composer update log:
For additional security you should declare the allow-plugins config with a list of packages names that are allowed to run code. See https://getcomposer.org/allow-plugins You have until July 2022 to add the setting. Composer will then switch the default behavior to disallow all plugins. Loading composer repositories with package information Updating dependencies Lock file operations: 0 installs, 2 updates, 0 removals - Upgrading davaxi/sparkline (2.0.0 => 2.1.0) - Upgrading matomo/device-detector (5.0.2 => 5.0.3) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 0 installs, 2 updates, 0 removals - Downloading davaxi/sparkline (2.1.0) - Downloading matomo/device-detector (5.0.3) - Upgrading davaxi/sparkline (2.0.0 => 2.1.0): Extracting archive - Upgrading matomo/device-detector (5.0.2 => 5.0.3): Extracting archive Package phpunit/php-token-stream is abandoned, you should avoid using it. No replacement was suggested. Generating autoload files 32 packages you are using are looking for funding. Use the `composer fund` command to find out more!
Note: This will also update the sparkline package, containing a fix for PHP 8.1