Updated dependencies to ^2.5
#7665
Conversation
Previously, we were using `~2.5.0`, which is equivalent to `>=2.5.0,<2.6.0`. This is problematic, as a number of components are at 2.6 and 2.7 versions, and some of those newer versions include security fixes. By being too restrictive in the constraints, we are locking users to insecure versions, which is problematic. As none of these new minor versions introduces backwards compatibility breaks, this patch updates to use the `^2.5` constraint to allow `>=2.5.0,<3.0.0` versions to be installed for all components.
|
@noopable Thx for this infos! |
|
@noopable Can you please provide an issue report against zend-mvc detailing the specific errors you're seeing? The removal of Finally, the If you're seeing any other errors, please report them against zend-mvc so we can evaluate them. Thanks! |
|
@weierophinney My issue was duplicate with this. It was already resolved. Another,my private CMS changes the theme after routing.It sometimes needs to change the layout script or the view paths . My codes use ViewManager::getLayout() , ViewManager::getResolver() . |
|
Thanks |
Previously, we were using
~2.5.0, which is equivalent to>=2.5.0,<2.6.0. This is problematic, as a number of components are at 2.6 and 2.7 versions, and some of those newer versions include security fixes. By being too restrictive in the constraints, we are locking users to insecure versions, which is problematic.As none of these new minor versions introduces backwards compatibility breaks, this patch updates to use the
^2.5constraint to allow>=2.5.0,<3.0.0versions to be installed for all components.The plan is to do an immediate 2.5.3 release with these changes.