From d1b45c1e7885bbb4810063e029f41282d744358c Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 17 Feb 2026 00:11:39 +0100 Subject: [PATCH 1/4] style(devcontainer): fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not a all relevant in any case, but still… --- .devcontainer/devcontainer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 961135ed..1d721037 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -41,6 +41,6 @@ 8080 ], "postCreateCommand": ".devcontainer/postCreateCommand.sh", - // alternatiuve: apache2ctl start (but requires root) + // alternative: apache2ctl start (but requires root) "postAttachCommand": "php -S 0.0.0.0:8080" } From a0fbafd1fc815d51df191bbb7fc049216c30f371 Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 17 Feb 2026 00:13:48 +0100 Subject: [PATCH 2/4] docs(templates): update PR template to remove WIP prepending nit/suggestion Given GitHub has full support for draft PRs nowadays, this "workaround" is not needed anymore and can be removed, IMHO. --- .github/PULL_REQUEST_TEMPLATE.md | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index f3a07b52..c03cca8a 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -11,7 +11,6 @@ This PR fixes * ## ToDo - * [ ] * [ ] * [ ] From 26e7e5eed9e633adadb5ee1af25de1812b546716 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Feb 2026 11:52:39 +0000 Subject: [PATCH 3/4] Bump dawidd6/action-download-artifact from 14 to 15 Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 14 to 15. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/5c98f0b039f36ef966fdb7dfa9779262785ecb05...fe9d59ce33ce92db8a6ac90b2c8be6b6d90417c8) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-version: '15' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/test-results.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-results.yml b/.github/workflows/test-results.yml index 844e4af9..1d746d12 100644 --- a/.github/workflows/test-results.yml +++ b/.github/workflows/test-results.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Download and Extract Artifacts - uses: dawidd6/action-download-artifact@5c98f0b039f36ef966fdb7dfa9779262785ecb05 + uses: dawidd6/action-download-artifact@fe9d59ce33ce92db8a6ac90b2c8be6b6d90417c8 with: run_id: ${{ github.event.workflow_run.id }} path: artifacts From 7ed7cdd0e84c98fc6ec62150395cb9c417a3708d Mon Sep 17 00:00:00 2001 From: El RIDO Date: Wed, 18 Feb 2026 18:59:27 +0100 Subject: [PATCH 4/4] ignore CVE that breaks unit tests in Github actions see: https://github.com/firebase/php-jwt/issues/620 --- composer.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/composer.json b/composer.json index fa1bdb98..92a0b996 100644 --- a/composer.json +++ b/composer.json @@ -43,6 +43,11 @@ } }, "config" : { + "audit": { + "ignore": { + "CVE-2025-45769": "disputed on the basis that key lengths are expected to be set by an application, not by this library" + } + }, "autoloader-suffix" : "DontChange", "optimize-autoloader": true, "preferred-install": "dist",