Skip to content

IBX-11797: Added missing twig/* advisories & included PHP 8.0 #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
alongosz merged 2 commits into from
May 21, 2026
+18 −4
Merged

IBX-11797: Added missing twig/* advisories & included PHP 8.0 #97

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
09c676c
[Composer Audit Ignore] Added ` twig/cssinliner-extra` advisory
alongosz May 21, 2026
541c222
[Composer Audit Ignore] Created shared advisories list for PHP 7.4 an…
alongosz May 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 18 additions & 4 deletions actions/composer-audit-ignore/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,28 @@ runs:
using: "composite"
steps:
- if: startsWith(inputs.php-version, '7.4.')
name: Configure advisory ignore list for PHP 7.4
name: Configure PHP 7.4-only advisory ignore list
shell: bash
run: |
reason="The affected version of 3rd party component is installed on PHP 7.4. There's no alternative supporting PHP 7.4. Consider upgrading to PHP 8"
reason="The affected version of 3rd party component is installed on PHP 7.4. There's no alternative supporting PHP 7.4. Consider upgrading to PHP 8.1+"

for advisory in \
PKSA-xwpn-zs9j-6wy5 \
PKSA-sf9j-1gs7-xzvx \
PKSA-7h5p-prw9-w5nr \
PKSA-7h5p-prw9-w5nr
do
composer config audit.ignore --json --merge "{\"$advisory\":\"$reason\"}"
done

- if: startsWith(inputs.php-version, '7.4.') || startsWith(inputs.php-version, '8.0.')
name: Configure shared advisory ignore list for PHP 7.4 and 8.0
env:
PHP_VERSION: ${{ inputs.php-version }}
shell: bash
run: |
reason="The affected version of 3rd party component is installed on PHP ${PHP_VERSION%.*}. There's no alternative supporting PHP ${PHP_VERSION%.*}. Consider upgrading to PHP 8.1+"

for advisory in \
PKSA-5k7f-wvjj-jrgw \
PKSA-sjvz-tbbr-vwth \
PKSA-h8hf-ytnd-5t9q \
Expand All @@ -38,7 +51,8 @@ runs:
PKSA-6319-ffpf-gx66 \
PKSA-n7sg-8f52-pqtf \
PKSA-8kk8-h2xr-h5nx \
PKSA-2rbx-bjdx-4d4d
PKSA-2rbx-bjdx-4d4d \
PKSA-fs5b-x5k4-1h39
do
composer config audit.ignore --json --merge "{\"$advisory\":\"$reason\"}"
done
Loading