New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@lando/php

Package Overview
Dependencies
Maintainers
4
Versions
33
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@lando/php - npm Package Compare versions

Comparing version
1.11.1
 to
1.11.2
+7
-0
CHANGELOG.md
## {{ UNRELEASED_VERSION }} - [{{ UNRELEASED_DATE }}]({{ UNRELEASED_LINK }})
## v1.11.2 - [February 25, 2026](https://github.com/lando/php/releases/tag/v1.11.2)
* Fixed composer install crash caused by legacy prestissimo removal running as wrong user
* Improved composer install script to default to latest stable
* Fixed `mysqldump` warning for unknown option on MariaDB 11.4/11.8 [#237](https://github.com/lando/php/issues/237)
* Updated to [@lando/nginx@1.6.0](https://github.com/lando/nginx/releases/tag/v1.6.0)
## v1.11.1 - [February 20, 2026](https://github.com/lando/php/releases/tag/v1.11.1)

@@ -4,0 +11,0 @@ 

+2
-0
node_modules/@lando/nginx/CHANGELOG.md
## {{ UNRELEASED_VERSION }} - [{{ UNRELEASED_DATE }}]({{ UNRELEASED_LINK }})
## v1.6.0 - [February 23, 2026](https://github.com/lando/nginx/releases/tag/v1.6.0)
## v1.5.0 - [August 31, 2025](https://github.com/lando/nginx/releases/tag/v1.5.0)

@@ -4,0 +6,0 @@ 

+9
-0
node_modules/@lando/nginx/config/launch.sh

@@ -50,2 +50,11 @@ #!/bin/bash

# Set nginx worker user to www-data so it can serve files created by PHP
# Bitnami's nginx-env.sh hardcodes NGINX_DAEMON_USER=daemon which overwrites
# any env var we set, so we patch it before the entrypoint runs
# See: https://github.com/lando/drupal/issues/124
if [ -f "/opt/bitnami/scripts/nginx-env.sh" ]; then
sed -i 's/export NGINX_DAEMON_USER="daemon"/export NGINX_DAEMON_USER="www-data"/' /opt/bitnami/scripts/nginx-env.sh
sed -i 's/export NGINX_DAEMON_GROUP="daemon"/export NGINX_DAEMON_GROUP="www-data"/' /opt/bitnami/scripts/nginx-env.sh
fi
# Detect and run the correct entrypoint script. THANKS BITNAMI!

@@ -52,0 +61,0 @@ if [ -f "/opt/bitnami/scripts/nginx/entrypoint.sh" ]; then

+1
-1
node_modules/@lando/nginx/netlify.toml

@@ -13,3 +13,3 @@ [build]

[context.deploy-preview.plugins.inputs]
todoPatterns = [ "load", "CHANGELOG.html", "x.com", "twitter.com", "/v/" ]
todoPatterns = [ "load", "CHANGELOG.html", "x.com", "twitter.com", "/v/", "hub.docker.com" ]
skipPatterns = [ ".rss", ".gif", ".jpg" ]

@@ -16,0 +16,0 @@ checkExternal = true

+5
-5
node_modules/@lando/nginx/package.json
{
"name": "@lando/nginx",
"description": "A Lando plugin that provides a tight integration with NGINX.",
"version": "1.5.0",
"version": "1.6.0",
"author": "Mike Pirog @pirog",

@@ -65,7 +65,7 @@ "license": "MIT",

"dist": {
"integrity": "sha512-5ucFuVSujqYHcrRYfp7h7hJoeB4hDIykCa3jCSrOzXEh9yJA5tOoIHWZ6sA5bVWMZ+fmVjJwN4ECq5bCSL4fXQ==",
"shasum": "4f17dd1cd473fd82fffc629a87f09b695826bf75",
"filename": "lando-nginx-1.5.0.tgz",
"unpackedSize": 1438911
"integrity": "sha512-hFMXf957vKd++pvHh08Ywc8h2Aftg1uDg+4Pt4HqsTQxYSnlN8ayoOVYphV7cUe2WV1gRIbFCLz5pKAPak/bYQ==",
"shasum": "648e64c6fc22418c8cd65b6ebe3274d16a6dc115",
"filename": "lando-nginx-1.6.0.tgz",
"unpackedSize": 1439572
}
}
+5
-5
package.json
{
"name": "@lando/php",
"description": "A Lando plugin that provides a tight integration with PHP.",
"version": "1.11.1",
"version": "1.11.2",
"author": "Mike Pirog @pirog",

@@ -69,7 +69,7 @@ "license": "MIT",

"dist": {
"integrity": "sha512-YARvLV+LsZ5LloDW2E7r3stkptHPkCtMh7VrEQu7Wa0pNF1N8TAQJlGxIRrWWuVT/6N7mgw+IWgro3CtPlCKsw==",
"shasum": "74c9af6bc8853760d8ca3a57528658580f99e409",
"filename": "lando-php-1.11.1.tgz",
"unpackedSize": 3059346
"integrity": "sha512-Jn6jP037tdYErBJBdIectKZxAen896JEtQD7sM0/OIztjpogAS94m6AGLfGqlj9g13nPyg2X9m8jR8V7gyIzkw==",
"shasum": "3abc7d8bccedcaeb8edb0557dc920475dea2273c",
"filename": "lando-php-1.11.2.tgz",
"unpackedSize": 3060141
}
}
+3
-9
scripts/install-composer.sh

@@ -27,4 +27,6 @@ #!/bin/sh

php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer --snapshot
elif [ -n "$VERSION" ]; then
php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer --version="$VERSION"
else
php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer --version="$VERSION"
php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer
fi

@@ -34,9 +36,1 @@

php -r "unlink('/tmp/composer-setup.php');"
# Check if anything is installed globally
if [ -f /var/www/.composer/composer.json ]; then
# If this is version 2 then let's make sure hirak/prestissimo is removed
if composer --version 2>/dev/null | grep -E "Composer (version )?2." > /dev/null; then
composer global remove hirak/prestissimo
fi
fi
+0
-3
scripts/mariadb-compat-install.sh

@@ -37,7 +37,4 @@ #!/bin/bash

[mysqldump]
# MySQL 8 uses this; MariaDB safely ignores it via loose- prefix
loose-skip-column-statistics
MYCNF
echo "MariaDB compatibility wrappers installed"