drupal-security-advisories icon indicating copy to clipboard operation
drupal-security-advisories copied to clipboard

Results 12 drupal-security-advisories issues
Sort by recently updated
recently updated
newest added

We just noticed that Packagist is no longer listing the `9.x` and `8.x-v2` branches. There was a recent commit that changed the composer.json file in those branches. Is there something...

Let's say a contrib module moves from having active support of both a `1.x` and `2.x` branch, but `1.x` reaches EOL. Can we include a constraint for `^1`? That would...

Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7) from 1.9.0 to 1.9.1. Release notes Sourced from guzzlehttp/psr7's releases. 1.9.1 See change log for changes. Changelog Sourced from guzzlehttp/psr7's changelog. 1.9.1 - 2023-04-17 Fixed Fixed header validation...

dependencies

Examples are - entity_backup https://www.drupal.org/sa-contrib-2018-012 - vchess https://www.drupal.org/sa-contrib-2018-009 API Call: https://www.drupal.org/api-d7/node.json?field_security_advisory_coverage=revoked

Hi, I stumble into your package when analysing drush code (https://github.com/drush-ops/drush/blob/10.x/src/Commands/pm/SecurityUpdateCommands.php#L101) but I didn't find any reference in drupal.org. Since it's about security, IMHO this repo and the drush mechanism...

I noticed today that I am able to install known-insecure versions of Drupal. Here's the basic `composer.json`: ```json { "require": { "drupal-composer/drupal-security-advisories": "8.x-dev", "drupal/core": "8.8.3" } } ``` And here's...

Only include minor version for D8+, so that D7 contraints are in the format `>7,7.67,

#17 Still includes constraints for each unsupported minor core version instead of a single constraint blocking all older core versions. e.g. `8.0.4|>=8.0,=8.1,=8.2,=8.3,=8.4,=8.5,=8.6,=8.7,

This PR builds on #11 - Only add one range constraint for most recent security release - Exclude individual unsupported releases that are covered by a security release range -...

Cross posting this: https://github.com/drush-ops/drush/issues/3731 Drupal advisories are not correctly formatted in this repo which causes drush to provide inconsistent output.