Bumps phpunit/phpunit from 4.8.26 to 7.5.8. This update includes security fixes.
Vulnerabilities fixed
*Sourced from [The PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories/blob/master/phpunit/phpunit/CVE-2017-9841.yaml).*
> **RCE vulnerability in phpunit**
>
> Affected versions: >=5.0.10, <5.6.3; >=4.8.19, <4.8.28
Changelog
*Sourced from [phpunit/phpunit's changelog](https://github.com/sebastianbergmann/phpunit/blob/master/ChangeLog-7.5.md).*
> ## [7.5.8] - 2019-03-26
>
> ### Fixed
>
> * Fixed [#3564](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3564): Production code uses class from test suite's fixture
>
> ## [7.5.7] - 2019-03-16
>
> ### Fixed
>
> * Fixed [#3480](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3480): Wrong return type declaration for `TestCase::getExpectedExceptionMessage()` and `TestCase::getExpectedExceptionMessageRegExp()`
> * Fixed [#3550](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3550): Check for valid attribute names in `assertObjectHasAttribute()` is too strict
>
> ## [7.5.6] - 2019-02-18
>
> ### Fixed
>
> * Fixed [#3530](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3530): `generateClassFromWsdl()` does not handle methods with multiple output values
> * Fixed [#3531](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3531): Test suite fails on warning
> * Fixed [#3534](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/pull/3534): Wrong message in `ConstraintTestCase`
>
> ## [7.5.5] - 2019-02-15
>
> ### Fixed
>
> * Fixed [#3011](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3011): Unsupported PHPT `--SECTION--` throws unhandled exception
> * Fixed [#3461](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3461): `StringEndsWith` matches too loosely
> * Fixed [#3515](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3515): Random order seed is only printed in verbose mode
> * Fixed [#3517](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3517): Useless error message when depending on test that does not exist
>
> ## [7.5.4] - 2019-02-07
>
> ### Fixed
>
> * Fixed [#3352](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3352): Using `phpunit.phar` with PHPDBG does not work with `auto_globals_jit=On`
> * Fixed [#3502](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3502): Numeric `[@ticket](https://github.com/ticket)` or `[@group](https://github.com/group)` annotations no longer work
>
> ## [7.5.3] - 2019-02-01
>
> ### Fixed
>
> * Fixed [#3490](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/pull/3490): Exceptions in `tearDownAfterClass()` kill PHPUnit
>
> ### Deprecated
>
> * The method `assertArraySubset()` is now deprecated. There is no behavioral change in this version of PHPUnit. Using this method will trigger a deprecation warning in PHPUnit 8 and in PHPUnit 9 this method will be removed.
>
> ## [7.5.2] - 2019-01-15
>
> ### Fixed
> ... (truncated)
Commits
- [`c29c052`](https://github.com/sebastianbergmann/phpunit/commit/c29c0525cf4572c11efe1db49a8b8aee9dfac58a) Prepare release
- [`06df2aa`](https://github.com/sebastianbergmann/phpunit/commit/06df2aab77f36a47aec874181335ec573a79f242) Update ChangeLog
- [`7969f5b`](https://github.com/sebastianbergmann/phpunit/commit/7969f5bc0580fd40caa2d630b5c3010ed2a31494) Fix [#3564](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3564) by reusing an existing test as a stub to fill the log entry
- [`eb343b8`](https://github.com/sebastianbergmann/phpunit/commit/eb343b86753d26de07ecba7868fa983104361948) Prepare release
- [`8dffbd4`](https://github.com/sebastianbergmann/phpunit/commit/8dffbd44a407376a824c2126f16110444f786419) Update tools
- [`4909cdf`](https://github.com/sebastianbergmann/phpunit/commit/4909cdfbda7a178f66248a30f460e7efdf82ff75) Closes [#3480](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3480)
- [`6a93fd3`](https://github.com/sebastianbergmann/phpunit/commit/6a93fd37b0b1b2fad6820dbfbf756cda183dc62a) Bump
- [`95deb3c`](https://github.com/sebastianbergmann/phpunit/commit/95deb3cf54bc2203555e22683bc56560fd362f8e) Use common location for tools
- [`90cff07`](https://github.com/sebastianbergmann/phpunit/commit/90cff07c1fbadf8ffb404774ad98c845632b443f) Update ChangeLog
- [`0f99649`](https://github.com/sebastianbergmann/phpunit/commit/0f99649b969316b8d0bd9c1a45f557d9f957396a) Fix CS/WS issues
- Additional commits viewable in [compare view](https://github.com/sebastianbergmann/phpunit/compare/4.8.26...7.5.8)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot.
