Using the |implode, |json_encode and |substr modifiers does not generate a deprecation warning anymore as they will continue to be supported in v5 #939
$smarty->muteUndefinedOrNullWarnings() now also mutes PHP8 warnings for undefined properties
[4.3.1] - 2023-03-28
Security
Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447.
Fixed
$smarty->muteUndefinedOrNullWarnings() now also mutes PHP7 notices for undefined array indexes #736
$smarty->muteUndefinedOrNullWarnings() now treats undefined vars and array access of a null or false variables
equivalent across all supported PHP versions
$smarty->muteUndefinedOrNullWarnings() now allows dereferencing of non-objects across all supported PHP versions #831
PHP 8.1 deprecation warnings on null strings in modifiers #834
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps smarty/smarty from 4.3.5 to 4.4.1.
Release notes
Sourced from smarty/smarty's releases.
Changelog
Sourced from smarty/smarty's changelog.
... (truncated)
Commits
f4152e9auto-delete changelog files5d0dd09changelog update9d55982Merge branch 'release/4.4.1' into support/4.35e2a9fbversion bump9614a59changelogee58a21Updated release tooling29dd621Add some guidance on upgrading from v3 to v4de1bc77Prevent deprecation notices for implode, json_encode and substr modifiers326b2daFix incorrect compilation of expressions when escape_html=true (#932)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show