Patch vulnerability advisory (#3966)

Seems composer has a vulnerability, see https://github.com/advisories/GHSA-7c6p-848j-wh5h Affected versions >= 2.0.0-alpha1, < 2.2.23 -- patched in 2.2.23 >= 2.3.0-rc1, < 2.7.0 -- patched in 2.7.0 --- Let's raise the minimum to enforce the latest. Thank you @peopleinside for reporting this. (cherry picked from commit e771b908d5)
2025-08-06 00:17:31 +02:00 · 2024-02-22 11:40:56 +01:00
parent b2044ff312
commit a52959ccf2
1 changed files with 1 additions and 1 deletions
--- a/extensions/package-manager/composer.json
+++ b/extensions/package-manager/composer.json
@@ -23,7 +23,7 @@
    },
    "require": {
        "flarum/core": "^1.8",
-        "composer/composer": "^2.3"
+        "composer/composer": "^2.7"
    },
    "require-dev": {
        "flarum/testing": "^1.0.0",