Skip to content

Comments

Bump the composer group across 1 directory with 9 updates#648

Open
dependabot[bot] wants to merge 1 commit intolivefrom
dependabot/composer/composer-db5d9eff4a
Open

Bump the composer group across 1 directory with 9 updates#648
dependabot[bot] wants to merge 1 commit intolivefrom
dependabot/composer/composer-db5d9eff4a

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 12, 2025
edited
Loading

Bumps the composer group with 7 updates in the / directory:

Package From To
symfony/http-foundation 4.4.42 5.4.50
symfony/http-kernel 4.4.42 4.4.50
symfony/process 4.4.41 5.4.46
spipu/html2pdf 5.2.5 5.2.8
twig/twig 3.4.1 3.11.2
symfony/twig-bridge 4.4.42 4.4.51
guzzlehttp/guzzle 7.4.4 7.10.0

Updates symfony/http-foundation from 4.4.42 to 5.4.50

Release notes

Sourced from symfony/http-foundation's releases.

v5.4.50

Changelog (symfony/http-foundation@v5.4.49...v5.4.50)

v5.4.48

Changelog (symfony/http-foundation@v5.4.47...v5.4.48)

v5.4.46

Changelog (symfony/http-foundation@v5.4.45...v5.4.46)

v5.4.45

Changelog (symfony/http-foundation@v5.4.44...v5.4.45)

v5.4.44

Changelog (symfony/http-foundation@v5.4.43...v5.4.44)

v5.4.42

Changelog (symfony/http-foundation@v5.4.41...v5.4.42)

v5.4.40

Changelog (symfony/http-foundation@v5.4.39...v5.4.40)

v5.4.39

Changelog (symfony/http-foundation@v5.4.38...v5.4.39)

v5.4.38

Changelog (symfony/http-foundation@v5.4.37...v5.4.38)

  • no significant changes

v5.4.35

Changelog (symfony/http-foundation@v5.4.34...v5.4.35)

... (truncated)

Changelog

Sourced from symfony/http-foundation's changelog.

CHANGELOG

7.3

  • Add support for iterable of string in StreamedResponse
  • Add EventStreamResponse and ServerEvent classes to streamline server event streaming
  • Add support for valkey: / valkeys: schemes for sessions
  • Request::getPreferredLanguage() now favors a more preferred language above exactly matching a locale
  • Allow UriSigner to use a ClockInterface
  • Add UriSigner::verify()

7.2

  • Add optional $requests parameter to RequestStack::__construct()
  • Add optional $v4Bytes and $v6Bytes parameters to IpUtils::anonymize()
  • Add PRIVATE_SUBNETS as a shortcut for private IP address ranges to Request::setTrustedProxies()
  • Deprecate passing referer_check, use_only_cookies, use_trans_sid, trans_sid_hosts, trans_sid_tags, sid_bits_per_character and sid_length options to NativeSessionStorage

7.1

  • Add optional $expirationParameter argument to UriSigner::__construct()
  • Add optional $expiration argument to UriSigner::sign()
  • Rename $parameter argument of UriSigner::__construct() to $hashParameter
  • Add UploadedFile::getClientOriginalPath()
  • Add QueryParameterRequestMatcher
  • Add HeaderRequestMatcher
  • Add support for \SplTempFileObject in BinaryFileResponse
  • Add verbose argument to response test constraints

7.0

  • Calling ParameterBag::filter() throws an UnexpectedValueException on invalid value, unless flag FILTER_NULL_ON_FAILURE is set
  • Calling ParameterBag::getInt() and ParameterBag::getBool() throws an UnexpectedValueException on invalid value
  • Remove classes RequestMatcher and ExpressionRequestMatcher
  • Remove Request::getContentType(), use Request::getContentTypeFormat() instead
  • Throw an InvalidArgumentException when calling Request::create() with a malformed URI
  • Require explicit argument when calling JsonResponse::setCallback(), Response::setExpires/setLastModified/setEtag(), MockArraySessionStorage/NativeSessionStorage::setMetadataBag(), NativeSessionStorage::setSaveHandler()
  • Add argument $statusCode to Response::sendHeaders() and StreamedResponse::sendHeaders()

