Closed Serializator closed 3 years ago
Can you also include support for 1.10.22 which fixes an security issue: https://github.com/composer/composer/releases/tag/1.10.22
Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders (GHSA-h5h8-pc6h-jvvx / CVE-2021-29472)
EDIT I see this issue is also already in PR for looser restrictions https://github.com/magento/composer-root-update-plugin/pull/25
Addressed in https://github.com/magento/composer-root-update-plugin/pull/25, released in version 1.1.2
Can you also include support for 1.10.22 which fixes an security issue: https://github.com/composer/composer/releases/tag/1.10.22
Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders (GHSA-h5h8-pc6h-jvvx / CVE-2021-29472)
EDIT I see this issue is also already in PR for looser restrictions https://github.com/magento/composer-root-update-plugin/pull/25