ugh, composer.
There are 4 composer security advisories affecting our repositories.
Sandbox Information Disclosure
Improper Certificate Validation in phpseclib
RCE affecting Windows hosts via UNC paths to translation files
Untrusted code may be run from an overridden address validator