6.4

  • Make HeaderBag::getDate(), Response::getDate(), getExpires() and getLastModified() return a DateTimeImmutable
  • Support root-level Generator in StreamedJsonResponse
  • Add UriSigner from the HttpKernel component

... (truncated)

Commits
  • 1a0706e [HttpFoundation] Fix parsing pathinfo with no leading slash
  • 3f38b8a [HttpFoundation] Fix test
  • 897e8a2 [HttpFoundation] Revert risk change
  • 3280c9d Work around parse_url() bug (bis)
  • 168b77c security #cve-2024-50345 [HttpFoundation] Reject URIs that contain invalid ch...
  • 32310ff [HttpFoundation] Reject URIs that contain invalid characters
  • 38bd9bc [HttpFoundation] Remove invalid HTTP method from exception message
  • 3f38426 Ensure compatibility with mongodb v2
  • 35f7b4c session names must not be empty
  • e641edd ensure session storages are opened in tests before destroying them
  • Additional commits viewable in compare view

Updates symfony/http-kernel from 4.4.42 to 4.4.50

Commits
  • aa6df6c Update VERSION for 4.4.50
  • f7822a7 security #cve-2022-24894 [HttpKernel] Remove private headers before storing r...
  • 4e36db8 Update VERSION for 4.4.49
  • bc62d95 [HttpKernel] Fix message for unresovable arguments of invokable controllers
  • 0924172 Bump Symfony version to 4.4.49
  • a6d5229 Update VERSION for 4.4.48
  • 26989b2 bug #47857 [HttpKernel] Fix empty request stack when terminating with excepti...
  • 3f61170 [HttpKernel] Fix empty request stack when terminating with exception
  • 9a34f1a bug #47878 [HttpKernel] Remove EOL when using error_log() in HttpKernel Logge...
  • abc1357 [HttpKernel] Remove EOL when using error_log() in HttpKernel Logger
  • Additional commits viewable in compare view

Updates symfony/process from 4.4.41 to 5.4.46

Release notes

Sourced from symfony/process's releases.

v5.4.46

Changelog (symfony/process@v5.4.45...v5.4.46)

v5.4.45

Changelog (symfony/process@v5.4.44...v5.4.45)

  • no significant changes

v5.4.44

Changelog (symfony/process@v5.4.43...v5.4.44)

v5.4.40

Changelog (symfony/process@v5.4.39...v5.4.40)

  • no significant changes

v5.4.39

Changelog (symfony/process@v5.4.38...v5.4.39)

  • no significant changes

v5.4.36

Changelog (symfony/process@v5.4.35...v5.4.36)

v5.4.35

Changelog (symfony/process@v5.4.34...v5.4.35)

v5.4.34

Changelog (symfony/process@v5.4.33...v5.4.34)

v5.4.28

Changelog (symfony/process@v5.4.27...v5.4.28)

v5.4.26

... (truncated)

Changelog

Sourced from symfony/process's changelog.

CHANGELOG

7.3

  • Add RunProcessMessage::fromShellCommandline() to instantiate a Process via the fromShellCommandline method

7.1

  • Add Process::setIgnoredSignals() to disable signal propagation to the child process

6.4

  • Add PhpSubprocess to handle PHP subprocesses that take over the configuration from their parent
  • Add RunProcessMessage and RunProcessMessageHandler

5.2.0

  • added Process::setOptions() to set Process specific options
  • added option create_new_console to allow a subprocess to continue to run after the main script exited, both on Linux and on Windows

5.1.0

  • added Process::getStartTime() to retrieve the start time of the process as float

5.0.0

  • removed Process::inheritEnvironmentVariables()
  • removed PhpProcess::setPhpBinary()
  • Process must be instantiated with a command array, use Process::fromShellCommandline() when the command should be parsed by the shell
  • removed Process::setCommandLine()

4.4.0

  • deprecated Process::inheritEnvironmentVariables(): env variables are always inherited.
  • added Process::getLastOutputTime() method

4.2.0

... (truncated)

Commits
  • 0190687 [Process] Fix test
  • ee75984 security #cve-2024-51736 [Process] Use %PATH% before %CD% to load the shell o...
  • 05c2ccc [Process] Use %PATH% before %CD% to load the shell on Windows
  • d94dda5 [Process] Fix escaping /X arguments on Windows
  • 72baf6b fix the constant being used
  • 81e1a0c fix the path separator being used
  • d67303e minor #58747 [Process] fix the directory separator being used (xabbuh)
  • 5cdd400 minor #58746 [Process] Improve test cleanup by unlinking in a finally block...
  • 7be8366 fix the directory separator being used
  • a56fe7b ignore case of built-in cmd.exe commands
  • Additional commits viewable in compare view

Updates spipu/html2pdf from 5.2.5 to 5.2.8

Release notes

Sourced from spipu/html2pdf's releases.

new version v5.2.8 of Html2Pdf

Full Changelog: spipu/html2pdf@v5.2.7...v5.2.8

new version v5.2.7 of Html2Pdf

Full Changelog: spipu/html2pdf@v5.2.6...v5.2.7

new version v5.2.6 of Html2Pdf

What's Changed

New Contributors

Full Changelog: spipu/html2pdf@v5.2.5...v5.2.6

Changelog

Sourced from spipu/html2pdf's changelog.

5.2.8 - 2023-07-18

  • fix XSS vulnerabilities in examples example9.php and forms.php - thanks to Michał Majchrowicz, Livio Victoriano and Zbigniew Piotrak from AFINE Team

5.2.7 - 2023-02-02

  • fix phpunit compatibility

5.2.6 - 2023-01-28

  • add support of PHP 8.1 and PHP 8.2
  • add phpunit 9 compatibility - thanks to @​jausions
  • remove useless files
Commits

Updates twig/twig from 3.4.1 to 3.11.2

Changelog

Sourced from twig/twig's changelog.

3.11.2 (2024-11-06)

  • [BC BREAK] Fix a security issue in the sandbox mode allowing an attacker to call attributes on Array-like objects They are now checked via the property policy
  • Fix a security issue in the sandbox mode allowing an attacker to be able to call toString() under some circumstances on an object even if the __toString() method is not allowed by the security policy

3.11.1 (2024-09-10)

  • Fix a security issue when an included sandboxed template has been loaded before without the sandbox context

3.11.0 (2024-08-08)

  • Deprecate OptimizerNodeVisitor::OPTIMIZE_RAW_FILTER
  • Add Twig\Cache\ChainCache and Twig\Cache\ReadOnlyFilesystemCache
  • Add the possibility to deprecate attributes and nodes on Node
  • Add the possibility to add a package and a version to the deprecated tag
  • Add the possibility to add a package for filter/function/test deprecations
  • Mark ConstantExpression as being @final
  • Add the find filter
  • Fix optimizer mode validation in OptimizerNodeVisitor
  • Add the possibility to yield from a generator in PrintNode
  • Add the shuffle filter
  • Add the singular and plural filters in StringExtension
  • Deprecate the second argument of Twig\Node\Expression\CallExpression::compileArguments()
  • Deprecate Twig\ExpressionParser\parseHashExpression() in favor of Twig\ExpressionParser::parseMappingExpression()
  • Deprecate Twig\ExpressionParser\parseArrayExpression() in favor of Twig\ExpressionParser::parseSequenceExpression()
  • Add sequence and mapping tests
  • Deprecate Twig\Node\Expression\NameExpression::isSimple() and Twig\Node\Expression\NameExpression::isSpecial()

3.10.3 (2024-05-16)

  • Fix missing ; in generated code

3.10.2 (2024-05-14)

  • Fix support for the deprecated escaper signature

3.10.1 (2024-05-12)

  • Fix BC break on escaper extension
  • Fix constant return type

3.10.0 (2024-05-11)

  • Make CoreExtension::formatDate, CoreExtension::convertDate, and CoreExtension::formatNumber part of the public API

... (truncated)

Commits
  • 5b580ec Fix code
  • 94612e7 Prepare the 3.11.2 release
  • 8b52782 Update CHANGELOG
  • ec39a9d Sandbox ArrayAccess and do sandbox checks before isset() checks
  • cafc608 Fix sandbox handling for __toString()
  • ff063af Prepare the 3.11.1 release
  • 41103dc Fix a security issue when an included sandboxed template has been loaded befo...
  • e80fb8e Prepare the 3.11.0 release
  • fe32121 Update CHANGELOG
  • 0d524d3 feature #4182 Add the possibility to deprecate attributes and nodes on Node (...
  • Additional commits viewable in compare view

Updates symfony/twig-bridge from 4.4.42 to 4.4.51

Release notes

Sourced from symfony/twig-bridge's releases.

v4.4.51

Changelog (symfony/twig-bridge@v4.4.50...v4.4.51)

Commits
  • 83b021c [TwigBridge] Add integration tests on twig code helpers
  • 7654da4 [TwigBridge] Ensure CodeExtension's filters properly escape their input
  • d6b0fbf Fix the notification email theme for asynchronously dispatched emails
  • 7d6e6db suggest to install the Twig bundle when the required component is already ins...
  • 53e4f5e Fix CS
  • 5192cb6 CS fixes
  • See full diff in compare view

Updates guzzlehttp/guzzle from 7.4.4 to 7.10.0

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.10.0

Added

  • Support for PHP 8.5

Changed

  • Adjusted guzzlehttp/promises version constraint to ^2.3
  • Adjusted guzzlehttp/psr7 version constraint to ^2.8

Release 7.9.3

Changed

  • Remove explicit content-length header for GET requests
  • Improve compatibility with bad servers for boolean cookie values

Release 7.9.2

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

Release 7.9.1

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

Release 7.9.0

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

Release 7.8.2

Added

  • Support for PHP 8.4

Release 7.8.1

Changed

  • Updated links in docs to their canonical versions
  • Replaced call_user_func* with native calls

Release 7.8.0

See change log for changes.

Release 7.7.1

... (truncated)

Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.10.0 - 2025-08-23

Added

  • Support for PHP 8.5

Changed

  • Adjusted guzzlehttp/promises version constraint to ^2.3
  • Adjusted guzzlehttp/psr7 version constraint to ^2.8

7.9.3 - 2025-03-27

Changed

  • Remove explicit content-length header for GET requests
  • Improve compatibility with bad servers for boolean cookie values

7.9.2 - 2024-07-24

Fixed

  • Adjusted handler selection to use cURL if its version is 7.21.2 or higher, rather than 7.34.0

7.9.1 - 2024-07-19

Fixed

  • Fix TLS 1.3 check for HTTP/2 requests

7.9.0 - 2024-07-18

Changed

  • Improve protocol version checks to provide feedback around unsupported protocols
  • Only select the cURL handler by default if 7.34.0 or higher is linked
  • Improved CurlMultiHandler to avoid busy wait if possible
  • Dropped support for EOL guzzlehttp/psr7 v1
  • Improved URI user info redaction in errors

7.8.2 - 2024-07-18

Added

  • Support for PHP 8.4

... (truncated)

Commits
  • b51ac70 Release 7.10.0
  • af24c69 Use the http_get_last_response_headers function (#3301)
  • 2be2ee8 Remove obsolete reference capturing of $http_response_header (#3294)
  • c6420f2 Add PHP 8.5 support (#3300)
  • 7b2f29f Release 7.9.3
  • 8f68d9f Improve compatibility with bad servers for boolean cookie values (#3281)
  • 234747f Remove explicit content-length header for GET requests (#3278)
  • d28a072 testHandlesGarbageHttpServerGracefully: Split test between PHP <= 8.1 and >...
  • 41f5ce7 CS fixes
  • 0811cfd SA upgrades
  • Additional commits viewable in compare view

Updates guzzlehttp/psr7 from 2.2.1 to 2.8.0

Release notes

Sourced from guzzlehttp/psr7's releases.

