Skip to content

Bump guzzlehttp/guzzle from 7.12.1 to 7.12.3#3822

Merged
williamjallen merged 1 commit into
masterfrom
dependabot/composer/guzzlehttp/guzzle-7.12.3
Jul 2, 2026
Merged

Bump guzzlehttp/guzzle from 7.12.1 to 7.12.3#3822
williamjallen merged 1 commit into
masterfrom
dependabot/composer/guzzlehttp/guzzle-7.12.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps guzzlehttp/guzzle from 7.12.1 to 7.12.3.

Release notes

Sourced from guzzlehttp/guzzle's releases.

7.12.3

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12.3

Security

7.12.2

Fixed

  • Clamp out-of-range Max-Age so a very large value no longer overflows to an already-expired timestamp
  • Use strict comparison in CookieJar conflict resolution so distinct numeric-string names don't overwrite
  • Store a cookie whose Domain has a trailing dot on the origin host instead of silently discarding it
  • Fix StreamHandler hard-failing on bracketed IPv6 literal hosts when force_ip_resolve is set
  • Use strict cookie Path comparison so CookieJar::clear() with a numeric path keeps a distinct-path cookie
  • Fixed cookie handling for falsey Domain, Max-Age, path, and name values
  • Fixed decode_content handling for falsey string values
  • Fixed deprecated request option values reaching built-in handlers before normalization
Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.12.3 - 2026-06-23

Changed

  • Adjusted guzzlehttp/psr7 version constraint to ^2.12.3

Security

7.12.2 - 2026-06-23

Fixed

  • Clamp out-of-range Max-Age so a very large value no longer overflows to an already-expired timestamp
  • Use strict comparison in CookieJar conflict resolution so distinct numeric-string names don't overwrite
  • Store a cookie whose Domain has a trailing dot on the origin host instead of silently discarding it
  • Fix StreamHandler hard-failing on bracketed IPv6 literal hosts when force_ip_resolve is set
  • Use strict cookie Path comparison so CookieJar::clear() with a numeric path keeps a distinct-path cookie
  • Fixed cookie handling for falsey Domain, Max-Age, path, and name values
  • Fixed decode_content handling for falsey string values
  • Fixed deprecated request option values reaching built-in handlers before normalization
Commits

Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 7.12.1 to 7.12.3.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.13/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.12.1...7.12.3)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.12.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/composer/guzzlehttp/guzzle-7.12.3 branch from 3fcf6f4 to 5c903f1 Compare July 1, 2026 17:54
@williamjallen williamjallen added this pull request to the merge queue Jul 1, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jul 1, 2026
@williamjallen williamjallen added this pull request to the merge queue Jul 1, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jul 1, 2026
@williamjallen williamjallen added this pull request to the merge queue Jul 1, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jul 1, 2026
@williamjallen williamjallen added this pull request to the merge queue Jul 1, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jul 1, 2026
@williamjallen williamjallen added this pull request to the merge queue Jul 1, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jul 1, 2026
@williamjallen williamjallen added this pull request to the merge queue Jul 2, 2026
Merged via the queue into master with commit 82e3736 Jul 2, 2026
13 of 14 checks passed
@dependabot dependabot Bot deleted the dependabot/composer/guzzlehttp/guzzle-7.12.3 branch July 2, 2026 12:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant