Closed sivaramkjs closed 9 months ago
@sivaramkjs you are supposed to upgrade to at least 2.0.4
@Ocramius Thank you for such a quick response. But as I mentioned, we are already trying to upgrade it to >=2.0.4
as it's the latest version of the package based on our current version spec in the composer.json
.
"dompdf/dompdf": "^2.0"
On https://packagist.org/packages/dompdf/dompdf, 2.0.4
is available.
The error above mentions that you are "locked" on 2.0.3
Thank you for the pointer. We just realized (out bad 😞) that it was still locked to the version 2.0.3
in the composer.lock
file. The issue was gone after running composer update
explicitly to to update the lock file. Nevertheless, thank you very much for your quick help!
Hi folks,
We are seeing the below error while trying to install
dompdf/dompdf
package.composer.json:
We found that the all versions
<2.0.4
having a vulnerability as per this: https://github.com/advisories/GHSA-3qx2-6f78-w2j2. But we don't know how to work around this conflict until it's updated in the below file. Could someone please advise on how to proceed in this case? Thank you! https://github.com/Roave/SecurityAdvisories/blob/ccb29669f00f1c5637c79c8e10efd10199696c65/composer.json#L132