Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NO MERGE: Update symfony/security-core requirement from ^6.4 to ^7.1 in the symfony group #14

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 5, 2024

Updates the requirements on symfony/security-core to permit the latest version.
Updates symfony/security-core to 7.1.3

Release notes

Sourced from symfony/security-core's releases.

v7.1.3

Changelog (symfony/security-core@v7.1.2...v7.1.3)

  • no significant changes
Changelog

Sourced from symfony/security-core's changelog.

CHANGELOG

7.0

  • Remove the Security class, use Symfony\Bundle\SecurityBundle\Security instead
  • Require explicit argument when calling TokenStorage::setToken()
  • Change argument $lastUsed of TokenProviderInterface::updateToken() to accept DateTimeInterface

6.4

  • Make PersistentToken immutable
  • Deprecate accepting only DateTime for TokenProviderInterface::updateToken(), use DateTimeInterface instead

6.3

  • Add AttributesBasedUserProviderInterface to allow $attributes optional argument on loadUserByIdentifier
  • Add OidcUser with OIDC support for OidcUserInfoTokenHandler

6.2

  • Deprecate the Security class, use Symfony\Bundle\SecurityBundle\Security instead
  • Change the signature of TokenStorageInterface::setToken() to setToken(?TokenInterface $token)
  • Deprecate calling TokenStorage::setToken() without arguments
  • Add a ChainUserChecker to allow calling multiple user checkers for a firewall

6.0

  • TokenInterface does not extend Serializable anymore
  • Remove all classes in the Core\Encoder\ sub-namespace, use the PasswordHasher component instead
  • Remove methods getPassword() and getSalt() from UserInterface, use PasswordAuthenticatedUserInterface or LegacyPasswordAuthenticatedUserInterface instead
  • AccessDecisionManager requires the strategy to be passed as in instance of AccessDecisionStrategyInterface

5.4.21

  • [BC BREAK] AccessDecisionStrategyTestCase::provideStrategyTests() is now static

5.4

  • Add a CacheableVoterInterface for voters that vote only on identified attributes and subjects
  • Deprecate AuthenticationEvents::AUTHENTICATION_FAILURE, use the LoginFailureEvent instead

... (truncated)

Commits
  • aa4f432 Merge branch '7.0' into 7.1
  • 6048754 Merge branch '6.4' into 7.0
  • 432dec5 Merge branch '5.4' into 6.4
  • 3c6b81c [Core] Fix & Enhance security arabic translation.
  • e55666d Merge branch '7.0' into 7.1
  • d5b6ca5 Merge branch '6.4' into 7.0
  • 17c5874 Merge branch '5.4' into 6.4
  • d29cef2 [Security] Verify Hungarian translation
  • 0b70b30 minor #57590 [Security][Validator] Added missing pt_BR translations (nei)
  • 1293cdd [Security][Validator] Added missing Portuguese(pt) translations
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Aug 5, 2024
@tvdijen tvdijen changed the title Update symfony/security-core requirement from ^6.4 to ^7.1 in the symfony group NO MERGE: Update symfony/security-core requirement from ^6.4 to ^7.1 in the symfony group Aug 5, 2024
@tvdijen
Copy link
Member

tvdijen commented Aug 5, 2024

See the attached issue. This PR shouldn't exist in the first place.

@tvdijen tvdijen added invalid This doesn't seem right and removed dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Aug 5, 2024
Updates the requirements on [symfony/security-core](https://github.com/symfony/security-core) to permit the latest version.

Updates `symfony/security-core` to 7.1.3
- [Release notes](https://github.com/symfony/security-core/releases)
- [Changelog](https://github.com/symfony/security-core/blob/7.1/CHANGELOG.md)
- [Commits](symfony/security-core@v6.4.0...v7.1.3)

---
updated-dependencies:
- dependency-name: symfony/security-core
  dependency-type: direct:production
  dependency-group: symfony
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/composer/symfony-cd9638876d branch from c82aa41 to 8f72754 Compare August 26, 2024 01:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
invalid This doesn't seem right
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant