Bump the composer group across 1 directory with 7 updates

[dependabot]

Bumps the composer group with 1 update in the / directory: laravel/framework.

Updates laravel/framework from 5.7.28 to 5.7.29

Commits

• 2555bf6 version
• c97f19e Add support for the new composer installed.json format (#32310) (#32329)
• 7840082 Merge pull request #29292 from cybercog/fix/typo-in-test-methods-names
• bbdb81e Fix typo in test methods names
• d932276 Apply fixes from StyleCI (#29061)
• ebff046 Merge pull request #29053 from NostradamusICTBV/5.7
• 4423ed8 Added return type to avoid errors in tests
• efc27ec Add .styleci.yml to .gitattributes
• 152e6b8 Merge pull request #28299 from laravel/analysis-zOpYPP
• 9985ec5 Apply fixes from StyleCI
• Additional commits viewable in compare view

Updates guzzlehttp/guzzle from 6.3.3 to 6.5.8

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 6.5.8

See change log for changes.

Release 6.5.7

See change log for changes.

Release 6.5.6

See change log for changes.

6.5.5

No release notes provided.

6.5.4

No release notes provided.

6.5.3

No release notes provided.

6.5.2

• idn_to_ascii() fix for old PHP versions #2489

6.5.1

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0

No release notes provided.

6.4.1

No release notes provided.

Changelog

Sourced from guzzlehttp/guzzle's changelog.

6.5.8 - 2022-06-20

• Fix change in port should be considered a change in origin
• Fix CURLOPT_HTTPAUTH option not cleared on change of origin

6.5.7 - 2022-06-09

• Fix failure to strip Authorization header on HTTP downgrade
• Fix failure to strip the Cookie header on change in host or HTTP downgrade

6.5.6 - 2022-05-25

• Fix cross-domain cookie leakage

6.5.5 - 2020-06-16

• Unpin version constraint for symfony/polyfill-intl-idn #2678

6.5.4 - 2020-05-25

• Fix various intl icu issues #2626

6.5.3 - 2020-04-18

• Use Symfony intl-idn polyfill #2550
• Remove use of internal functions #2548

6.5.2 - 2019-12-23

• idn_to_ascii() fix for old PHP versions #2489

6.5.1 - 2019-12-21

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0 - 2019-12-07

• Improvement: Added support for reset internal queue in MockHandler. #2143
• Improvement: Added support to pass arbitrary options to curl_multi_init. #2287
• Fix: Gracefully handle passing null to the header option. #2132
• Fix: RetryMiddleware did not do exponential delay between retries due unit mismatch. #2132 Previously, RetryMiddleware would sleep for 1 millisecond, then 2 milliseconds, then 4 milliseconds. After this change, RetryMiddleware will sleep for 1 second, then 2 seconds, then 4 seconds. Middleware::retry() accepts a second callback parameter to override the default timeouts if needed.
• Fix: Prevent undefined offset when using array for ssl_key options. #2348
• Deprecated ClientInterface::VERSION

6.4.1 - 2019-10-23

... (truncated)

Commits

• a52f044 Release 6.5.8 (#3042)
• 724562f Release 6.5.7 (#3022)
• f092dd7 [6.x] Fix cross-domain cookie leakage (#3017)
• e8ed4db Fixed tests (#2720)
• 9d4290d Prepare 6.5.5 (#2692)
• ba7930f Updated static analysis tooling (#2694)
• 23730ab Unpin version for symfony/polyfill-intl-idn (#2678)
• a4a1b69 Adding changelog for 6.5.4 (#2651)
• 0d137e9 [6.5] Remove obsolete statement in handler option docs (#2567)
• d3f2c17 [6.5] Fix various intl icu issues (#2626)
• Additional commits viewable in compare view

Updates guzzlehttp/psr7 from 1.5.2 to 1.9.1

Release notes

Sourced from guzzlehttp/psr7's releases.

1.9.1

See change log for changes.

1.9.0

See change log for changes.

1.8.5

See change log for changes.

1.8.4

See change log for changes.

1.8.3

See change log for changes.

1.8.2

See change log for changes.

1.8.1

See change log for changes.

1.8.0

See change log for changes.

1.7.0

See change log for changes.

Revert PSR-7 type assertions

1.6.0 introduced a few type assertions to enforce types defined by PSR-7. Unfortunately that break the library for users not strictly following the PSR-7 standard. Since the users impacted by this change seems to be rather large, this hotfix reverts that change with the note that we will reapply it in 2.0.0, so fixing this is recommended regardless of which version you use.

Details are in #282 and #283

1.6.0

Version 1.6.0 is released which will likely be the last minor release in 1.x. We're focussing 2.0 now with support for psr/http-factory, PHP 7.2 requirement and type declarations.

Added

• Allowed version ^3.0 of ralouphie/getallheaders dependency (#244)
• Added MIME type for WEBP image format (#246)
• Added more validation of values according to PSR-7 and RFC standards, e.g. status code range (#250, #272)

Changed

• Tests don't pass with HHVM 4.0, so HHVM support got dropped. Other libraries like composer have done the same. (#262)
• Accept port number 0 to be valid (#270)

Fixed

• Fixed subsequent reads from php://input in ServerRequest (#247)
• Fixed readable/writable detection for certain stream modes (#248)

... (truncated)

Changelog

Sourced from guzzlehttp/psr7's changelog.

1.9.1 - 2023-04-17

Fixed

• Fixed header validation issue

1.9.0 - 2022-06-20

Added

• Added UriComparator::isCrossOrigin method

1.8.5 - 2022-03-20

Fixed

• Correct header value validation

1.8.4 - 2022-03-20

Fixed

• Validate header values properly

1.8.3 - 2021-10-05

Fixed

• Return null in caching stream size if remote size is null

1.8.2 - 2021-04-26

Fixed

• Handle possibly unset url in stream_get_meta_data

1.8.1 - 2021-03-21

Fixed

• Issue parsing IPv6 URLs
• Issue modifying ServerRequest lost all its attributes

1.8.0 - 2021-03-21

Added

• Locale independent URL parsing
• Most classes got a @final annotation to prepare for 2.0

... (truncated)

Commits

• e4490ca Release 1.9.1
• c8b21de Release 1.9.1
• 18fd891 Patch header validation issue
• 0e75375 Remove branch alias
• 7cd3009 Update CI workflows (#552)
• e98e3e6 Release 1.9.0 (#520)
• 337e3ad Release 1.8.5 (#491)
• 902db15 Release 1.8.4 (#486)
• 1afdd86 Release 1.8.3 (#446)
• a0c4a5f Return null in caching stream size if remote is null (#438)
• Additional commits viewable in compare view

Updates league/flysystem from 1.0.50 to 1.0.70

Release notes

Sourced from league/flysystem's releases.

1.0.62

When resources are not actually file pointers, but fopen results from URL, the fstat call fails. This resulted in an error in PHP 7.4 because it's more strict about variable handling. This affected the Util::getStreamSize utility method.

Changelog

Sourced from league/flysystem's changelog.

1.0.70 - 2020-07-26

Fixes

• Local::update now also updates permissions.

1.0.69 - 2020-05-12

Fixes

• Corrected the docblock return type of getTimestamp and enforce it in the Filesystem.

1.0.68 - 2020-05-12

Fixes

• Added mime-types for .ico files (#1163)

1.0.67 - 2020-04-16

Fixes

• Added mime-types for markdown (#1153)

1.0.66 - 2020-03-17

Fixes

• Warnings from FTP are now silenced, preventing exceptions.

1.0.65 - 2020-03-08

• Added missing webp mime-type entry.

1.0.64 - 2020-02-05

• Improved performance of the connectivity check for FTP connections.

1.0.63 - 2020-01-04

• Introduces base exception marker and custom runtime exceptions for error cases.

1.0.62 - 2019-12-29

• (#1119) Made Util::getStreamSize account for fstat failure.

