Bump cakephp/cakephp from 4.4.17 to 4.4.18
Created by: dependabot[bot]
Bumps cakephp/cakephp from 4.4.17 to 4.4.18.
Release notes
Sourced from cakephp/cakephp's releases.
CakePHP 4.4.18
The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.18. This is a maintenance release for the 4.4 branch that fixes several community reported issues and a minor security related fix.
Bugfixes
You can expect the following changes in 4.4.18. See the changelog for every commit.
RedirectException
now forwards headers to redirect responses.- Allow
ConsoleOutput
to accept stream resources. This solves 'too many streams open' problems when application code creates many instances ofConsoleIo
.- Fixed potential email address manipulation if unvalided address data was set into
Cake\Mailer\Message
. Thank you to Waldemar Bartikowski who reported the issue via our security mailing list.- Fixed
Cake\Http\Client
cookie parsing with invalid values that lack both a value and=
delimiter.Contributors to 4.4.18
Thank you to all the contributors that helped make this release happen:
- Brian French
- Mark Story
- andrii-pukhalevych
- othercorey
- Waldemar Bartikowski
As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.
Commits
-
34b4920
Merge pull request #17298 from cakephp/issue-17296 -
197dd4b
Add note for future us. -
032e66e
Fix cookie parsing when value is undefined -
c92a3c0
Merge pull request #17262 from cakephp/email-header -
718ffe5
Fix email header manipulation issues -
8ceed8f
Merge pull request #17260 from cakephp/dependabot/github_actions/actions/chec... -
888c2bb
Bump actions/checkout from 3 to 4 -
815dd5b
Merge pull request #17254 from fr3nch13/4.x -
14f402c
Adding the ability to use other resources. -
b58978b
Update framework provided property annotations (#17249) - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)