Skip to content

Bump guzzlehttp/guzzle from 7.12.3 to 7.13.1#434

Merged
aharoitx merged 1 commit into
10.1.xfrom
dependabot/composer/guzzlehttp/guzzle-7.13.1
Jun 30, 2026
Merged

Bump guzzlehttp/guzzle from 7.12.3 to 7.13.1#434
aharoitx merged 1 commit into
10.1.xfrom
dependabot/composer/guzzlehttp/guzzle-7.13.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Bumps guzzlehttp/guzzle from 7.12.3 to 7.13.1.

Release notes

Sourced from guzzlehttp/guzzle's releases.

7.13.1

Fixed

  • Allow middleware to rewrite partial URIs before transports validate them

7.13.0

Added

  • Added the crypto_method_max request option to cap the maximum TLS protocol version
  • Added HTTP QUERY redirect support, preserving method and body on 301 and 302

Changed

  • Section proxy tunnel connection reuse by credential so distinct credentials never share a tunnel
  • Isolate concurrent foreign cURL proxy tunnels added while another owner's tunnel is active
  • Route credentialed HTTP(S) proxy Proxy-Authorization headers through cURL proxy header handling
  • Reject request-level CURLOPT_SHARE when combined with authenticated HTTP/HTTPS proxy tunnel configuration
  • Remove deprecation for raw cURL CURLOPT_PREREQFUNCTION callbacks when defined by PHP cURL
  • Route TLS 1.2 crypto_method requests to the stream handler when cURL cannot select TLS 1.2
  • Reject final request URIs missing a scheme or host before transfer

Deprecated

  • Deprecate invalid protocols, force_ip_resolve, delay, cookies, and allow_redirects values
Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.13.1 - 2026-06-29

Fixed

  • Allow middleware to rewrite partial URIs before transports validate them

7.13.0 - 2026-06-29

Added

  • Added the crypto_method_max request option to cap the maximum TLS protocol version
  • Added HTTP QUERY redirect support, preserving method and body on 301 and 302

Changed

  • Section proxy tunnel connection reuse by credential so distinct credentials never share a tunnel
  • Isolate concurrent foreign cURL proxy tunnels added while another owner's tunnel is active
  • Route credentialed HTTP(S) proxy Proxy-Authorization headers through cURL proxy header handling
  • Reject request-level CURLOPT_SHARE when combined with authenticated HTTP/HTTPS proxy tunnel configuration
  • Remove deprecation for raw cURL CURLOPT_PREREQFUNCTION callbacks when defined by PHP cURL
  • Route TLS 1.2 crypto_method requests to the stream handler when cURL cannot select TLS 1.2
  • Reject final request URIs missing a scheme or host before transfer

Deprecated

  • Deprecate invalid protocols, force_ip_resolve, delay, cookies, and allow_redirects values
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 7.12.3 to 7.13.1.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.13/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.12.3...7.13.1)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update php code labels Jun 30, 2026
@aharoitx aharoitx merged commit 0d3a47c into 10.1.x Jun 30, 2026
10 checks passed
@dependabot dependabot Bot deleted the dependabot/composer/guzzlehttp/guzzle-7.13.1 branch June 30, 2026 22:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file php Pull requests that update php code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant