Skip to content

Tags

Tags give the ability to mark specific points in history as being important

  • 2.18.999

    af1d84d4 · security: strict match regex start/end · 
    Based on 2.17.1 with CVE fix

  • 2.17.1

    af1d84d4 · security: strict match regex start/end · 
    Fix GHSA-xv3h-4844-9h36 (CVE)

This patch cherry-picks the fix for GHSA-xv3h-4844-9h36:
https://github.com/advisories/GHSA-xv3h-4844-9h36

It applies a stricter regex validation on header names and values
(by adding the 'D' modifier), preventing malicious newlines.

Original patch by @TimWolla, committed by @weierophinney.

  • 3.6.0

    b068eac1 · Merge pull request #213 from gsteel/fix-missing-status-code · 
    ### Release Notes for [3.6.0](https://github.com/laminas/laminas-diactoros/milestone/73)

Feature release (minor)

### 3.6.0

- Total issues resolved: **0**
- Total pull requests resolved: **5**
- Total contributors: **4**

#### Bug

 - [213: Adds temporary IANA status code reason phrase for 104](https://github.com/laminas/laminas-diactoros/pull/213) thanks to @gsteel

#### Bug,Documentation

 - [212: Fix broken link in migration.md](https://github.com/laminas/laminas-diactoros/pull/212) thanks to @Potherca

#### Enhancement

 - [201: Update to use PHPUnit 10 syntax](https://github.com/laminas/laminas-diactoros/pull/201) thanks to @samsonasik
 - [200: Update to latest PHP 8.1 syntax](https://github.com/laminas/laminas-diactoros/pull/200) thanks to @samsonasik

#### Dependencies

 - [197: Update dependency laminas/laminas-coding-standard to v3](https://github.com/laminas/laminas-diactoros/pull/197) thanks to @renovate[bot]
    Unverified

  • 3.5.0

    143a1630 · Merge pull request #198 from ADmad/php-8.4-support · 
    ### Release Notes for [3.5.0](https://github.com/laminas/laminas-diactoros/milestone/70)

### 3.5.0

- Total issues resolved: **0**
- Total pull requests resolved: **1**
- Total contributors: **1**

#### Enhancement

 - [198: Add support for PHP 8.4](https://github.com/laminas/laminas-diactoros/pull/198) thanks to @ADmad
    Unverified

  • 3.4.0

    2cce7e77 · Merge pull request #195 from Xerkus/fix/detached-metadata · 
    ### Release Notes for [3.4.0](https://github.com/laminas/laminas-diactoros/milestone/66)

Feature release (minor)

### 3.4.0

- Total issues resolved: **2**
- Total pull requests resolved: **7**
- Total contributors: **5**

#### Bug

 - [195: Fix error while trying to get stream metadata after detach](https://github.com/laminas/laminas-diactoros/pull/195) thanks to @Xerkus
 - [194: Fix provided versions of psr/http-factory-implementation in composer.json](https://github.com/laminas/laminas-diactoros/pull/194) thanks to @Xerkus
 - [193: Fix cookie parsing from headers in server request factory using globals.](https://github.com/laminas/laminas-diactoros/pull/193) thanks to @Xerkus
 - [165: Plus signs in cookie data get converted to space.](https://github.com/laminas/laminas-diactoros/issues/165) thanks to @Danack

#### Enhancement

 - [192: Add Roave BC Check to CI](https://github.com/laminas/laminas-diactoros/pull/192) thanks to @gsteel

#### Bug,Enhancement

 - [190: Upgrade PHPUnit to 10.x. Fix Stream conformance](https://github.com/laminas/laminas-diactoros/pull/190) thanks to @gsteel

#### Documentation

 - [187: Fix linting issues in docs](https://github.com/laminas/laminas-diactoros/pull/187) thanks to @gsteel

#### renovate

 - [186: Update dependency psalm/plugin-phpunit to ^0.19.0](https://github.com/laminas/laminas-diactoros/pull/186) thanks to @renovate[bot]

#### Bug,Help Wanted

 - [22: Stream::getMetadata() does not handle detached resource](https://github.com/laminas/laminas-diactoros/issues/22) thanks to @weierophinney
    Unverified

  • 3.3.1

    74cfb9a7 · Merge pull request #181 from laminas/renovate/lock-file-maintenance · 
    ### Release Notes for [3.3.1](https://github.com/laminas/laminas-diactoros/milestone/65)

3.3.x bugfix release (patch)

### 3.3.1

- Total issues resolved: **0**
- Total pull requests resolved: **1**
- Total contributors: **1**

#### renovate

 - [181: Lock file maintenance, Upgrade Psalm to 5.20.x, QA improvements](https://github.com/laminas/laminas-diactoros/pull/181) thanks to @renovate[bot]
    Unverified

  • 2.26.0

    6584d44e · Merge pull request #176 from ADmad/2.26.x · 
    ### Release Notes for [2.26.0](https://github.com/laminas/laminas-diactoros/milestone/55)

Feature release (minor)

### 2.26.0

- Total issues resolved: **0**
- Total pull requests resolved: **1**
- Total contributors: **1**

#### Enhancement

 - [176: Update PHP constraints to allow v8.3](https://github.com/laminas/laminas-diactoros/pull/176) thanks to @ADmad
    Unverified

  • 3.3.0

    4db52734 · Merge pull request #174 from gsteel/drop-php-8.0 · 
    ### Release Notes for [3.3.0](https://github.com/laminas/laminas-diactoros/milestone/64)

Feature release (minor)

### 3.3.0

- Total issues resolved: **0**
- Total pull requests resolved: **2**
- Total contributors: **1**

