* 2.7:
[Console] Do not duplicate Helper::strlen() code
[FrameworkBundle] Adding the extension XML
[Form] Minor: Fix comment in ChoiceType
[FrameworkBundle] AbstractConfigCommand: do not try registering bundles twice
The conflict rule already forbids installing releases before 3.3 of the
Asset component. This will bring the constraint in the `require-dev`
section inline with the conflict rule.
This PR was squashed before being merged into the 2.8 branch (closes#22278).
Discussion
----------
[FrameworkBundle] Update console fixtures after #22217
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes (regression from #22217)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/22217#issuecomment-291497513
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
cc @fabpot
Sorry for the inconvenience :)
Commits
-------
6e1cee6 [FrameworkBundle] Update console fixtures after #22217
* 3.2:
[Yaml] CS
[DI] Fix PhpDumper generated doc block
#20411 fix Yaml parsing for very long quoted strings
[Workflow] add Phpdoc for better IDE support
fix package name in conflict rule
improve message when workflows are missing
[Doctrine Bridge] fix priority for doctrine event listeners
Use PHP functions as array_map callbacks when possible
[Validator] revert wrong Phpdoc change
Use proper line endings
This will forbid using the FrameworkBundle in 3.3 with previous releases
of the Workflow to avoid issues related to the GuardListener class not
being present. Additionally, it provides a useful exception in case the
guard option is used without the ExpressionLanguage component being
installed.
This PR was merged into the 3.2 branch.
Discussion
----------
[FrameworkBundle] improve message when workflows are missing
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
46c12c9d1d improve message when workflows are missing
* 3.2:
[Cache] cache/integration-tests is now compatible with phpunit namespaces
[FrameworkBundle] Fix translation dep constraint
[Workflow] Added more tests
[Cache] Enhance error reporting for FilesystemAdapter
This PR was squashed before being merged into the 3.3-dev branch (closes#21478).
Discussion
----------
[Asset] Add support for preloading with links and HTTP/2 push
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
Allows compatible clients to preload mandatory assets like scripts, stylesheets or images according to [the "preload" working draft of the W3C](https://www.w3.org/TR/preload/).
Thanks to this PR, Symfony will automatically adds `Link` HTTP headers with a `preload` relation for mandatory assets. If an intermediate proxy supports HTTP/2 push, it will convert preload headers. For instance [Cloudflare supports this feature](https://blog.cloudflare.com/using-http-2-server-push-with-php/).
It dramatically increases pages speed and make the web greener because only one TCP connection is used to fetch all mandatory assets (decrease servers and devices loads, improve battery lives).
Usage:
Updated version:
```html
<html>
<body>
Hello
<script src="{{ preload(asset('/scripts/foo.js'), 'script') }}"></script>
</body>
</html>
```
~~First proposal:~~
```html
<html>
<body>
Hello
<script src="{{ preloaded_asset('/scripts/foo.js', 'script') }}"></script>
</body>
</html>
```
- [x] Add tests
Commits
-------
7bab21700d [Asset] Add support for preloading with links and HTTP/2 push
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Form][FrameworkBundle] Move FormPass to the Form component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
So that anyone using only Form and DI can use it for registering form types/type guessers.
Follows #19443, related to #21284
Commits
-------
e68a6d963c [FrameworkBundle][Form] Move FormPass to the Form component
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle][Serializer] Move SerializerPass to the Serializer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Part of #21284
Commits
-------
95cf5084c0 [FrameworkBundle][Serializer] Move SerializerPass to the Serializer
* 3.2:
fixed typo
fixed composer.json
[HttpKernel] Fix Bundle name regression
always check for all fields to be mapped
clarify exception when no args are configured
[PropertyAccess] Handle interfaces in the invalid argument exception
[DI] Fix defaults overriding empty strings in AutowirePass
[Debug] Workaround "null" $context
[Debug] Remove $context arg from handleError(), preparing for PHP 7.2
[FrameworkBundle] Dont wire "annotations.cached_reader" before removing passes
[Routing] Fix BC break in AnnotationClassLoader defaults attributes handling
Fix tests with ICU 57.1
Fix the condition checking the minimum ICU version
* 3.1:
fixed typo
fixed composer.json
always check for all fields to be mapped
clarify exception when no args are configured
[PropertyAccess] Handle interfaces in the invalid argument exception
[DI] Fix defaults overriding empty strings in AutowirePass
[Debug] Workaround "null" $context
[Debug] Remove $context arg from handleError(), preparing for PHP 7.2
[Routing] Fix BC break in AnnotationClassLoader defaults attributes handling
Fix tests with ICU 57.1
Fix the condition checking the minimum ICU version
* 2.8:
always check for all fields to be mapped
clarify exception when no args are configured
[PropertyAccess] Handle interfaces in the invalid argument exception
[DI] Fix defaults overriding empty strings in AutowirePass
[Debug] Workaround "null" $context
[Debug] Remove $context arg from handleError(), preparing for PHP 7.2
[Routing] Fix BC break in AnnotationClassLoader defaults attributes handling
Fix tests with ICU 57.1
Fix the condition checking the minimum ICU version
* 2.7:
always check for all fields to be mapped
clarify exception when no args are configured
[PropertyAccess] Handle interfaces in the invalid argument exception
[Debug] Workaround "null" $context
[Debug] Remove $context arg from handleError(), preparing for PHP 7.2
[Routing] Fix BC break in AnnotationClassLoader defaults attributes handling
Fix tests with ICU 57.1
Fix the condition checking the minimum ICU version
Handle non string-castable inputs
Cleanup input for display
Naming changes
InputInterface doesnt have a toString()
Logger must be private
Remove useless doc blocks
Tweak tests
* 3.2:
do not depend on a fixed date in layout tests
[Console] Escape default value when dumping help
[Console] OS X Can't call cli_set_process_title php without superuser
Fixed @return when returning this or static #bis
fixed @return when returning this or static
Polish translation improvement in Validator component
[Console] Descriptors should use Helper::strlen
[Config] Improve PHPdoc / IDE autocomplete
[Debug] Wrap call to ->log in a try catch block
[Debug] UndefinedMethodFatalErrorHandler - Handle anonymous classes
fix merge
[cache] Bump RedisAdapter timeout to 5s
fixed @return when returning this or static
[SecurityBundle] Made collection of user provider unique when injecting them to the RemberMeService
remove is_writable check on filesystem cache
* 3.1:
do not depend on a fixed date in layout tests
[Console] Escape default value when dumping help
[Console] OS X Can't call cli_set_process_title php without superuser
Fixed @return when returning this or static #bis
fixed @return when returning this or static
Polish translation improvement in Validator component
[Console] Descriptors should use Helper::strlen
[Config] Improve PHPdoc / IDE autocomplete
[Debug] Wrap call to ->log in a try catch block
[Debug] UndefinedMethodFatalErrorHandler - Handle anonymous classes
fix merge
[cache] Bump RedisAdapter timeout to 5s
fixed @return when returning this or static
[SecurityBundle] Made collection of user provider unique when injecting them to the RemberMeService
remove is_writable check on filesystem cache
* 2.8:
do not depend on a fixed date in layout tests
[Console] Escape default value when dumping help
[Console] OS X Can't call cli_set_process_title php without superuser
Fixed @return when returning this or static #bis
Polish translation improvement in Validator component
[Console] Descriptors should use Helper::strlen
[Config] Improve PHPdoc / IDE autocomplete
[Debug] Wrap call to ->log in a try catch block
[Debug] UndefinedMethodFatalErrorHandler - Handle anonymous classes
[SecurityBundle] Made collection of user provider unique when injecting them to the RemberMeService
* 2.7:
do not depend on a fixed date in layout tests
[Console] Escape default value when dumping help
[Console] OS X Can't call cli_set_process_title php without superuser
Polish translation improvement in Validator component
[Console] Descriptors should use Helper::strlen
[Config] Improve PHPdoc / IDE autocomplete
[Debug] Wrap call to ->log in a try catch block
[Debug] UndefinedMethodFatalErrorHandler - Handle anonymous classes
[SecurityBundle] Made collection of user provider unique when injecting them to the RemberMeService
By default, the `DateType` as well as the `DateTimeType` set the choices
being available for the year to a range starting five years in the past.
After some time, this will make tests fail when the year of the fixed
date being used as the initial data is before the first year being part
of the choices.
The DefinitionDecorator class does not deal with decorated services. It
reflects a parent-child-relationship between definitions instead. To
avoid confusion, this commit deprecates the existing DefinitionDecorator
class and introduces a new ChildDefinition class as replacement.
