From e0d903629ad741dd142d4b3003d7a29448794e9c Mon Sep 17 00:00:00 2001 From: David Bomba Date: Wed, 6 Jul 2022 17:52:50 +1000 Subject: [PATCH] updates for security dependencies --- composer.json | 2 +- composer.lock | 210 +++++++++++++++++++++++++++++++++++--------------- 2 files changed, 151 insertions(+), 61 deletions(-) diff --git a/composer.json b/composer.json index e0aed3e9ea..6cb615c5be 100644 --- a/composer.json +++ b/composer.json @@ -43,7 +43,7 @@ "digitickets/omnipay-gocardlessv2": "dev-payment-fix", "digitickets/omnipay-realex": "~5.0", "doctrine/dbal": "2.6.x", - "dompdf/dompdf": "^1.2", + "dompdf/dompdf": "^2.0", "ezyang/htmlpurifier": "~v4.7", "fotografde/omnipay-checkoutcom": "~2.0", "fruitcakestudio/omnipay-sisow": "~2.0", diff --git a/composer.lock b/composer.lock index 0c41eec9b0..66a0a25d47 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "48eef9df87ba5ddd62f16eef3bc9f5f4", + "content-hash": "0a280190c7a842f573c95abbb766f8ed", "packages": [ { "name": "abdala/omnipay-pagseguro", @@ -734,16 +734,16 @@ }, { "name": "barryvdh/laravel-debugbar", - "version": "v3.6.7", + "version": "v3.6.8", "source": { "type": "git", "url": "https://github.com/barryvdh/laravel-debugbar.git", - "reference": "b96f9820aaf1ff9afe945207883149e1c7afb298" + "reference": "814b36a08a60f4159cdcbb1c466a6a0027440b6c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/b96f9820aaf1ff9afe945207883149e1c7afb298", - "reference": "b96f9820aaf1ff9afe945207883149e1c7afb298", + "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/814b36a08a60f4159cdcbb1c466a6a0027440b6c", + "reference": "814b36a08a60f4159cdcbb1c466a6a0027440b6c", "shasum": "" }, "require": { @@ -803,7 +803,7 @@ ], "support": { "issues": "https://github.com/barryvdh/laravel-debugbar/issues", - "source": "https://github.com/barryvdh/laravel-debugbar/tree/v3.6.7" + "source": "https://github.com/barryvdh/laravel-debugbar/tree/v3.6.8" }, "funding": [ { @@ -815,7 +815,7 @@ "type": "github" } ], - "time": "2022-02-09T07:52:32+00:00" + "time": "2022-06-08T15:03:05+00:00" }, { "name": "barryvdh/laravel-ide-helper", @@ -1470,16 +1470,16 @@ }, { "name": "composer/composer", - "version": "2.2.14", + "version": "2.2.16", "source": { "type": "git", "url": "https://github.com/composer/composer.git", - "reference": "8c7a2d200bb0e66d6fafeff2f9c9a27188e52842" + "reference": "8c0ee53ff67399b0eec4eee2c5dc5189ec6938a6" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/composer/zipball/8c7a2d200bb0e66d6fafeff2f9c9a27188e52842", - "reference": "8c7a2d200bb0e66d6fafeff2f9c9a27188e52842", + "url": "https://api.github.com/repos/composer/composer/zipball/8c0ee53ff67399b0eec4eee2c5dc5189ec6938a6", + "reference": "8c0ee53ff67399b0eec4eee2c5dc5189ec6938a6", "shasum": "" }, "require": { @@ -1549,7 +1549,7 @@ "support": { "irc": "ircs://irc.libera.chat:6697/composer", "issues": "https://github.com/composer/composer/issues", - "source": "https://github.com/composer/composer/tree/2.2.14" + "source": "https://github.com/composer/composer/tree/2.2.16" }, "funding": [ { @@ -1565,7 +1565,7 @@ "type": "tidelift" } ], - "time": "2022-06-06T14:32:50+00:00" + "time": "2022-07-05T14:50:29+00:00" }, { "name": "composer/metadata-minifier", @@ -2446,16 +2446,16 @@ }, { "name": "doctrine/annotations", - "version": "1.13.2", + "version": "1.13.3", "source": { "type": "git", "url": "https://github.com/doctrine/annotations.git", - "reference": "5b668aef16090008790395c02c893b1ba13f7e08" + "reference": "648b0343343565c4a056bfc8392201385e8d89f0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/annotations/zipball/5b668aef16090008790395c02c893b1ba13f7e08", - "reference": "5b668aef16090008790395c02c893b1ba13f7e08", + "url": "https://api.github.com/repos/doctrine/annotations/zipball/648b0343343565c4a056bfc8392201385e8d89f0", + "reference": "648b0343343565c4a056bfc8392201385e8d89f0", "shasum": "" }, "require": { @@ -2467,9 +2467,10 @@ "require-dev": { "doctrine/cache": "^1.11 || ^2.0", "doctrine/coding-standard": "^6.0 || ^8.1", - "phpstan/phpstan": "^0.12.20", + "phpstan/phpstan": "^1.4.10 || ^1.8.0", "phpunit/phpunit": "^7.5 || ^8.0 || ^9.1.5", - "symfony/cache": "^4.4 || ^5.2" + "symfony/cache": "^4.4 || ^5.2", + "vimeo/psalm": "^4.10" }, "type": "library", "autoload": { @@ -2512,9 +2513,9 @@ ], "support": { "issues": "https://github.com/doctrine/annotations/issues", - "source": "https://github.com/doctrine/annotations/tree/1.13.2" + "source": "https://github.com/doctrine/annotations/tree/1.13.3" }, - "time": "2021-08-05T19:00:23+00:00" + "time": "2022-07-02T10:48:51+00:00" }, { "name": "doctrine/cache", @@ -3310,21 +3311,22 @@ }, { "name": "dompdf/dompdf", - "version": "v1.2.2", + "version": "v2.0.0", "source": { "type": "git", "url": "https://github.com/dompdf/dompdf.git", - "reference": "5031045d9640b38cfc14aac9667470df09c9e090" + "reference": "79573d8b8a141ec8a17312515de8740eed014fa9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/dompdf/dompdf/zipball/5031045d9640b38cfc14aac9667470df09c9e090", - "reference": "5031045d9640b38cfc14aac9667470df09c9e090", + "url": "https://api.github.com/repos/dompdf/dompdf/zipball/79573d8b8a141ec8a17312515de8740eed014fa9", + "reference": "79573d8b8a141ec8a17312515de8740eed014fa9", "shasum": "" }, "require": { "ext-dom": "*", "ext-mbstring": "*", + "masterminds/html5": "^2.0", "phenx/php-font-lib": "^0.5.4", "phenx/php-svg-lib": "^0.3.3 || ^0.4.0", "php": "^7.1 || ^8.0" @@ -3373,9 +3375,9 @@ "homepage": "https://github.com/dompdf/dompdf", "support": { "issues": "https://github.com/dompdf/dompdf/issues", - "source": "https://github.com/dompdf/dompdf/tree/v1.2.2" + "source": "https://github.com/dompdf/dompdf/tree/v2.0.0" }, - "time": "2022-04-27T13:50:54+00:00" + "time": "2022-06-21T21:14:57+00:00" }, { "name": "dragonmantank/cron-expression", @@ -3922,16 +3924,16 @@ }, { "name": "google/apiclient-services", - "version": "v0.255.0", + "version": "v0.256.0", "source": { "type": "git", "url": "https://github.com/googleapis/google-api-php-client-services.git", - "reference": "2b895ceb08eb106f65e975221e5d2e971cf7470e" + "reference": "122e51021eb19b53f831904918460671d1e7259d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/googleapis/google-api-php-client-services/zipball/2b895ceb08eb106f65e975221e5d2e971cf7470e", - "reference": "2b895ceb08eb106f65e975221e5d2e971cf7470e", + "url": "https://api.github.com/repos/googleapis/google-api-php-client-services/zipball/122e51021eb19b53f831904918460671d1e7259d", + "reference": "122e51021eb19b53f831904918460671d1e7259d", "shasum": "" }, "require": { @@ -3960,9 +3962,9 @@ ], "support": { "issues": "https://github.com/googleapis/google-api-php-client-services/issues", - "source": "https://github.com/googleapis/google-api-php-client-services/tree/v0.255.0" + "source": "https://github.com/googleapis/google-api-php-client-services/tree/v0.256.0" }, - "time": "2022-06-27T01:30:11+00:00" + "time": "2022-07-04T01:10:37+00:00" }, { "name": "google/auth", @@ -4600,12 +4602,12 @@ "source": { "type": "git", "url": "https://github.com/Intervention/image.git", - "reference": "43fef9cdf263463868132f55f88232639e6f501b" + "reference": "54934ae8ea3661fd189437df90fb09ec3b679c74" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Intervention/image/zipball/43fef9cdf263463868132f55f88232639e6f501b", - "reference": "43fef9cdf263463868132f55f88232639e6f501b", + "url": "https://api.github.com/repos/Intervention/image/zipball/54934ae8ea3661fd189437df90fb09ec3b679c74", + "reference": "54934ae8ea3661fd189437df90fb09ec3b679c74", "shasum": "" }, "require": { @@ -4677,7 +4679,7 @@ "type": "github" } ], - "time": "2022-06-14T14:03:06+00:00" + "time": "2022-07-05T13:51:54+00:00" }, { "name": "jakoch/phantomjs-installer", @@ -6043,16 +6045,16 @@ }, { "name": "league/flysystem-aws-s3-v3", - "version": "1.0.29", + "version": "1.0.30", "source": { "type": "git", "url": "https://github.com/thephpleague/flysystem-aws-s3-v3.git", - "reference": "4e25cc0582a36a786c31115e419c6e40498f6972" + "reference": "af286f291ebab6877bac0c359c6c2cb017eb061d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/flysystem-aws-s3-v3/zipball/4e25cc0582a36a786c31115e419c6e40498f6972", - "reference": "4e25cc0582a36a786c31115e419c6e40498f6972", + "url": "https://api.github.com/repos/thephpleague/flysystem-aws-s3-v3/zipball/af286f291ebab6877bac0c359c6c2cb017eb061d", + "reference": "af286f291ebab6877bac0c359c6c2cb017eb061d", "shasum": "" }, "require": { @@ -6088,9 +6090,23 @@ "description": "Flysystem adapter for the AWS S3 SDK v3.x", "support": { "issues": "https://github.com/thephpleague/flysystem-aws-s3-v3/issues", - "source": "https://github.com/thephpleague/flysystem-aws-s3-v3/tree/1.0.29" + "source": "https://github.com/thephpleague/flysystem-aws-s3-v3/tree/1.0.30" }, - "time": "2020-10-08T18:58:37+00:00" + "funding": [ + { + "url": "https://offset.earth/frankdejonge", + "type": "custom" + }, + { + "url": "https://github.com/frankdejonge", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/league/flysystem", + "type": "tidelift" + } + ], + "time": "2022-07-02T13:51:38+00:00" }, { "name": "league/flysystem-cached-adapter", @@ -6602,6 +6618,75 @@ ], "time": "2022-03-18T02:33:37+00:00" }, + { + "name": "masterminds/html5", + "version": "2.7.5", + "source": { + "type": "git", + "url": "https://github.com/Masterminds/html5-php.git", + "reference": "f640ac1bdddff06ea333a920c95bbad8872429ab" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Masterminds/html5-php/zipball/f640ac1bdddff06ea333a920c95bbad8872429ab", + "reference": "f640ac1bdddff06ea333a920c95bbad8872429ab", + "shasum": "" + }, + "require": { + "ext-ctype": "*", + "ext-dom": "*", + "ext-libxml": "*", + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": "^4.8.35 || ^5.7.21 || ^6 || ^7" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.7-dev" + } + }, + "autoload": { + "psr-4": { + "Masterminds\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Matt Butcher", + "email": "technosophos@gmail.com" + }, + { + "name": "Matt Farina", + "email": "matt@mattfarina.com" + }, + { + "name": "Asmir