chore(deps): bump the composer group across 1 directory with 3 updates #215

New Issue

MrUnknownDE · 2026-04-05T19:53:54+02:00

MrUnknownDE commented

2026-04-05 19:53:54 +02:00

Originally created by @dependabot[bot] on 3/12/2025

Bumps the composer group with 1 update in the / directory: laravel/framework.

Updates laravel/framework from 11.31.0 to 11.44.1

Release notes

Sourced from laravel/framework's releases.

v11.44.1

[11.x] Add valid values to ensure method by @lancepioch in laravel/framework#54840

Fix attribute name used on Validator instance within certain rule classes by @crynobone in laravel/framework#54845

[11.x] Fix Application::interBasePath() fails to resolve application when project name is "vendor" by @crynobone in laravel/framework#54871

[11.x] Test improvements by @crynobone in laravel/framework#54879

v11.44.0

[11.x] Fix parsing PHP_CLI_SERVER_WORKERS as string instead of int by @crynobone in laravel/framework#54724

[11.x] Rename Redis parse connection for cluster test method to follow naming conventions by @jackbayliss in laravel/framework#54721

[11.x] Allow readAt method to use in database channel by @utsavsomaiya in laravel/framework#54729

[11.x] Fix: Custom Exceptions with Multiple Arguments does not properly rein… by @pandiselvamm in laravel/framework#54705

[11.x] Update ConcurrencyTest exception reference to use namespace by @jackbayliss in laravel/framework#54732

[11.x] Deprecate Factory::$modelNameResolver by @samlev in laravel/framework#54736

[11x.] Improved typehints for InteractsWithDatabase by @cosmastech in laravel/framework#54748

[11.x] Improved typehints for InteractsWithExceptionHandling && ExceptionHandlerFake by @cosmastech in laravel/framework#54747

v11.43.2

[11.x] Add missing test for implode() by @nuernbergerA in laravel/framework#54704

[11.x] Enhance eventStream to Support Custom Events and Start Messages by @devhammed in laravel/framework#54695

Revert "[11.x] Enhance eventStream to Support Custom Events and Start Messages" by @taylorotwell in laravel/framework#54714

[11.x] Replace MD5 with xxh128 in File::hasSameHash() by @vlakoff in laravel/framework#54690

[11.x] Add parameter typing for closure to addGlobalScope method by @jnoordsij in laravel/framework#54677

[11.x] assertOnlyJsonValidationErrors / assertOnlyInvalid by @gdebrauwer in laravel/framework#54678

[11.x] Allow for assertions against QueueFake::pushRaw() by @cosmastech in laravel/framework#54703

[11.x] Fix: Handles non nested explode of multiple Date and Numeric rules in ValidationRuleParser by @AlexandreMeledandri in laravel/framework#54718

v11.43.1

[11.x] Fix "Divide by Zero" regression bug introduced in #54650 by @crynobone in laravel/framework#54685

Revert "Fix Collection::implode with \Stringable objects" by @crynobone in laravel/framework#54691

v11.43.0

Remove Incorrect @mixin Annotation in BuildsQueries Trait by @daniel-de-wit in laravel/framework#54596

make withoutScopedBindings usable on RouteRegistrar by @ssninnni in laravel/framework#54592

[11.x] Update Broadcasting Install Command For Bun Version 1.1.39^ by @realpoke in laravel/framework#54605

[11.x] Add isTtySupported to Process facade by @Riley19280 in laravel/framework#54604

[11.x] fix: pagination generics by @calebdw in laravel/framework#54601

Convert closures to arrow functions in the Model class by @alikhosravidev in laravel/framework#54599

[11.x] Document hashedValue as non-nullable by @JurianArie in laravel/framework#54615

[11.x] Prohibited If Declined and Prohibited If Accepted validation rules by @osama-98 in laravel/framework#54608

[11.x] Fix param types for orWhereHasMorph method by @simonellensohn in laravel/framework#54659

[11.x] Add pascal alias for studly string helper by @da-mask in laravel/framework#54655

[11.x] make the Eloquent missing attribute handler more accurate by changing offsetExists by @koenvu in laravel/framework#54654

[11.x] use exec function if the symlink function is unavailable by @aisuvro in laravel/framework#54651

[11.x] use value helper for $perPage as used for $total by @rodrigopedra in laravel/framework#54650

[11.x] [cleanup] used illuminate str contains by @daison12006013 in laravel/framework#54647

[11.x] Allow can attribute on group by @utsavsomaiya in laravel/framework#54648

Test Improvements by @crynobone in laravel/framework#54645

Fixes Factory Using Wrong Model Name by @SameOldNick in laravel/framework#54644

[11.x] fix 'parsePipeString' in pipeline helper by @igzard in laravel/framework#54643

Update old() docblock by @AJenbo in laravel/framework#54641

... (truncated)

Commits

0883d41 Update version to v11.44.1
c666f89 [11.x] Test improvements (#54879)
1154a31 [11.x] Fix Application::interBasePath() fails to resolve application when p...
a8da712 Fix attribute name used on Validator instance within certain rule classes (...
fd9681f [11.x] Add valid values to ensure method (#54840)
9de7525 Update CHANGELOG
e9a33da Update version to v11.44.0
2c72603 exception handling typehints (#54747)
344c37f [11x.] Improved typehints for InteractsWithDatabase (#54748)
0054c26 [11.x] Deprecate Factory::$modelNameResolver (#54736)
Additional commits viewable in compare view

Updates league/commonmark from 2.5.3 to 2.6.1

Release notes

Sourced from league/commonmark's releases.

2.6.1

Fixed

Rendered list items should only add newlines around block-level children (#1059, #1061)

Full Changelog: https://github.com/thephpleague/commonmark/compare/2.6.0...2.6.1

2.6.0

This is a security release to address potential denial of service attacks when parsing specially crafted, malicious input from untrusted sources (like user input). See https://github.com/thephpleague/commonmark/security/advisories/GHSA-c2pc-g5qf-rfrf for more details.

Added

Added max_delimiters_per_line config option to prevent denial of service attacks when parsing malicious input

Added table/max_autocompleted_cells config option to prevent denial of service attacks when parsing large tables

The AttributesExtension now supports attributes without values (#985, #986)

The AutolinkExtension exposes two new configuration options to override the default behavior (#969, #987):

autolink/allowed_protocols - an array of protocols to allow autolinking for

autolink/default_protocol - the default protocol to use when none is specified

Added RegexHelper::isWhitespace() method to check if a given character is an ASCII whitespace character

Added CacheableDelimiterProcessorInterface to ensure linear complexity for dynamic delimiter processing

Added Bracket delimiter type to optimize bracket parsing

Changed

[ and ] are no longer added as Delimiter objects on the stack; a new Bracket type with its own stack is used instead

UrlAutolinkParser no longer parses URLs with more than 127 subdomains

Expanded reference links can no longer exceed 100kb, or the size of the input document (whichever is greater)

Delimiters should always provide a non-null value via DelimiterInterface::getIndex()

We'll attempt to infer the index based on surrounding delimiters where possible

The DelimiterStack now accepts integer positions for any $stackBottom argument

Several small performance optimizations

Changelog

Sourced from league/commonmark's changelog.

[2.6.1] - 2024-12-29

Fixed

Rendered list items should only add newlines around block-level children (#1059, #1061)

[2.6.0] - 2024-12-07

This is a security release to address potential denial of service attacks when parsing specially crafted, malicious input from untrusted sources (like user input).

Added

Added max_delimiters_per_line config option to prevent denial of service attacks when parsing malicious input

Added table/max_autocompleted_cells config option to prevent denial of service attacks when parsing large tables

The AttributesExtension now supports attributes without values (#985, #986)

The AutolinkExtension exposes two new configuration options to override the default behavior (#969, #987):

autolink/allowed_protocols - an array of protocols to allow autolinking for

autolink/default_protocol - the default protocol to use when none is specified

Added RegexHelper::isWhitespace() method to check if a given character is an ASCII whitespace character

Added CacheableDelimiterProcessorInterface to ensure linear complexity for dynamic delimiter processing

Added Bracket delimiter type to optimize bracket parsing

Changed

[ and ] are no longer added as Delimiter objects on the stack; a new Bracket type with its own stack is used instead

UrlAutolinkParser no longer parses URLs with more than 127 subdomains

Expanded reference links can no longer exceed 100kb, or the size of the input document (whichever is greater)

Delimiters should always provide a non-null value via DelimiterInterface::getIndex()

We'll attempt to infer the index based on surrounding delimiters where possible

The DelimiterStack now accepts integer positions for any $stackBottom argument

Several small performance optimizations

Commits

d990688 Prepare to release 2.6.1
a35bdc9 Always compare just the HTML
81d3ba2 Test against PHP 8.4 (stable) and 8.5 (nightly)
ab3f3ae Merge pull request #1061 from thephpleague/fix-list-item-newlines
73e129e Rendered list items should only add newlines around block-level children
6294d44 Update actions/checkout action to v4 (#1057)
b561666 Increase margin of error for CI
1f90197 Fix missing configs when running in CI
f6d41f9 Run pathological tests on PHP 8.4
69c4140 Fix pathological test config reader
Additional commits viewable in compare view

Updates nesbot/carbon from 3.8.2 to 3.8.6

Release notes

Sourced from nesbot/carbon's releases.

