Roave / SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
MIT License
2.72k stars 105 forks source link

Advisory for laravel/framework <= 8.70.2 has been withdrawn #87

Closed nick-smit closed 2 years ago

nick-smit commented 2 years ago

Hi,

This advisory has been withdrawn. So i think the laravel/framework package conflict should be reverted to the previous value.

Ocramius commented 2 years ago

I think the concept of "withdrawn" wasn't existing at the time when we implemented GetAdvisoriesFromGithubApi.

Can you send a patch+test against this?

https://github.com/Roave/SecurityAdvisoriesBuilder/blob/7830d9ec618d84f73515075070d413cc48f2cdd6/src/Roave/SecurityAdvisories/AdvisorySources/GetAdvisoriesFromGithubApi.php#L37-L53

nick-smit commented 2 years ago

Offcourse, here you go: https://github.com/Roave/SecurityAdvisoriesBuilder/pull/456

Ocramius commented 2 years ago

Solved by https://github.com/Roave/SecurityAdvisoriesBuilder/pull/456

Need to wait a bit and see if that actually fixed the issue - come back in an hour :D

nick-smit commented 2 years ago

It seems to have worked.

Thanks for reviewing the changes!

Ocramius commented 2 years ago

Ref: https://github.com/Roave/SecurityAdvisories/commit/8a0da9e2c9a96425395e0af80bd3aece26576245

Ocramius commented 2 years ago

Thanks @nick-smit!