ilazaridis
commented
1 year ago @barryvdh I have already prepared the PR. Thank you!
Closed hiren-plancover closed 1 year ago
ilazaridis
commented
1 year ago @barryvdh I have already prepared the PR. Thank you!
parallels999
commented
1 year ago @hiren-plancover run composer update -W
ilazaridis
commented
1 year ago right! thanks!
marcusmoore
commented
1 year ago In addition, composer update dompdf/dompdf -W will update dompdf/dompdf specifically and leave the other dependencies alone.
hiren-plancover
commented
1 year ago In addition,
composer update dompdf/dompdf -Wwill updatedompdf/dompdfspecifically and leave the other dependencies alone.
I tried this but it does not work.
[root@vps]# composer update dompdf/dompdf -W
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Continue as root/super user [yes]? y
Loading composer repositories with package information
Info from https://repo.packagist.org: #StandWithUkraine
Updating dependencies
Nothing to modify in lock file
Installing dependencies from lock file (including require-dev)
Nothing to install, update or removeI still see a security vulnerability advisory on the server. How do I fix this issue?
marcusmoore
commented
1 year ago @hiren-plancover what are the results from running composer show dompdf/dompdf?
hiren-plancover
commented
1 year ago This is the output
name : dompdf/dompdf
descrip. : DOMPDF is a CSS 2.1 compliant HTML to PDF converter
keywords :
versions : * v0.8.6
type : library
license : GNU Lesser General Public License v2.1 only (LGPL-2.1) (OSI approved) https://spdx.org/licenses/LGPL-2.1.html#licenseText
homepage : https://github.com/dompdf/dompdf
source : [git] https://github.com/dompdf/dompdf.git db91d81866c69a42dad1d2926f61515a1e3f42c5
dist : [zip] https://api.github.com/repos/dompdf/dompdf/zipball/db91d81866c69a42dad1d2926f61515a1e3f42c5 db91d81866c69a42dad1d2926f61515a1e3f42c5
path : /home/demo/laravel/vendor/dompdf/dompdf
names : dompdf/dompdf
autoload
psr-4
Dompdf\ => src/
classmap
lib/
requires
ext-dom *
ext-mbstring *
phenx/php-font-lib ^0.5.2
phenx/php-svg-lib ^0.3.3
php ^7.1
requires (dev)
mockery/mockery ^1.3
phpunit/phpunit ^7.5
squizlabs/php_codesniffer ^3.5
suggests
ext-gd Needed to process images
ext-gmagick Improves image processing performance
ext-imagick Improves image processing performance
ext-zlib Needed for pdf stream compression
barryvdh
commented
1 year ago And which version of this library? 1.x should install dompdf 2.x, niet 0.8.6
angeljqv
commented
1 year ago upgrade to laravel/dompdf 2.x
Romkabouter
commented
1 year ago I see this one is still open and wondering if it is going to be merged?
barryvdh
commented
1 year ago What should be merged? There is no issue if you just update composer
Romkabouter
commented
1 year ago Sorry, I was reading this incorrectly. This was fixed indeed, but I was confused about the issue still open :)
domPDF repository has a security issue due to which they recently updated their repository. Any idea when will that be updated here?
Security Advisories: https://github.com/advisories/GHSA-6x28-7h8c-chx4 https://github.com/advisories/GHSA-5qj8-6xxj-hp9h https://github.com/advisories/GHSA-pf6p-25r2-fx45 https://github.com/advisories/GHSA-x752-qjv4-c4hc