Closed DeepDiver1975 closed 2 years ago
@eropple allow me to ping you on this PR as you are the one who touched composer.* last
THX
Hi @DeepDiver1975 - thank you for the PR here! We're actually in the process of using another service (used across Mux) for dependency management and monitoring, so in lieu of that work, I'm going to close out this PR. We'll work to get that in as soon as we can, and thanks again!
@jsanford8 THX for your feedback - any chance to get the dependencies updated - kind of asap aka now ;-)
guzzle http is pinned to 7.4.2 which has vulnerabilities refs https://packagist.org/packages/guzzlehttp/guzzle/advisories?version=6078636
THX a lot
Absolutely. We'll try to get this out this week or early next week, sorry for the inconvenience!
Can you please try the latest 3.7.0 release (just released this afternoon), and let me know if that fixes things for you in the short term?
Can you please try the latest 3.7.0 release (just released this afternoon), and let me know if that fixes things for you in the short term?
sure - once it is available on https://packagist.org/packages/muxinc/mux-php
Looks good - THX a lot! :+1:
See in my fork how dependabot updates dependencies - especially the guzzle update is critical ...
THX