Patch vulnerability advisory (#3966)

Seems composer has a vulnerability, see GHSA-7c6p-848j-wh5h Affected versions >= 2.0.0-alpha1, < 2.2.23 -- patched in 2.2.23 >= 2.3.0-rc1, < 2.7.0 -- patched in 2.7.0 --- Let's raise the minimum to enforce the latest. Thank you @PeopleInside for reporting this. (cherry picked from commit e771b90)
flarum · Feb 22, 2024 · a52959c · a52959c
1 parent b2044ff
commit a52959c
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/extensions/package-manager/composer.json b/extensions/package-manager/composer.json
@@ -23,7 +23,7 @@
     },
     "require": {
         "flarum/core": "^1.8",
-        "composer/composer": "^2.3"
+        "composer/composer": "^2.7"
     },
     "require-dev": {
         "flarum/testing": "^1.0.0",