1.0.61 - 2019-12-08

• Fixed an array access issue for PHP 7.4 (#1106)

... (truncated)

Commits

• 5858247 Pre-release changelog
• 69e921c Set visibility on update on the Local adapter
• fb1979a Don't fetch mimetype on local write, it's not needed. [perf]
• 2ed2984 Do update deps
• 279e0fb Allow a wide phpspec range
• fcfdcf3 Missed a ; in the bash
• 184c53b Upgrade phpspec for PHP nightly test run
• 1100333 Set locale when testing UTF-8 compatibility
• befb3c0 add a new community support for tencent cloud cos storage
• ef6a97e Skip 'not writable' test when running as root
• Additional commits viewable in compare view

Updates swiftmailer/swiftmailer from 6.2.0 to 6.3.0

Changelog

Sourced from swiftmailer/swiftmailer's changelog.

6.3.0 (2021-10-18)

• Fix support for PHP 8.1

6.2.7 (2021-03-09)

• Allow egulias/email-validator 3.1+

6.2.6 (2021-03-05)

• Fix Bcc support

6.2.5 (2021-01-12)

• Don't trust properties at destruct time
• Remove invalid PHPDocs param in EventDispatcher interface
• Bump license year
• Removes PHP version from README

6.2.4 (2020-12-08)

• Prevent flushing of the bubble queue when event handler raises another event
• Add support for PHP 8
• Code cleanups

6.2.3 (2019-11-12)

• no changes

6.2.2 (2019-11-12)

• fixed compat with PHP 7.4
• fixed error message when connecting to a stream raises an error before connect()

6.2.1 (2019-04-21)

• reverted "deprecated Swift_CharacterStream_ArrayCharacterStream and Swift_CharacterStream_NgCharacterStream in favor of Swift_CharacterStream_CharacterStream"

Commits

• 8a5d507 Prepare 6.3.0 release
• 56dccc1 Fix changelog
• bc28df7 bug #1355 PHP 8.1 Support (driesvints)
• ee8a1d9 PHP 8.1 Support
• 2a7fb75 minor #1352 Add information about EOM (fabpot)
• 0863074 Add information about EOM
• 23e9ffa Change intro doc page title
• 0cf1030 minor #1336 [Doc] Fixed the syntax of a table in messages.rst (javiereguiluz)
• 93ab97b [Doc] Fixed the syntax of a table in messages.rst
• 6044649 minor #1335 [Doc] Fixed a minor issue in a code example (javiereguiluz)
• Additional commits viewable in compare view

Updates symfony/http-foundation from 4.2.4 to 4.4.49

Release notes

Sourced from symfony/http-foundation's releases.

v4.4.49

Changelog (symfony/http-foundation@v4.4.48...v4.4.49)

• bug #48112 Compare cookie with null value as empty string in ResponseCookieValueSame (fancyweb)
• bug #48050 Check IPv6 is valid before comparing it (PhilETaylor)

v4.4.48

Changelog (symfony/http-foundation@v4.4.47...v4.4.48)

• no significant changes

v4.4.47

Changelog (symfony/http-foundation@v4.4.46...v4.4.47)

• bug #47746 Fix BinaryFileResponse content type detection logic (X-Coder264)

v4.4.46

Changelog (symfony/http-foundation@v4.4.45...v4.4.46)

• bug #47516 Prevent BinaryFileResponse::prepare from adding content type if no content is sent (naitsirch)
• bug #47530 Always return strings from accept headers (ausi)
• bug #47434 move flushing outside of Response::closeOutputBuffers (nicolas-grekas)

v4.4.45

Changelog (symfony/http-foundation@v4.4.44...v4.4.45)

• bug #47130 Fix invalid ID not regenerated with native PHP file sessions (BrokenSourceCode)

v4.4.44

Changelog (symfony/http-foundation@v4.4.43...v4.4.44)

• bug #46931 Flush backend output buffer after closing. (bradjones1)
• bug #42033 Fix deleteFileAfterSend on client abortion (nerg4l)
• bug #46790 Prevent PHP Warning: Session ID is too long or contains illegal characters (BrokenSourceCode)
• bug #46808 Fix TypeError on null $_SESSION in NativeSessionStorage::save() (chalasr)

v4.4.43

Changelog (symfony/http-foundation@v4.4.42...v4.4.43)

• bug #46678 Update "[Session] Overwrite invalid session id" to only validate when files session storage is used (alexpott)
• bug #46676 Extend type guessing on enum fields (Gigino Chianese)

v4.4.42

Changelog (symfony/http-foundation@v4.4.41...v4.4.42)

• bug #46249 Regenerate invalid session id (peter17)

Changelog

Sourced from symfony/http-foundation's changelog.

CHANGELOG

7.0

• Calling ParameterBag::filter() throws an UnexpectedValueException on invalid value, unless flag FILTER_NULL_ON_FAILURE is set
• Calling ParameterBag::getInt() and ParameterBag::getBool() throws an UnexpectedValueException on invalid value
• Remove classes RequestMatcher and ExpressionRequestMatcher
• Remove Request::getContentType(), use Request::getContentTypeFormat() instead
• Throw an InvalidArgumentException when calling Request::create() with a malformed URI
• Require explicit argument when calling JsonResponse::setCallback(), Response::setExpires/setLastModified/setEtag(), MockArraySessionStorage/NativeSessionStorage::setMetadataBag(), NativeSessionStorage::setSaveHandler()
• Add argument $statusCode to Response::sendHeaders() and StreamedResponse::sendHeaders()

6.4

• Make HeaderBag::getDate(), Response::getDate(), getExpires() and getLastModified() return a DateTimeImmutable
• Support root-level Generator in StreamedJsonResponse
• Add UriSigner from the HttpKernel component
• Add partitioned flag to Cookie (CHIPS Cookie)
• Add argument bool $flush = true to Response::send()
• Make MongoDbSessionHandler instantiable with the mongodb extension directly

6.3

• Calling ParameterBag::getDigit(), getAlnum(), getAlpha() on an array throws a UnexpectedValueException instead of a TypeError
• Add ParameterBag::getString() to convert a parameter into string and throw an exception if the value is invalid
• Add ParameterBag::getEnum()
• Create migration for session table when pdo handler is used
• Add support for Relay PHP extension for Redis
• The Response::sendHeaders() method now takes an optional HTTP status code as parameter, allowing to send informational responses such as Early Hints responses (103 status code)
• Add IpUtils::isPrivateIp()
• Add Request::getPayload(): InputBag
• Deprecate conversion of invalid values in ParameterBag::getInt() and ParameterBag::getBoolean(),
• Deprecate ignoring invalid values when using ParameterBag::filter(), unless flag FILTER_NULL_ON_FAILURE is set

6.2

• Add StreamedJsonResponse class for efficient JSON streaming
• The HTTP cache store uses the xxh128 algorithm
• Deprecate calling JsonResponse::setCallback(), Response::setExpires/setLastModified/setEtag(), MockArraySessionStorage/NativeSessionStorage::setMetadataBag(), NativeSessionStorage::setSaveHandler() without arguments
• Add request matchers under the Symfony\Component\HttpFoundation\RequestMatcher namespace
• Deprecate RequestMatcher in favor of ChainRequestMatcher
• Deprecate Symfony\Component\HttpFoundation\ExpressionRequestMatcher in favor of Symfony\Component\HttpFoundation\RequestMatcher\ExpressionRequestMatcher

6.1

... (truncated)

Commits

• 191413c [HttpFoundation] Compare cookie with null value as empty string in ResponseCo...
• 773aca6 [HttpFoundation] Check IPv6 is valid before comparing it
• cd4f478 [HttpFoundation] Fix session tests
• 7eea76a skip a test if the mime type detection feature will not work
• 9aeb286 Fix BinaryFileResponse content type detection logic
• 7acdc97 [HttpFoundation] Prevent BinaryFileResponse::prepare from adding content type...
• 935f796 [HttpFoundation] Always return strings from accept headers
• 518e21d [HttpFoundation] move flushing outside of Response::closeOutputBuffers
• b2f2e3c [HttpFoundation] Fix tests on PHP 8.2 (bis)
• 32589ae [HttpFoundation] Fix tests on PHP 8.2
• Additional commits viewable in compare view

Updates symfony/http-kernel from 4.2.4 to 4.4.51

Release notes

Sourced from symfony/http-kernel's releases.

v4.4.51

Changelog (symfony/http-kernel@v4.4.50...v4.4.51)

• no significant changes

v4.4.50

Changelog (symfony/http-kernel@v4.4.49...v4.4.50)

• no significant changes

v4.4.49

Changelog (symfony/http-kernel@v4.4.48...v4.4.49)

• bug #48273 Fix message for unresovable arguments of invokable controllers (fancyweb)

v4.4.48

Changelog (symfony/http-kernel@v4.4.47...v4.4.48)

• bug #47857 Fix empty request stack when terminating with exception (krzyc)
• bug #47878 Remove EOL when using error_log() in HttpKernel Logger (cyve)

Changelog

Sourced from symfony/http-kernel's changelog.

CHANGELOG

7.0

• Add argument $reflector to ArgumentResolverInterface::getArguments() and ArgumentMetadataFactoryInterface::createArgumentMetadata()
• Remove ArgumentValueResolverInterface, use ValueResolverInterface instead
• Remove StreamedResponseListener
• Remove AbstractSurrogate::$phpEscapeMap
• Remove HttpKernelInterface::MASTER_REQUEST
• Remove terminate_on_cache_hit option from HttpCache
• Require explicit argument when calling ConfigDataCollector::setKernel(), RouterListener::setCurrentRequest()
• Remove Kernel::stripComments()
• Remove FileLinkFormatter, use FileLinkFormatter from the ErrorHandler component instead
• Remove UriSigner, use UriSigner from the HttpFoundation component instead
• Add argument $buildDir to WarmableInterface
• Add argument $filter to Profiler::find() and FileProfilerStorage::find()

6.4

• Support backed enums in #[MapQueryParameter]
• BundleInterface no longer extends ContainerAwareInterface
• Add optional $className parameter to ControllerEvent::getAttributes()
• Add native return types to TraceableEventDispatcher and to MergeExtensionConfigurationPass
• Add argument $validationFailedStatusCode to #[MapQueryString] and #[MapRequestPayload]
• Add argument $debug to Logger
• Add class DebugLoggerConfigurator
• Add parameters kernel.runtime_mode and kernel.runtime_mode.*, all set from env var APP_RUNTIME_MODE
• Deprecate Kernel::stripComments()
• Support the ! character at the beginning of a string as a negation operator in the url filter of the profiler
• Deprecate UriSigner, use UriSigner from the HttpFoundation component instead
• Deprecate FileLinkFormatter, use FileLinkFormatter from the ErrorHandler component instead
• Add argument $buildDir to WarmableInterface
• Add argument $filter to Profiler::find() and FileProfilerStorage::find()
• Add ControllerResolver::allowControllers() to define which callables are legit controllers when the _check_controller_is_allowed request attribute is set

6.3

• Deprecate parameters container.dumper.inline_factories and container.dumper.inline_class_loader, use .container.dumper.inline_factories and .container.dumper.inline_class_loader instead
• FileProfilerStorage removes profiles automatically after two days
• Add #[WithHttpStatus] for defining status codes for exceptions
• Use an instance of Psr\Clock\ClockInterface to generate the current date time in DateTimeValueResolver
• Add #[WithLogLevel] for defining log levels for exceptions
• Add skip_response_headers to the HttpCache options
• Introduce targeted value resolvers with #[ValueResolver] and #[AsTargetedValueResolver]
• Add #[MapRequestPayload] to map and validate request payload from Request::getContent() or Request::$request->all() to typed objects
• Add #[MapQueryString] to map and validate request query string from Request::$query->all() to typed objects

... (truncated)

Commits

• ad8ab19 Update VERSION for 4.4.51
• aa6df6c Update VERSION for 4.4.50
• f7822a7 security #cve-2022-24894 [HttpKernel] Remove private headers before storing r...
• 4e36db8 Update VERSION for 4.4.49
• bc62d95 [HttpKernel] Fix message for unresovable arguments of invokable controllers
• 0924172 Bump Symfony version to 4.4.49
• a6d5229 Update VERSION for 4.4.48
• 26989b2 bug #47857 [HttpKernel] Fix empty request stack when terminating with excepti...
• 3f61170 [HttpKernel] Fix empty request stack when terminating with exception
• 9a34f1a bug #47878 [HttpKernel] Remove EOL when using error_log() in HttpKernel Logge...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.