By vladmor2012 on

I'm trying to update it to version 11.3.10 and it gives me an error:

Problem 1

    - Root composer.json requires drupal/core-recommended 11.3.7 -> satisfiable by drupal/core-recommended[11.3.7].

    - drupal/core-recommended 11.3.7 requires drupal/core 11.3.7 -> found drupal/core[11.3.7] but these were not loaded, because they are affected by security advisories ("SA-CORE-2026-004"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.

I still haven't found a place to specify this.

Best regards, Vlad.

Categories: Drupal 11.x

Comments

lpcb’s picture

lpcb commented

Hey Vlad,

Assuming your `composer.json` file looks similar you can add append the "audit" config like so:

"config": {
      "allow-plugins": {
          "composer/installers": true,
          "drupal/core-composer-scaffold": true,
          "drupal/core-recipe-unpack": true,
          "drupal/core-project-message": true,
          "phpstan/extension-installer": true,
          "dealerdirect/phpcodesniffer-composer-installer": true,
          "php-http/discovery": true,
          "php-tuf/composer-integration": true
      },
      "sort-packages": true,
      "audit": {
          "block-insecure": false
      }
},

Be warned, this will ignore ALL advisories for the sake of upgrading to 11.3.10!

jaypan’s picture

jaypan
Location Victoria, BC
commented

Can you please post the command you ran, and the require section of composer.json.

Contact me to contract me for D7 -> D10/11 migrations.

vladmor2012’s picture

vladmor2012 commented

Thanks for the advice. Everything worked out. Drupal 11 is being updated.

Best regards, Vlad.