Closed Rotzbua closed 7 months ago
We don't use the filesystem loader, so that doesn't affect Baikal
Right, otherwise I would have written "baikal is vulnerable by twig" 😉
Nevertheless, a user or developer will get a warning and might be alerted unnecessarily. 🫣
A fixed minor version update from ~2.14.8
to 2.15.4
is available.
Fixed in #1222
Baikal version: 0.9.3
Expected behaviour:
No security warning from
composer
.Current behaviour:
Steps to reproduce:
composer install
composer audit