Skip to content

2.37.1

Latest
Marketplace
Latest
Marketplace

Choose a tag to compare

View all tags
@shivammathur shivammathur released this 14 May 06:17
· 5 commits to main since this release
2.37.1
7c071df
This commit was signed with the committer’s verified signature.
shivammathur Shivam Mathur
GPG key ID: 3E13E4C8591ACC2A
Verified
Learn about vigilant mode.

Changelog

Security Updates

Note

This can affect workflows that pass values from users or pull requests to setup-php, for example from comments, dispatch inputs, PR titles/branches, generated matrices, or files such as .php-version and composer.json.
Be especially careful with pull_request_target workflows that use any value from the pull request. Workflows that only use fixed trusted values are not expected to be affected, but updating to 2.37.1 is recommended.

Note

This only affects workflows where the composer version is pinned like composer:2.9.7, workflows that do not pin the version or use composer:v2 are not affected as those get automatic updates. In case you pin the version, it is highly recommended to upgrade and have automation to do such timely upgrades in your workflows.

Fixes and Improvements

  • Fixed support for phalcon on Windows.

  • Fixed restoring tools when using cached using previous runs.

  • Improved enabling gearman extension on Linux.

  • Fixed fallback when installing PhpManager and VcRedist modules on Windows.

  • Fixed parsing extension inputs with backslash line continuation.

  • Improved workflow examples

    • Added workflow examples for Drupal 11 composer-managed projects and WordPress plugins.
    • Added workflow examples for Yii3 web applications and replaced Yii2 Starter Kit examples.
    • Updated workflow examples to use currently supported PHP versions.

  • Updated OS release mappings for newer Ubuntu releases.

  • Updated internal workflows for Codecov v6 and NPM trusted publishing.

  • Updated Node.js dependencies.

  • Fixed composer version in README. (#1081)

Thanks @Pyker for the contribution

For the complete list of changes, please refer to the Full Changelog

Follow for updates

setup-php reddit setup-php twitter setup-php status

Contributors

Pyker
Assets 2
Loading