An error occurred while fetching folder content.

typo3

[TASK] Raise enshrined/svg-sanitize dependency to ~0.22

Thomas Hohn authored 5 hours ago and Oliver Hader committed 1 hour ago

Executed commands:
composer req enshrined/svg-sanitize:~0.22
composer req enshrined/svg-sanitize:~0.22 \
  -d typo3/sysext/core --no-update

Upgrade enshrined/svg-sanitize from ^0.20.0 to ~0.22 to address
https://github.com/advisories/GHSA-22wq-q86m-83fh.

The existing constraint `^0.20.0` is interpreted by Composer as
`>=0.20.0 <0.21.0`, preventing an upgrade to the patched `0.22.x`
series. Changing the constraint to `~0.22` allows versions in the
range `>=0.22.0 <1.0.0`, ensuring future versions are included.

Resolves: #107272
Releases: main, 13.4, 12.4
Change-Id: I0ff804605fb8581a8c515eff626df5b959dbf231
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/90367


Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Garvin Hicking <garvin@hick.ing>
Reviewed-by: Albrecht Köhnlein <ak@koehnlein.eu>
Tested-by: Oli Bartsch <bo@cedev.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Elias Häußler <elias@haeussler.dev>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Elias Häußler <elias@haeussler.dev>
Reviewed-by: Garvin Hicking <garvin@hick.ing>
Reviewed-by: Oli Bartsch <bo@cedev.de>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Albrecht Köhnlein <ak@koehnlein.eu>

6a39110d

History

6a39110d 5 hours ago

History

Name	Last commit	Last update