Skip to content

ci/tests: pin all test dependencies to fixed versions#2178

Merged
nodiscc merged 1 commit intoshaarli:masterfrom
nodiscc:pin-test-dependencies
Jan 23, 2026
Merged

ci/tests: pin all test dependencies to fixed versions#2178
nodiscc merged 1 commit intoshaarli:masterfrom
nodiscc:pin-test-dependencies

Conversation

@nodiscc
Copy link
Copy Markdown
Member

@nodiscc nodiscc commented Jan 23, 2026

@nodiscc nodiscc added this to the 0.16.0 milestone Jan 23, 2026
@nodiscc nodiscc added tools developer tools php compatibility php version support labels Jan 23, 2026
@nodiscc
Copy link
Copy Markdown
Member Author

nodiscc commented Jan 23, 2026

I checked that there were no other problematic uses of composer update anywhere else (build tools, documentation) and everything appears clean.

All composer dependencies are properly pinned to major version, except roave/security-advisories which is designed to be installed from master (blocks installation of known vulnerable composer packages), and pubsubhubbub/publisher which has no tagged releases and hasn't been touched in years, so the risk is low.

@nodiscc nodiscc merged commit f0c17b1 into shaarli:master Jan 23, 2026
8 checks passed
@nodiscc nodiscc deleted the pin-test-dependencies branch January 23, 2026 22:27
@nodiscc nodiscc mentioned this pull request Jan 23, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

php compatibility php version support tools developer tools

Projects

None yet

Milestone

0.16.0

Development

Successfully merging this pull request may close these issues.

1 participant

@nodiscc