echoCTF / echoCTF.RED

A platform to develop, run and administer CTF competitions. The online echoCTF.RED platform user interfaces and codebase
https://echoCTF.RED/
BSD 2-Clause "Simplified" License
110 stars 24 forks source link

Update yiisoft/yii2 requirement from 2.0.49 to 2.0.50 in /backend #1198

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Updates the requirements on yiisoft/yii2 to permit the latest version.

Changelog

Sourced from yiisoft/yii2's changelog.

2.0.50 May 30, 2024

  • Bug #13920: Fixed erroneous validation for specific cases (tim-fischer-maschinensucher)
  • Bug #17181: Improved BaseUrl::isRelative($url) performance (sammousa, bizley, rob006)
  • Bug #17191: Fixed BaseUrl::isRelative($url) method in yii\helpers\BaseUrl (ggh2e3)
  • Bug #18469: Fixed Link::serialize(array $links) method in yii\web\Link (ggh2e3)
  • Bug #19060: Fix yii\widgets\Menu bug when using Closure for active item and adding additional tests in tests\framework\widgets\MenuTest (atrandafir)
  • Bug #19691: Allow using custom class to style error summary (skepticspriggan)
  • Bug #19817: Add MySQL Query addCheck() and dropCheck() (@​bobonov)
  • Bug #19855: Fixed yii\validators\FileValidator to not limit some of its rules only to array attribute (bizley)
  • Bug #19927: Fixed console\controllers\MessageController when saving translations to database: fixed FK error when adding new string and language at the same time, checking/regenerating all missing messages and dropping messages for unused languages (atrandafir)
  • Bug #20002: Fixed superfluous query on HEAD request in serializer (xicond)
  • Bug #20005: Fix yii\console\controllers\ServeController to specify the router script (terabytesoftw)
  • Bug #20040: Fix type boolean in MSSQL (terabytesoftw)
  • Bug #20055: Fix Response header X-Pagination-Total-Count is always 0 (lav45, xicond)
  • Bug #20083: Fix deprecated warning implicit conversion from float (skepticspriggan)
  • Bug #20122: Fixed parsing of boolean keywords (e.g. used in SQLite) in \yii\db\ColumnSchema::typecast() (rhertogh)
  • Bug #20141: Update ezyang/htmlpurifier dependency to version 4.17 (@​terabytesoftw)
  • Bug #20165: Adjust pretty name of closures for PHP 8.4 compatibility (@​staabm)
  • Bug: CVE-2024-32877, Fix Reflected XSS in Debug mode (Antiphishing)
  • Bug: CVE-2024-4990, Fix Unsafe Reflection in base Component class (@​mtangoo)
  • Enh #12743: Added new methods BaseActiveRecord::loadRelations() and BaseActiveRecord::loadRelationsFor() to eager load related models for existing primary model instances (PowerGamer1)
  • Enh #20030: Improve performance of handling ErrorHandler::$memoryReserveSize (antonshevelev, rob006)
  • Enh #20032: Added yii\helpers\BaseStringHelper::mask() method for string masking with multibyte support (salehhashemi1992)
  • Enh #20034: Added yii\helpers\BaseStringHelper::findBetween() to retrieve a substring that lies between two strings (salehhashemi1992)
  • Enh #20042: Add empty array check to ActiveQueryTrait::findWith() (renkas)
  • Enh #20087: Add custom attributes to script tags (skepticspriggan)
  • Enh #20121: Added yiisoft/yii2-coding-standards to composer require-dev and lint code to comply with PSR12 (razvanphp)
  • Enh #20134: Raise minimum PHP version to 7.3 (@​terabytesoftw)
  • Enh #20171: Support JSON columns for MariaDB 10.4 or higher (@​terabytesoftw)
  • New #20137: Added yii\caching\CallbackDependency to allow using a callback to determine if a cache dependency is still valid (laxity7)

2.0.49.2 October 12, 2023

  • Bug #19925: Improved PHP version check when handling MIME types (schmunk42)

2.0.49.1 October 05, 2023

  • Bug #19940: File Log writer without newline (terabytesoftw)
  • Bug #19950: Fix Query::groupBy(null) causes error for PHP 8.1: trim(): Passing null to parameter [#1](https://github.com/yiisoft/yii2-framework/issues/1) ($string) of type string is deprecated (uaoleg)
  • Bug #19951: Removed unneeded MIME file tests (schmunk42)
  • Bug #19984: Do not duplicate log messages in memory (lubosdz)
  • Enh #19780: added pcntl to requirements check (schmunk42)

... (truncated)

Commits
  • a90b663 release version 2.0.50
  • 983f4a4 Fix CHANGELOG formatting
  • ec52aab Merge pull request from GHSA-qg5r-95m4-mjgj
  • afca29c Merge pull request from GHSA-cjcc-p67m-7qxm
  • 7091b68 Fix tests addCheck(), dropCheck() MariaDB. (#20174)
  • 177500a Fix #19855: Fixed yii\validators\FileValidator to not limit some of its rul...
  • 755463f Fix: #20171: Support JSON columns for MariaDB 10.4 or higher
  • c413c7b Fix ci lint.
  • 01943ba Fix #20165: Adjust pretty name of closures for PHP 8.4 compatibility
  • 4dc1794 Minor improvents.
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)