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] removed the Security Core and Security CSRF component dependencies on FrameworkBundle
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (except for people using FrameworkBundle without requiring symfony/symfony which should be pretty rare; and fixing this is easy by adding symfony/security-core and symfony/security-csrf explicitly)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15748 partially
| License | MIT
| Doc PR | n/a
Another PR to reduce the number of required dependencies on FrameworkBundle. This PR removes the Security Core and CSRF components from the list.
Commits
-------
d703784 [FrameworkBundle] removed the Security Core and Security CSRF component dependencies on FrameworkBundle
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] removed the Templating component dependency on FrameworkBundle
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (except for people using FrameworkBundle without requiring symfony/symfony which should be pretty rare; and fixing this is easy by adding symfony/templating explicitly)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15748 partially
| License | MIT
| Doc PR | n/a
Another PR to reduce the number of required dependencies on FrameworkBundle. This PR removes the Templating component from the list.
I made most of the work in previous version, so this change is really just about adding a good error message when templating is not enabled. For the record, this is also in the path of making possible to use Symfony with Twig without using the Templating component indirection (I think that this is in fact the last step).
Commits
-------
b3de62f [FrameworkBundle] removed the Templating component dependency on FrameworkBundle
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Introduce a cache warmer for Validator based on PhpArrayAdapter
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | -
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following the cache warmer for annotations PR (https://github.com/symfony/symfony/pull/18533), this PR introduces a cache warmer for YAML and XML Validator configuration.
Based on the PhpArrayAdapter, it uses the naming conventions (`Resources/config/validation`) to find the files and compile them into a single PHP file stored in the cache directory. This file uses shared memory on PHP 7.
The benefit of this PR are the same than the ones of the annotations PR:
- validation configuration can be warmed up offline
- on PHP 7, there is no need for user extension to get maximum performances (ie. if you use this PR and the other one, you probably won't need to enable APCu to have great performances)
- on PHP 7 again, we are not sensitive to APCu memory fragmentation
- last but not least, global performance is slightly better (I get 30us per class gain in Blackfire)
This PR also deprecates the framework.validator.cache key in favor of the cache pool introduced in https://github.com/symfony/symfony/pull/18544.
Commits
-------
6bdaf0b [FrameworkBundle] Introduce a cache warmer for Validator based on PhpArrayAdapter
This PR was merged into the 3.2-dev branch.
Discussion
----------
[Security] Expose the required roles in AccessDeniedException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Nowadays it is more and more common to protect some sensitive actions and part of a website using 2FA or some re-authentication mechanism (per example, on Github you have to enter your password again when you add an ssh key). But currently, in Symfony, it is really hard to implement without having to duplicate the logic, provide an explicit list of URLs to protect or hack into the security component.
A good way to achieve that would be to add a special role (like IS_AUTHENTICATED_FULLY) and use it in the access map. But it requires us to be able to have a custom logic in an ExceptionListener depending on the roles behind an AccessDeniedException.
With this patch we could write an ExceptionListener of this kind (a similar logic could also be used in an AccessDeniedHandler):
```php
public function onKernelException(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
do {
if ($exception instanceof AccessDeniedException) {
foreach ($exception->getAttributes() as $role) {
if ($role === 'IS_AUTHENTICATED_2FA' && !$this->accessDecisionManager->decide($this->tokenStorage->getToken(), $role, $exception->getObject())) {
// Start 2FA
}
}
}
} while (null !== $exception = $exception->getPrevious());
}
```
Replaces #18661
Commits
-------
6618c18 [Security] Expose the required roles in AccessDeniedException
* 3.1:
Fixed BC Layer in DoctrineChoiceLoader
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
Fixed some issues of the AccessDecisionManager profiler
[DoctrineBridge] fixed default parameter value in UniqueEntityValidator
* 3.0:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.8:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.7:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
Add tests
Fix tests & YamlLintCommand help formatting
fabbot fixes
Use Generator to iterate over the filesystem
Move STDIN related code in a method
Use RecursiveIteratorIterator::LEAVES_ONLY rather than SELF_FIRST
Stop using the Finder component when available (Make findFiles() private)
Re-add FrameworkBundle YamlLintCommandTest
Use CommandTester::getStatusCode() rather than assign execute()
Re-add feature for bundle directories, Test it