GrahamCampbell
commented
5 years ago 👎
Closed dependabot-preview[bot] closed 5 years ago
GrahamCampbell
commented
5 years ago 👎
WyriHaximus
commented
5 years ago @dependabot ignore this major version
dependabot-preview[bot]
commented
5 years ago OK, I won't notify you about version 6.x.x again, unless you re-open this PR or update to a 6.x.x release yourself.
WyriHaximus
commented
5 years ago @GrahamCampbell tbh I should actually mark this package abandoned since this guzzle version also won't be updated
Bumps guzzlehttp/guzzle from 4.2.3 to 6.2.0. This update includes security fixes.
Vulnerabilities fixed
*Sourced from [The Sonatype OSS Index](https://ossindex.sonatype.org/vuln/072b31db-d51b-4919-a45f-4cd8824d4b2a).* > **HTTP Proxy header vulnerability** > HTTP Proxy header vulnerability > > Affected versions: < 4.2.4, >= 4.0.0-rc2Release notes
*Sourced from [guzzlehttp/guzzle's releases](https://github.com/guzzle/guzzle/releases).* > ## Version 6.2.0 > - Feature: added `GuzzleHttp\json_encode` and `GuzzleHttp\json_decode`. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1389 > - Bug fix: Fix sleep calculation when waiting for delayed requests. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1324 > - Feature: More flexible history containers. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1373 > - Bug fix: defer sink stream opening in StreamHandler. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1377 > - Bug fix: do not attempt to escape cookie values. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1406 > - Feature: report original content encoding and length on decoded responses. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1409 > - Bug fix: rewind seekable request bodies before dispatching to cURL. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1422 > - Bug fix: provide an empty string to `http_build_query` for HHVM workaround. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1367 > > ## 6.1.1 > - Bug fix: Proxy::wrapSync() now correctly proxies to the appropriate handler > https://github.com/guzzle/guzzle/commit/911bcbc8b434adce64e223a6d1d14e9a8f63e4e4 > - Feature: HandlerStack is now more generic. > https://github.com/guzzle/guzzle/commit/f2102941331cda544745eedd97fc8fd46e1ee33e > - Bug fix: setting verify to false in the StreamHandler now disables peer > verification. https://github-redirect.dependabot.com/guzzle/guzzle/issues/1256 > - Feature: Middleware now uses an exception factory, including more error > context. https://github-redirect.dependabot.com/guzzle/guzzle/pull/1282 > - Feature: better support for disabled functions. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1287 > - Bug fix: fixed regression where MockHandler was not using `sink`. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1292 > > ## 6.1.0 > No release notes provided. > > ## 6.0.2 > No release notes provided. > > ## 6.0.1 > No release notes provided. > > ## 6.0.0 > Guzzle now uses [PSR-7](http://www.php-fig.org/psr/psr-7/) for HTTP messages. > Due to the fact that these messages are immutable, this prompted a refactoring > of Guzzle to use a middleware based system rather than an event system. Any > HTTP message interaction (e.g., `GuzzleHttp\Message\Request`) need to be > updated to work with the new immutable PSR-7 request and response objects. Any > event listeners or subscribers need to be updated to become middleware > functions that wrap handlers (or are injected into a > `GuzzleHttp\HandlerStack`). > ... (truncated)Changelog
*Sourced from [guzzlehttp/guzzle's changelog](https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md).* > ## 6.2.0 - 2016-03-21 > > * Feature: added `GuzzleHttp\json_encode` and `GuzzleHttp\json_decode`. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1389 > * Bug fix: Fix sleep calculation when waiting for delayed requests. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1324 > * Feature: More flexible history containers. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1373 > * Bug fix: defer sink stream opening in StreamHandler. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1377 > * Bug fix: do not attempt to escape cookie values. