Patch vulnerability advisory (#3966)

Seems composer has a vulnerability, see https://github.com/advisories/GHSA-7c6p-848j-wh5h Affected versions >= 2.0.0-alpha1, < 2.2.23 -- patched in 2.2.23 >= 2.3.0-rc1, < 2.7.0 -- patched in 2.7.0 --- Let's raise the minimum to enforce the latest. Thank you @peopleinside for reporting this.
2025-08-04 15:37:51 +02:00 · 2024-02-22 11:40:56 +01:00
parent 721e2eae3d
commit e771b908d5
1 changed files with 1 additions and 1 deletions
--- a/extensions/package-manager/composer.json
+++ b/extensions/package-manager/composer.json
@@ -23,7 +23,7 @@
    },
    "require": {
        "flarum/core": "^2.0",
-        "composer/composer": "^2.3"
+        "composer/composer": "^2.7"
    },
    "require-dev": {
        "flarum/testing": "^2.0",