zachary/Mainframe-API
1
0
Fork 0
Code Issues 1 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

Bump twig/twig from 3.11.0 to 3.14.0 #1

Merged
dependabot[bot] merged 1 commits from dependabot/composer/twig/twig-3.14.0 into master 2024-09-16 10:07:39 +02:00
Conversation 0 Commits 1 Files Changed 1 +15 -16
dependabot[bot] commented 2024-09-10 19:21:26 +02:00 (Migrated from github.com)
Copy Link

Bumps twig/twig from 3.11.0 to 3.14.0.

Changelog

Sourced from twig/twig's changelog.

3.14.0 (2024-09-09)

  • Fix a security issue when an included sandboxed template has been loaded before without the sandbox context
  • Add the possibility to reset globals via Environment::resetGlobals()
  • Deprecate Environment::mergeGlobals()

3.13.0 (2024-09-07)

  • Add the types tag (experimental)
  • Deprecate the Twig\Test\NodeTestCase::getTests() data provider, override provideTests() instead.
  • Mark Twig\Test\NodeTestCase::getEnvironment() as final, override createEnvironment() instead.
  • Deprecate Twig\Test\NodeTestCase::getVariableGetter(), call createVariableGetter() instead.
  • Deprecate Twig\Test\NodeTestCase::getAttributeGetter(), call createAttributeGetter() instead.
  • Deprecate not overriding Twig\Test\IntegrationTestCase::getFixturesDirectory(), this method will be abstract in 4.0
  • Marked Twig\Test\IntegrationTestCase::getTests() and getLegacyTests() as final

3.12.0 (2024-08-29)

