy-code
  • d465379 Merge pull request #612 from deguif/base-exception-throwable
  • 001aa5e Merge pull request #613 from deguif/gitattributes-update
  • 86d6932 Merge pull request #614 from deguif/phpunit-attributes
  • f3a9d31 feature: use phpunit attributes
  • 356c0d8 refactor: update .gitattributes
  • 6a54f1e feature: make base exception extends throwable
  • ec1a0ac refactor: remove twig trans node backward compatibility
  • 4c7e5de Merge pull request #598 from deguif/remove-legacy-code
  • 444fa3f Merge pull request #609 from deguif/ci-configuration
  • Additional commits viewable in compare view

Updates knplabs/knp-paginator-bundle from 6.4.0 to 6.10.0

Release notes

Sourced from knplabs/knp-paginator-bundle's releases.

v6.10.0

What's Changed

New Contributors

Full Changelog: KnpLabs/KnpPaginatorBundle@v6.9.1...v6.10.0

v6.9.1

What's Changed

Full Changelog: KnpLabs/KnpPaginatorBundle@v6.9.0...v6.9.1

v6.9.0

This release enhances the use of the bundle for API projects, removing some direct dependencies that are used only in full web projects.

What's Changed

Full Changelog: KnpLabs/KnpPaginatorBundle@v6.8.1...v6.9.0

v6.8.1

What's Changed

New Contributors

Full Changelog: KnpLabs/KnpPaginatorBundle@v6.8.0...v6.8.1

v6.8.0

What's Changed

New Contributors

... (truncated)

Commits

Updates nelmio/security-bundle from 3.3.0 to 3.6.0

Release notes

Sourced from nelmio/security-bundle's releases.

v3.6.0

What's Changed

New Contributors

Full Changelog: nelmio/NelmioSecurityBundle@v3.5.1...v3.6.0

v3.5.1

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.5.0...v3.5.1

v3.5.0

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.2...v3.5.0

v3.4.2

What's Changed

New Contributors

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.1...v3.4.2

v3.4.1

What's Changed

Full Changelog: nelmio/NelmioSecurityBundle@v3.4.0...v3.4.1

v3.4.0

What's Changed

... (truncated)

Changelog

Sourced from nelmio/security-bundle's changelog.

This CHANGELOG is here for historical reasons only, for newer changelog entries see github releases

Unreleased

  • Added support for Symfony 8 and PHP 8.4
Commits

Updates surfnet/stepup-saml-bundle from 6.1.0 to 6.2.0

Commits
  • 3ee8ae9 Merge pull request #130 from OpenConext/bugfix/exception-from-logger
  • 6671293 Do not throw an exception when the samlAuthenticationLogger is used before fo...
  • ae75742 Fix import
  • 8ea62ad Fix phpstan complaint: MetadataFactory::GetCertificateData() does not handle ...
  • See full diff in compare view

Updates twig/extra-bundle from 3.13.0 to 3.22.1

Commits
  • b6534bc Allow Symfony 8 packages in Twig extra packages
  • 6d253f0 Bump minimum Commonmark requirement
  • f22e82d minor #4664 CS fixes (nicolas-grekas)
  • f047eb6 CS fixes
  • d48133c Fix compatibility with Symfony 8
  • 614922f Update configuration keys + allow extra keys for extensions
  • 62d1cf4 Make in_array() calls strict
  • 81d7394 Fix CS
  • 9df5e1d Add missing CHANGELOG
  • 0a2d836 feature #3737 Added configuration for commonmark use in twig-extra-bundle. (d...
  • Additional commits viewable in compare view

Updates twig/twig from 3.14.2 to 3.22.1

Changelog

Sourced from twig/twig's changelog.

3.22.1 (2025-11-16)

  • Add support for Symfony 8

3.22.0 (2025-10-29)

  • Add support for two words test in guard tag
  • Add Environment::registerUndefinedTestCallback()
  • Fix compatibility with Symfony 8
  • Fix accessing arrays with stringable objects as key
  • Avoid errors when failing to guess the template info for an error
  • Fix expression parser compatibility layer
  • Fix compiling 'index' with repr (not string) in EmbedNode
  • Update configuration keys + allow extra keys for CommonMark extensions
  • Allow usage of other Markdown converters than CommonMark in LeagueMarkdown

3.21.1 (2025-05-03)

  • Fix ExtensionSet usage of BinaryOperatorExpressionParser

3.21.0 (2025-05-02)

  • Fix wrong array index
  • Deprecate Template::loadTemplate()
  • Fix testing and expression when it evaluates to an instance of Markup
  • Add ReturnPrimitiveTypeInterface (and sub-interfaces for number, boolean, string, and array)
  • Add SupportDefinedTestInterface for expression nodes supporting the defined test
  • Deprecate using the | operator in an expression with + or - without using parentheses to clarify precedence
  • Deprecate operator precedence outside of the [0, 512] range
  • Introduce expression parser classes to describe operators and operands provided by extensions instead of arrays (it comes with many deprecations that are documented in the deprecated documentation chapter)
  • Deprecate the Twig\ExpressionParser, and Twig\OperatorPrecedenceChange classes
  • Add attributes AsTwigFilter, AsTwigFunction, and AsTwigTest to ease extension development

3.20.0 (2025-02-13)

