Open markuman opened 3 years ago
Thanks for the report! For some reason no issue was raised by the GitHub CVE check. Luckily not a dramatic security issue but I will of course still fix it soon. If possible I will try to stay on the same major Symfony version though since otherwise more refactoring is necessary (e.g., not all dependencies might exist for a newer version).
Upgrading to the latest LTS would be nice and I plan to do it. In the last months I have started to improve shadowd and shadowd_php, shadowd_ui is still to be done. I would like to combine the LTS upgrade with a complete refactoring of the application. And maybe even some new features.
I have started to upgrade to Symfony 4 since there is no fixed version for 2.8. This will also resolve issue #48. It will take some days since there is a lot of code to rewrite, so that it works properly with Symfony 4.
waf or not :) upgrade symfony to the next supported LTS version would be nice.
by the way, nice app design.
ref: trivy vulnerable scanner