From c5d4c5eb7b09b201c85ff882630b8670d125079c Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 1 Dec 2019 14:50:19 +0100 Subject: [PATCH 01/10] updated CHANGELOG for 3.4.36 --- CHANGELOG-3.4.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/CHANGELOG-3.4.md b/CHANGELOG-3.4.md index ba1027925d..91a96c6e3b 100644 --- a/CHANGELOG-3.4.md +++ b/CHANGELOG-3.4.md @@ -7,6 +7,26 @@ in 3.4 minor versions. To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v3.4.0...v3.4.1 +* 3.4.36 (2019-12-01) + + * bug #34649 more robust initialization from request (dbu) + * bug #34671 [Security] Fix clearing remember-me cookie after deauthentication (chalasr) + * bug #34711 Fix the translation commands when a template contains a syntax error (fabpot) + * bug #34560 [Config][ReflectionClassResource] Handle parameters with undefined constant as their default values (fancyweb) + * bug #34695 [Config] don't break on virtual stack frames in ClassExistenceResource (nicolas-grekas) + * bug #34716 [DependencyInjection] fix dumping number-like string parameters (xabbuh) + * bug #34558 [Console] Fix autocomplete multibyte input support (fancyweb) + * bug #34130 [Console] Fix commands description with numeric namespaces (fancyweb) + * bug #34632 [Console] Fix trying to access array offset on value of type int (Tavafi) + * bug #34668 [Cache] Make sure we get the correct number of values from redis::mget() (thePanz) + * bug #34533 [Monolog Bridge] Fixed accessing static property as non static. (Sander-Toonen) + * bug #34385 Avoid empty "If-Modified-Since" header in validation request (mpdude) + * bug #34458 [Validator] ConstraintValidatorTestCase: add missing return value to mocked validate method calls (ogizanagi) + * bug #34366 [HttpFoundation] Allow redirecting to URLs that contain a semicolon (JayBizzle) + * bug #34410 [HttpFoundation] Fix MySQL column type definition. (jbroutier) + * bug #34396 [Finder] Allow ssh2 stream wrapper for sftp (damienalexandre) + * bug #34381 [WebProfilerBundle] Require symfony/twig-bundle (fancyweb) + * 3.4.35 (2019-11-13) * bug #34344 [Console] Constant STDOUT might be undefined (nicolas-grekas) From 5ed820030f51fd80e944f7bced9fbae3cd016dde Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 1 Dec 2019 14:50:27 +0100 Subject: [PATCH 02/10] update CONTRIBUTORS for 3.4.36 --- CONTRIBUTORS.md | 79 +++++++++++++++++++++++++++++++------------------ 1 file changed, 50 insertions(+), 29 deletions(-) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index ccca55ab4b..9a6707977b 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -19,8 +19,8 @@ Symfony is the result of the work of many people who made the code better - Jakub Zalas (jakubzalas) - Javier Eguiluz (javier.eguiluz) - Roland Franssen (ro0) - - Johannes S (johannes) - Grégoire Pineau (lyrixx) + - Johannes S (johannes) - Kris Wallsmith (kriswallsmith) - Yonel Ceruto (yonelceruto) - Hugo Hamon (hhamon) @@ -36,13 +36,13 @@ Symfony is the result of the work of many people who made the code better - Martin Hasoň (hason) - Hamza Amrouche (simperfit) - Jeremy Mikola (jmikola) - - Jean-François Simon (jfsimon) - Jules Pietri (heah) + - Jean-François Simon (jfsimon) - Benjamin Eberlei (beberlei) - Igor Wiedler (igorw) - Jérémy DERUSSÉ (jderusse) - - Eriksen Costa (eriksencosta) - Thomas Calvet (fancyweb) + - Eriksen Costa (eriksencosta) - Guilhem Niot (energetick) - Sarah Khalil (saro0h) - Tobias Nyholm (tobias) @@ -57,15 +57,15 @@ Symfony is the result of the work of many people who made the code better - Francis Besset (francisbesset) - stealth35 ‏ (stealth35) - Alexander Mols (asm89) - - Konstantin Myakshin (koc) - Matthias Pigulla (mpdude) + - Konstantin Myakshin (koc) - Bulat Shakirzyanov (avalanche123) + - Valentin Udaltsov (vudaltsov) - Grégoire Paris (greg0ire) - Saša Stamenković (umpirsky) - Peter Rehm (rpet) - Kevin Bond (kbond) - Henrik Bjørnskov (henrikbjorn) - - Valentin Udaltsov (vudaltsov) - Miha Vrhovnik - Diego Saint Esteben (dii3g0) - Gábor Egyed (1ed) @@ -91,11 +91,11 @@ Symfony is the result of the work of many people who made the