Skip to content

IBX-11797: Added missing twig/* advisories & included PHP 8.0 #97

Merged
alongosz merged 2 commits into
mainfrom
ibx-11797-fix-twig-advisories-allow-list
May 21, 2026
Merged

IBX-11797: Added missing twig/* advisories & included PHP 8.0 #97
alongosz merged 2 commits into
mainfrom
ibx-11797-fix-twig-advisories-allow-list

Conversation

@alongosz
Copy link
Copy Markdown
Member

@alongosz alongosz commented May 21, 2026
edited
Loading

Caution

  • Drop TMP commit before merging
🎫 Issue IBX-11797

Related PRs:

Description:

I missed the fact that twig/* advisories apply to both PHP 7.4 and 8.0, because twig/*:v3.26.0 supports PHP >=8.1

Also added PKSA-fs5b-x5k4-1h39 for twig/cssinliner-extra, which I initially missed.

Now it should include all 19 advisories as declared in the Symfony blog post.

For QA:

No QA required - applies to Backend CI jobs.

@alongosz alongosz mentioned this pull request May 21, 2026
Merged
@alongosz alongosz force-pushed the ibx-11797-fix-twig-advisories-allow-list branch from 51a067b to 541c222 Compare May 21, 2026 10:16
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 21, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@alongosz alongosz merged commit 0ca9d8c into main May 21, 2026
3 checks passed
@alongosz alongosz deleted the ibx-11797-fix-twig-advisories-allow-list branch May 21, 2026 10:18
@alongosz alongosz mentioned this pull request May 21, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bnowak bnowak bnowak approved these changes

@wiewiurdp wiewiurdp wiewiurdp approved these changes

@konradoboza konradoboza konradoboza approved these changes

@barw4 barw4 Awaiting requested review from barw4

@ciastektk ciastektk Awaiting requested review from ciastektk

@mikadamczyk mikadamczyk Awaiting requested review from mikadamczyk

@Steveb-p Steveb-p Awaiting requested review from Steveb-p

@tbialcz tbialcz Awaiting requested review from tbialcz

@ViniTou ViniTou Awaiting requested review from ViniTou

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@alongosz @bnowak @wiewiurdp @konradoboza