Bumps phpunit/phpunit from 4.8.26 to 7.5.8. This update includes security fixes.
Vulnerabilities fixed
*Sourced from [The PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories/blob/master/phpunit/phpunit/CVE-2017-9841.yaml).* > **RCE vulnerability in phpunit** > > Affected versions: >=5.0.10, <5.6.3; >=4.8.19, <4.8.28Changelog
*Sourced from [phpunit/phpunit's changelog](https://github.com/sebastianbergmann/phpunit/blob/master/ChangeLog-7.5.md).* > ## [7.5.8] - 2019-03-26 > > ### Fixed > > * Fixed [#3564](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3564): Production code uses class from test suite's fixture > > ## [7.5.7] - 2019-03-16 > > ### Fixed > > * Fixed [#3480](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3480): Wrong return type declaration for `TestCase::getExpectedExceptionMessage()` and `TestCase::getExpectedExceptionMessageRegExp()` > * Fixed [#3550](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3550): Check for valid attribute names in `assertObjectHasAttribute()` is too strict > > ## [7.5.6] - 2019-02-18 > > ### Fixed > > * Fixed [#3530](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3530): `generateClassFromWsdl()` does not handle methods with multiple output values > * Fixed [#3531](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3531): Test suite fails on warning > * Fixed [#3534](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/pull/3534): Wrong message in `ConstraintTestCase` > > ## [7.5.5] - 2019-02-15 > > ### Fixed > > * Fixed [#3011](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3011): Unsupported PHPT `--SECTION--` throws unhandled exception > * Fixed [#3461](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3461): `StringEndsWith` matches too loosely > * Fixed [#3515](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3515): Random order seed is only printed in verbose mode > * Fixed [#3517](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3517): Useless error message when depending on test that does not exist > > ## [7.5.4] - 2019-02-07 > > ### Fixed > > * Fixed [#3352](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3352): Using `phpunit.phar` with PHPDBG does not work with `auto_globals_jit=On` > * Fixed [#3502](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3502): Numeric `[@ticket](https://github.com/ticket)` or `[@group](https://github.com/group)` annotations no longer work > > ## [7.5.3] - 2019-02-01 > > ### Fixed > > * Fixed [#3490](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/pull/3490): Exceptions in `tearDownAfterClass()` kill PHPUnit > > ### Deprecated > > * The method `assertArraySubset()` is now deprecated. There is no behavioral change in this version of PHPUnit. Using this method will trigger a deprecation warning in PHPUnit 8 and in PHPUnit 9 this method will be removed. > > ## [7.5.2] - 2019-01-15 > > ### Fixed > ... (truncated)Commits
- [`c29c052`](https://github.com/sebastianbergmann/phpunit/commit/c29c0525cf4572c11efe1db49a8b8aee9dfac58a) Prepare release - [`06df2aa`](https://github.com/sebastianbergmann/phpunit/commit/06df2aab77f36a47aec874181335ec573a79f242) Update ChangeLog - [`7969f5b`](https://github.com/sebastianbergmann/phpunit/commit/7969f5bc0580fd40caa2d630b5c3010ed2a31494) Fix [#3564](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3564) by reusing an existing test as a stub to fill the log entry - [`eb343b8`](https://github.com/sebastianbergmann/phpunit/commit/eb343b86753d26de07ecba7868fa983104361948) Prepare release - [`8dffbd4`](https://github.com/sebastianbergmann/phpunit/commit/8dffbd44a407376a824c2126f16110444f786419) Update tools - [`4909cdf`](https://github.com/sebastianbergmann/phpunit/commit/4909cdfbda7a178f66248a30f460e7efdf82ff75) Closes [#3480](https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3480) - [`6a93fd3`](https://github.com/sebastianbergmann/phpunit/commit/6a93fd37b0b1b2fad6820dbfbf756cda183dc62a) Bump - [`95deb3c`](https://github.com/sebastianbergmann/phpunit/commit/95deb3cf54bc2203555e22683bc56560fd362f8e) Use common location for tools - [`90cff07`](https://github.com/sebastianbergmann/phpunit/commit/90cff07c1fbadf8ffb404774ad98c845632b443f) Update ChangeLog - [`0f99649`](https://github.com/sebastianbergmann/phpunit/commit/0f99649b969316b8d0bd9c1a45f557d9f957396a) Fix CS/WS issues - Additional commits viewable in [compare view](https://github.com/sebastianbergmann/phpunit/compare/4.8.26...7.5.8)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.