Closed phil-davis closed 2 months ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
https://github.com/owncloud/openidconnect/blob/v2.2.0/composer.lock has phpseclib 3.0.16 in it. So that is why Trivy complains.
This might help with the Trivy messages: https://drone.owncloud.com/owncloud-docker/server/1772/2/6
We don't strictly need these latest versions, but it would be nice to have them.
We do need a release that can be bundled with 10.15.0 that has more-recent PHP dependencies.