code better - Henrik Westphal (snc) - Dariusz Górecki (canni) - David Buchmann (dbu) + - Graham Campbell (graham) - Dariusz Ruminski - Lee McDermott - Brandon Turner - Luis Cordova (cordoval) - - Graham Campbell (graham) - Daniel Holmes (dholmes) - Toni Uebernickel (havvg) - Bart van den Burg (burgov) @@ -109,20 +109,21 @@ Symfony is the result of the work of many people who made the code better - Maxime STEINHAUSSER - Michal Piotrowski (eventhorizon) - Tim Nagel (merk) + - Baptiste Clavié (talus) - Chris Wilkinson (thewilkybarkid) - Brice BERNARD (brikou) - - Baptiste Clavié (talus) - marc.weistroff - Tomáš Votruba (tomas_votruba) + - Peter Kokot (maastermedia) - Jérôme Vasseur (jvasseur) - lenar - Alexander Schwenn (xelaris) - Włodzimierz Gajda (gajdaw) - Sebastiaan Stok (sstok) - Adrien Brault (adrienbrault) - - Peter Kokot (maastermedia) - Jacob Dreesen (jdreesen) - Florian Voutzinos (florianv) + - Teoh Han Hui (teohhanhui) - Colin Frei - Oskar Stark (oskarstark) - Javier Spagnoletti (phansys) @@ -131,13 +132,12 @@ Symfony is the result of the work of many people who made the code better - Daniel Wehner (dawehner) - excelwebzone - Gordon Franke (gimler) - - Teoh Han Hui (teohhanhui) + - Tugdual Saunier (tucksaun) - Fabien Pennequin (fabienpennequin) - Théo FIDRY (theofidry) - Eric GELOEN (gelo) - Joel Wurtz (brouznouf) - Lars Strojny (lstrojny) - - Tugdual Saunier (tucksaun) - Jannik Zschiesche (apfelbox) - Robert Schönthal (digitalkaoz) - Gregor Harlan (gharlan) @@ -209,6 +209,7 @@ Symfony is the result of the work of many people who made the code better - Mario A. Alvarez Garcia (nomack84) - Dennis Benkert (denderello) - DQNEO + - Andre Rømcke (andrerom) - mcfedr (mcfedr) - Ben Davies (bendavies) - Gary PEGEOT (gary-p) @@ -233,7 +234,6 @@ Symfony is the result of the work of many people who made the code better - Pierre Minnieur (pminnieur) - fivestar - Dominique Bongiraud - - Andre Rømcke (andrerom) - Jeremy Livingston (jeremylivingston) - Michael Lee (zerustech) - Matthieu Auger (matthieuauger) @@ -249,6 +249,7 @@ Symfony is the result of the work of many people who made the code better - Michele Orselli (orso) - Sven Paulus (subsven) - Maxime Veber (nek-) + - Anthony GRASSIOT (antograssiot) - Rui Marinho (ruimarinho) - Eugene Wissner - Pascal Montoya @@ -257,8 +258,10 @@ Symfony is the result of the work of many people who made the code better - Tristan Darricau (nicofuma) - Victor Bocharsky (bocharsky_bw) - Marcel Beerta (mazen) + - Maxime Helias (maxhelias) - Pavel Batanov (scaytrase) - Mantis Development + - David Prévot - Loïc Faugeron - Hidde Wieringa (hiddewie) - dFayet @@ -285,7 +288,6 @@ Symfony is the result of the work of many people who made the code better - Xavier Montaña Carreras (xmontana) - Rémon van de Kamp (rpkamp) - Mickaël Andrieu (mickaelandrieu) - - Anthony GRASSIOT (antograssiot) - Xavier Perez - Arjen Brouwer (arjenjb) - Katsuhiro OGAWA @@ -311,13 +313,12 @@ Symfony is the result of the work of many people who made the code better - Smaine Milianni (ismail1432) - Chekote - François Pluchino (francoispluchino) + - Christopher Hertel (chertel) - Antoine Makdessi (amakdessi) - Thomas Adam - Jhonny Lidfors (jhonne) - Diego Agulló (aeoris) - jdhoek - - Maxime Helias (maxhelias) - - David Prévot - Bob den Otter (bopp) - Thomas Schulz (king2500) - Frank de Jonge (frenkynet) @@ -342,6 +343,7 @@ Symfony is the result of the work of many people who made the code better - Arjen van der Meijden - Mathieu Lechat - Marc Weistroff (futurecat) + - Damien Alexandre (damienalexandre) - Simon Mönch (sm) - Christian Schmidt - Patrick Landolt (scube) @@ -349,6 +351,7 @@ Symfony is the result of the work of many people who made the code better - David Badura (davidbadura) - Chad Sikorra (chadsikorra) - Chris Smith (cs278) + - Thomas Bisignani (toma) - Florian Klein (docteurklein) - Manuel Kiessling (manuelkiessling) - Atsuhiro KUBO (iteman) @@ -407,18 +410,17 @@ Symfony is the result of the work of many people who made the code better - Tomasz Kowalczyk (thunderer) - Artur Eshenbrener - Timo Bakx (timobakx) - - Damien Alexandre (damienalexandre) - Thomas Perez (scullwm) - Saif Eddin Gmati (azjezz) - Felix Labrecque - Yaroslav Kiliba - Terje Bråten + - Tien Vo (tienvx) - Robbert Klarenbeek (robbertkl) - Eric Masoero (eric-masoero) - JhonnyL - hossein zolfi (ocean) - Clément Gautier (clementgautier) - - Thomas Bisignani (toma) - Dāvis Zālītis (k0d3r1s) - Sanpi - Eduardo Gulias (egulias) @@ -429,6 +431,7 @@ Symfony is the result of the work of many people who made the code better - Grzegorz (Greg) Zdanowski (kiler129) - Iker Ibarguren (ikerib) - Kirill chEbba Chebunin (chebba) + - Rokas Mikalkėnas (rokasm) - Greg Thornton (xdissent) - Martin Hujer (martinhujer) - Alex Bowers @@ -443,7 +446,6 @@ Symfony is the result of the work of many people who made the code better - Michele Locati - Pavel Volokitin (pvolok) - Valentine Boineau (valentineboineau) - - Christopher Hertel (chertel) - Arthur de Moulins (4rthem) - Matthias Althaus (althaus) - Nicolas Dewez (nicolas_dewez) @@ -476,6 +478,7 @@ Symfony is the result of the work of many people who made the code better - Oscar Cubo Medina (ocubom) - Karel Souffriau - Christophe L. (christophelau) + - Sander Toonen (xatoo) - Anthon Pang (robocoder) - Michael Käfer (michael_kaefer) - Sébastien Santoro (dereckson) @@ -502,6 +505,7 @@ Symfony is the result of the work of many people who made the code better - Olivier Dolbeau (odolbeau) - Jan Rosier (rosier) - Alessandro Lai (jean85) + - Desjardins Jérôme (jewome62) - Arturs Vonda - Josip Kruslin - Matthew Smeets @@ -529,7 +533,6 @@ Symfony is the result of the work of many people who made the code better - Gonzalo Vilaseca (gonzalovilaseca) - Tarmo Leppänen (tarlepp) - Marcin Sikoń (marphi) - - Tien Vo (tienvx) - Denis Brumann (dbrumann) - Dominik Zogg (dominik.zogg) - Marek Pietrzak @@ -540,6 +543,7 @@ Symfony is the result of the work of many people who made the code better - Gintautas Miselis - Rob Bast - Roberto Espinoza (respinoza) + - Emanuele Panzeri (thepanz) - Soufian EZ-ZANTAR (soezz) - Zander Baldwin - Gocha Ossinkine (ossinkine) @@ -603,7 +607,6 @@ Symfony is the result of the work of many people who made the code better - Adam Szaraniec (mimol) - Dariusz Ruminski - Erik Trapman (eriktrapman) - - Rokas Mikalkėnas (rokasm) - De Cock Xavier (xdecock) - Almog Baku (almogbaku) - Karoly Gossler (connorhu) @@ -648,11 +651,11 @@ Symfony is the result of the work of many people who made the code better - Jeremy Benoist - fritzmg - Lenar Lõhmus - - Sander Toonen (xatoo) - Benjamin Laugueux (yzalis) - Zach Badgett (zachbadgett) - Aurélien Fredouelle - Pavel Campr (pcampr) + - Andrii Dembitskyi - Johnny Robeson (johnny) - Marko Kaznovac (kaznovac) - Disquedur @@ -694,7 +697,6 @@ Symfony is the result of the work of many people who made the code better - Sinan Eldem - Alexandre Dupuy (satchette) - Malte Blättermann - - Desjardins Jérôme (jewome62) - Simeon Kolev (simeon_kolev9) - Joost van Driel (j92) - Jonas Elfering @@ -762,11 +764,12 @@ Symfony is the result of the work of many people who made the code better - Giso Stallenberg (gisostallenberg) - Michael Devery (mickadoo) - Antoine Corcy + - Ahmed Ashraf (ahmedash95) - Sascha Grossenbacher - - Emanuele Panzeri (thepanz) - Szijarto Tamas - Robin Lehrmann (robinlehrmann) - Catalin Dan + - Soner Sayakci - Jaroslav Kuba - Kristijan Kanalas - Stephan Vock @@ -825,11 +828,13 @@ Symfony is the result of the work of many people who made the code better - Markus Fasselt (digilist) - Julien DIDIER (juliendidier) - Dominik Ritter (dritter) + - Dimitri Gritsajuk (ottaviano) - Sebastian Grodzicki (sgrodzicki) - Jeroen van den Enden (stoefke) - Pascal Helfenstein - Baldur Rensch (brensch) - Pierre Rineau + - Vilius Grigaliūnas - Vladyslav Petrovych - Alex Xandra Albert Sim - Carson Full @@ -946,6 +951,7 @@ Symfony is the result of the work of many people who made the code better - Patrick Allaert - Gustavo Falco (gfalco) - Matt Robinson (inanimatt) + - Kristof Van Cauwenbergh (kristofvc) - Aleksey Podskrebyshev - Calin Mihai Pristavu - David Marín Carreño (davefx) @@ -984,6 +990,7 @@ Symfony is the result of the work of many people who made the code better - Thomas Landauer - 243083df - Thibault Duplessis + - Rimas Kudelis - Marc Abramowitz - Martijn Evers - Tony Tran @@ -996,12 +1003,12 @@ Symfony is the result of the work of many people who made the code better - Johnson Page (jwpage) - Ruben Gonzalez (rubenruateltek) - Michael Roterman (wtfzdotnet) - - Andrii Dembitskyi - Arno Geurts - Adán Lobato (adanlobato) - Ian Jenkins (jenkoian) - Marcos Gómez Vilches (markitosgv) - Matthew Davis (mdavis1982) + - Markus S. (staabm) - Maks - Antoine LA - den @@ -1187,7 +1194,6 @@ Symfony is the result of the work of many people who made the code better - Sergii Smertin (nfx) - Mikkel Paulson - Michał Strzelecki - - Soner Sayakci - hugofonseca (fonsecas72) - Marc Duboc (icemad) - Matthias Krauser (mkrauser) @@ -1241,6 +1247,7 @@ Symfony is the result of the work of many people who made the code better - Jeremy Bush - wizhippo - Thomason, James + - Dario Savella - Gordienko Vladislav - marie - Viacheslav Sychov @@ -1291,6 +1298,7 @@ Symfony is the result of the work of many people who made the code better - Oxan van Leeuwen - pkowalczyk - Soner Sayakci + - Koen Reiniers (koenre) - Max Voloshin (maxvoloshin) - Nicolas Fabre (nfabre) - Raul Rodriguez (raul782) @@ -1306,6 +1314,8 @@ Symfony is the result of the work of many people who made the code better - Felicitus - Krzysztof Przybyszewski - alexpozzi + - Vladimir + - Jorge Vahldick (jvahldick) - Frederic Godfrin - Paul Matthews - Jakub Kisielewski @@ -1752,7 +1762,6 @@ Symfony is the result of the work of many people who made the code better - downace - Aarón Nieves Fernández - Mike Meier - - Vilius Grigaliūnas - Kirill Saksin - Koalabaerchen - michalmarcinkowski @@ -1765,6 +1774,7 @@ Symfony is the result of the work of many people who made the code better - efeen - Nicolas Pion - Muhammed Akbulut + - Roy-Orbison - Aaron Somi - Michał Dąbrowski (defrag) - Konstantin Grachev (grachevko) @@ -1802,12 +1812,14 @@ Symfony is the result of the work of many people who made the code better - Alexander Li (aweelex) - Bram Van der Sype (brammm) - Guile (guile) + - Mark Beech (jaybizzle) - Julien Moulin (lizjulien) - Raito Akehanareru (raito) - Mauro Foti (skler) - Yannick Warnier (ywarnier) - Kevin Decherf - Jason Woods + - Maria Grazia Patteri - klemens - dened - Dmitry Korotovsky @@ -1823,6 +1835,7 @@ Symfony is the result of the work of many people who made the code better - Sören Bernstein - devel - taiiiraaa + - Ali Tavafi - Trevor Suarez - gedrox - Bohan Yang @@ -1959,6 +1972,7 @@ Symfony is the result of the work of many people who made the code better - Juan M Martínez - Gilles Gauthier - Pavinthan + - Sylvain METAYER - ddebree - Kuba Werłos - Gyula Szucs @@ -2015,6 +2029,7 @@ Symfony is the result of the work of many people who made the code better - Marcin Szepczynski (szepczynski) - Cyrille Jouineau (tuxosaurus) - Vladimir Chernyshev (volch) + - Wim Godden (wimg) - Yorkie Chadwick (yorkie76) - GuillaumeVerdon - Philipp Keck @@ -2026,6 +2041,7 @@ Symfony is the result of the work of many people who made the code better - Taylan Kasap - Michael Orlitzky - Nicolas A. Bérard-Nault + - Quentin Favrie - Saem Ghani - Stefan Oderbolz - Curtis @@ -2051,12 +2067,10 @@ Symfony is the result of the work of many people who made the code better - Jeffrey Moelands (jeffreymoelands) - Hugo Alliaume (kocal) - Simon CONSTANS (kosssi) - - Kristof Van Cauwenbergh (kristofvc) - Dennis Langen (nijusan) - Paulius Jarmalavičius (pjarmalavicius) - Ramon Henrique Ornelas (ramonornela) - Ricardo de Vries (ricknox) - - Markus S. (staabm) - Thomas Dutrion (theocrite) - Till Klampaeckel (till) - Tobias Weinert (tweini) @@ -2074,6 +2088,7 @@ Symfony is the result of the work of many people who made the code better - Cas - Dusan Kasan - Michael Steininger + - Nardberjean - Karolis - Myke79 - Brian Debuire @@ -2145,7 +2160,6 @@ Symfony is the result of the work of many people who made the code better - Daniel STANCU - Ryan Rud - Ondrej Slinták - - Rimas Kudelis - vlechemin - Brian Corrigan - Ladislav Tánczos @@ -2263,6 +2277,7 @@ Symfony is the result of the work of many people who made the code better - Sebastian Landwehr (dword123) - Adel ELHAIBA (eadel) - Damián Nohales (eagleoneraptor) + - Jordane VASPARD (elementaire) - Elliot Anderson (elliot) - Fabien D. (fabd) - Carsten Eilers (fnc) @@ -2277,6 +2292,7 @@ Symfony is the result of the work of many people who made the code better - Peter Orosz (ill_logical) - Imangazaliev Muhammad (imangazaliev) - j0k (j0k) + - Jeremie Broutier (jbroutier) - joris de wit (jdewit) - Jérémy CROMBEZ (jeremy) - Jose Manuel Gonzalez (jgonzalez) @@ -2293,6 +2309,7 @@ Symfony is the result of the work of many people who made the code better - samuel laulhau (lalop) - Laurent Bachelier (laurentb) - Luís Cobucci (lcobucci) + - Jérémy (libertjeremy) - Mehdi Achour (machour) - Matthieu Mota (matthieumota) - Matthieu Moquet (mattketmo) @@ -2300,12 +2317,12 @@ Symfony is the result of the work of many people who made the code better - Michal Čihař (mcihar) - Matt Drollette (mdrollette) - Adam Monsen (meonkeys) + - Hugo Monteiro (monteiro) - Ala Eddine Khefifi (nayzo) - emilienbouard (neime) - Nicholas Byfleet (nickbyfleet) - Marco Petersen (ocrampete16) - ollie harridge (ollietb) - - Dimitri Gritsajuk (ottaviano) - Paul Andrieux (paulandrieux) - Paulo Ribeiro (paulo) - Paweł Szczepanek (pauluz) @@ -2333,6 +2350,7 @@ Symfony is the result of the work of many people who made the code better - Julien Sanchez (sumbobyboys) - Guillermo Gisinger (t3chn0r) - Markus Tacker (tacker) + - Thiago Cordeiro (thiagocordeiro) - Tom Newby (tomnewbyau) - Andrew Clark (tqt_andrew_clark) - David Lumaye (tux1124) @@ -2341,6 +2359,7 @@ Symfony is the result of the work of many people who made the code better - Moritz Kraft (userfriendly) - Víctor Mateo (victormateo) - Vincent (vincent1870) + - Vincent MOULENE (vints24) - David Herrmann (vworldat) - Eugene Babushkin (warl) - Wouter Sioen (wouter_sioen) @@ -2365,6 +2384,7 @@ Symfony is the result of the work of many people who made the code better - damaya - Kevin Weber - Ben Scott + - Alexandru Năstase - Dionysis Arvanitis - Sergey Fedotov - Konstantin Scheumann @@ -2378,6 +2398,7 @@ Symfony is the result of the work of many people who made the code better - Zander Baldwin - Philipp Scheit - max + - Alexander Bauer (abauer) - Ahmad Mayahi (ahmadmayahi) - Mohamed Karnichi (amiral) - Andrew Carter (andrewcarteruk) From ae2514cd03e6d9bab6149e291d7ce787b2b68a94 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 1 Dec 2019 14:50:37 +0100 Subject: [PATCH 03/10] updated VERSION for 3.4.36 --- src/Symfony/Component/HttpKernel/Kernel.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/Kernel.php b/src/Symfony/Component/HttpKernel/Kernel.php index 2523694869..434174d5b8 100644 --- a/src/Symfony/Component/HttpKernel/Kernel.php +++ b/src/Symfony/Component/HttpKernel/Kernel.php @@ -67,12 +67,12 @@ abstract class Kernel implements KernelInterface, RebootableInterface, Terminabl private $requestStackSize = 0; private $resetServices = false; - const VERSION = '3.4.36-DEV'; + const VERSION = '3.4.36'; const VERSION_ID = 30436; const MAJOR_VERSION = 3; const MINOR_VERSION = 4; const RELEASE_VERSION = 36; - const EXTRA_VERSION = 'DEV'; + const EXTRA_VERSION = ''; const END_OF_MAINTENANCE = '11/2020'; const END_OF_LIFE = '11/2021'; From 7a13ea3efbe4b5645acdad38f40635e5ed71409f Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 1 Dec 2019 14:59:33 +0100 Subject: [PATCH 04/10] bumped Symfony version to 3.4.37 --- src/Symfony/Component/HttpKernel/Kernel.