Mustafic", + "email": "goetas@gmail.com" + } + ], + "description": "An HTML5 parser and serializer.", + "homepage": "http://masterminds.github.io/html5-php", + "keywords": [ + "HTML5", + "dom", + "html", + "parser", + "querypath", + "serializer", + "xml" + ], + "support": { + "issues": "https://github.com/Masterminds/html5-php/issues", + "source": "https://github.com/Masterminds/html5-php/tree/2.7.5" + }, + "time": "2021-07-01T14:25:37+00:00" + }, { "name": "maximebf/debugbar", "version": "v1.18.0", @@ -7187,16 +7272,16 @@ }, { "name": "nesbot/carbon", - "version": "2.58.0", + "version": "2.59.1", "source": { "type": "git", "url": "https://github.com/briannesbitt/Carbon.git", - "reference": "97a34af22bde8d0ac20ab34b29d7bfe360902055" + "reference": "a9000603ea337c8df16cc41f8b6be95a65f4d0f5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/97a34af22bde8d0ac20ab34b29d7bfe360902055", - "reference": "97a34af22bde8d0ac20ab34b29d7bfe360902055", + "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/a9000603ea337c8df16cc41f8b6be95a65f4d0f5", + "reference": "a9000603ea337c8df16cc41f8b6be95a65f4d0f5", "shasum": "" }, "require": { @@ -7211,11 +7296,12 @@ "doctrine/orm": "^2.7", "friendsofphp/php-cs-fixer": "^3.0", "kylekatarnls/multi-tester": "^2.0", + "ondrejmirtes/better-reflection": "*", "phpmd/phpmd": "^2.9", "phpstan/extension-installer": "^1.0", - "phpstan/phpstan": "^0.12.54 || ^1.0", - "phpunit/php-file-iterator": "^2.0.5", - "phpunit/phpunit": "^7.5.20 || ^8.5.23", + "phpstan/phpstan": "^0.12.99 || ^1.7.14", + "phpunit/php-file-iterator": "^2.0.5 || ^3.0.6", + "phpunit/phpunit": "^7.5.20 || ^8.5.26 || ^9.5.20", "squizlabs/php_codesniffer": "^3.4" }, "bin": [ @@ -7272,15 +7358,19 @@ }, "funding": [ { - "url": "https://opencollective.com/Carbon", - "type": "open_collective" + "url": "https://github.com/sponsors/kylekatarnls", + "type": "github" }, { - "url": "https://tidelift.com/funding/github/packagist/nesbot/carbon", + "url": "https://opencollective.com/Carbon#sponsor", + "type": "opencollective" + }, + { + "url": "https://tidelift.com/subscription/pkg/packagist-nesbot-carbon?utm_source=packagist-nesbot-carbon&utm_medium=referral&utm_campaign=readme", "type": "tidelift" } ], - "time": "2022-04-25T19:31:17+00:00" + "time": "2022-06-29T21:43:55+00:00" }, { "name": "nikic/php-parser", @@ -15554,16 +15644,16 @@ }, { "name": "zircote/swagger-php", - "version": "4.4.5", + "version": "4.4.7", "source": { "type": "git", "url": "https://github.com/zircote/swagger-php.git", - "reference": "fd8f1eb8d0165c7a668f307fbccbf3adf33f4017" + "reference": "97abe42376b41e072ede13b6f0582457a54d797a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/zircote/swagger-php/zipball/fd8f1eb8d0165c7a668f307fbccbf3adf33f4017", - "reference": "fd8f1eb8d0165c7a668f307fbccbf3adf33f4017", + "url": "https://api.github.com/repos/zircote/swagger-php/zipball/97abe42376b41e072ede13b6f0582457a54d797a", + "reference": "97abe42376b41e072ede13b6f0582457a54d797a", "shasum": "" }, "require": { @@ -15625,9 +15715,9 @@ ], "support": { "issues": "https://github.com/zircote/swagger-php/issues", - "source": "https://github.com/zircote/swagger-php/tree/4.4.5" + "source": "https://github.com/zircote/swagger-php/tree/4.4.7" }, - "time": "2022-06-02T21:05:02+00:00" + "time": "2022-07-02T04:55:25+00:00" } ], "packages-dev": [