Update ohdear-php-sdk to secure version

Created on 10 January 2025, 3 months ago

Problem/Motivation

Composer package nesbot/carbon has a security update.

Composer package ohdearapp/ohdear-php-sdk, requires nesbot/carbon.

ohdearapp/ohdear-php-sdk:^10.1 has dropped the depencency on nesbot/carbon.

Proposed resolution

Update our requirements so that it is impossible to install an insecure version.

This is just a precaution, mostly to prevent confusion / warning messages; I haven't looked into the details of the security issue but it's unlikely to affect us because nesbot/carbon is hardly being used.
This change will make no difference for people who have installed / update composer packages regularly, without the --prefer-lowest flag.

How to update: instead of requiring a minimum nesbot/carbon, just update to minimum ^10.1 which doesn't need it.

📌 Task
Status

Active

Version

2.0

Component

Code

Created by

🇳🇱Netherlands roderik Amsterdam,NL / Budapest,HU

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Production build 0.71.5 2024