3.8.6

Complete commits list: https://github.com/CarbonPHP/carbon/compare/3.8.5...3.8.6

Summary:

Fix Turkmen week day name order by @kylekatarnls in briannesbitt/Carbon#3152

Test Laravel ongoing v13 by @kylekatarnls in briannesbitt/Carbon#3155

3.8.5

Complete commits list: https://github.com/CarbonPHP/carbon/compare/3.8.4...3.8.5

Summary:

Fix CarbonInterval PHPDoc by @kylekatarnls in briannesbitt/Carbon#3130

Fix time unit abbreviations and format mismatches for Azerbaijani translation by @novruzrhmv in briannesbitt/Carbon#3144

New Contributors

@novruzrhmv made their first contribution in briannesbitt/Carbon#3144

3.8.4

Complete commits list: https://github.com/CarbonPHP/carbon/compare/3.8.3...3.8.4

Summary:

Validate locale earlier

Commits

ff2f20c Merge pull request #3155 from briannesbitt/feature/laravel-13-testing
c60bfa8 Test Laravel ongoing v13
f5f85e9 Update custom sponsors data
d379666 Make all data from sponsors overridable on demand
a90545c Merge pull request #21 from roxblnfk/update-readme-links
82d243e Fix a link
4beb587 Update links in readme
64e72b2 Merge pull request #3152 from briannesbitt/fix/issue-3151-tk-day-names
489cfd8 Fix Turkmen week day name order
0ab0ec1 Merge branch 'master' of github.com:kylekatarnls/Carbon
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

*Originally created by @dependabot[bot] on 3/12/2025* Bumps the composer group with 1 update in the / directory: [laravel/framework](https://github.com/laravel/framework). Updates `laravel/framework` from 11.31.0 to 11.44.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/laravel/framework/releases">laravel/framework's releases</a>.</em></p> <blockquote> <h2>v11.44.1</h2> <ul> <li>[11.x] Add valid values to ensure method by <a href="https://github.com/lancepioch"><code>@lancepioch</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54840">laravel/framework#54840</a></li> <li>Fix attribute name used on <code>Validator</code> instance within certain rule classes by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54845">laravel/framework#54845</a></li> <li>[11.x] Fix <code>Application::interBasePath()</code> fails to resolve application when project name is "vendor" by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54871">laravel/framework#54871</a></li> <li>[11.x] Test improvements by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54879">laravel/framework#54879</a></li> </ul> <h2>v11.44.0</h2> <ul> <li>[11.x] Fix parsing <code>PHP_CLI_SERVER_WORKERS</code> as <code>string</code> instead of <code>int</code> by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54724">laravel/framework#54724</a></li> <li>[11.x] Rename Redis parse connection for cluster test method to follow naming conventions by <a href="https://github.com/jackbayliss"><code>@jackbayliss</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54721">laravel/framework#54721</a></li> <li>[11.x] Allow <code>readAt</code> method to use in database channel by <a href="https://github.com/utsavsomaiya"><code>@utsavsomaiya</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54729">laravel/framework#54729</a></li> <li>[11.x] Fix: Custom Exceptions with Multiple Arguments does not properly rein… by <a href="https://github.com/pandiselvamm"><code>@pandiselvamm</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54705">laravel/framework#54705</a></li> <li>[11.x] Update ConcurrencyTest exception reference to use namespace by <a href="https://github.com/jackbayliss"><code>@jackbayliss</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54732">laravel/framework#54732</a></li> <li>[11.x] Deprecate <code>Factory::$modelNameResolver</code> by <a href="https://github.com/samlev"><code>@samlev</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54736">laravel/framework#54736</a></li> <li>[11x.] Improved typehints for <code>InteractsWithDatabase</code> by <a href="https://github.com/cosmastech"><code>@cosmastech</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54748">laravel/framework#54748</a></li> <li>[11.x] Improved typehints for <code>InteractsWithExceptionHandling</code> && <code>ExceptionHandlerFake</code> by <a href="https://github.com/cosmastech"><code>@cosmastech</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54747">laravel/framework#54747</a></li> </ul> <h2>v11.43.2</h2> <ul> <li>[11.x] Add missing test for <code>implode()</code> by <a href="https://github.com/nuernbergerA"><code>@nuernbergerA</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54704">laravel/framework#54704</a></li> <li>[11.x] Enhance eventStream to Support Custom Events and Start Messages by <a href="https://github.com/devhammed"><code>@devhammed</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54695">laravel/framework#54695</a></li> <li>Revert "[11.x] Enhance eventStream to Support Custom Events and Start Messages" by <a href="https://github.com/taylorotwell"><code>@taylorotwell</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54714">laravel/framework#54714</a></li> <li>[11.x] Replace MD5 with xxh128 in File::hasSameHash() by <a href="https://github.com/vlakoff"><code>@vlakoff</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54690">laravel/framework#54690</a></li> <li>[11.x] Add parameter typing for closure to addGlobalScope method by <a href="https://github.com/jnoordsij"><code>@jnoordsij</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54677">laravel/framework#54677</a></li> <li>[11.x] <code>assertOnlyJsonValidationErrors</code> / <code>assertOnlyInvalid</code> by <a href="https://github.com/gdebrauwer"><code>@gdebrauwer</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54678">laravel/framework#54678</a></li> <li>[11.x] Allow for assertions against <code>QueueFake::pushRaw()</code> by <a href="https://github.com/cosmastech"><code>@cosmastech</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54703">laravel/framework#54703</a></li> <li>[11.x] Fix: Handles non nested explode of multiple Date and Numeric rules in ValidationRuleParser by <a href="https://github.com/AlexandreMeledandri"><code>@AlexandreMeledandri</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54718">laravel/framework#54718</a></li> </ul> <h2>v11.43.1</h2> <ul> <li>[11.x] Fix "Divide by Zero" regression bug introduced in <a href="https://redirect.github.com/laravel/framework/issues/54650">#54650</a> by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54685">laravel/framework#54685</a></li> <li>Revert "Fix Collection::implode with \Stringable objects" by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54691">laravel/framework#54691</a></li> </ul> <h2>v11.43.0</h2> <ul> <li>Remove Incorrect <a href="https://github.com/mixin"><code>@mixin</code></a> Annotation in BuildsQueries Trait by <a href="https://github.com/daniel-de-wit"><code>@daniel-de-wit</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54596">laravel/framework#54596</a></li> <li>make withoutScopedBindings usable on RouteRegistrar by <a href="https://github.com/ssninnni"><code>@ssninnni</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54592">laravel/framework#54592</a></li> <li>[11.x] Update Broadcasting Install Command For Bun Version 1.1.39^ by <a href="https://github.com/realpoke"><code>@realpoke</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54605">laravel/framework#54605</a></li> <li>[11.x] Add isTtySupported to Process facade by <a href="https://github.com/Riley19280"><code>@Riley19280</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54604">laravel/framework#54604</a></li> <li>[11.x] fix: pagination generics by <a href="https://github.com/calebdw"><code>@calebdw</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54601">laravel/framework#54601</a></li> <li>Convert closures to arrow functions in the Model class by <a href="https://github.com/alikhosravidev"><code>@alikhosravidev</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54599">laravel/framework#54599</a></li> <li>[11.x] Document hashedValue as non-nullable by <a href="https://github.com/JurianArie"><code>@JurianArie</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54615">laravel/framework#54615</a></li> <li>[11.x] Prohibited If Declined and Prohibited If Accepted validation rules by <a href="https://github.com/osama-98"><code>@osama-98</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54608">laravel/framework#54608</a></li> <li>[11.x] Fix param types for <code>orWhereHasMorph</code> method by <a href="https://github.com/simonellensohn"><code>@simonellensohn</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54659">laravel/framework#54659</a></li> <li>[11.x] Add pascal alias for studly string helper by <a href="https://github.com/da-mask"><code>@da-mask</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54655">laravel/framework#54655</a></li> <li>[11.x] make the Eloquent missing attribute handler more accurate by changing offsetExists by <a href="https://github.com/koenvu"><code>@koenvu</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54654">laravel/framework#54654</a></li> <li>[11.x] use exec function if the symlink function is unavailable by <a href="https://github.com/aisuvro"><code>@aisuvro</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54651">laravel/framework#54651</a></li> <li>[11.x] use value helper for $perPage as used for $total by <a href="https://github.com/rodrigopedra"><code>@rodrigopedra</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54650">laravel/framework#54650</a></li> <li>[11.x] [cleanup] used illuminate str contains by <a href="https://github.com/daison12006013"><code>@daison12006013</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54647">laravel/framework#54647</a></li> <li>[11.x] Allow can attribute on group by <a href="https://github.com/utsavsomaiya"><code>@utsavsomaiya</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54648">laravel/framework#54648</a></li> <li>Test Improvements by <a href="https://github.com/crynobone"><code>@crynobone</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54645">laravel/framework#54645</a></li> <li>Fixes Factory Using Wrong Model Name by <a href="https://github.com/SameOldNick"><code>@SameOldNick</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54644">laravel/framework#54644</a></li> <li>[11.x] fix 'parsePipeString' in pipeline helper by <a href="https://github.com/igzard"><code>@igzard</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54643">laravel/framework#54643</a></li> <li>Update old() docblock by <a href="https://github.com/AJenbo"><code>@AJenbo</code></a> in <a href="https://redirect.github.com/laravel/framework/pull/54641">laravel/framework#54641</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/laravel/framework/commit/0883d4175f4e2b5c299e7087ad3c74f2ce195c6d"><code>0883d41</code></a> Update version to v11.44.1</li> <li><a href="https://github.com/laravel/framework/commit/c666f89566d69c6b846d4f536cac38e05f7a2111"><code>c666f89</code></a> [11.x] Test improvements (<a href="https://redirect.github.com/laravel/framework/issues/54879">#54879</a>)</li> <li><a href="https://github.com/laravel/framework/commit/1154a3114d5c01b7014889ea46d9124b4f2dae6f"><code>1154a31</code></a> [11.x] Fix <code>Application::interBasePath()</code> fails to resolve application when p...