2.8.0

Added

  • Allow empty lists as header values

Changed

  • PHP 8.5 support

See also the change log for changes.

2.7.1

Fixed

  • Fixed uppercase IPv6 addresses in URI

Changed

  • Improve uploaded file error message

See also the change log for changes.

2.7.0

Added

  • Add Utils::redactUserInfo() method
  • Add ability to encode bools as ints in Query::build

See also the change log for changes.

2.6.3

Fixed

  • Make StreamWrapper::stream_stat() return false if inner stream's size is null

Changed

  • PHP 8.4 support

See also the change log for changes.

2.6.2

... (truncated)

Changelog

Sourced from guzzlehttp/psr7's changelog.

2.8.0 - 2025-08-23

Added

  • Allow empty lists as header values

Changed

  • PHP 8.5 support

2.7.1 - 2025-03-27

Fixed

  • Fixed uppercase IPv6 addresses in URI

Changed

  • Improve uploaded file error message

2.7.0 - 2024-07-18

Added

  • Add Utils::redactUserInfo() method
  • Add ability to encode bools as ints in Query::build

2.6.3 - 2024-07-18

Fixed

  • Make StreamWrapper::stream_stat() return false if inner stream's size is null

Changed

  • PHP 8.4 support

2.6.2 - 2023-12-03

Fixed

  • Fixed another issue with the fact that PHP transforms numeric strings in array keys to ints

Changed

  • Updated links in docs to their canonical versions
  • Replaced call_user_func* with native calls

2.6.1 - 2023-08-27

... (truncated)

Commits

Updates tecnickcom/tcpdf from 6.4.4 to 6.10.0

Changelog

Sourced from tecnickcom/tcpdf's changelog.

6.10.0 (2025-05-27)

  • Embedded files support (Factur-X 1.07 / ZUGFeRD 2.3) #789

6.9.5 (2025-05-27)

  • Automatically add destinations from HTML code #804
  • Wrong default value when $table_el['old_cell_padding'] is missing #807
  • Fixed PHP warning when empty hash link for image exists in HTML #809
  • Fix for application of alpha component to SVG RGBA fills #810

6.9.4 (2025-05-13)

  • Update donation link.

6.9.3 (2025-04-20)

  • New fix for "Deserialization of untrusted data" (check on valid protocols).
  • Removed global phar configuration.

6.9.2 (2025-04-18)

  • Quick fix for "Deserialization of untrusted data" security vulnerability reported by Positive Technologies.
  • Disable phar protocol globally.

6.9.1 (2025-04-03)

  • Fixed "Path Traversal" security vulnerability reported by Positive Technologies.

6.9.0 (2025-03-30)

  • Added PHP 8.4 testing.
  • Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-lib-pdf-parser project instead).
  • Fix composer.json.

6.8.2 (2025-01-26)

  • Fix some annotation flags values.
  • Remove examples from packaging.

6.8.1 (2025-01-26) - UNTAGGED

  • Check relative paths on SVG images.

6.8.0 (2024-12-23)

  • Requires PHP 7.1+ and curl extension.
  • Escape error message.
  • Use strict time-constant function to compare TCPDF-tag hashes.
  • Add K_CURLOPTS config array to set custom cURL options (NOTE: some defaults have changed).
  • Add some addTTFfont fixes from tc-lib-pdf-font.

6.7.8 (2024-12-13)

  • Improve SVG detection by checking for (mandatory) namespace.
  • Use late state binding now that minimum PHP version is 5.5.

