php-buildpack icon indicating copy to clipboard operation
php-buildpack copied to clipboard

Published 20 hours ago verified publisher icon cloudfoundry

Default versions should float the patch

Open menehune23 opened this issue 3 years ago • 2 comments

This buildpack's manifest.yml contains pinned default versions, such as php 7.4.23. We should change our defaults to float patches where appropriate, to help consumers build more secure apps (for instance, 7.4.23 has a CVE but the buildpack also provides 7.4.24).

menehune23 avatar Oct 08 '21 21:10 menehune23