mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-07-18 06:45:20 +00:00
3.x is now the default branch, so Dependabot re-surfaced the symfony/guzzle advisories (composer.lock was never bumped on v3). Same fix as v2's #674: - laravel/framework -> 13.15.0 (CVE-2026-48019, CRLF in the email rule) - symfony/{mime,http-kernel,mailer,routing,yaml,polyfill-intl-idn} -> patched - guzzlehttp/psr7 -> 2.11.0 (host-confusion + CRLF advisories) composer audit clean.
481 KiB
481 KiB