6.7.7 (2024-10-26)

  • Update regular expression to avoid ReDoS (CVE-2024-22641)
  • [PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
  • SVG detection fix for inline data images #646

... (truncated)

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
Bump the composer group across 1 directory with 9 updates
014b774 
Bumps the composer group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [symfony/http-foundation](https://github.com/symfony/http-foundation) | `4.4.42` | `5.4.50` |
| [symfony/http-kernel](https://github.com/symfony/http-kernel) | `4.4.42` | `4.4.50` |
| [symfony/process](https://github.com/symfony/process) | `4.4.41` | `5.4.46` |
| [spipu/html2pdf](https://github.com/spipu/html2pdf) | `5.2.5` | `5.2.8` |
| [twig/twig](https://github.com/twigphp/Twig) | `3.4.1` | `3.11.2` |
| [symfony/twig-bridge](https://github.com/symfony/twig-bridge) | `4.4.42` | `4.4.51` |
| [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) | `7.4.4` | `7.10.0` |



Updates `symfony/http-foundation` from 4.4.42 to 5.4.50
- [Release notes](https://github.com/symfony/http-foundation/releases)
- [Changelog](https://github.com/symfony/http-foundation/blob/7.3/CHANGELOG.md)
- [Commits](symfony/http-foundation@v4.4.42...v5.4.50)

Updates `symfony/http-kernel` from 4.4.42 to 4.4.50
- [Release notes](https://github.com/symfony/http-kernel/releases)
- [Changelog](https://github.com/symfony/http-kernel/blob/7.3/CHANGELOG.md)
- [Commits](symfony/http-kernel@v4.4.42...v4.4.50)

Updates `symfony/process` from 4.4.41 to 5.4.46
- [Release notes](https://github.com/symfony/process/releases)
- [Changelog](https://github.com/symfony/process/blob/7.3/CHANGELOG.md)
- [Commits](symfony/process@v4.4.41...v5.4.46)

Updates `spipu/html2pdf` from 5.2.5 to 5.2.8
- [Release notes](https://github.com/spipu/html2pdf/releases)
- [Changelog](https://github.com/spipu/html2pdf/blob/master/CHANGELOG.md)
- [Commits](spipu/html2pdf@v5.2.5...v5.2.8)

Updates `twig/twig` from 3.4.1 to 3.11.2
- [Changelog](https://github.com/twigphp/Twig/blob/3.x/CHANGELOG)
- [Commits](twigphp/Twig@v3.4.1...v3.11.2)

Updates `symfony/twig-bridge` from 4.4.42 to 4.4.51
- [Release notes](https://github.com/symfony/twig-bridge/releases)
- [Changelog](https://github.com/symfony/twig-bridge/blob/7.3/CHANGELOG.md)
- [Commits](symfony/twig-bridge@v4.4.42...v4.4.51)

Updates `guzzlehttp/guzzle` from 7.4.4 to 7.10.0
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.10/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.4.4...7.10.0)

Updates `guzzlehttp/psr7` from 2.2.1 to 2.8.0
- [Release notes](https://github.com/guzzle/psr7/releases)
- [Changelog](https://github.com/guzzle/psr7/blob/2.8/CHANGELOG.md)
- [Commits](guzzle/psr7@2.2.1...2.8.0)

Updates `tecnickcom/tcpdf` from 6.4.4 to 6.10.0
- [Changelog](https://github.com/tecnickcom/TCPDF/blob/main/CHANGELOG.TXT)
- [Commits](tecnickcom/TCPDF@6.4.4...6.10.0)

---
updated-dependencies:
- dependency-name: symfony/http-foundation
  dependency-version: 5.4.50
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: symfony/http-kernel
  dependency-version: 4.4.50
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: symfony/process
  dependency-version: 5.4.46
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: spipu/html2pdf
  dependency-version: 5.2.8
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: twig/twig
  dependency-version: 3.11.2
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: symfony/twig-bridge
  dependency-version: 4.4.51
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.10.0
  dependency-type: indirect
  dependency-group: composer
- dependency-name: guzzlehttp/psr7
  dependency-version: 2.8.0
  dependency-type: indirect
  dependency-group: composer
- dependency-name: tecnickcom/tcpdf
  dependency-version: 6.10.0
  dependency-type: indirect
  dependency-group: composer
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Nov 12, 2025
This was referenced Nov 12, 2025
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants