Merge branch '4.3' into 4.4
* 4.3: [HttpFoundation] fix docblock Fix MySQL column type definition. Link the right file depending on the new version [Config] fix id-generation for GlobResource [Finder] Allow ssh2 stream wrapper for sftp [DI] Use reproducible entropy to generate env placeholders [WebProfilerBundle] Require symfony/twig-bundle bumped Symfony version to 4.3.9 updated VERSION for 4.3.8 updated CHANGELOG for 4.3.8 bumped Symfony version to 3.4.36 updated VERSION for 3.4.35 updated CHANGELOG for 3.4.35
This commit is contained in:
commit
4ac626a482
|
@ -7,6 +7,16 @@ in 4.3 minor versions.
|
|||
To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash
|
||||
To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v4.3.0...v4.3.1
|
||||
|
||||
* 4.3.8 (2019-11-13)
|
||||
|
||||
* bug #34344 [Console] Constant STDOUT might be undefined (nicolas-grekas)
|
||||
* security #cve-2019-18886 [Security\Core] throw AccessDeniedException when switch user fails (nicolas-grekas)
|
||||
* security #cve-2019-18888 [Mime] fix guessing mime-types of files with leading dash (nicolas-grekas)
|
||||
* security #cve-2019-11325 [VarExporter] fix exporting some strings (nicolas-grekas)
|
||||
* security #cve-2019-18889 [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances (nicolas-grekas)
|
||||
* security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files with leading dash (nicolas-grekas)
|
||||
* security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSigner (stof)
|
||||
|
||||
* 4.3.7 (2019-11-11)
|
||||
|
||||
* bug #34294 [Workflow] Fix error when we use ValueObject for the marking property (FabienSalles)
|
||||
|
|
|
@ -26,8 +26,8 @@ file and directory structure of your application:
|
|||
|
||||
Then, upgrade the contents of your console script and your front controller:
|
||||
|
||||
* `bin/console`: https://github.com/symfony/recipes/blob/master/symfony/console/3.3/bin/console
|
||||
* `public/index.php`: https://github.com/symfony/recipes/blob/master/symfony/framework-bundle/3.3/public/index.php
|
||||
* `bin/console`: https://github.com/symfony/recipes/blob/master/symfony/console/4.4/bin/console
|
||||
* `public/index.php`: https://github.com/symfony/recipes/blob/master/symfony/framework-bundle/4.4/public/index.php
|
||||
|
||||
Lastly, read the following article to add Symfony Flex to your application and
|
||||
upgrade the configuration files: https://symfony.com/doc/current/setup/flex.html
|
||||
|
|
|
@ -41,6 +41,7 @@ class GlobResource implements \IteratorAggregate, SelfCheckingResourceInterface
|
|||
*/
|
||||
public function __construct(string $prefix, string $pattern, bool $recursive, bool $forExclusion = false, array $excludedPrefixes = [])
|
||||
{
|
||||
ksort($excludedPrefixes);
|
||||
$this->prefix = realpath($prefix) ?: (file_exists($prefix) ? $prefix : false);
|
||||
$this->pattern = $pattern;
|
||||
$this->recursive = $recursive;
|
||||
|
@ -62,7 +63,7 @@ class GlobResource implements \IteratorAggregate, SelfCheckingResourceInterface
|
|||
*/
|
||||
public function __toString()
|
||||
{
|
||||
return 'glob.'.$this->prefix.$this->pattern.(int) $this->recursive;
|
||||
return 'glob.'.$this->prefix.(int) $this->recursive.$this->pattern.(int) $this->forExclusion.implode("\0", $this->excludedPrefixes);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -24,6 +24,8 @@ class EnvPlaceholderParameterBag extends ParameterBag
|
|||
private $unusedEnvPlaceholders = [];
|
||||
private $providedTypes = [];
|
||||
|
||||
private static $counter = 0;
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
|
@ -57,7 +59,7 @@ class EnvPlaceholderParameterBag extends ParameterBag
|
|||
}
|
||||
}
|
||||
|
||||
$uniqueName = md5($name.uniqid(mt_rand(), true));
|
||||
$uniqueName = md5($name.'_'.self::$counter++);
|
||||
$placeholder = sprintf('%s_%s_%s', $this->getEnvPlaceholderUniquePrefix(), str_replace(':', '_', $env), $uniqueName);
|
||||
$this->envPlaceholders[$env][$placeholder] = $placeholder;
|
||||
|
||||
|
@ -72,7 +74,13 @@ class EnvPlaceholderParameterBag extends ParameterBag
|
|||
*/
|
||||
public function getEnvPlaceholderUniquePrefix(): string
|
||||
{
|
||||
return $this->envPlaceholderUniquePrefix ?? $this->envPlaceholderUniquePrefix = 'env_'.bin2hex(random_bytes(8));
|
||||
if (null === $this->envPlaceholderUniquePrefix) {
|
||||
$reproducibleEntropy = unserialize(serialize($this->parameters));
|
||||
array_walk_recursive($reproducibleEntropy, function (&$v) { $v = null; });
|
||||
$this->envPlaceholderUniquePrefix = 'env_'.substr(md5(serialize($reproducibleEntropy)), -16);
|
||||
}
|
||||
|
||||
return $this->envPlaceholderUniquePrefix;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -799,7 +799,7 @@ class Finder implements \IteratorAggregate, \Countable
|
|||
{
|
||||
$dir = rtrim($dir, '/'.\DIRECTORY_SEPARATOR);
|
||||
|
||||
if (preg_match('#^s?ftp://#', $dir)) {
|
||||
if (preg_match('#^(ssh2\.)?s?ftp://#', $dir)) {
|
||||
$dir .= '/';
|
||||
}
|
||||
|
||||
|
|
|
@ -219,7 +219,7 @@ class PdoSessionHandler extends AbstractSessionHandler
|
|||
// - trailing space removal
|
||||
// - case-insensitivity
|
||||
// - language processing like é == e
|
||||
$sql = "CREATE TABLE $this->table ($this->idCol VARBINARY(128) NOT NULL PRIMARY KEY, $this->dataCol BLOB NOT NULL, $this->lifetimeCol MEDIUMINT NOT NULL, $this->timeCol INTEGER UNSIGNED NOT NULL) COLLATE utf8_bin, ENGINE = InnoDB";
|
||||
$sql = "CREATE TABLE $this->table ($this->idCol VARBINARY(128) NOT NULL PRIMARY KEY, $this->dataCol BLOB NOT NULL, $this->lifetimeCol INTEGER UNSIGNED NOT NULL, $this->timeCol INTEGER UNSIGNED NOT NULL) COLLATE utf8_bin, ENGINE = InnoDB";
|
||||
break;
|
||||
case 'sqlite':
|
||||
$sql = "CREATE TABLE $this->table ($this->idCol TEXT NOT NULL PRIMARY KEY, $this->dataCol BLOB NOT NULL, $this->lifetimeCol INTEGER NOT NULL, $this->timeCol INTEGER NOT NULL)";
|
||||
|
|
|
@ -34,7 +34,7 @@ class RedisSessionHandler extends AbstractSessionHandler
|
|||
* List of available options:
|
||||
* * prefix: The prefix to use for the keys in order to avoid collision on the Redis server.
|
||||
*
|
||||
* @param \Redis|\RedisArray|\RedisCluster|\Predis\ClientInterface|RedisProxy $redis
|
||||
* @param \Redis|\RedisArray|\RedisCluster|\Predis\ClientInterface|RedisProxy|RedisClusterProxy $redis
|
||||
*
|
||||
* @throws \InvalidArgumentException When unsupported client or options are passed
|
||||
*/
|
||||
|
|
Reference in New Issue