Update all non-major dependencies

[renovate]

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
actions/cache (changelog)	action	digest	0400d5f → 0057852
actions/checkout (changelog)	action	digest	08c6903 → 93cb6ef
discoverygarden/dgi_image_discovery	require	minor	1.5.0 → 1.6.2
drupal/admin_toolbar (source)	require	patch	3.6.2 → 3.6.3
drupal/advanced_search (source)	require	minor	2.1.4 → 2.2.1
drupal/better_exposed_filters (source)	require	minor	7.0.5 → 7.1.1
drupal/citation_select (source)	require	patch	2.0.0-beta2 → 2.0.1
drupal/controlled_access_terms (source)	require	minor	2.5.1 → 2.6.0
drupal/core-composer-scaffold (source)	require	minor	10.5.2 → 10.6.1
drupal/core-recommended	require	minor	10.5.2 → 10.6.1
drupal/devel (source)	require-dev	minor	5.4.0 → 5.5.0
drupal/facets (source)	require	patch	2.0.9 → 2.0.10
drupal/flysystem (source)	require	minor	2.2.0-rc2 → 2.3.0
drupal/islandora (source)	require	patch	2.17.1 → 2.17.3
drupal/islandora_mirador (source)	require	patch	2.3.10 → 2.3.12
drupal/pathauto (source)	require	minor	1.13.0 → 1.14.0
drupal/pdf (source)	require	minor	1.2.0 → 1.3.0
drupal/rest_oai_pmh (source)	require	minor	2.0.3 → 2.1.1
drupal/views_data_export (source)	require	minor	1.6.0 → 1.8.0
drush/drush (source)	require	minor	13.6.2 → 13.7.0
mozilla/pdf.js		patch	5.4.54 → 5.4.530
shivammathur/setup-php (changelog)	action	digest	2052987 → 44454db

---

Release Notes

discoverygarden/dgi_image_discovery (discoverygarden/dgi_image_discovery)

v1.6.2

Compare Source

v1.6.1

Compare Source

v1.6.0

Compare Source

v1.5.1

Compare Source

drupal/core-composer-scaffold (drupal/core-composer-scaffold)

v10.6.1

Compare Source

v10.6.0

Compare Source

v10.5.8

Compare Source

v10.5.7

Compare Source

v10.5.6

Compare Source

v10.5.5

Compare Source

v10.5.4

Compare Source

v10.5.3

Compare Source

drupal/core-recommended (drupal/core-recommended)

v10.6.1

Compare Source

v10.6.0

Compare Source

v10.5.8

Compare Source

v10.5.7

Compare Source

v10.5.6

Compare Source

v10.5.5

Compare Source

v10.5.4

Compare Source

v10.5.3

Compare Source

drush-ops/drush (drush/drush)

v13.7.0

Compare Source

Highlights

• Backport of native Symfony Console command support. This is the new recommended form for command authoring. Prior approaches still work. Example: Devel. By @​weitzman in #​6407
• A workspace:publish command - #​5933 by @​malcomio in #​5934

What's Changed

• twig:compile: Surround the template loading with try-catch #​6335 by @​efpapado in #​6336
• Fixes #​6279, #​6278. More robust git diff during config import/export by @​weitzman in #​6339
• #​6345: Fix performance issues in 'locale:export' command for large .po exports by @​hctom in #​6346
• Add example to set default admin user account by @​gitressa in #​6379
• field-create: Remove unnecessary _none option from allowed formats list by @​DieterHolvoet in #​6420
• PHP 8.5 for highest tests by @​weitzman in #​6457
• Install dependencies with theme installation. by @​fjgarlin in #​6438

New Contributors

• @​efpapado made their first contribution in #​6336

Full Changelog: drush-ops/drush@13.6.2...13.7.0

mozilla/pdf.js (mozilla/pdf.js)

v5.4.530

Compare Source

This release, the final one of 2025, contains improvements for accessibility, font conversion, image conversion, performance, text selection and the viewer.

Changes since v5.4.449

• Bump the stable version in pdfjs.config by @​timvandermeij in #​20469
• [Editor] Pointer type initialization only when the user changes the mode by @​legraina in #​20226
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20470
• Aria-hide the text content part of a MathML formula (bug 1998046) by @​calixteman in #​20471
• Inject the text from the text layer in the MathML tags when they're in the struct tree (bug 1998046) by @​calixteman in #​20472
• Add a menu class in order to be used in the new UI for the merge feature by @​calixteman in #​20483
• Add some callbacks when resizing a sidebar by @​calixteman in #​20474
• Use HTMLElement.scrollIntoView when showing a thumbnail by @​calixteman in #​20476
• Extend getGlyphMapForStandardFonts with some Russian entries (issue 20453) by @​xiaobai2017666 in #​20454
• Add a new linting task in order to detect unused/unknown css variables in the Firefox build by @​calixteman in #​20485
• Add .vscode to .gitignore by @​calixteman in #​20490
• Encode FontPath data into an ArrayBuffer by @​ryzokuken in #​20346
• Move the css for tree object in its own file by @​calixteman in #​20493
• Use only one resize observer in the the sidebar by @​calixteman in #​20494
• Fix infinite loop in JBIG2 decoder with >4 referred-to segments by @​Gaurang-5 in #​20440
• Move text layer scaling logic to CSS by @​nicolo-ribaudo in #​20491
• Improves text rendering performance by skipping unnecessary pattern calculations by @​AtiX in #​20499
• Simplify positioning of elements inside markedContent by @​nicolo-ribaudo in #​20492
• Fix #​20420: Prevent double decoding of file URL parameter by @​Uzair-Ahmed-Shah in #​20482
• Fix the position of the checkmark when the menu is displayed in RTL by @​calixteman in #​20500
• Fix some css in the tree view by @​calixteman in #​20508
• Change the sidebar for a views manager by @​calixteman in #​20495
• Bump actions/upload-artifact from 5 to 6 by @​dependabot[bot] in #​20507
• Run the CI tests in Node.js version 25 too by @​timvandermeij in #​20502
• Fix unit tests in adding a comma in the JSON for imports by @​calixteman in #​20517
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20501
• Escape punctuation signs in search query by @​calixteman in #​20518
• Avoid exception when trying to render some glyphs contours by @​calixteman in #​20514
• Simplify regex escaping by @​calixteman in #​20524
• Dont' throw when adding page labels in thumbnails by @​calixteman in #​20521
• Fix the encoding for some missing chinese fonts by @​calixteman in #​20526
• Remove some files from talos tests because they aren't available on webarchive by @​calixteman in #​20527
• Avoid pattern creation with some basic gradients by @​calixteman in #​20525
• Introduce a helper function to draw a line in the ink editor integration tests by @​timvandermeij in #​20519
• Add CLAUDE.md generated with claude code by @​calixteman in #​20522
• Avoid to have a mail link with string having the format [email protected] by @​calixteman in #​20531
• Remove undefStack stuff in the cff parser by @​calixteman in #​20537
• Fix the loca table length when there is enough space for it by @​calixteman in #​20538
• Use CIDToGIDMap when the font is a type 2 with an OpenType font by @​calixteman in #​20535

v5.4.449

Compare Source

This release contains improvements for the annotation editor, performance, text selection and the viewer.