</li> <li><a href="https://github.com/laravel/framework/commit/a8da712687ac2c69feb86966b7d98281a0a81698"><code>a8da712</code></a> Fix attribute name used on <code>Validator</code> instance within certain rule classes (...</li> <li><a href="https://github.com/laravel/framework/commit/fd9681ffbb5cdc50ea33566c37d8472d1d078bc7"><code>fd9681f</code></a> [11.x] Add valid values to ensure method (<a href="https://redirect.github.com/laravel/framework/issues/54840">#54840</a>)</li> <li><a href="https://github.com/laravel/framework/commit/9de752590837b8a056f9b18c493907f83c86ae9c"><code>9de7525</code></a> Update CHANGELOG</li> <li><a href="https://github.com/laravel/framework/commit/e9a33da34815ac1ed46c7e4c477a775f4592f0a7"><code>e9a33da</code></a> Update version to v11.44.0</li> <li><a href="https://github.com/laravel/framework/commit/2c72603358a00f3c819ee7cac7518ccecca87d13"><code>2c72603</code></a> exception handling typehints (<a href="https://redirect.github.com/laravel/framework/issues/54747">#54747</a>)</li> <li><a href="https://github.com/laravel/framework/commit/344c37f822a060249c33c86432f71e48d56e0c10"><code>344c37f</code></a> [11x.] Improved typehints for <code>InteractsWithDatabase</code> (<a href="https://redirect.github.com/laravel/framework/issues/54748">#54748</a>)</li> <li><a href="https://github.com/laravel/framework/commit/0054c26cdb2094bc38168c1a290bcd8d4696cafe"><code>0054c26</code></a> [11.x] Deprecate <code>Factory::$modelNameResolver</code> (<a href="https://redirect.github.com/laravel/framework/issues/54736">#54736</a>)</li> <li>Additional commits viewable in <a href="https://github.com/laravel/framework/compare/v11.31.0...v11.44.1">compare view</a></li> </ul> </details> <br /> Updates `league/commonmark` from 2.5.3 to 2.6.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/thephpleague/commonmark/releases">league/commonmark's releases</a>.</em></p> <blockquote> <h2>2.6.1</h2> <h3>Fixed</h3> <ul> <li>Rendered list items should only add newlines around block-level children (<a href="https://redirect.github.com/thephpleague/commonmark/issues/1059">#1059</a>, <a href="https://redirect.github.com/thephpleague/commonmark/issues/1061">#1061</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/thephpleague/commonmark/compare/2.6.0...2.6.1">https://github.com/thephpleague/commonmark/compare/2.6.0...2.6.1</a></p> <h2>2.6.0</h2> <p>This is a <strong>security release</strong> to address potential denial of service attacks when parsing specially crafted, malicious input from untrusted sources (like user input). See <a href="https://github.com/thephpleague/commonmark/security/advisories/GHSA-c2pc-g5qf-rfrf">https://github.com/thephpleague/commonmark/security/advisories/GHSA-c2pc-g5qf-rfrf</a> for more details.</p> <h3>Added</h3> <ul> <li>Added <code>max_delimiters_per_line</code> config option to prevent denial of service attacks when parsing malicious input</li> <li>Added <code>table/max_autocompleted_cells</code> config option to prevent denial of service attacks when parsing large tables</li> <li>The <code>AttributesExtension</code> now supports attributes without values (<a href="https://redirect.github.com/thephpleague/commonmark/issues/985">#985</a>, <a href="https://redirect.github.com/thephpleague/commonmark/issues/986">#986</a>)</li> <li>The <code>AutolinkExtension</code> exposes two new configuration options to override the default behavior (<a href="https://redirect.github.com/thephpleague/commonmark/issues/969">#969</a>, <a href="https://redirect.github.com/thephpleague/commonmark/issues/987">#987</a>): <ul> <li><code>autolink/allowed_protocols</code> - an array of protocols to allow autolinking for</li> <li><code>autolink/default_protocol</code> - the default protocol to use when none is specified</li> </ul> </li> <li>Added <code>RegexHelper::isWhitespace()</code> method to check if a given character is an ASCII whitespace character</li> <li>Added <code>CacheableDelimiterProcessorInterface</code> to ensure linear complexity for dynamic delimiter processing</li> <li>Added <code>Bracket</code> delimiter type to optimize bracket parsing</li> </ul> <h3>Changed</h3> <ul> <li><code>[</code> and <code>]</code> are no longer added as <code>Delimiter</code> objects on the stack; a new <code>Bracket</code> type with its own stack is used instead</li> <li><code>UrlAutolinkParser</code> no longer parses URLs with more than 127 subdomains</li> <li>Expanded reference links can no longer exceed 100kb, or the size of the input document (whichever is greater)</li> <li>Delimiters should always provide a non-null value via <code>DelimiterInterface::getIndex()</code> <ul> <li>We'll attempt to infer the index based on surrounding delimiters where possible</li> </ul> </li> <li>The <code>DelimiterStack</code> now accepts integer positions for any <code>$stackBottom</code> argument</li> <li>Several small performance optimizations</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/thephpleague/commonmark/blob/2.6/CHANGELOG.md">league/commonmark's changelog</a>.</em></p> <blockquote> <h2>[2.6.1] - 2024-12-29</h2> <h3>Fixed</h3> <ul> <li>Rendered list items should only add newlines around block-level children (<a href="https://redirect.github.com/thephpleague/commonmark/issues/1059">#1059</a>, <a href="https://redirect.github.com/thephpleague/commonmark/issues/1061">#1061</a>)</li> </ul> <h2>[2.6.0] - 2024-12-07</h2> <p>This is a <strong>security release</strong> to address potential denial of service attacks when parsing specially crafted, malicious input from untrusted sources (like user input).</p> <h3>Added</h3> <ul> <li>Added <code>max_delimiters_per_line</code> config option to prevent denial of service attacks when parsing malicious input</li> <li>Added <code>table/max_autocompleted_cells</code> config option to prevent denial of service attacks when parsing large tables</li> <li>The <code>AttributesExtension</code> now supports attributes without values (<a href="https://redirect.github.com/thephpleague/commonmark/issues/985">#985</a>, <a href="https://redirect.github.com/thephpleague/commonmark/issues/986">#986</a>)</li> <li>The <code>AutolinkExtension</code> exposes two new configuration options to override the default behavior (<a href="https://redirect.github.com/thephpleague/commonmark/issues/969">#969</a>, <a href="https://redirect.github.com/thephpleague/commonmark/issues/987">#987</a>): <ul> <li><code>autolink/allowed_protocols</code> - an array of protocols to allow autolinking for</li> <li><code>autolink/default_protocol</code> - the default protocol to use when none is specified</li> </ul> </li> <li>Added <code>RegexHelper::isWhitespace()</code> method to check if a given character is an ASCII whitespace character</li> <li>Added <code>CacheableDelimiterProcessorInterface</code> to ensure linear complexity for dynamic delimiter processing</li> <li>Added <code>Bracket</code> delimiter type to optimize bracket parsing</li> </ul> <h3>Changed</h3> <ul> <li><code>[</code> and <code>]</code> are no longer added as <code>Delimiter</code> objects on the stack; a new <code>Bracket</code> type with its own stack is used instead</li> <li><code>UrlAutolinkParser</code> no longer parses URLs with more than 127 subdomains</li> <li>Expanded reference links can no longer exceed 100kb, or the size of the input document (whichever is greater)</li> <li>Delimiters should always provide a non-null value via <code>DelimiterInterface::getIndex()</code> <ul> <li>We'll attempt to infer the index based on surrounding delimiters where possible</li> </ul> </li> <li>The <code>DelimiterStack</code> now accepts integer positions for any <code>$stackBottom</code> argument</li> <li>Several small performance optimizations</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/thephpleague/commonmark/commit/d990688c91cedfb69753ffc2512727ec646df2ad"><code>d990688</code></a> Prepare to release 2.6.1</li> <li><a href="https://github.com/thephpleague/commonmark/commit/a35bdc99af110057e8aba86eb6863d347260c684"><code>a35bdc9</code></a> Always compare just the HTML</li> <li><a href="https://github.com/thephpleague/commonmark/commit/81d3ba2a6a49dcff4af212d07e6f86f62c980b4a"><code>81d3ba2</code></a> Test against PHP 8.4 (stable) and 8.5 (nightly)</li> <li><a href="https://github.com/thephpleague/commonmark/commit/ab3f3ae7ff6a8ecd919666ebd48d1aa30bf44f77"><code>ab3f3ae</code></a> Merge pull request <a href="https://redirect.github.com/thephpleague/commonmark/issues/1061">#1061</a> from thephpleague/fix-list-item-newlines</li> <li><a href="https://github.com/thephpleague/commonmark/commit/73e129e900792be8721c1de127d91139d15833ad"><code>73e129e</code></a> Rendered list items should only add newlines around block-level children</li> <li><a href="https://github.com/thephpleague/commonmark/commit/6294d44b09add8a894f30bfe7271444a0598e1bf"><code>6294d44</code></a> Update actions/checkout action to v4 (<a href="https://redirect.github.com/thephpleague/commonmark/issues/1057">#1057</a>)</li> <li><a href="https://github.com/thephpleague/commonmark/commit/b561666ac77bfbde7f0cc9bc4091e0db56b9f573"><code>b561666</code></a> Increase margin of error for CI</li> <li><a href="https://github.com/thephpleague/commonmark/commit/1f90197f5196d8334ce3418edbba5423cec61ef1"><code>1f90197</code></a> Fix missing configs when running in CI</li> <li><a href="https://github.com/thephpleague/commonmark/commit/f6d41f962247451369e45c401219f36b4e2f36a7"><code>f6d41f9</code></a> Run pathological tests on PHP 8.4</li> <li><a href="https://github.com/thephpleague/commonmark/commit/69c41409f0b89f8f3a520356427d3e2bae5df67a"><code>69c4140</code></a> Fix pathological test config reader</li> <li>Additional commits viewable in <a href="https://github.com/thephpleague/commonmark/compare/2.5.3...2.6.1">compare view</a></li> </ul> </details> <br /> Updates `nesbot/carbon` from 3.8.2 to 3.8.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/CarbonPHP/carbon/releases">nesbot/carbon's releases</a>.</em></p> <blockquote> <h2>3.8.6</h2> <p>Complete commits list: <a href="https://github.com/CarbonPHP/carbon/compare/3.8.5...3.8.6">https://github.com/CarbonPHP/carbon/compare/3.8.5...3.8.6</a></p> <p>Summary:</p> <ul> <li>Fix Turkmen week day name order by <a href="https://github.com/kylekatarnls"><code>@kylekatarnls</code></a> in <a href="https://redirect.github.com/briannesbitt/Carbon/pull/3152">briannesbitt/Carbon#3152</a></li> <li>Test Laravel ongoing v13 by <a href="https://github.com/kylekatarnls"><code>@kylekatarnls</code></a> in <a href="https://redirect.github.com/briannesbitt/Carbon/pull/3155">briannesbitt/Carbon#3155</a></li> </ul> <h2>3.8.5</h2> <p>Complete commits list: <a href="https://github.com/CarbonPHP/carbon/compare/3.8.4...3.8.5">https://github.com/CarbonPHP/carbon/compare/3.8.4...3.8.5</a></p> <p>Summary:</p> <ul> <li>Fix CarbonInterval PHPDoc by <a href="https://github.com/kylekatarnls"><code>@kylekatarnls</code></a> in <a href="https://redirect.github.com/briannesbitt/Carbon/pull/3130">briannesbitt/Carbon#3130</a></li> <li>Fix time unit abbreviations and format mismatches for Azerbaijani translation by <a href="https://github.com/novruzrhmv"><code>@novruzrhmv</code></a> in <a href="https://redirect.github.com/briannesbitt/Carbon/pull/3144">briannesbitt/Carbon#3144</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/novruzrhmv"><code>@novruzrhmv</code></a> made their first contribution in <a href="https://redirect.github.com/briannesbitt/Carbon/pull/3144">briannesbitt/Carbon#3144</a></li> </ul> <h2>3.8.4</h2> <p>Complete commits list: <a href="https://github.com/CarbonPHP/carbon/compare/3.8.3...3.8.4">https://github.com/CarbonPHP/carbon/compare/3.8.3...3.8.4</a></p> <p>Summary:</p> <ul> <li>Validate locale earlier</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/CarbonPHP/carbon/commit/ff2f20cf83bd4d503720632ce8a426dc747bf7fd"><code>ff2f20c</code></a> Merge pull request <a href="https://redirect.github.com/CarbonPHP/carbon/issues/3155">#3155</a> from briannesbitt/feature/laravel-13-testing</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/c60bfa84c1350815477a15f119f451280dffb43a"><code>c60bfa8</code></a> Test Laravel ongoing v13</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/f5f85e9a98ab8098c7042e21795997e3c5dcd959"><code>f5f85e9</code></a> Update custom sponsors data</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/d379666115cb0d6cdbefedd7605aa6bebe80740b"><code>d379666</code></a> Make all data from sponsors overridable on demand</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/a90545c21fba7687d0ee19f73161ea6d18bcc452"><code>a90545c</code></a> Merge pull request <a href="https://redirect.github.com/CarbonPHP/carbon/issues/21">#21</a> from roxblnfk/update-readme-links</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/82d243e0a20474cf73d9b77612752a18f963bcdf"><code>82d243e</code></a> Fix a link</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/4beb587192259ddaa4dc09af99066c5070b53e06"><code>4beb587</code></a> Update links in readme</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/64e72b2c5a677b1f9f725d3977250d9b294b122f"><code>64e72b2</code></a> Merge pull request <a href="https://redirect.github.com/CarbonPHP/carbon/issues/3152">#3152</a> from briannesbitt/fix/issue-3151-tk-day-names</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/489cfd8f06c63651f99028a6b6f32cc9b83f2eaa"><code>489cfd8</code></a> Fix Turkmen week day name order</li> <li><a href="https://github.com/CarbonPHP/carbon/commit/0ab0ec154643cfdfb4e5abfd4ef6481f64ad42f2"><code>0ab0ec1</code></a> Merge branch 'master' of github.com:kylekatarnls/Carbon</li> <li>Additional commits viewable in <a href="https://github.com/CarbonPHP/carbon/compare/3.8.2...3.8.6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pyrohost/pyrodactyl/network/alerts). </details>

MrUnknownDE closed this issue

2026-04-05 19:53:54 +02:00

Sign in to join this conversation.

Branches Tags

main

redesign-amy

dependabot/composer/composer-a63f04cb24

transfer-queue

releases/v4.5.1

dependabot/npm_and_yarn/eslint-9.38.0

dependabot/npm_and_yarn/hcaptcha/react-hcaptcha-1.14.0

releases/v4.5.0

dependabot/npm_and_yarn/vitejs/plugin-react-swc-4.2.0

dependabot/npm_and_yarn/vite-7.1.12

dependabot/npm_and_yarn/browserslist-4.27.0

releases/v4.4.1

releases/v4.4.0

releases/v4.3.0

releases/v4.2.2

releases/v4.2.1

releases/v4.2.0

async-backups

releases/v4.1.0

releases/v4.0.0

multi-language

dependabot/npm_and_yarn/npm_and_yarn-34180670f1

subdomains

dev-old

dependabot/npm_and_yarn/eslint-plugin-prettier-5.5.4

elytra

startup-command

overhead-memory

amy/pyro-143-ui-redesign

naterfute/fix_unit_tests

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/pyrodactyl#215