Closed hiren-plancover closed 1 year ago
@barryvdh I have already prepared the PR. Thank you!
@hiren-plancover run composer update -W
right! thanks!
In addition, composer update dompdf/dompdf -W
will update dompdf/dompdf
specifically and leave the other dependencies alone.
In addition,
composer update dompdf/dompdf -W
will updatedompdf/dompdf
specifically and leave the other dependencies alone.
I tried this but it does not work.
[root@vps]# composer update dompdf/dompdf -W
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Continue as root/super user [yes]? y
Loading composer repositories with package information
Info from https://repo.packagist.org: #StandWithUkraine
Updating dependencies
Nothing to modify in lock file
Installing dependencies from lock file (including require-dev)
Nothing to install, update or remove
I still see a security vulnerability advisory on the server. How do I fix this issue?
@hiren-plancover what are the results from running composer show dompdf/dompdf
?
This is the output
name : dompdf/dompdf
descrip. : DOMPDF is a CSS 2.1 compliant HTML to PDF converter
keywords :
versions : * v0.8.6
type : library
license : GNU Lesser General Public License v2.1 only (LGPL-2.1) (OSI approved) https://spdx.org/licenses/LGPL-2.1.html#licenseText
homepage : https://github.com/dompdf/dompdf
source : [git] https://github.com/dompdf/dompdf.git db91d81866c69a42dad1d2926f61515a1e3f42c5
dist : [zip] https://api.github.com/repos/dompdf/dompdf/zipball/db91d81866c69a42dad1d2926f61515a1e3f42c5 db91d81866c69a42dad1d2926f61515a1e3f42c5
path : /home/demo/laravel/vendor/dompdf/dompdf
names : dompdf/dompdf
autoload
psr-4
Dompdf\ => src/
classmap
lib/
requires
ext-dom *
ext-mbstring *
phenx/php-font-lib ^0.5.2
phenx/php-svg-lib ^0.3.3
php ^7.1
requires (dev)
mockery/mockery ^1.3
phpunit/phpunit ^7.5
squizlabs/php_codesniffer ^3.5
suggests
ext-gd Needed to process images
ext-gmagick Improves image processing performance
ext-imagick Improves image processing performance
ext-zlib Needed for pdf stream compression
And which version of this library? 1.x should install dompdf 2.x, niet 0.8.6
upgrade to laravel/dompdf 2.x
I see this one is still open and wondering if it is going to be merged?
What should be merged? There is no issue if you just update composer
Sorry, I was reading this incorrectly. This was fixed indeed, but I was confused about the issue still open :)
domPDF repository has a security issue due to which they recently updated their repository. Any idea when will that be updated here?
Security Advisories: https://github.com/advisories/GHSA-6x28-7h8c-chx4 https://github.com/advisories/GHSA-5qj8-6xxj-hp9h https://github.com/advisories/GHSA-pf6p-25r2-fx45 https://github.com/advisories/GHSA-x752-qjv4-c4hc