Skip to content

chore(deps): bump guzzlehttp/guzzle from 7.10.5 to 7.12.3#187

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/composer/guzzlehttp/guzzle-7.12.1
Open

chore(deps): bump guzzlehttp/guzzle from 7.10.5 to 7.12.3#187
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/composer/guzzlehttp/guzzle-7.12.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 21, 2026

Copy link
Copy Markdown
Contributor

Bumps guzzlehttp/guzzle from 7.10.5 to 7.12.3.

Release notes

Sourced from guzzlehttp/guzzle's releases.

7.12.3

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12.3

Security

7.12.2

Fixed

  • Clamp out-of-range Max-Age so a very large value no longer overflows to an already-expired timestamp
  • Use strict comparison in CookieJar conflict resolution so distinct numeric-string names don't overwrite
  • Store a cookie whose Domain has a trailing dot on the origin host instead of silently discarding it
  • Fix StreamHandler hard-failing on bracketed IPv6 literal hosts when force_ip_resolve is set
  • Use strict cookie Path comparison so CookieJar::clear() with a numeric path keeps a distinct-path cookie
  • Fixed cookie handling for falsey Domain, Max-Age, path, and name values
  • Fixed decode_content handling for falsey string values
  • Fixed deprecated request option values reaching built-in handlers before normalization

7.12.1

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12.1

Fixed

  • Reject proxy URLs with a malformed scheme in the cURL handlers instead of letting libcurl mishandle them

Security

7.12.0

Added

  • Added RequestOptions constants for curl, retries, and stream_context

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12
  • Constrain cURL transport sharing to safe libcurl DNS and SSL session support
  • Resolve proxy environment variables in the cURL handlers; libcurl no longer reads the environment itself
  • Ignore proxy environment variables when the proxy request option makes a decision
  • Disable proxy environment variables on Windows SAPIs other than CLI (httpoxy hardening)
  • Redact proxy credentials from cURL handler error messages, following Psr7\Utils::redactUserInfo()
  • Normalize no-proxy domain and IP literal matching across the cURL and stream handlers

... (truncated)

Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.12.3 - 2026-06-23

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12.3

Security

7.12.2 - 2026-06-23

Fixed

  • Clamp out-of-range Max-Age so a very large value no longer overflows to an already-expired timestamp
  • Use strict comparison in CookieJar conflict resolution so distinct numeric-string names don't overwrite
  • Store a cookie whose Domain has a trailing dot on the origin host instead of silently discarding it
  • Fix StreamHandler hard-failing on bracketed IPv6 literal hosts when force_ip_resolve is set
  • Use strict cookie Path comparison so CookieJar::clear() with a numeric path keeps a distinct-path cookie
  • Fixed cookie handling for falsey Domain, Max-Age, path, and name values
  • Fixed decode_content handling for falsey string values
  • Fixed deprecated request option values reaching built-in handlers before normalization

7.12.1 - 2026-06-18

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12.1

Fixed

  • Reject proxy URLs with a malformed scheme in the cURL handlers instead of letting libcurl mishandle them

Security

7.12.0 - 2026-06-16

Added

  • Added RequestOptions constants for curl, retries, and stream_context

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Jun 21, 2026

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 22cba1ddd3

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread composer.json
},
"files": [
"tests/Support/GameVersionHelper.php",
"tests/Support/ItemShowHelper.php",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Remove missing dev autoload helpers

This autoload-dev.files entry (and the new ImportTestHelper.php/MissionFactionFactory.php entries below) points at files that are not present under tests/Support; after composer dump-autoload --dev, simply requiring vendor/autoload.php fatals before the test suite can boot because Composer requires these paths. Please either add the helper files or remove the missing entries.

Useful? React with 👍 / 👎.

Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 7.10.5 to 7.12.3.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.12/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.10.5...7.12.3)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.12.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump guzzlehttp/guzzle from 7.10.5 to 7.12.1 chore(deps): bump guzzlehttp/guzzle from 7.10.5 to 7.12.3 Jun 25, 2026
@dependabot dependabot Bot force-pushed the dependabot/composer/guzzlehttp/guzzle-7.12.1 branch from 22cba1d to cfba22b Compare June 25, 2026 14:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants