Skip to content

Bump phoenix from 1.8.5 to 1.8.7#167

Merged
ftes merged 1 commit into
mainfrom
dependabot/hex/phoenix-1.8.7
May 12, 2026
Merged

Bump phoenix from 1.8.5 to 1.8.7#167
ftes merged 1 commit into
mainfrom
dependabot/hex/phoenix-1.8.7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 12, 2026
edited
Loading

Bumps phoenix from 1.8.5 to 1.8.7.

Changelog

Sourced from phoenix's changelog.

1.8.7 (2026-05-06)

Bug fixes

  • Fix invalid status when longpoll request times out

Enhancements

  • Mask token parameter in logs by default (in addition to "password")

JavaScript Client Bug Fixes

  • Fix encoding of non-ASCII metadata in binary channel messages

1.8.6 (2026-05-05)

Security fixes

  • CVE-2026-32689: Fix Phoenix.Socket Longpoll transport memory exhaustion in nd-JSON body splitting

Enhancements

  • [phoenix] Raise if use Phoenix.VerifiedRoutes is called multiple times in the same module
  • [phoenix] Fix more deprecation and type checker warnings on Elixir 1.20
  • [phoenix] Raise when interpolating a list in Phoenix.VerifiedRoutes (#6632)
  • [phoenix] Gracefully handle non-binary vsn socket parameter (#6662)
  • [phx.gen.*] Use .eex filename suffix in generator files
  • [phx.new] Add interactive mode: mix phx.new --interactive (#6630)
  • [phx.new] Add phx-no-format to generated <.live_title> tag (#6667)

Bug fixes

  • [phx.gen.*] Fix generated migrations for myxql when using scopes (#6635)
  • [phx.new] Fix crash when parent directory contains a colon (#6633)
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code labels May 12, 2026
@dependabot
Bump phoenix from 1.8.5 to 1.8.7
98cb1b2 
Bumps [phoenix](https://github.com/phoenixframework/phoenix) from 1.8.5 to 1.8.7.
- [Release notes](https://github.com/phoenixframework/phoenix/releases)
- [Changelog](https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md)
- [Commits](phoenixframework/phoenix@v1.8.5...v1.8.7)

---
updated-dependencies:
- dependency-name: phoenix
  dependency-version: 1.8.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/hex/phoenix-1.8.7 branch from 847f570 to 98cb1b2 Compare May 12, 2026 05:06
@ftes ftes enabled auto-merge (squash) May 12, 2026 05:07
@ftes ftes merged commit 7df8727 into main May 12, 2026
3 checks passed
@dependabot dependabot Bot deleted the dependabot/hex/phoenix-1.8.7 branch May 12, 2026 05:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ftes