Maniphest T304471

Upgrade guzzlehttp/psr7
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Reedy
	Mar 23 2022, 1:00 AM

Tags

Referenced Files

None

Subscribers

Description

https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96

We should upgrade guzzlehttp/psr7 in 1.35, 1.36 and 1.37 to >= 1.8.3

An in 1.38 and master... > 2.1.0

Details

	Subject	Repo	Branch	Lines +/-
	Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)	mediawiki/vendor	master	+71 -25
	Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)	mediawiki/vendor	REL1_38	+71 -25
	Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)	mediawiki/vendor	REL1_37	+440 -87
	Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)	mediawiki/vendor	REL1_36	+440 -87
	Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)	mediawiki/vendor	REL1_35	+442 -89
	Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)	mediawiki/vendor	REL1_38	+71 -25

Customize query in gerrit

Event Timeline

Reedy created this task.Mar 23 2022, 1:00 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 23 2022, 1:00 AM

Change 772955 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/vendor@REL1_37] Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)

https://gerrit.wikimedia.org/r/772955

Change 772956 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/vendor@REL1_36] Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)

https://gerrit.wikimedia.org/r/772956

Change 772957 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/vendor@REL1_35] Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)

https://gerrit.wikimedia.org/r/772957

Reedy updated the task description. (Show Details)Mar 23 2022, 1:12 AM

Reedy updated the task description. (Show Details)Mar 23 2022, 1:15 AM

Change 772958 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/vendor@master] Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)

https://gerrit.wikimedia.org/r/772958

Change 772960 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/vendor@REL1_38] Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)

https://gerrit.wikimedia.org/r/772960

Change 772961 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/vendor@REL1_38] Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)

https://gerrit.wikimedia.org/r/772961

Change 772960 abandoned by Reedy:

[mediawiki/vendor@REL1_38] Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)

Reason:

https://gerrit.wikimedia.org/r/772960

Change 772957 merged by Reedy:

[mediawiki/vendor@REL1_35] Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)

https://gerrit.wikimedia.org/r/772957

Change 772956 merged by Reedy:

[mediawiki/vendor@REL1_36] Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)

https://gerrit.wikimedia.org/r/772956

Change 772955 merged by Reedy:

[mediawiki/vendor@REL1_37] Upgrading guzzlehttp/psr7 (1.7.0 => 1.8.5)

https://gerrit.wikimedia.org/r/772955

Change 772961 merged by Reedy:

[mediawiki/vendor@REL1_38] Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)

https://gerrit.wikimedia.org/r/772961

Change 772958 merged by jenkins-bot:

[mediawiki/vendor@master] Upgrading guzzlehttp/psr7 (2.1.0 => 2.1.2)

https://gerrit.wikimedia.org/r/772958

ReleaseTaggerBot added a project: MW-1.39-notes (1.39.0-wmf.5; 2022-03-28).Mar 23 2022, 2:00 AM

Reedy closed this task as Resolved.Mar 23 2022, 2:07 AM

Reedy claimed this task.

Reedy triaged this task as Medium priority.

Maintenance_bot removed a project: Patch-For-Review.Mar 23 2022, 2:10 AM