soup-bowl / wp-simple-smtp

📨 WordPress SMTP plugin. Plain and simple.
https://wordpress.org/plugins/simple-smtp
MIT License
24 stars 5 forks source link

Bump the dev-dependencies group with 5 updates #155

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 10 months ago

Bumps the dev-dependencies group with 5 updates:

Package From To
phpunit/phpunit 8.5.33 9.6.15
phpmailer/phpmailer 6.8.0 6.9.1
vlucas/phpdotenv 5.5.0 5.6.0
dealerdirect/phpcodesniffer-composer-installer 0.7.2 1.0.0
wp-coding-standards/wpcs 2.3.0 3.0.1

Updates phpunit/phpunit from 8.5.33 to 9.6.15

Changelog

Sourced from phpunit/phpunit's changelog.

[9.6.15] - 2023-12-01

Fixed

  • #5596: PHPUnit\Framework\TestCase has @internal annotation in PHAR

[9.6.14] - 2023-12-01

Added

  • #5577: --composer-lock CLI option for PHAR binary that displays the composer.lock used to build the PHAR

[9.6.13] - 2023-09-19

Changed

  • The child processes used for process isolation now use temporary files to communicate their result to the parent process

[9.6.12] - 2023-09-12

Changed

  • #5508: Generate code coverage report in PHP format as first in list to avoid serializing cache data

[9.6.11] - 2023-08-19

Added

  • #5478: assertObjectHasProperty() and assertObjectNotHasProperty()

[9.6.10] - 2023-07-10

Changed

  • #5419: Allow empty <extensions> element in XML configuration

[9.6.9] - 2023-06-11

Fixed

  • #5405: XML configuration migration does not migrate whitelist/file elements
  • Always use X.Y.Z version number (and not just X.Y) of PHPUnit's version when checking whether a PHAR-distributed extension is compatible

[9.6.8] - 2023-05-11

Fixed

  • #5345: No stack trace shown for previous exceptions during bootstrap

[9.6.7] - 2023-04-14

... (truncated)

Commits
  • 05017b8 Prepare release
  • 838af84 Merge branch '8.5' into 9.6
  • 9652df5 Prepare release
  • 3ba3e82 Pin humbug/php-scoper to 0.18.4 for #5596
  • 43653e6 Prepare release
  • c55b107 Merge branch '8.5' into 9.6
  • c14b7dc Prepare release
  • 7000410 Merge branch '8.5' into 9.6
  • 539165b Revert "Ensure that dependencies are up-to-date"
  • 75922e1 Use "composer outdated" instead of "composer show" (because PHPUnit >= 9.6 do...
  • Additional commits viewable in compare view


Updates phpmailer/phpmailer from 6.8.0 to 6.9.1

Release notes

Sourced from phpmailer/phpmailer's releases.

PHPMailer 6.9.1

This is a maintenance and feature release, adding support for the official release of PHP 8.3, methods for removing and replacing custom headers, XCLIENT support, and links to a new way of implementing XOAUTH2 authentication.

The only change likely to have any impact on existing code is that PHPMailer previously attempted to use opportunistic STARTTLS encryption when connecting to localhost, which was unlikely to work. The workaround required setting SMTPAutoTLS = false, but that's no longer required. You may still need to use this setting when connecting to literal IPs.

Changes

  • Add support for official release of PHP 8.3, add experimental support for PHP 8.4
  • Add clearCustomHeader and replaceCustomHeader methods
  • Add support for the XCLIENT SMTP extension with setSMTPXclientAttribute and getSMTPXclientAttributes methods
  • Don't attempt opportunistic TLS when connecting to localhost
  • Add package link and example showing how to use @​decomplexity's SendOauth2 wrapper
  • Update example to show a better way of using an SMTP subclass
  • Avoid some more deprecation warnings
  • Update Danish and Polish translations
  • Add Bengali and Assamese translations

Note: most of these changes were in the unreleased 6.9.0 version.

PHPMailer 6.8.1

This is a minor maintenance release.

Minor security note

The DSN support added in 6.8.0 reflects the DSN back to the user in an error message if it is invalid. If a DSN uses user-supplied input (a very bad idea), it opens a distant possibility of XSS if the host app does not escape output. In an abundance of caution, malformed DSNs are no longer reflected in error messages.

Changes

  • Don't reflect malformed DSNs in error messages to avert any risk of XSS
  • Improve Simplified Chinese, Sinhalese, and Norwegian translations
  • Don't use setAccessible in PHP >= 8.1 in tests
  • Avoid a deprecation notice in PHP 8.3
  • Fix link in readme
Changelog

Sourced from phpmailer/phpmailer's changelog.

Version 6.9.1 (November 25th, 2023)

  • Finalise SendOauth2 example

Version 6.9.0 (November 23rd, 2023)

  • Add support for official release of PHP 8.3, add experimental support for PHP 8.4
  • Add clearCustomHeader and replaceCustomHeader methods
  • Add support for the XCLIENT SMTP extension with setSMTPXclientAttribute and getSMTPXclientAttributes methods
  • Don't attempt opportunistic TLS when connecting to localhost
  • Add package link and example showing how to use @​decomplexity's SendOauth2 wrapper
  • Update example to show a better way of using an SMTP subclass
  • Avoid some more deprecation warnings
  • Update Danish and Polish translations
  • Add Bengali and Assamese translations

Version 6.8.1 (August 29th, 2023)

  • Don't reflect malformed DSNs in error messages to avert any risk of XSS
  • Improve Simplified Chinese, Sinhalese, and Norwegian translations
  • Don't use setAccessible in PHP >= 8.1 in tests
  • Avoid a deprecation notice in PHP 8.3
  • Fix link in readme
Commits
  • 039de17 6.9.1
  • 3190bef CS
  • d327514 Merge pull request #2985 from decomplexity/patch-1
  • 934f852 PHPMailer 6.9.0
  • 1a7d9e3 Suggest SendOauth2 package
  • bffe290 Update readme for XOAUTH2 changes
  • e443047 Don't need this to demo xoauth
  • d5615bf Merge pull request #2986 from frankforte/custom-headers
  • 8a91dd6 Code formatting for custom header methods.
  • b0ffd67 Update replaceCustomerHeader to remove duplicates. Improve clearCustomHeader ...
  • Additional commits viewable in compare view


Updates vlucas/phpdotenv from 5.5.0 to 5.6.0

Release notes

Sourced from vlucas/phpdotenv's releases.

V5.6.0 (12/11/2023)

We announce the immediate availability V5.6.0.

Changes

  • Removed support for PHP 7.1 (f1f4ca570735af96e7fb1c173f0fe71d9229b75c)
  • Add official support for PHP 8.3 (f1f4ca570735af96e7fb1c173f0fe71d9229b75c)
Commits


Updates dealerdirect/phpcodesniffer-composer-installer from 0.7.2 to 1.0.0

Release notes

Sourced from dealerdirect/phpcodesniffer-composer-installer's releases.

Release v1.0.0

Breaking changes

What's Changed

CI / CD

Tests

... (truncated)

Commits
  • 4be4390 Merge pull request #201 from PHPCSStandards/feature/160-update-references-to-...
  • fcae465 Merge pull request #198 from PHPCSStandards/feature/gitattributes-update
  • 02f83b9 Rename references to master branch
  • 752347f .gitattributes: sync with current repo state
  • c3ad43d Merge pull request #195 from PHPCSStandards/feature/ghactions-fix-fail-fast
  • 8a9b213 GH Actions: fix up fail-fast for setup-php
  • 4ff0459 Merge pull request #194 from PHPCSStandards/feature/ghactions-fail-setup-php
  • eb5932a GH Actions: selectively use fail-fast with setup-php
  • 77cfd99 Merge pull request #193 from PHPCSStandards/feature/ghactions-tweak-php-versions
  • b290f87 GH Actions: minor simplification
  • Additional commits viewable in compare view


Updates wp-coding-standards/wpcs from 2.3.0 to 3.0.1

Release notes

Sourced from wp-coding-standards/wpcs's releases.

3.0.1

Added

  • In WordPressCS 3.0.0, the functionality of the WordPress.Security.EscapeOutput sniff was updated to report unescaped message parameters passed to exceptions created in throw statements. This specific violation now has a separate error code: ExceptionNotEscaped. This will allow users to ignore or exclude that specific error code. Props @​anomiex. The error code(s) for other escaping issues flagged by the sniff remain unchanged.

Changed

  • Updated the CI workflow to test the example ruleset for issues.
  • Funding files and updates in the Readme about funding the project.

Fixed

  • Fixed a sniff name in the phpcs.xml.dist.sample file (case-sensitive sniff name). Props @​dawidurbanski.

3.0.0

Important information about this release:

At long last... WordPressCS 3.0.0 is here.

This is an important release which makes significant changes to improve the accuracy, performance, stability and maintainability of all sniffs, as well as making WordPressCS much better at handling modern PHP.

WordPressCS 3.0.0 contains breaking changes, both for people using ignore annotations, people maintaining custom rulesets, as well as for sniff developers who maintain a custom PHPCS standard based on WordPressCS.

If you are an end-user or maintain a custom WordPressCS based ruleset, please start by reading the Upgrade Guide to WordPressCS 3.0.0 for ruleset maintainers which lists the most important changes and contains a step by step guide for upgrading.

If you are a maintainer of an external standard based on WordPressCS and any of your custom sniffs are based on or extend WordPressCS sniffs, please read the Upgrade Guide to WordPressCS 3.0.0 for Developers.

In all cases, please read the complete changelog carefully before you upgrade.

Added

  • Dependencies on the following packages: PHPCSUtils, PHPCSExtra and the [Composer PHPCS plugin].
  • A best effort has been made to add support for the new PHP syntaxes/features to all WordPressCS native sniffs and utility functions (or to verify/improve existing support). While support in external sniffs used by WordPressCS has not be exhaustively verified, a lot of work has been done to try and add support for new PHP syntaxes to those as well. WordPressCS native sniffs and utilities have received fixes for the following syntaxes:
    • PHP 7.2
      • Keyed lists.
    • PHP 7.3
      • Flexible heredoc/nowdoc (providing the PHPCS scan is run on PHP 7.3 or higher).
      • Trailing commas in function calls.
    • PHP 7.4
      • Arrow functions.
      • Array unpacking in array expressions.
      • Numeric literals with underscores.
      • Typed properties.
      • Null coalesce equals operator.
    • PHP 8.0
      • Nullsafe object operators.

... (truncated)

Changelog

Sourced from wp-coding-standards/wpcs's changelog.

[3.0.1] - 2023-09-14

Added

  • In WordPressCS 3.0.0, the functionality of the WordPress.Security.EscapeOutput sniff was updated to report unescaped message parameters passed to exceptions created in throw statements. This specific violation now has a separate error code: ExceptionNotEscaped. This will allow users to ignore or exclude that specific error code. Props [@​anomiex]. The error code(s) for other escaping issues flagged by the sniff remain unchanged.

Changed

  • Updated the CI workflow to test the example ruleset for issues.
  • Funding files and updates in the Readme about funding the project.

Fixed

  • Fixed a sniff name in the phpcs.xml.dist.sample file (case-sensitive sniff name). Props [@​dawidurbanski].

[3.0.0] - 2023-08-21

Important information about this release:

At long last... WordPressCS 3.0.0 is here.

This is an important release which makes significant changes to improve the accuracy, performance, stability and maintainability of all sniffs, as well as making WordPressCS much better at handling modern PHP.

WordPressCS 3.0.0 contains breaking changes, both for people using ignore annotations, people maintaining custom rulesets, as well as for sniff developers who maintain a custom PHPCS standard based on WordPressCS.

If you are an end-user or maintain a custom WordPressCS based ruleset, please start by reading the Upgrade Guide to WordPressCS 3.0.0 for end-users which lists the most important changes and contains a step by step guide for upgrading.

If you are a maintainer of an external standard based on WordPressCS and any of your custom sniffs are based on or extend WordPressCS sniffs, please read the Upgrade Guide to WordPressCS 3.0.0 for Developers.

In all cases, please read the complete changelog carefully before you upgrade.

Added

  • Dependencies on the following packages: PHPCSUtils, PHPCSExtra and the [Composer PHPCS plugin].
  • A best effort has been made to add support for the new PHP syntaxes/features to all WordPressCS native sniffs and utility functions (or to verify/improve existing support). While support in external sniffs used by WordPressCS has not be exhaustively verified, a lot of work has been done to try and add support for new PHP syntaxes to those as well. WordPressCS native sniffs and utilities have received fixes for the following syntaxes:
    • PHP 7.2
      • Keyed lists.
    • PHP 7.3
      • Flexible heredoc/nowdoc (providing the PHPCS scan is run on PHP 7.3 or higher).
      • Trailing commas in function calls.
    • PHP 7.4
      • Arrow functions.
      • Array unpacking in array expressions.
      • Numeric literals with underscores.
      • Typed properties.

... (truncated)

Commits
  • b4caf96 Merge pull request #2386 from WordPress/develop
  • 289cf43 Merge pull request #2385 from WordPress/feature/changelog-for-wpcs-3.0.1-release
  • 9f57f6b Add changelog for v3.0.1
  • d0e0fd3 Merge pull request #2378 from anomiex/add/escapeoutput-error-codes-for-error-...
  • 81f40bc Merge pull request #2383 from WordPress/feature/update-release-checklist
  • 401e4ec Release checklist: add link to monthly dev blog
  • caa0a8b Merge pull request #2382 from WordPress/feature/fix-funding
  • d3c67d8 Funding: fix format
  • 4367be3 Merge pull request #2372 from WordPress/feature/update-funding-page
  • 45cff8d Update README.md
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions