You can apply custom patch files as a post composer script
Use the attached patch files to correct this issue.
mkdir -p patches/composer/magento/module-staging/
nano patches/composer/magento/module-staging/fix-staging-test.patch
Luke Rodgers convenient
convenient
/ README.md
Last active
February 4, 2019 11:44
Magento 2 Commerce patch files for staging unit test date bug
convenient
/ gist:543c9752384a1fe005dc4ab60c3732bd
Last active
October 1, 2021 09:59
Add stacktrace to all magento logs
vendor/magento/framework/Logger/Monolog.php
public function addRecord($level, $message, array $context = [])
{
$context[uniqid('trace')] = (new \Exception())->getTraceAsString();
convenient
/ README.md
Last active
March 31, 2026 10:39
Axios Supply Chain Attack Local Package Scanner
- https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
- axios/axios#10604
On March 31, 2026, StepSecurity identified two malicious versions of the widely used axios HTTP client library published to npm: axios@1.14.1 and axios@0.30.4
The malicious versions inject a new dependency, plain-crypto-js@4.2.1, which is never imported anywhere in the axios source code. Its sole purpose is to execute a postinstall script that acts as a cross platform remote access trojan (RAT) dropper, targeting macOS, Windows, and Linux. The dropper contacts a live command and control server and delivers platform specific second stage payloads. After execution, the malware deletes itself and replaces its own package.json with a clean version to evade forensic detection.
If you have installed axios@1.14.1 or axios@0.30.4, assume your system is compromised.
OlderNewer