  • Fix support for ignoring syntax errors in an undefined handler in guard
  • Add configuration for Commonmark
  • Fix wrong array index
  • Bump minimum PHP version to 8.1
  • Add support for registering callbacks for undefined functions, filters or token parsers in the IntegrationTestCase
  • Use correct line number for ForElseNode
  • Fix timezone conversion on strings

3.19.0 (2025-01-28)

  • Fix a security issue where escaping was missing when using ??
  • Deprecate Token::getType(), use Token::test() instead
  • Add Token::toEnglish()

... (truncated)

Commits
  • 1de2ec1 Prepare the 3.22.1 release
  • 6a65434 Update CHANGELOG
  • 35a3de7 minor #4711 CoreExtension : Make error message more readable (tcoch)
  • 40248e4 CoreExtension : Make error message more readable
  • d58c8be minor #4698 Add throw tag to parse methods (VincentLanglet)
  • 2996f0b minor #4709 Add caution note for random function usage (xelan)
  • 02c5a4b Add caution note for random function usage
  • 94a3635 minor #4708 Allow Symfony 8 packages in Twig extra packages (javiereguiluz)
  • 9a8a1dc Allow Symfony 8 packages in Twig extra packages
  • 80fa13c minor #4707 Fix array typehint for $variants in HtmlExtension (yoeunes)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the php-prod group across 1 directory with 9 updates
845e1b2 
Bumps the php-prod group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [doctrine/annotations](https://github.com/doctrine/annotations) | `2.0.1` | `2.0.2` |
| [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) | `7.8.1` | `7.10.0` |
| [incenteev/composer-parameter-handler](https://github.com/Incenteev/ParameterHandler) | `2.2.0` | `2.3.0` |
| [jms/translation-bundle](https://github.com/schmittjoh/JMSTranslationBundle) | `2.3.0` | `2.6.0` |
| [knplabs/knp-paginator-bundle](https://github.com/KnpLabs/KnpPaginatorBundle) | `6.4.0` | `6.10.0` |
| [nelmio/security-bundle](https://github.com/nelmio/NelmioSecurityBundle) | `3.3.0` | `3.6.0` |
| [surfnet/stepup-saml-bundle](https://github.com/OpenConext/Stepup-saml-bundle) | `6.1.0` | `6.2.0` |
| [twig/extra-bundle](https://github.com/twigphp/twig-extra-bundle) | `3.13.0` | `3.22.1` |



Updates `doctrine/annotations` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/doctrine/annotations/releases)
- [Commits](doctrine/annotations@2.0.1...2.0.2)

Updates `guzzlehttp/guzzle` from 7.8.1 to 7.10.0
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.10/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.8.1...7.10.0)

Updates `incenteev/composer-parameter-handler` from 2.2.0 to 2.3.0
- [Release notes](https://github.com/Incenteev/ParameterHandler/releases)
- [Changelog](https://github.com/Incenteev/ParameterHandler/blob/master/CHANGELOG.md)
- [Commits](Incenteev/ParameterHandler@v2.2.0...v2.3.0)

Updates `jms/translation-bundle` from 2.3.0 to 2.6.0
- [Release notes](https://github.com/schmittjoh/JMSTranslationBundle/releases)
- [Changelog](https://github.com/schmittjoh/JMSTranslationBundle/blob/master/CHANGELOG.md)
- [Commits](schmittjoh/JMSTranslationBundle@2.3.0...2.6.0)

Updates `knplabs/knp-paginator-bundle` from 6.4.0 to 6.10.0
- [Release notes](https://github.com/KnpLabs/KnpPaginatorBundle/releases)
- [Commits](KnpLabs/KnpPaginatorBundle@v6.4.0...v6.10.0)

Updates `nelmio/security-bundle` from 3.3.0 to 3.6.0
- [Release notes](https://github.com/nelmio/NelmioSecurityBundle/releases)
- [Changelog](https://github.com/nelmio/NelmioSecurityBundle/blob/master/CHANGELOG.md)
- [Commits](nelmio/NelmioSecurityBundle@v3.3.0...v3.6.0)

Updates `surfnet/stepup-saml-bundle` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/OpenConext/Stepup-saml-bundle/releases)
- [Changelog](https://github.com/OpenConext/Stepup-saml-bundle/blob/main/CHANGELOG.md)
- [Commits](OpenConext/Stepup-saml-bundle@6.1.0...6.2.0)

Updates `twig/extra-bundle` from 3.13.0 to 3.22.1
- [Commits](twigphp/twig-extra-bundle@v3.13.0...v3.22.1)

Updates `twig/twig` from 3.14.2 to 3.22.1
- [Changelog](https://github.com/twigphp/Twig/blob/3.x/CHANGELOG)
- [Commits](twigphp/Twig@v3.14.2...v3.22.1)

---
updated-dependencies:
- dependency-name: doctrine/annotations
  dependency-version: 2.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: php-prod
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: incenteev/composer-parameter-handler
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: jms/translation-bundle
  dependency-version: 2.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: knplabs/knp-paginator-bundle
  dependency-version: 6.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: nelmio/security-bundle
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: surfnet/stepup-saml-bundle
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/extra-bundle
  dependency-version: 3.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
- dependency-name: twig/twig
  dependency-version: 3.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: php-prod
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Dec 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant