Merge pull request #6267 from dotani1111/dev/twig-version-dependabot

fix: lock Twig version, update dependabot.yml
EC-CUBE · Sep 4, 2024 · 51abaa3 · 51abaa3
2 parents 7dc6e35 + d0d203f
commit 51abaa3
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -6,6 +6,8 @@ updates:
       interval: "weekly"
     allow:
       - dependency-type: "all"
+    ignore:
+      - dependency-name: "twig/twig"
 
   # GitHub アクションの依存関係を維持する
   - package-ecosystem: "github-actions"

diff --git a/composer.json b/composer.json
@@ -99,9 +99,9 @@
         "symfony/workflow": "^6.4",
         "symfony/yaml": "^6.4",
         "tecnickcom/tcpdf": "^6.2",
-        "twig/extra-bundle": "^3.3",
+        "twig/extra-bundle": "3.8.0",
         "twig/intl-extra": "^3.3",
-        "twig/twig": "^3.8",
+        "twig/twig": "3.8.0",
         "vlucas/phpdotenv": "v5.6.0"
     },
     "require-dev": {