Commit 2175d11

committed

Fix 8 Dependabot security vulnerabilities

Update composer packages: - laravel/reverb 1.6.3 -> 1.8.0 (critical: insecure deserialization) - phpunit/phpunit 11.5.46 -> 11.5.55 (high: unsafe deserialization) - firebase/php-jwt 6.11.1 -> 7.0.3 (low: weak encryption) - laravel/socialite 5.24.0 -> 5.24.3 (enables php-jwt ^7.0) - psy/psysh 0.12.17 -> 0.12.20 (medium: local privilege escalation) - symfony/process 7.4.0 -> 7.4.5 (medium: argument escaping) - paragonie/sodium_compat 2.4.0 -> 2.5.0 (medium: incomplete input checks) - aws/aws-sdk-php 3.367.3 -> 3.371.5 (medium: S3 encryption key issue) Update npm packages: - rollup 4.53.4 -> 4.59.0 (high: arbitrary file write via path traversal) - axios -> latest (high: DoS via __proto__ in mergeConfig)

1 parent dbbdf68 commit 2175d11Copy full SHA for 2175d11

2 files changed

+319

-264

lines changed

composer.lock
package-lock.json

2 files changed

+319

-264

lines changed

Comments

(0)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit 2175d11

2 files changed

2 files changed

File tree

2 files changed

2 files changed

0 commit comments