Changes since v5.4.394

• Bump the stable version in pdfjs.config by @​timvandermeij in #​20414
• Create the number tree for the ParentTree only one time by @​calixteman in #​20425
• Add the possibility to create a pdf from different ones (bug 1997379) by @​calixteman in #​20409
• Update the page labels tree when a pdf is extracted (bug 1997379) by @​calixteman in #​20411
• Update the named page destinations when some pdf are combined (bug 1997379) by @​calixteman in #​20421
• Version entry in the catalog has to be a name and not a string by @​calixteman in #​20432
• Add a wrapper for the new xref in order to be able to get some values from cloned dictionaries by @​calixteman in #​20431
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20429
• Introduce a helper function to create a freetext editor in the integration tests by @​timvandermeij in #​20430
• Add telemetry for tagged pdfs (bug 1997134) by @​calixteman in #​20405
• Merge the structure trees coming from different pdfs (bug 1997379) by @​calixteman in #​20436
• Add regression test for PR 19184 by @​maettuu in #​20151
• Bump glob by @​dependabot[bot] in #​20448
• Bump js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in #​20449
• Lint and format the HTML in using Prettier by @​calixteman in #​20447
• Add setter for some FontFaceObject properties by @​Aditi-1400 in #​20427
• fix: deleteAnnotationElement takes a full editor object by @​sachiniyer in #​20413
• When searching for a group of punctuation signs, only add extraspaces around the group by @​calixteman in #​20456
• [XFA] Set default max value in occur tag to -1 (bug 1998843) by @​calixteman in #​20455
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in #​20459
• Include missing cached-iterable dev dependency in package.json by @​Mario34 in #​20450
• Don't use firstChild/lastChild when getting elements (follow-up of #​20447) by @​calixteman in #​20458
• [Editor] Allow to save an edited comment in using CTRL+Enter shortcut. by @​calixteman in #​20460
• Create a sidebar object by @​calixteman in #​20467
• Fix the regex string used to find the chars to normalize with NFKC when searching by @​calixteman in #​20465
• Use OIDC trusted publishing in the GitHub Actions release workflow by @​timvandermeij in #​20468
• Slightly reduce the memory used by thumbnails by @​calixteman in #​20462

v5.4.394

Compare Source

This release contains improvements for the annotation editor, accessibility, font conversion and performance.

Changes since v5.4.296

• Bump the stable version in pdfjs.config by @​timvandermeij in #​20339
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20337
• [Editor] Remove obsolete arguments for setDims calls in the highlight code by @​timvandermeij in #​20335
• Add a test for PR #​20320 by @​calixteman in #​20338
• [Editor] Make sure that comment stuff is removed when an editor is deleted (bug 1992987) by @​calixteman in #​20342
• [Editor] Make sure the editor is focused after the comment has been deleted (bug 1992832) by @​calixteman in #​20343
• [Editor] Make sure all editors are focusable with the keyboard (bug 1992868) by @​calixteman in #​20341
• [Editor] Remove the role radio for the editing buttons (bug 1990826) by @​calixteman in #​20347
• [Editor] Make sure that annotation positions in the DOM respect the visual order (bug 1992770) by @​calixteman in #​20344
• [Annotation] Use the annotations rect in order to fix the order in the DOM (bug 1987914) by @​calixteman in #​20350
• [Editor] Avoid to have a null button in the DOM when there's no comment manager by @​calixteman in #​20351
• Improve performance of the struct tree build (bug 1987914) by @​calixteman in #​20352
• [Annotation] Improve the performance of the code for getting glyphs which belongs to annotations bounding boxes (bug 1987914) by @​calixteman in #​20353
• Use enums instead of string for mesh shading figure type by @​Aditi-1400 in #​20354
• Bump github/codeql-action from 3 to 4 by @​dependabot[bot] in #​20357
• Very slightly improve intersector performance by @​calixteman in #​20358
• Use Python 3.14 in the GitHub workflows by @​timvandermeij in #​20363
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20356
• Reset sameLineText dependencies data on setTextMatrix by @​nicolo-ribaudo in #​20361
• Use a binary format for the glyph paths by @​calixteman in #​20367
• [Editor] Correctly focus the annotation once the comment has been removed in the annotation layer (bug 1994738) by @​calixteman in #​20369
• [Editor] Fix the tooltip of the comment button when in the editor toolbar (bug 1994958) by @​calixteman in #​20372
• [Editor] FreeText annotations aren't supposed to have an attached popup so disable commenting for them (bug 1995028) by @​calixteman in #​20374
• [Editor] Make sure the color picker has the right color when pasting an editor by @​calixteman in #​20375
• [Editor] Fix integration test after #​20372 by @​calixteman in #​20377
• Use stream for whatever substrem in stream classes by @​calixteman in #​20373
• Fix stream use when getting the text (follow-up of #​20373) by @​calixteman in #​20379
• Add a highlightSpan function in order to simplify a bit the integration tests by @​calixteman in #​20355
• Tweak the "scroll into view" viewer integration test by @​timvandermeij in #​20380
• Don't use the aboutstacks.pdf file in the integration tests by @​timvandermeij in #​20378
• Bump actions/setup-node from 5 to 6 by @​dependabot[bot] in #​20381
• Serialize pattern data into ArrayBuffer by @​Aditi-1400 in #​20340
• [Editor] Fix the css of the button to close the comment sidebar (bug 1995766) by @​calixteman in #​20386
• [Editor] Fix the css of the link in the comment sidebar (bug 1995721) by @​calixteman in #​20387
• [Editor] Avoid to have several Undo entries in the context menu (bug 1995705) by @​calixteman in #​20388
• [Editor] Make sure the left (resp. right) corner of the popup is visible when in LTR (resp. RTL) (bug 1995579) by @​calixteman in #​20389
• Make MathML elements visible in the struct tree (bug 1937438) by @​calixteman in #​20384
• Bump actions/upload-artifact from 4 to 5 by @​dependabot[bot] in #​20400
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20396
• Add the font PT Astra Serif as a possible substitution for Times New Roman by @​CoelacanthusHex in #​20394
• Collect all child nodes of lists and tables in StructTree by @​edoardocavazza in #​20327
• Add text extractor as an external service by @​gregtatum in #​20406
• Revert "Add some telemetry in order to know what are the certificates used in pdfs (bug 1973573)" by @​calixteman in #​20404
• Don't set the MathML namespace for attributes in MathML tags (bug 1997343) by @​calixteman in #​20408
• [Editor] A new CurrentPointers class to store current pointers used by the editor by @​legraina in #​20213

v5.4.296

Compare Source

This release contains improvements for annotations, the annotation editor, font conversion, text selection and the viewer.

Changes since v5.4.149

• Bump the stable version in pdfjs.config by @​timvandermeij in #​20215
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20216
• Add a function changeLightness in order to change the lightness of a RGB color by @​calixteman in #​20204
• [Editor] Hide the comment sidebar on document change by @​timvandermeij in #​20220
• [Editor] Add editors with a comment in the sidebar by @​calixteman in #​20217
• [Editor] Make scrollable the area containing the comments in the sidebar by @​calixteman in #​20222
• [Editor] Use the color of the annotation for the background of the comment button by @​calixteman in #​20221
• [Editor] Don't save the image when updating a stamp annotation by @​calixteman in #​20233
• Add a new function renderRichText to be used in the annotation layer by @​calixteman in #​20231
• Fix the rendering of XFA rich text in popup annotations by @​timvandermeij in #​20238
• Bump actions/setup-python from 5 to 6 by @​dependabot[bot] in #​20242
• Bump actions/setup-node from 4 to 5 by @​dependabot[bot] in #​20243
• Improve the integration test code by @​timvandermeij in #​20172
• [Editor] Fix saving a deleted popup by @​calixteman in #​20244
• [Editor] Add the dates and rich text if any to the editors in order to use them when displaying the popup by @​calixteman in #​20245
• Unskip the must check that date entered by the user is consistent scripting integration test for Firefox by @​timvandermeij in #​20239
• [Editor] Make sure the comment button is at the right place when adding it in the toolbar by @​calixteman in #​20248
• [Editor] When clicking on a comment in the sidebar, wait for the annotation editor layer to be rendered by @​calixteman in #​20247
• Reduce background canvas resolution by @​nicolo-ribaudo in #​20255
• Add an option in scrollIntoView and goToXY in order to be able to center vertically or horizontally the point XY in the viewer container by @​calixteman in #​20253
• [Editor] Don't throw when switching to editing mode before an annotation editor layer is rendered by @​calixteman in #​20259
• [Editor] Cleanup the pages not being fully rendered before switching to editing mode by @​calixteman in #​20258
• Make sure that a good constrast ratio is respected when darkening/lightening a color by @​calixteman in #​20240
• Store ops bboxes in a linear Uint8Array by @​nicolo-ribaudo in #​20208
• Fix JSDoc description in src/display/api.js by @​nicolo-ribaudo in #​20267
• Only record bboxes when needed by @​nicolo-ribaudo in #​20256
• Use a dichotomy to find a color with a good contrast ratio by @​calixteman in #​20269
• Replace manual returns with pending in the integration tests by @​timvandermeij in #​20271
• Consider a ttf font with both Symbolic and Nonsymbolic flags set with a Differences array in the encoding dict as non-symbolic by @​calixteman in #​20270
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​20272
• [Editor] Add a new popup for comments (bug 1987425) by @​calixteman in #​20249
• [Annotation] Use the new popup in reading mode (bug 1987426) by @​calixteman in #​20250
• [Editor] Fix the position of the comment popup and its dialog by @​calixteman in #​20278
• [Annotation] Save the comment changes made in reading mode (bug 1987427) by @​calixteman in #​20274
• Avoid unused css variables by @​calixteman in #​20279
• Use console.warn/console.info where appropriate by @​sigmaSd in #​20252
• [Editor] Fix the focus outline for the comment dialog buttons by @​calixteman in #​20281
• [Editor] Make sure to not add extra editors when showing again a destroyed page by @​calixteman in #​20282
• Update OpenJPEG to 2.5.4 by @​calixteman in #​20286
• Serialize font data into an ArrayBuffer by @​ryzokuken in #​20197
• [Editor] Make sure the comment dialog is visible on the screen (bug 1989304) by @​calixteman in #​20283
• [Editor] Remove useless computations when setting the dimensions of an editor by @​calixteman in #​20285
• [Editor] When in HCM, don't apply light/dark color in the comment buttons (bug 1977269) by @​calixteman in #​20291
• [Editor] Update the color and the position of the comment button in reading mode they've been modified by @​calixteman in #​20295
• [Editor] Don't add scrollbars when it's useless in the comment sidebar (bug 1990099) by @​calixteman in #​20297
• [Editor] Avoid to use similar colors for background and foreground colors in HCM (bug 1990082) by @​calixteman in #​20298
• [Editor] Use some percent coordinates for the comment dialog (bug 1990104) by @​calixteman in #​20299
• [Editor] Fix the button labels in the comment dialog (bug 1990499) by @​calixteman in #​20300
• [Editor] Make the comment sidebar resizable (bug 1990544) by @​calixteman in #​20303
• [Editor] Add a title to the comment buttons (bug 1990813) by @​calixteman in #​20305
• [Editor] Move the focus to the comment button once editing is done (bug 1990820) by @​calixteman in #​20304
• [Editor] Make sure the selected editor is correctly focused after switching editing mode (bug 1990872) by @​calixteman in #​20307
• [Editor] Fix the URL for the 'Learn more' link in the comment sidebar (bug 1990454) by @​calixteman in #​20308
• [Editor] Show the comments in the sidebar in the chronological order,newest to oldest (bug 1990762) by @​calixteman in #​20310
• Update dependencies by @​calixteman in #​20309
• [Editor] Give the focus to the comment button after editing in reading mode by @​calixteman in #​20311
• [Annotation] In reading mode with new commment stuff enabled, use the comment popup for annotations without a popup but with some contents (bug 1991029) by @​calixteman in #​20312
• [Editor] Add some telemetry for the commenting feature (bug 1991172) by @​calixteman in #​20313
• [Editor] Remove useless sidebar css by @​calixteman in #​20314
• [Editor] Add a fake annotation (in the annotation layer) associated with an editor in order to be able to show the comment button (bug 1989420) by @​calixteman in #​20321
• [Editor] Avoid an error when getting the editors telemetry data by @​calixteman in #​20318
• [Annotation] Fix some timezone issues when getting a date from the date picker (bug 1991584) by @​calixteman in #​20320
• [Editor] Add the possibility to unselect a comment from the sidebar by @​calixteman in #​20322
• Increase the rendering quality of the detail view (bug 1991482) by @​calixteman in #​20323
• Improve serif fallback font name matching by @​james-atticus in #​20224
• Fix the creation of the annotation layer in the ref tests by @​calixteman in #​20329
• [Editor] Make sure the comment dialog always have relative coordinates between 0% and 100% by @​calixteman in [#​

---

Configuration

📅 Schedule: Branch creation - "after 10pm on Wednesday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: composer.lock

Command failed: composer update discoverygarden/dgi_image_discovery:1.6.2 drupal/admin_toolbar:3.6.3 drupal/advanced_search:2.2.1 drupal/better_exposed_filters:7.1.1 drupal/citation_select:2.0.1 drupal/controlled_access_terms:2.6.0 drupal/core-composer-scaffold:10.6.1 drupal/core-recommended:10.6.1 drupal/devel:5.5.0 drupal/facets:2.0.10 drupal/flysystem:2.3.0 drupal/islandora:2.17.3 drupal/islandora_mirador:2.3.12 drupal/pathauto:1.14.0 drupal/pdf:1.3.0 drupal/rest_oai_pmh:2.1.1 drupal/views_data_export:1.8.0 drush/drush:13.7.0 mozilla/pdf.js:v5.4.530 --with-all-dependencies --ignore-platform-req=ext-* --ignore-platform-req=lib-* --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins --minimal-changes
Loading composer repositories with package information
Package "mozilla/pdf.js" listed for update is not locked.
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires drupal/flysystem ^2.2@alpha -> satisfiable by drupal/flysystem[2.3.0].
    - drupal/flysystem 2.3.0 requires drupal/core ^11.0 -> found drupal/core[11.0.0-alpha1, ..., 11.x-dev] but these were not loaded, because they are affected by security advisories ("SA-CORE-2024-003", "SA-CORE-2024-004", "SA-CORE-2024-006", "SA-CORE-2024-007", "SA-CORE-2025-001", "SA-CORE-2025-002", "SA-CORE-2025-003", "SA-CORE-2025-004", "SA-CORE-2025-007", "SA-CORE-2025-008", "SA-CORE-2025-005", "SA-CORE-2025-006", "PKSA-d8tb-wwz2-ctxk", "PKSA-dh1f-zjm5-qg8y", "PKSA-bn52-vyzy-rmnm", "PKSA-xj83-g6g8-41vf", "PKSA-s1zc-gcfk-ddw5", "PKSA-ctyc-dmct-npkz", "PKSA-42zc-x5ss-z64p", "PKSA-s6zc-mws4-ngh4", "PKSA-g51h-n1x3-mszr", "PKSA-jthw-vxjy-kxnx", "PKSA-ts55-c66h-g96n", "PKSA-yjvc-rnsz-8n3c", "PKSA-styk-3knc-d1bt"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 2
    - Root composer.json requires drupal/islandora ^2.12.3 -> satisfiable by drupal/islandora[2.17.3].
    - drupal/flysystem 2.3.0 requires drupal/core ^11.0 -> found drupal/core[11.0.0-alpha1, ..., 11.x-dev] but these were not loaded, because they are affected by security advisories ("SA-CORE-2024-003", "SA-CORE-2024-004", "SA-CORE-2024-006", "SA-CORE-2024-007", "SA-CORE-2025-001", "SA-CORE-2025-002", "SA-CORE-2025-003", "SA-CORE-2025-004", "SA-CORE-2025-007", "SA-CORE-2025-008", "SA-CORE-2025-005", "SA-CORE-2025-006", "PKSA-d8tb-wwz2-ctxk", "PKSA-dh1f-zjm5-qg8y", "PKSA-bn52-vyzy-rmnm", "PKSA-xj83-g6g8-41vf", "PKSA-s1zc-gcfk-ddw5", "PKSA-ctyc-dmct-npkz", "PKSA-42zc-x5ss-z64p", "PKSA-s6zc-mws4-ngh4", "PKSA-g51h-n1x3-mszr", "PKSA-jthw-vxjy-kxnx", "PKSA-ts55-c66h-g96n", "PKSA-yjvc-rnsz-8n3c", "PKSA-styk-3knc-d1bt"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
    - drupal/islandora 2.17.3 requires drupal/flysystem ^2.0@alpha -> satisfiable by drupal/flysystem[2.3.0].

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.