如何在“php bin / console security：check”之后更新

Symfony write on how to check for security updates: https://symfony.com/doc/current/security/security_checker.html and it works, in Akeneo it shows me one vulnerability. But how to update? I tried ../composer.phar update and ../composer.phar update symfony/symfony but unfortunately the vulnerability is still there when I check again. (https://github.com/akeneo/pim-community-dev/issues/7146)

/var/www/html/akeneo/pim-community-standard# ../composer.phar why dompdf/dompdf:0.6.1
Do not run Composer as root/super user! See https://getcomposer.org/root for details
akeneo/pim-community-dev  v2.0.6  requires  dompdf/dompdf (0.6.1)


/var/www/html/akeneo/pim-community-standard# ../composer.phar why-not dompdf/dompdf:0.6.2
Do not run Composer as root/super user! See https://getcomposer.org/root for details
akeneo/pim-community-dev  v2.0.6  requires  dompdf/dompdf (0.6.1)

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

3条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douduocuima61392 2017-11-14 09:27
关注
The security check complains about the package dompdf/dompdf being outdated. So you have to find out which dependency is responsible for this package being installed. You can use composer for this:

composer why dompdf/dompdf

Once you find out why it's installed you can either check if you can update that dependency to a version supporting/requiring a newer dompdf version or if you installed it by requiring it yourself just update it.

Alternatively you can also ask composer why it won't install a new version by using:

composer why-not dompdf/dompdf "^0.8"

If you can't update whatever dependency depends on the outdated dompdf version you might have to resort to either create a PR in that project for a newer version or forking the project and updating the composer.json yourself (not recommended though, because of the additional work of keeping it up to date).

edit: It looks like akeneo itself is responsible for pinning the version as you can see in the repo: https://github.com/akeneo/pim-community-dev/blob/2.0/composer.json#L41

Maybe you can create a PR updating the composer.json and maybe loosening the version restriction for dompdf.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(2条)

报告相同问题？

关注问题

如何在“php bin / console security：check”之后更新 php symfony
2017-11-14 08:27

回答 3 已采纳 The security check complains about the package dompdf/dompdf being outdated. So you have to find o
/usr/bin/yum: /usr/bin/python2.6: bad interpreter python
2015-12-19 07:01

回答 1 已采纳这个意思就是说，你的yum的版本不支持python2.6，所以你得把yum的python执行版本调成与你yum版本兼容的python版本，或者你的是yum更新了，而python太落伍的了！
构建docker镜像 /bin/sh apt-get not found docker ubuntu 运维
2022-04-16 22:34

回答 1 已采纳因为你修改了PATH的值在 /usr/local 中找不到的apt get你应该这样使用。ENV PATH="/usr/local:${PATH}"
Nacos启动报错解决：which: no javac in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
2020-04-14 17:52

非著名运维的博客报错信息： [root@localhost bin]# bash startup.sh -...which: no javac in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin) readlink: 缺少操作数 Try 'readlink --help' for more information. d...
SLAM编译过程中报错,/usr/bin/ld: 找不到 -lEigen3::Eigen c++ 有问必答
2022-03-07 16:59

回答 1 已采纳 Eigen库不同于一般的库，它只有头文件，没有.so和 .a那样的二进制库文件哪来的libEigen.so需要你-l ? CMakeLists.txt中添加 find_packa
hadoop读取hdfs文件：No such file or directory: `hdfs://localhost:9000/user/hadoop' hadoop hdfs spark
2022-10-09 17:22

回答 1 已采纳可以考虑换个目录试一下比如：hdfs dfs -put /usr/local/spark/README.MD /
php bin / console symfony命令给出致命错误 php symfony
2016-06-24 17:51

回答 1 已采纳 After hours of looking for solutions I checked the php packages that I had installed and realized
linux查找、安装、卸载JDK，以及nNacos启动报错解决：which: no javac in (/usr/local/sbin:/usr/local/bin:/...)
2024-07-05 14:35

奋斗小青年131的博客 jdk目录在bin目录下，具体查找方法是：1、通过“whereis java”命令找到javad的执行目录；2、通过执行文件找到链接文件；3、通过“ls -lrt /etc/alternatives/java”命令找到安装目录即可。1、安装包方式安装的jdk...
/usr/bin/ld: 找不到 -lLLVM linux 测试工具
2022-12-09 10:20

回答 5 已采纳报错信息表明在编译程序时，编译器找不到libLLVM.so这个库文件。这可能是由于安装LLVM时出现了问题，导致该库文件没有安装到正确的位置。要解决这个问题，可以尝试以下方法：重新安装LLVM：首
/usr/bin/ld: cannot find -lxxx Linux下编译时提示无法找到共享库 centos c语言 linux
2020-06-03 11:41

回答 1 已采纳改用 LIBRARY_PAT环境变量试试 ``` export LIBRARY_PATH=/usr/local/zeromq/lib:$LIBRARY_PATH gcc zmq_version.
Debian - / usr / bin / env：'php '：没有这样的文件或目录 debian docker php
2018-04-12 10:33

回答 1 已采纳 You should convert the file with UNIX new line convention. You have a DOS file, which has the ext
Symfony 常用命令汇总
2017-05-10 15:41

行天游龙的博客安全漏洞检测：php bin/console security:check 开发环境：/app_dev.php/ 调试时需注释 $kernel->loadClassCache() || 正式环境：/app.php/(默认不加) 清除 Symfony 缓存：php bin/console cache:clear --env...
docker-php-ext-install: command not found php
2019-04-30 22:59

回答 1 已采纳你没有安装docker的php扩展重新安装下php https://blog.csdn.net/qw_xingzhe/article/details/80179094
symfony4 安装和创建项目[2019]
2019-08-15 19:22

北溟の魚的博客 │ │ ├── security . yaml │ │ ├── sensio_ framework_extra . yaml │ │ ├── swiftmailer . yaml │ │ ├── translation . yaml │ │ ├── twig . yaml │ │ └── validator . yaml │ ├─...
深入解析PHP框架：Symfony框架详解与应用
2024-07-14 09:36

egzosn的博客 Table of Contents深入解析PHP框架：Symfony框架详解与应用一、什么是Symfony？Symfony的优势二、Symfony的核心概念1. 控制器2. 路由3. 模板4. 服务容器5. 事件调度器三、Symfony的主要功能1. 表单处理2. 数据库集成...
LAMPSECURITY: CTF6 内网拿到root 20211226
2021-12-26 21:43

32进制的博客 =PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. + OSVDB-3268: /css/: Directory indexing found....
weblogic系列漏洞整理 -———— 2、weblogic弱口令
2018-11-01 10:34

FLy_鹏程万里的博客 weblogic常用的后台登录弱口令 WebLogic后台登陆地址: http://192.168.11.178:7001/console/login/LoginForm.jsp 测试思路登陆weblogic后台看到后台地址登陆并无限制（验证码或登录认证次数...可以看...
没有解决我的问题, 去提问

悬赏问题

¥15 metadata提取的PDF元数据，如何转换为一个Excel
¥15 关于arduino编程toCharArray()函数的使用
¥100 vc++混合CEF采用CLR方式编译报错
¥15 coze 的插件输入飞书多维表格 app_token 后一直显示错误，如何解决？
¥15 vite+vue3+plyr播放本地public文件夹下视频无法加载
¥15 c#逐行读取txt文本，但是每一行里面数据之间空格数量不同
¥50 如何openEuler 22.03上安装配置drbd
¥20 ING91680C BLE5.3 芯片怎么实现串口收发数据
¥15 无线连接树莓派，无法执行update，如何解决？（相关搜索：软件下载）
¥15 Windows11, backspace, enter, space键失灵

如何在“php bin / console security：check”之后更新

3条回答 默认 最新

悬赏问题

3条回答默认最新