[SECURITY] Update drupal/core-recommended from 10.2.3 to 10.3.8 #313
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If you have a high test coverage index, and your tests for this pull request are passing, it should be both safe and recommended to merge this update.
Updated packages
Some times an update also needs new or updated dependencies to be installed. Even if this branch is for updating one dependency, it might contain other installs or updates. All of the updates in this branch can be found here:
Release notes
Here are the release notes for all versions released between your current running version, and the version this PR updates the package to.
List of release notes
Changed files
Here is a list of changed files between the version you use, and the version this pull request updates to:
List of changed files
Changelog
Here is a list of changes between the version you use, and the version this pull request updates to:
Drupal 10.3.8
Issue #3485956 by mradcliffe, jan kellermann, gillesbailleux, raphaelbertrand, cilefen, larowlan: Recursion limit exceeded with Twig v3.14.1 when editing a node or a block
Back to dev.
Drupal 10.3.7
Back to dev.
Drupal 10.3.6
Back to dev.
Drupal 10.3.5
Back to dev.
Drupal 10.3.4
Issue #3473195 by longwave, catch, jurgenhaas, naveenvalecha, quietone: twig/twig has a possible sandbox bypass <v3.14.0
Back to dev.
Drupal 10.3.3
Back to dev.
Drupal 10.3.2
Back to dev.
Drupal 10.3.1
Back to dev.
Drupal 10.3.0
Issue #3454556 by xjm: Require Composer 2.7.7
Back to dev.
Drupal 10.3.0-rc1
Back to dev.
Drupal 10.3.0-beta1
Issue #3447204 by longwave, quietone: Update Composer dependencies for 10.3.0-beta1
Issue #3439521 by pradhumanjain2311, quietone, smustgrave: Update composer dependencies for Drupal 10.3
Issue #3441331 by andypost, longwave, alexpott, Spokje, xjm: Update to Twig 3.9
Issue #3428052 by Spokje, mondrake: Bump phpstan/phpstan and mglaman/phpstan-drupal to latest
Drupal 10.3.x-dev
Issue #3405696 by longwave, Spokje, andypost, quietone, smustgrave, mondrake: Update composer dependencies for Drupal 10.2.0
Issue #3405704 by Spokje, longwave: symfony/psr-http-message-bridge major version bump
Issue #3404694 by Spokje, longwave, mglaman, andypost: Update dependencies for Drupal 10.2
Issue #3401901 by Spokje, smustgrave, longwave: Update composer dependencies for Drupal 10.2 beta
Issue #3401200 by quietone: Update composer dependencies for Drupal 10.2 beta
Issue #3395586 by andy-blum, deviantintegral, longwave, catch: Add Symfony's Filesystem and Finder components to core
Issue #3393151 by Spokje, quietone: Update composer dependencies for Drupal 10.2
Issue #3392616 by Spokje, longwave: Update to Symfony 6.4
Issue #3165762 followup by longwave, smustgrave, Spokje: Move symfony/mailer dependency from drupal/drupal to drupal/core
Working with this branch
If you find you need to update the codebase to be able to merge this branch (for example update some tests or rebuild some assets), please note that violinist will force push to this branch to keep it up to date. This means you should not work on this branch directly, since you might lose your work. Read more about branches created by violinist.io here.
This is an automated pull request from Violinist: Continuously and automatically monitor and update your composer dependencies. Have ideas on how to improve this message? All violinist messages are open-source, and can be improved here.