#### Enhancement

 - [174: Remove support for PHP 8.0, remove unnecessary reflection method calls](https://github.com/laminas/laminas-diactoros/pull/174) thanks to @gsteel
 - [171: Don't ignore platform requirements on 8.3](https://github.com/laminas/laminas-diactoros/pull/171) thanks to @gsteel
    Unverified

  • 3.2.0

    aca73646 · Merge pull request #170 from MauricioFauth/php83-support · 
    ### Release Notes for [3.2.0](https://github.com/laminas/laminas-diactoros/milestone/62)

Feature release (minor)

### 3.2.0

- Total issues resolved: **0**
- Total pull requests resolved: **1**
- Total contributors: **1**

#### Enhancement

 - [170: Add PHP 8.3 support](https://github.com/laminas/laminas-diactoros/pull/170) thanks to @MauricioFauth
    Unverified

  • 3.1.0

    860660e0 · Merge pull request #158 from Xerkus/hotifx/numeric-headers-docs · 
    ### Release Notes for [3.1.0](https://github.com/laminas/laminas-diactoros/milestone/58)

### 3.1.0

- Total issues resolved: **0**
- Total pull requests resolved: **3**
- Total contributors: **3**

#### Enhancement

 - [169: Correctly handle explicitly providing `JSON_THROW_ON_ERROR` in `JsonResponse`](https://github.com/laminas/laminas-diactoros/pull/169) thanks to @TimWolla

#### renovate

 - [166: Lock file maintenance](https://github.com/laminas/laminas-diactoros/pull/166) thanks to @renovate[bot]

#### Documentation

 - [158: Fix docs referring to array key as value](https://github.com/laminas/laminas-diactoros/pull/158) thanks to @Xerkus
    Unverified

  • 3.0.0

    2515f413 · Merge pull request #157 from weierophinney/feature/filter-integer-header-names · 
    ### Release Notes for [3.0.0](https://github.com/laminas/laminas-diactoros/milestone/4)

### Added

This version adds support for PSR-7 v2.0. While we had previously added return type hints in Diactoros, there were a few cases where PSR-7 updated the interfaces to use `void` returns where we had not. As a result, this release represents a BC break for anybody extending our classes, as defining an extension that uses one of these methods with a mixed return type (or omitting the return type entirely) will result in a type error.

The interfaces affected were `Psr\Http\Message\StreamInterface` and `Psr\Http\Message\UploadedFileInterface`.

For consumers, this version should be entirely backwards compatible in usage. For those extending our classes, you will only run into issues when extending implementations of the above interfaces.

### 3.0.0

- Total issues resolved: **7**
- Total pull requests resolved: **8**
- Total contributors: **3**

#### BC Break,Bug,Documentation

 - [157: Filter integer header names during SAPI discovery](https://github.com/laminas/laminas-diactoros/pull/157) thanks to @weierophinney
 - [148: Remove support for GD images in Stream implementation](https://github.com/laminas/laminas-diactoros/pull/148) thanks to @weierophinney and @boesing

#### Documentation

 - [156: Document PSR-7 v2 impact](https://github.com/laminas/laminas-diactoros/pull/156) thanks to @weierophinney

#### Bug

 - [155: Ensure fromGlobals does not use superglobals when passed empty arrays](https://github.com/laminas/laminas-diactoros/pull/155) thanks to @Xerkus

#### BC Break,Documentation

 - [154: Remove PhpInputStream](https://github.com/laminas/laminas-diactoros/pull/154) thanks to @weierophinney and @Xerkus

#### BC Break,Documentation,Enhancement

 - [152: Remove marshalUriFromSapi function](https://github.com/laminas/laminas-diactoros/pull/152) thanks to @weierophinney and @Xerkus

#### BC Break,Feature Removal

 - [146: Drop legacy helper functions in Zend namespace](https://github.com/laminas/laminas-diactoros/pull/146) thanks to @Xerkus

#### BC Break,Enhancement

 - [136: Allow usage with PSR-7 v2](https://github.com/laminas/laminas-diactoros/pull/136) thanks to @weierophinney

#### Enhancement

 - [132: Update to PSR-7 1.1/2.0](https://github.com/laminas/laminas-diactoros/issues/132) thanks to @weierophinney

#### BC Break,Bug

 - [12: `ServerRequestFactory::fromGlobals()` checks if args are truthy rather than set](https://github.com/laminas/laminas-diactoros/issues/12) thanks to @weierophinney
    Unverified

  • 2.25.2

    9f3f4bf5 · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.25.2

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.24.2

    aaf27a55 · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.24.2

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.23.1

    16326465 · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.23.1

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.22.1

    e401416e · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.22.1

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.21.1

    a65b4208 · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.21.1

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.20.1

    bb8bbb33 · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.20.1

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.19.1

    04ab8dfa · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.19.1

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.18.1

    31d4ac32 · Merge pull request from GHSA-xv3h-4844-9h36 · 
    laminas/laminas-diactoros 2.18.1

Fixed
-----

This release provides a patch for CVE-2023-29530 / GHSA-xv3h-4844-9h36 / LP2023-01.
    Unverified

  • 2.25.1

    13f45e5b · Merge pull request #138 from laminas/2.24.x-merge-up-into-2.25.x_sar9mpV4 · 
    ### Release Notes for [2.25.1](https://github.com/laminas/laminas-diactoros/milestone/54)

2.25.x bugfix release (patch)

### 2.25.1

- Total issues resolved: **0**
- Total pull requests resolved: **1**
- Total contributors: **1**

 - [138: Merge release 2.24.1 into 2.25.x](https://github.com/laminas/laminas-diactoros/pull/138) thanks to @github-actions[bot]
    Unverified