  • Deprecate the fact that the extends and use tags are always allowed in a sandboxed template. This behavior will change in 4.0 where these tags will need to be explicitly allowed like any other tag.
  • Deprecate the "tag" constructor argument of the "Twig\Node\Node" class as the tag is now automatically set by the Parser when needed
  • Fix precedence of two-word tests when the first word is a valid test
  • Deprecate the spaceless filter
  • Deprecate some internal methods from Parser: getBlockStack(), hasBlock(), getBlock(), hasMacro(), hasTraits(), getParent()
  • Deprecate passing null to Twig\Parser::setParent()
  • Update Node::__toString() to include the node tag if set
  • Add support for integers in methods of Twig\Node\Node that take a Node name
  • Deprecate not passing a BodyNode instance as the body of a ModuleNode or MacroNode constructor
  • Deprecate returning "null" from "TokenParserInterface::parse()".
  • Deprecate OptimizerNodeVisitor::OPTIMIZE_TEXT_NODES
  • Fix performance regression when use_yield is false (which is the default)
  • Improve compatibility when use_yield is false (as extensions still using echo will work as is)
  • Accept colons (:) in addition to equals (=) to separate argument names and values in named arguments
  • Add the html_cva function (in the HTML extra package)
  • Add support for named arguments to the block and attribute functions
  • Throw a SyntaxError exception at compile time when a Twig callable has not the minimum number of required arguments
  • Add a CallableArgumentsExtractor class
  • Deprecate passing a name to FunctionExpression, FilterExpression, and TestExpression; pass a TwigFunction, TwigFilter, or TestFilter instead
  • Deprecate all Twig callable attributes on FunctionExpression, FilterExpression, and TestExpression
  • Deprecate the filter node of FilterExpression
  • Add the notion of Twig callables (functions, filters, and tests)
  • Bump minimum PHP version to 8.0
  • Fix integration tests when a test has more than one data/expect section and deprecations
  • Add the enum_cases function
Commits
  • 126b2c9 Prepare the 3.14.0 release
  • 11f68e2 Fix a security issue when an included sandboxed template has been loaded befo...
  • 540b54e minor #4290 fix the version mergeGlobals() is deprecated since (xabbuh)
  • 7957202 Fix test
  • f72c93d fix the version mergeGlobals() is deprecated since
  • 064e079 Tweak code
  • 995e7c2 Fix CS
  • 6420791 minor #4289 Remove unused private methods (fabpot)
  • 45e167a Add more tests
  • 28dc912 Remove unused private methods
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.
Bumps [twig/twig](https://github.com/twigphp/Twig) from 3.11.0 to 3.14.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/twigphp/Twig/blob/3.x/CHANGELOG">twig/twig's changelog</a>.</em></p> <blockquote> <h1>3.14.0 (2024-09-09)</h1> <ul> <li>Fix a security issue when an included sandboxed template has been loaded before without the sandbox context</li> <li>Add the possibility to reset globals via <code>Environment::resetGlobals()</code></li> <li>Deprecate <code>Environment::mergeGlobals()</code></li> </ul> <h1>3.13.0 (2024-09-07)</h1> <ul> <li>Add the <code>types</code> tag (experimental)</li> <li>Deprecate the <code>Twig\Test\NodeTestCase::getTests()</code> data provider, override <code>provideTests()</code> instead.</li> <li>Mark <code>Twig\Test\NodeTestCase::getEnvironment()</code> as final, override <code>createEnvironment()</code> instead.</li> <li>Deprecate <code>Twig\Test\NodeTestCase::getVariableGetter()</code>, call <code>createVariableGetter()</code> instead.</li> <li>Deprecate <code>Twig\Test\NodeTestCase::getAttributeGetter()</code>, call <code>createAttributeGetter()</code> instead.</li> <li>Deprecate not overriding <code>Twig\Test\IntegrationTestCase::getFixturesDirectory()</code>, this method will be abstract in 4.0</li> <li>Marked <code>Twig\Test\IntegrationTestCase::getTests()</code> and <code>getLegacyTests()</code> as final</li> </ul> <h1>3.12.0 (2024-08-29)</h1> <ul> <li>Deprecate the fact that the <code>extends</code> and <code>use</code> tags are always allowed in a sandboxed template. This behavior will change in 4.0 where these tags will need to be explicitly allowed like any other tag.</li> <li>Deprecate the &quot;tag&quot; constructor argument of the &quot;Twig\Node\Node&quot; class as the tag is now automatically set by the Parser when needed</li> <li>Fix precedence of two-word tests when the first word is a valid test</li> <li>Deprecate the <code>spaceless</code> filter</li> <li>Deprecate some internal methods from <code>Parser</code>: <code>getBlockStack()</code>, <code>hasBlock()</code>, <code>getBlock()</code>, <code>hasMacro()</code>, <code>hasTraits()</code>, <code>getParent()</code></li> <li>Deprecate passing <code>null</code> to <code>Twig\Parser::setParent()</code></li> <li>Update <code>Node::__toString()</code> to include the node tag if set</li> <li>Add support for integers in methods of <code>Twig\Node\Node</code> that take a Node name</li> <li>Deprecate not passing a <code>BodyNode</code> instance as the body of a <code>ModuleNode</code> or <code>MacroNode</code> constructor</li> <li>Deprecate returning &quot;null&quot; from &quot;TokenParserInterface::parse()&quot;.</li> <li>Deprecate <code>OptimizerNodeVisitor::OPTIMIZE_TEXT_NODES</code></li> <li>Fix performance regression when <code>use_yield</code> is <code>false</code> (which is the default)</li> <li>Improve compatibility when <code>use_yield</code> is <code>false</code> (as extensions still using <code>echo</code> will work as is)</li> <li>Accept colons (<code>:</code>) in addition to equals (<code>=</code>) to separate argument names and values in named arguments</li> <li>Add the <code>html_cva</code> function (in the HTML extra package)</li> <li>Add support for named arguments to the <code>block</code> and <code>attribute</code> functions</li> <li>Throw a SyntaxError exception at compile time when a Twig callable has not the minimum number of required arguments</li> <li>Add a <code>CallableArgumentsExtractor</code> class</li> <li>Deprecate passing a name to <code>FunctionExpression</code>, <code>FilterExpression</code>, and <code>TestExpression</code>; pass a <code>TwigFunction</code>, <code>TwigFilter</code>, or <code>TestFilter</code> instead</li> <li>Deprecate all Twig callable attributes on <code>FunctionExpression</code>, <code>FilterExpression</code>, and <code>TestExpression</code></li> <li>Deprecate the <code>filter</code> node of <code>FilterExpression</code></li> <li>Add the notion of Twig callables (functions, filters, and tests)</li> <li>Bump minimum PHP version to 8.0</li> <li>Fix integration tests when a test has more than one data/expect section and deprecations</li> <li>Add the <code>enum_cases</code> function</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/twigphp/Twig/commit/126b2c97818dbff0cdf3fbfc881aedb3d40aae72"><code>126b2c9</code></a> Prepare the 3.14.0 release</li> <li><a href="https://github.com/twigphp/Twig/commit/11f68e2aeb526bfaf638e30d4420d8a710f3f7c6"><code>11f68e2</code></a> Fix a security issue when an included sandboxed template has been loaded befo...</li> <li><a href="https://github.com/twigphp/Twig/commit/540b54e0d5c7b1d911b7403f6215770bb2ffc192"><code>540b54e</code></a> minor <a href="https://redirect.github.com/twigphp/Twig/issues/4290">#4290</a> fix the version mergeGlobals() is deprecated since (xabbuh)</li> <li><a href="https://github.com/twigphp/Twig/commit/795720230c8e90d91dfaed3bfd749160f7dc1e03"><code>7957202</code></a> Fix test</li> <li><a href="https://github.com/twigphp/Twig/commit/f72c93dbd22310f729203881351c75c3d44b56ec"><code>f72c93d</code></a> fix the version mergeGlobals() is deprecated since</li> <li><a href="https://github.com/twigphp/Twig/commit/064e07965465eb33f2b2ca47c188681039f6b876"><code>064e079</code></a> Tweak code</li> <li><a href="https://github.com/twigphp/Twig/commit/995e7c2270789c21ae3df5b5061101e139cd7026"><code>995e7c2</code></a> Fix CS</li> <li><a href="https://github.com/twigphp/Twig/commit/6420791d406d13b905c541b2d72deaf8135af49c"><code>6420791</code></a> minor <a href="https://redirect.github.com/twigphp/Twig/issues/4289">#4289</a> Remove unused private methods (fabpot)</li> <li><a href="https://github.com/twigphp/Twig/commit/45e167a514ff0d53878be6a7c145336ccfdc4f03"><code>45e167a</code></a> Add more tests</li> <li><a href="https://github.com/twigphp/Twig/commit/28dc912c0e2b3dfec22ee0d92c334fee21599873"><code>28dc912</code></a> Remove unused private methods</li> <li>Additional commits viewable in <a href="https://github.com/twigphp/Twig/compare/v3.11.0...v3.14.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twig/twig&package-manager=composer&previous-version=3.11.0&new-version=3.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Angels-dev/Zac-Mainframe-Back/network/alerts). </details>
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
Something isn't working
dependencies
Pull requests that update a dependency file
documentation
Improvements or additions to documentation
duplicate
This issue or pull request already exists
enhancement
New feature or request
good first issue
Good for newcomers
help wanted
Extra attention is needed
invalid
This doesn't seem right
question
Further information is requested
wontfix
This will not be worked on
No Label
dependencies
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
zachary
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: zachary/Mainframe-API#1
No description provided.
Delete Branch "dependabot/composer/twig/twig-3.14.0"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?