Skip to content
Snippets Groups Projects

Update dependency twig/twig to v3.14.2

Merged Renovate Bot requested to merge renovate/twig-twig-3.x-lockfile into master

This MR contains the following updates:

Package Type Update Change
twig/twig (source) require patch 3.14.0 -> 3.14.2

Release Notes

twigphp/Twig (twig/twig)

v3.14.2

Compare Source

  • Fix an infinite recursion in the sandbox code

v3.14.1

Compare Source

  • [BC BREAK] Fix a security issue in the sandbox mode allowing an attacker to call attributes on Array-like objects They are now checked via the property policy
  • Fix a security issue in the sandbox mode allowing an attacker to be able to call toString() under some circumstances on an object even if the __toString() method is not allowed by the security policy

Configuration

:date: Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.

:recycle: Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

:no_bell: Ignore: Close this MR and you won't be reminded about this update again.


  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by Renovate Bot

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Loading
  • Loading
  • Loading
Please register or sign in to reply
Loading