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/Kernel.php b/src/Symfony/Component/HttpKernel/Kernel.php index 434174d5b8..4f5a8da7fe 100644 --- a/src/Symfony/Component/HttpKernel/Kernel.php +++ b/src/Symfony/Component/HttpKernel/Kernel.php @@ -67,12 +67,12 @@ abstract class Kernel implements KernelInterface, RebootableInterface, Terminabl private $requestStackSize = 0; private $resetServices = false; - const VERSION = '3.4.36'; - const VERSION_ID = 30436; + const VERSION = '3.4.37-DEV'; + const VERSION_ID = 30437; const MAJOR_VERSION = 3; const MINOR_VERSION = 4; - const RELEASE_VERSION = 36; - const EXTRA_VERSION = ''; + const RELEASE_VERSION = 37; + const EXTRA_VERSION = 'DEV'; const END_OF_MAINTENANCE = '11/2020'; const END_OF_LIFE = '11/2021'; From 820da663463fafc40dbb74a68fa5c3e270d37cbf Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Mon, 2 Dec 2019 14:28:43 +0100 Subject: [PATCH 05/10] [FrameworkBundle] resolve service locators in `debug:*` commands --- .../Bundle/FrameworkBundle/Command/ContainerDebugCommand.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php b/src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php index 2143e885c7..edbb526f0c 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php +++ b/src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php @@ -20,6 +20,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; use Symfony\Component\Console\Style\SymfonyStyle; +use Symfony\Component\DependencyInjection\Compiler\ServiceLocatorTagPass; use Symfony\Component\DependencyInjection\ContainerBuilder; use Symfony\Component\DependencyInjection\Loader\XmlFileLoader; use Symfony\Component\DependencyInjection\ParameterBag\ParameterBag; @@ -198,6 +199,8 @@ EOF $container->compile(); } else { (new XmlFileLoader($container = new ContainerBuilder(), new FileLocator()))->load($kernel->getContainer()->getParameter('debug.container.dump')); + $locatorPass = new ServiceLocatorTagPass(); + $locatorPass->process($container); } return $this->containerBuilder = $container; From b28fe66363bfdf4e97f5f68b64de42f1086a95a9 Mon Sep 17 00:00:00 2001 From: Maxime Steinhausser Date: Mon, 2 Dec 2019 15:51:37 +0100 Subject: [PATCH 06/10] Allow copy instead of symlink for ./link script --- link | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/link b/link index 7b7512f0c9..9f42fe9512 100755 --- a/link +++ b/link @@ -23,11 +23,14 @@ use Symfony\Component\Filesystem\Filesystem; * @author Kévin Dunglas */ +$copy = false !== $k = array_search('--copy', $argv, true); +$copy && array_splice($argv, $k, 1); $pathToProject = $argv[1] ?? getcwd(); if (!is_dir("$pathToProject/vendor/symfony")) { - echo 'Link dependencies to components to a local clone of the main symfony/symfony GitHub repository.'.PHP_EOL.PHP_EOL; - echo "Usage: $argv[0] /path/to/the/project".PHP_EOL.PHP_EOL; + echo 'Link (or copy) dependencies to components to a local clone of the main symfony/symfony GitHub repository.'.PHP_EOL.PHP_EOL; + echo "Usage: $argv[0] /path/to/the/project".PHP_EOL; + echo ' Use `--copy` to copy dependencies instead of symlink'.PHP_EOL.PHP_EOL; echo "The directory \"$pathToProject\" does not exist or the dependencies are not installed, did you forget to run \"composer install\" in your project?".PHP_EOL; exit(1); } @@ -48,7 +51,7 @@ foreach ($directories as $dir) { foreach (glob("$pathToProject/vendor/symfony/*", GLOB_ONLYDIR | GLOB_NOSORT) as $dir) { $package = 'symfony/'.basename($dir); - if (is_link($dir)) { + if (!$copy && is_link($dir)) { echo "\"$package\" is already a symlink, skipping.".PHP_EOL; continue; } @@ -57,11 +60,17 @@ foreach (glob("$pathToProject/vendor/symfony/*", GLOB_ONLYDIR | GLOB_NOSORT) as continue; } - $sfDir = '\\' === DIRECTORY_SEPARATOR ? $sfPackages[$package] : $filesystem->makePathRelative($sfPackages[$package], dirname(realpath($dir))); + $sfDir = ('\\' === DIRECTORY_SEPARATOR || $copy) ? $sfPackages[$package] : $filesystem->makePathRelative($sfPackages[$package], dirname(realpath($dir))); $filesystem->remove($dir); - $filesystem->symlink($sfDir, $dir); - echo "\"$package\" has been linked to \"$sfPackages[$package]\".".PHP_EOL; + + if ($copy) { + $filesystem->mirror($sfDir, $dir); + echo "\"$package\" has been copied from \"$sfPackages[$package]\".".PHP_EOL; + } else { + $filesystem->symlink($sfDir, $dir); + echo "\"$package\" has been linked to \"$sfPackages[$package]\".".PHP_EOL; + } } foreach (glob("$pathToProject/var/cache/*", GLOB_NOSORT) as $cacheDir) { From b33b9a6ad91703f6ec6997aa16943cc9ffe19851 Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Mon, 2 Dec 2019 15:08:02 +0100 Subject: [PATCH 07/10] [DI] Fix making the container path-independent when the app is in /app --- .../Component/DependencyInjection/Dumper/PhpDumper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php b/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php index 7596b9953b..4dd4475cbe 100644 --- a/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php +++ b/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php @@ -173,14 +173,14 @@ class PhpDumper extends Dumper if (!empty($options['file']) && is_dir($dir = \dirname($options['file']))) { // Build a regexp where the first root dirs are mandatory, // but every other sub-dir is optional up to the full path in $dir - // Mandate at least 2 root dirs and not more that 5 optional dirs. + // Mandate at least 1 root dir and not more than 5 optional dirs. $dir = explode(\DIRECTORY_SEPARATOR, realpath($dir)); $i = \count($dir); - if (3 <= $i) { + if (2 + (int) ('\\' === \DIRECTORY_SEPARATOR) <= $i) { $regex = ''; - $lastOptionalDir = $i > 8 ? $i - 5 : 3; + $lastOptionalDir = $i > 8 ? $i - 5 : (2 + (int) ('\\' === \DIRECTORY_SEPARATOR)); $this->targetDirMaxMatches = $i - $lastOptionalDir; while (--$i >= $lastOptionalDir) { From 5699cb22bb10a8b33a9f4854e8a50afeb4b7b2b7 Mon Sep 17 00:00:00 2001 From: Christian Flothmann Date: Tue, 3 Dec 2019 13:13:07 +0100 Subject: [PATCH 08/10] do not validate passwords when the hash is null --- .../Authentication/Provider/DaoAuthenticationProvider.php | 2 +- .../Security/Core/Encoder/UserPasswordEncoder.php | 4 ++++ .../Provider/DaoAuthenticationProviderTest.php | 7 ++++--- .../Core/Validator/Constraints/UserPasswordValidator.php | 2 +- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php b/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php index 9d846d5f26..1d90434424 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php +++ b/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php @@ -61,7 +61,7 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider throw new BadCredentialsException('The presented password cannot be empty.'); } - if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) { + if (null === $user->getPassword() || !$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) { throw new BadCredentialsException('The presented password is invalid.'); } } diff --git a/src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php b/src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php index 3efc8c6d48..479a5731c2 100644 --- a/src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php +++ b/src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php @@ -42,6 +42,10 @@ class UserPasswordEncoder implements UserPasswordEncoderInterface */ public function isPasswordValid(UserInterface $user, $raw) { + if (null === $user->getPassword()) { + return false; + } + $encoder = $this->encoderFactory->getEncoder($user); return $encoder->isPasswordValid($user->getPassword(), $raw, $user->getSalt()); diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/DaoAuthenticationProviderTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/DaoAuthenticationProviderTest.php index bb0576fb4c..7f46b1bcae 100644 --- a/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/DaoAuthenticationProviderTest.php +++ b/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/DaoAuthenticationProviderTest.php @@ -15,6 +15,7 @@ use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider; use Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Symfony\Component\Security\Core\User\User; class DaoAuthenticationProviderTest extends TestCase { @@ -151,7 +152,7 @@ class DaoAuthenticationProviderTest extends TestCase $method->invoke( $provider, - $this->getMockBuilder('Symfony\\Component\\Security\\Core\\User\\UserInterface')->getMock(), + new User('username', 'password'), $token ); } @@ -175,7 +176,7 @@ class DaoAuthenticationProviderTest extends TestCase ->willReturn('foo') ; - $method->invoke($provider, $this->getMockBuilder('Symfony\\Component\\Security\\Core\\User\\UserInterface')->getMock(), $token); + $method->invoke($provider, new User('username', 'password'), $token); } public function testCheckAuthenticationDoesNotReauthenticateWhenPasswordHasChanged() @@ -247,7 +248,7 @@ class DaoAuthenticationProviderTest extends TestCase ->willReturn('foo') ; - $method->invoke($provider, $this->getMockBuilder('Symfony\\Component\\Security\\Core\\User\\UserInterface')->getMock(), $token); + $method->invoke($provider, new User('username', 'password'), $token); } protected function getSupportedToken() diff --git a/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php b/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php index 41559a3adc..98175036f7 100644 --- a/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php +++ b/src/Symfony/Component/Security/Core/Validator/Constraints/UserPasswordValidator.php @@ -53,7 +53,7 @@ class UserPasswordValidator extends ConstraintValidator $encoder = $this->encoderFactory->getEncoder($user); - if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { + if (null === $user->getPassword() || !$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { $this->context->addViolation($constraint->message); } } From 83a5517c01c86b31708416425b4b49e73691fab2 Mon Sep 17 00:00:00 2001 From: Jeroen van den Nieuwenhuisen Date: Mon, 2 Dec 2019 21:59:03 +0100 Subject: [PATCH 09/10] [SecurityBundle] Passwords are not encoded when algorithm set to \"true\" --- .../DependencyInjection/MainConfiguration.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php index 4868dbe82f..251c7bb6a9 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php @@ -421,7 +421,13 @@ class MainConfiguration implements ConfigurationInterface ->performNoDeepMerging() ->beforeNormalization()->ifString()->then(function ($v) { return ['algorithm' => $v]; })->end() ->children() - ->scalarNode('algorithm')->cannotBeEmpty()->end() + ->scalarNode('algorithm') + ->cannotBeEmpty() + ->validate() + ->ifTrue(function ($v) { return !\is_string($v); }) + ->thenInvalid('You must provide a string value.') + ->end() + ->end() ->scalarNode('hash_algorithm')->info('Name of hashing algorithm for PBKDF2 (i.e. sha256, sha512, etc..) See hash_algos() for a list of supported algorithms.')->defaultValue('sha512')->end() ->scalarNode('key_length')->defaultValue(40)->end() ->booleanNode('ignore_case')->defaultFalse()->end() From 869518bc7e024d3b7290c34bcd85571a7f582274 Mon Sep 17 00:00:00 2001 From: Romain Neutron Date: Thu, 5 Dec 2019 15:02:34 +0100 Subject: [PATCH 10/10] [Validator] Allow underscore character "_" in URL username and password --- src/Symfony/Component/Validator/Constraints/UrlValidator.php | 2 +- .../Component/Validator/Tests/Constraints/UrlValidatorTest.php | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/Validator/Constraints/UrlValidator.php b/src/Symfony/Component/Validator/Constraints/UrlValidator.php index b77701dd7e..366d290ffa 100644 --- a/src/Symfony/Component/Validator/Constraints/UrlValidator.php +++ b/src/Symfony/Component/Validator/Constraints/UrlValidator.php @@ -23,7 +23,7 @@ class UrlValidator extends ConstraintValidator { const PATTERN = '~^ (%s):// # protocol - (([\.\pL\pN-]+:)?([\.\pL\pN-]+)@)? # basic auth + (([\_\.\pL\pN-]+:)?([\_\.\pL\pN-]+)@)? # basic auth ( ([\pL\pN\pS\-\_\.])+(\.?([\pL\pN]|xn\-\-[\pL\pN-]+)+\.?) # a domain name | # or diff --git a/src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php b/src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php index f04dd44bc9..0357172680 100644 --- a/src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php +++ b/src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php @@ -117,9 +117,11 @@ class UrlValidatorTest extends ConstraintValidatorTestCase ['http://☎.com/'], ['http://username:password@symfony.com'], ['http://user.name:password@symfony.com'], + ['http://user_name:pass_word@symfony.com'], ['http://username:pass.word@symfony.com'], ['http://user.name:pass.word@symfony.com'], ['http://user-name@symfony.com'], + ['http://user_name@symfony.com'], ['http://symfony.com?'], ['http://symfony.com?query=1'], ['http://symfony.com/?query=1'],