Skip to content

build(deps): bump guzzlehttp/guzzle from 7.10.0 to 7.11.0#31

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/composer/guzzlehttp/guzzle-7.11.0
Open

build(deps): bump guzzlehttp/guzzle from 7.10.0 to 7.11.0#31
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/composer/guzzlehttp/guzzle-7.11.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Bumps guzzlehttp/guzzle from 7.10.0 to 7.11.0.

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.11.0

Added

  • Added support for providing the proxy request option's no value as a comma-delimited string
  • Added the protocols request option to restrict allowed URI schemes for request transfers
  • Added cert_type and ssl_key_type request options for TLS certificate and private-key file types
  • Added PHP stream handler support for the ssl_key request option
  • Added transport sharing via the transport_sharing client and cURL handler options

Changed

  • Adjusted guzzlehttp/promises version constraint to ^2.5
  • Adjusted guzzlehttp/psr7 version constraint to ^2.11
  • Allowed domainless SetCookie instances to be stored without wildcard request matching
  • Changed no-proxy matching to respect request ports for host-and-port rules
  • Prevented CurlMultiHandler destructors from throwing during cleanup
  • Improved invalid response handling across handlers

Deprecated

  • Deprecated non-iterable Pool request collections, which will be rejected in 8.0
  • Deprecated non-uppercase easy request methods; 8.0 preserves method casing
  • Deprecated non-string headers request option values, which will be rejected in 8.0
  • Deprecated empty headers request option value arrays, which will be rejected in 8.0
  • Deprecated empty and malformed request protocol versions, which will be rejected in 8.0
  • Deprecated conflicting raw cURL request options, including CURLOPT_SHARE, which will be rejected in 8.0
  • Deprecated scalar-coerced idn_conversion request option values, which will be rejected in 8.0
  • Deprecated invalid documented request option value types, which will be rejected in 8.0
  • Deprecated selected request options ignored by incompatible built-in handlers, which will be rejected in 8.0
  • Deprecated RequestException::wrapException(), which will be removed in 8.0
  • Deprecated RetryMiddleware::exponentialDelay(), which will be removed in 8.0

Release 7.10.6

  • CurlMultiHandler now rejects the promise when CurlFactory::finish() throws, preserving sibling transfers
  • SetCookie now normalizes unparseable Expires values to null instead of false
  • Fix stream handler decoded gzip/deflate truncation by dropping invalid Content-Length

Release 7.10.5

Fixed

  • Defer cURL multi cancellation cleanup until after progress callbacks return
  • Classify additional stream handler connection failures as ConnectException

Release 7.10.4

Fixed

  • Fix IPv6 literal matching in no-proxy rules
  • Handle cURL multi completion messages without handles after cancelled transfers
  • Fix magic client request methods such as options() to uppercase inferred HTTP methods

... (truncated)

Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.11.0 - 2026-06-02

Added

  • Added support for providing the proxy request option's no value as a comma-delimited string
  • Added the protocols request option to restrict allowed URI schemes for request transfers
  • Added cert_type and ssl_key_type request options for TLS certificate and private-key file types
  • Added PHP stream handler support for the ssl_key request option
  • Added transport sharing via the transport_sharing client and cURL handler options

Changed

  • Adjusted guzzlehttp/promises version constraint to ^2.5
  • Adjusted guzzlehttp/psr7 version constraint to ^2.11
  • Allowed domainless SetCookie instances to be stored without wildcard request matching
  • Changed no-proxy matching to respect request ports for host-and-port rules
  • Prevented CurlMultiHandler destructors from throwing during cleanup
  • Improved invalid response handling across handlers

Deprecated

  • Deprecated non-iterable Pool request collections, which will be rejected in 8.0
  • Deprecated non-uppercase easy request methods; 8.0 preserves method casing
  • Deprecated non-string headers request option values, which will be rejected in 8.0
  • Deprecated empty headers request option value arrays, which will be rejected in 8.0
  • Deprecated empty and malformed request protocol versions, which will be rejected in 8.0
  • Deprecated conflicting raw cURL request options, including CURLOPT_SHARE, which will be rejected in 8.0
  • Deprecated scalar-coerced idn_conversion request option values, which will be rejected in 8.0
  • Deprecated invalid documented request option value types, which will be rejected in 8.0
  • Deprecated selected request options ignored by incompatible built-in handlers, which will be rejected in 8.0
  • Deprecated RequestException::wrapException(), which will be removed in 8.0
  • Deprecated RetryMiddleware::exponentialDelay(), which will be removed in 8.0

7.10.6 - 2026-06-01

Fixed

  • CurlMultiHandler now rejects the promise when CurlFactory::finish() throws, preserving sibling transfers
  • SetCookie now normalizes unparseable Expires values to null instead of false
  • Fix stream handler decoded gzip/deflate truncation by dropping invalid Content-Length

7.10.5 - 2026-05-27

Fixed

  • Defer cURL multi cancellation cleanup until after progress callbacks return
  • Classify additional stream handler connection failures as ConnectException

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump guzzlehttp/guzzle from 7.10.0 to 7.11.0
a6ec156 
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 7.10.0 to 7.11.0.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.11/CHANGELOG.md)
- [Commits](guzzle/guzzle@7.10.0...7.11.0)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Jun 2, 2026

Labels

The following labels could not be found: composer. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Updating dependencies label Jun 2, 2026
@dependabot dependabot Bot mentioned this pull request Jun 2, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Updating dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants