search

brefphp / bref

Serverless PHP on AWS Lambda
https://bref.sh
MIT License
3.15k stars 365 forks source link

Update layers to versions 7.2.31, 7.3.18, and 7.4.6 #665

Closed dhrrgn closed 4 years ago

dhrrgn commented 4 years ago

On May 14th PHP released new versions 7.2.31, 7.3.18, and 7.4.6, which contains a few security fixes, as well as some bug fixes (Changelog.

It appears that the layers are actually a few versions behind (php-74 looks to be on 7.4.4)

deleugpn commented 4 years ago

Relevant: https://twitter.com/nikita_ppv/status/1264857231167807489?s=19

dhrrgn commented 4 years ago

Fair point, I hadn't seen that issue. May be better to wait, and upgrade to the April releases (it has a security fix, but relies on the system supporting ebcdic charset, so not sure of implications on lambda).

@mnapoli If you want to wait, I understand, but there should be a tracking issue so we don't forget in a few weeks 😅

It would be really nice if we could somehow specify the patch version we want. Not sure how feasible that is though.

mnapoli commented 4 years ago

Yes, for PHP 7.4 let's wait.

For the record, updating the version in the Bref codebase is easy if you know where they are: https://github.com/brefphp/bref/blob/master/runtime/base/php-72.Dockerfile#L16 You can send a PR to update that number, and next time the layers will be rebuilt.

mnapoli commented 4 years ago

Closed by #679