search

luyadev / luya

LUYA is a scalable web framework and content management system with the goal to please developers, clients and users alike.
https://luya.io
MIT License
812 stars 207 forks source link

Bump yiisoft/yii2 from 2.0.32 to 2.0.38 #2054

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps yiisoft/yii2 from 2.0.32 to 2.0.38.

Changelog

Sourced from yiisoft/yii2's changelog.

2.0.38 September 14, 2020

  • Bug #13973: Correct alterColumn for MSSQL & drop constraints before dropping a column (darkdef)
  • Bug #15265: PostgreSQL > 10.0 is not pass tests with default value of timestamp CURRENT_TIMESTAMP (terabytesoftw)
  • Bug #16892: Validation error class was not applied to checkbox and radio when validationStateOn = self::VALIDATION_STATE_ON_INPUT (dan-szabo, samdark)
  • Bug #18040: Display width specification for integer data types was deprecated in MySQL 8.0.19 (terabytesoftw)
  • Bug #18066: Fix yii\db\Query::create() wasn't using all info from withQuery() (maximkou)
  • Bug #18229: Add a flag to specify SyBase database when used with pdo_dblib (darkdef)
  • Bug #18232: Fail tests pgsql v-10.14, v-11.9, v-12-latest (terabytesoftw)
  • Bug #18233: Add PHP 8 support (samdark)
  • Bug #18239: Fix support of no-extension files for FileValidator::validateExtension() (darkdef)
  • Bug #18245: Make resolving DI references inside of arrays in dependencies optional (SamMousa, samdark, hiqsol)
  • Bug #18248: Render only one stack trace on a console for chained exceptions (mikehaertl)
  • Bug #18269: Fix integer safe attribute to work properly in yii\base\Model (Ladone)
  • Bug: (CVE-2020-15148): Disable unserialization of yii\db\BatchQueryResult to prevent remote code execution in case application calls unserialize() on user input containing specially crafted string (samdark, russtone)
  • Enh #18196: yii\rbac\DbManager::$checkAccessAssignments is now protected (alex-code)
  • Enh #18213: Do not load fixtures with circular dependencies twice instead of throwing an exception (JesseHines0)
  • Enh #18236: Allow yii\filters\RateLimiter to accept a closure function for the $user property in order to assign values on runtime (nadar)

2.0.37 August 07, 2020

  • Bug #17147: Fix form attribute validations for empty select inputs (kartik-v)
  • Bug #18156: Fix yii\db\Schema::quoteSimpleTableName() was checking incorrect quote character (M4tho, samdark)
  • Bug #18170: Fix 2.0.36 regression in passing extra console command arguments to the action (darkdef)
  • Bug #18171: Change case of column names in SQL query for findConstraints to fix MySQL 8 compatibility (darkdef)
  • Bug #18182: yii\db\Expression was not supported as condition in ActiveRecord::findOne() and ActiveRecord::findAll() (rhertogh)
  • Bug #18189: Fix "Invalid parameter number" in yii\rbac\DbManager::removeItem() (samdark)
  • Bug #18198: Fix saving tables with trigger by outputting inserted data from insert query with usage of temporary table (darkdef)
  • Bug #18203: PDO exception code was not properly passed to yii\db\Exception (samdark)
  • Bug #18204: Fix 2.0.36 regression in inline validator and JS validation (samdark)
  • Enh #18205: Add .phpstorm.meta.php file for better auto-completion in PhpStorm (vjik)
  • Enh #18210: Allow strict comparison for multi-select inputs (alex-code)
  • Enh #18217: Make yii\console\ErrorHandler render chained exceptions in debug mode (mikehaertl)

2.0.36 July 07, 2020

  • Bug #13828: Fix retrieving inserted data for a primary key of type uniqueidentifier for SQL Server 2005 or later (darkdef)
  • Bug #17474: Fix retrieving inserted data for a primary key of type trigger for SQL Server 2005 or later (darkdef)
  • Bug #17985: Convert migrationNamespaces to array if needed (darkdef)
  • Bug #18001: Fix getting table metadata for tables ( in their name (floor12)
  • Bug #18026: Fix ArrayHelper::getValue() did not work with ArrayAccess objects (mikk150)
  • Bug #18028: Fix division by zero exception in console Table::calculateRowHeight() (fourhundredfour)
  • Bug #18031: HttpBasicAuth with auth callback now triggers login events same was as other authentication methods (samdark)
  • Bug #18041: Fix RBAC migration for MSSQL (darkdef)
  • Bug #18047: Fix colorization markers output in console Table (cheeseq)
Commits
  • fd01e74 release version 2.0.38
  • 2f7fb32 Merge pull request from GHSA-699q-wcff-g9mj
  • 55dc14e Adjust changelog messages
  • 4e3cf83 Bug #18245: Make resolving DI references inside of arrays in dependencies opt...
  • acbefe6 Fix #16892: Validation error class was not applied to checkbox and radio when...
  • ce35719 Fix #18040, fix #15265, fix #18232 database issues (#18225)
  • 5b1b475 Fix typos in Hindi language (#18276)
  • f848d88 Bug #13973: Correct alterColumn for MSSQL & drop constraints before drop column
  • 9141cc5 Fix #18196: yii\rbac\DbManager::$checkAccessAssignments is now protected
  • 6342ad8 Fix #18213: Do not load fixtures with circular dependencies twice instead of ...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/luyadev/luya/network/alerts).
codeclimate[bot] commented 4 years ago

Code Climate has analyzed commit ff6ee947 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (80% is the threshold).

This pull request will bring the total coverage in the repository to 67.0% (0.0% change).

View more on Code Climate.