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1406 > * Feature: report original content encoding and length on decoded responses. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1409 > * Bug fix: rewind seekable request bodies before dispatching to cURL. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1422 > * Bug fix: provide an empty string to `http_build_query` for HHVM workaround. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1367 > > ## 6.1.1 - 2015-11-22 > > * Bug fix: Proxy::wrapSync() now correctly proxies to the appropriate handler > https://github.com/guzzle/guzzle/commit/911bcbc8b434adce64e223a6d1d14e9a8f63e4e4 > * Feature: HandlerStack is now more generic. > https://github.com/guzzle/guzzle/commit/f2102941331cda544745eedd97fc8fd46e1ee33e > * Bug fix: setting verify to false in the StreamHandler now disables peer > verification. https://github-redirect.dependabot.com/guzzle/guzzle/issues/1256 > * Feature: Middleware now uses an exception factory, including more error > context. https://github-redirect.dependabot.com/guzzle/guzzle/pull/1282 > * Feature: better support for disabled functions. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1287 > * Bug fix: fixed regression where MockHandler was not using `sink`. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1292 > > ## 6.1.0 - 2015-09-08 > > * Feature: Added the `on_stats` request option to provide access to transfer > statistics for requests. https://github-redirect.dependabot.com/guzzle/guzzle/pull/1202 > * Feature: Added the ability to persist session cookies in CookieJars. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1195 > * Feature: Some compatibility updates for Google APP Engine > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1216 > * Feature: Added support for NO_PROXY to prevent the use of a proxy based on > a simple set of rules. https://github-redirect.dependabot.com/guzzle/guzzle/pull/1197 > * Feature: Cookies can now contain square brackets. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1237 > * Bug fix: Now correctly parsing `=` inside of quotes in Cookies. > https://github-redirect.dependabot.com/guzzle/guzzle/pull/1232 > * Bug fix: Cusotm cURL options now correctly override curl options of the > same name. https://github-redirect.dependabot.com/guzzle/guzzle/pull/1221 > ... (truncated)Commits
- [`d094e33`](https://github.com/guzzle/guzzle/commit/d094e337976dff9d8e2424e8485872194e768662) 6.2.0 release - [`6a173dd`](https://github.com/guzzle/guzzle/commit/6a173ddae1a8e58be871f6d010e88c029eaf5cae) Merge pull request [#1426](https://github-redirect.dependabot.com/guzzle/guzzle/issues/1426) from rickyrobinett/master - [`b00363a`](https://github.com/guzzle/guzzle/commit/b00363a54b5a307a526258293ab88b11e2dcf091) add missing ; in middleware documentation - [`b03683f`](https://github.com/guzzle/guzzle/commit/b03683fee328de220b8246993b0e5936ecb422fe) add missing ; in middleware documentation - [`ec6cbc1`](https://github.com/guzzle/guzzle/commit/ec6cbc1d5482ea3b7a2c3c65ded0d8e749b19efb) Merge pull request [#1422](https://github-redirect.dependabot.com/guzzle/guzzle/issues/1422) from jeskew/feature/rewind-seekable-request-bodies - [`b65cdda`](https://github.com/guzzle/guzzle/commit/b65cdda6b0d237f7a47c25414599c5a400fc4b83) Rewind seekable request bodies before dispatching to cURL - [`55ab7c5`](https://github.com/guzzle/guzzle/commit/55ab7c5edccd60c4089eb938af158b249f9831a1) Merge pull request [#1420](https://github-redirect.dependabot.com/guzzle/guzzle/issues/1420) from kazu9su/master - [`265a273`](https://github.com/guzzle/guzzle/commit/265a273f09ddb0e565b645046c5ce8fc5571758a) fix typo - [`78a4eef`](https://github.com/guzzle/guzzle/commit/78a4eef3a09e7c1c2e121736984fee30d058b085) fix typo - [`30f8346`](https://github.com/guzzle/guzzle/commit/30f8346719d2ba1da9b2799f60b3dea360d908f4) Merge pull request [#1409](https://github-redirect.dependabot.com/guzzle/guzzle/issues/1409) from jeskew/feature/report-original-length-on-decode - Additional commits viewable in [compare view](https://github.com/guzzle/guzzle/compare/4.2.3...6.2.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.
You can always request more updates by clicking
Bump nowin your Dependabot dashboard.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.