fix(ci): trivy detected a vulnerability

┌───────────────────┬─────────────────────┬──────────┬────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├───────────────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤ │ league/commonmark │ GHSA-c2pc-g5qf-rfrf │ HIGH │ fixed │ 2.5.3 │ 2.6.0 │ league/commonmark's quadratic complexity bugs may lead to a │ │ │ │ │ │ │ │ denial of service │ │ │ │ │ │ │ │ https://github.com/advisories/GHSA-c2pc-g5qf-rfrf │ └───────────────────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘
2024-12-10 11:30:14 +01:00 · 2024-12-10 11:30:14 +01:00 · 0ec21f2365
commit 0ec21f2365
parent 3f8556e8c9
1 changed files with 11 additions and 10 deletions
--- a/composer.lock
+++ b/composer.lock
@ -4512,16 +4512,16 @@
        },
        {
            "name": "league/commonmark",
-            "version": "2.5.3",
+            "version": "2.6.0",
            "source": {
                "type": "git",
                "url": "https://github.com/thephpleague/commonmark.git",
-                "reference": "b650144166dfa7703e62a22e493b853b58d874b0"
+                "reference": "d150f911e0079e90ae3c106734c93137c184f932"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/thephpleague/commonmark/zipball/b650144166dfa7703e62a22e493b853b58d874b0",
-                "reference": "b650144166dfa7703e62a22e493b853b58d874b0",
+                "url": "https://api.github.com/repos/thephpleague/commonmark/zipball/d150f911e0079e90ae3c106734c93137c184f932",
+                "reference": "d150f911e0079e90ae3c106734c93137c184f932",
                "shasum": ""
            },
            "require": {
@ -4546,8 +4546,9 @@
                "phpstan/phpstan": "^1.8.2",
                "phpunit/phpunit": "^9.5.21 || ^10.5.9 || ^11.0.0",
                "scrutinizer/ocular": "^1.8.1",
-                "symfony/finder": "^5.3 | ^6.0 || ^7.0",
-                "symfony/yaml": "^2.3 | ^3.0 | ^4.0 | ^5.0 | ^6.0 || ^7.0",
+                "symfony/finder": "^5.3 | ^6.0 | ^7.0",
+                "symfony/process": "^5.4 | ^6.0 | ^7.0",
+                "symfony/yaml": "^2.3 | ^3.0 | ^4.0 | ^5.0 | ^6.0 | ^7.0",
                "unleashedtech/php-coding-standard": "^3.1.1",
                "vimeo/psalm": "^4.24.0 || ^5.0.0"
            },
@ -4557,7 +4558,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-main": "2.6-dev"
+                    "dev-main": "2.7-dev"
                }
            },
            "autoload": {
@ -4614,7 +4615,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2024-08-16T11:46:16+00:00"
+            "time": "2024-12-07T15:34:16+00:00"
        },
        {
            "name": "league/config",
@ -19750,7 +19751,7 @@
    ],
    "aliases": [],
    "minimum-stability": "beta",
-    "stability-flags": {},
+    "stability-flags": [],
    "prefer-stable": true,
    "prefer-lowest": false,
    "platform": {
@ -19762,6 +19763,6 @@
        "ext-xsl": "*",
        "ext-zip": "*"
    },
-    "platform-dev": {},
+    "platform-dev": [],
    "plugin-api-version": "2.6.0"
 }