276895 – devel/php-composer: Update to 2.7.0 (includes security fix)

Bug 276895 - devel/php-composer: Update to 2.7.0 (includes security fix)

Summary: devel/php-composer: Update to 2.7.0 (includes security fix)

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Guido Falsi

URL:
Keywords:

Depends on:
Blocks:

Reported:	2024-02-08 14:50 UTC by Guido Falsi
Modified:	2024-02-08 17:22 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	cyberbotx: maintainer-feedback+ madpilot: merge-quarterly+

Attachments
patch v1 (924 bytes, patch) 2024-02-08 14:50 UTC, Guido Falsi	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Guido Falsi freebsd_committer

2024-02-08 14:50:05 UTC

Created attachment 248263 [details]
patch v1

Hi,

I've noticed a new version of composer is out. Also includes a security fix. [1]

I already created a vuxml entry for the advisory. [2]


Attaching patch, everything works fine here, after a simple test. Can you approve it?

Thanks in advance.


[1] https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h

[2] https://cgit.freebsd.org/ports/commit/?id=b3fafb5cba9975027affb385f8022e5cf2896cd1

Comment 1 Naram Qashat 2024-02-08 14:54:19 UTC

Looks good to me.

Comment 2 commit-hook freebsd_committer

2024-02-08 17:20:16 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=9b4e16df256285f592a096fb7130713c68a8fbc1

commit 9b4e16df256285f592a096fb7130713c68a8fbc1
Author:     Guido Falsi <madpilot@FreeBSD.org>
AuthorDate: 2024-02-08 17:18:13 +0000
Commit:     Guido Falsi <madpilot@FreeBSD.org>
CommitDate: 2024-02-08 17:18:13 +0000

    devel/php-composer: Update to 2.7.0

    PR:             276895
    Approved by:    Naram Qashat <cyberbotx@cyberbotx.com> (maintainer)
    MFH:            2024Q1
    Security:       33ba2241-c68e-11ee-9ef3-001999f8d30b

 devel/php-composer/Makefile | 2 +-
 devel/php-composer/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 3 commit-hook freebsd_committer

2024-02-08 17:22:17 UTC

A commit in branch 2024Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=138336f11c76ff5ab21c14a6bb712033eeb03987

commit 138336f11c76ff5ab21c14a6bb712033eeb03987
Author:     Guido Falsi <madpilot@FreeBSD.org>
AuthorDate: 2024-02-08 17:18:13 +0000
Commit:     Guido Falsi <madpilot@FreeBSD.org>
CommitDate: 2024-02-08 17:21:19 +0000

    devel/php-composer: Update to 2.7.0

    PR:             276895
    Approved by:    Naram Qashat <cyberbotx@cyberbotx.com> (maintainer)
    MFH:            2024Q1
    Security:       33ba2241-c68e-11ee-9ef3-001999f8d30b

    (cherry picked from commit 9b4e16df256285f592a096fb7130713c68a8fbc1)

 devel/php-composer/Makefile | 2 +-
 devel/php-composer/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 4 Guido Falsi freebsd_committer

2024-02-08 17:22:49 UTC

Committed. Thanks!