Conversation
There was a problem hiding this comment.
Pull request overview
Updates the PHP integration test dependencies to address a CVE by refreshing the Composer lockfile and aligning the project metadata/development test dependency.
Changes:
- Bumped
phpunit/phpunitdev dependency from^7to^8.5.52. - Regenerated
composer.lock, updating transitive dev dependencies (e.g., doctrine/instantiator, deep-copy, phar-io/, sebastian/). - Fixed
composer.jsonpackage name to a valid Composervendor/packageformat.
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
_integration/php/composer.json |
Updates package name and bumps PHPUnit dev requirement to 8.5.52. |
_integration/php/composer.lock |
Regenerates lockfile with updated PHPUnit ecosystem dependencies for the CVE fix. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| }, | ||
| "require-dev": { | ||
| "phpunit/phpunit": "^7" | ||
| "phpunit/phpunit": "^8.5.52" |
There was a problem hiding this comment.
Bumping phpunit to 8.5.52 increases the minimum PHP version required to run the integration tests (phpunit now requires PHP >=7.2, whereas the previous setup allowed PHP 7.1). If the CI or local integration-test environment still uses PHP 7.1, composer install/make test will fail; consider either documenting/enforcing PHP >=7.2 for this integration suite or choosing a phpunit version compatible with the supported PHP baseline.
| "phpunit/phpunit": "^8.5.52" | |
| "phpunit/phpunit": "^7.5" |
No description provided.