This PR was submitted for the master branch but it was merged into the 4.4 branch instead (closes#34811).
Discussion
----------
[TwigBridge] Update bootstrap_4_layout.html.twig missing switch-custom label
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| License | MIT
Missing .custom-control-label for bootstrap custom-switch when using .switch-custom class in label_attr
Commits
-------
9347b2ea2f [TwigBridge] Update bootstrap_4_layout.html.twig
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle][SodiumVault] Create secrets directory only when it is used
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
FWB `secrets` is enabled by default. After upgrading an app to 4.4, a directory is created (and checked on every request) even if I don't use this feature. Can't we just disable it by default btw?
Commits
-------
c86157040a [FrameworkBundle][SodiumVault] Create secrets directory only when needed
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] fix resolving bindings for named TypedReference
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As spotted in https://github.com/symfony/symfony/pull/34769#issuecomment-561064156
Commits
-------
62c227e368 [DI] fix resolving bindings for named TypedReference
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34752
| License | MIT
| Doc PR | -
One more case we forgot 😅
Commits
-------
b6c5a54cfd [DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
This PR was merged into the 4.4 branch.
Discussion
----------
[Translation] Fix FileDumper behavior
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34713
| License | MIT
| Doc PR | -
Execute `bin/console translation:update --force en` command:
## Before
See related issue for details #34713
## After
The default translation file name will depend on whether the intl (or polyfill) extension is installed or not.
For exmaple:
| Intl extension (or polyfill) installed | translation file created |
| --- | --- |
| no | messages.en.xlf |
| yes | messages+intl-icu.en.xlf |
However, if you are currently updating a single file, that file name will be used regardless of whether the Intl extension is installed, i.e. if you have this translation file: `messages.en.xlf`, new translation keys will be stored in it, even if you have installed the intl extension.
Last, if both translation files (`messages.es.xlf` and `messages+intl-icu.en.xlf`) coexist in the same path, rare but possible, we will use the default filename guessed earlier to store all current messages and the another file will be emptied.
Commits
-------
1c41ae7631 Fixed translations file dumper behavior
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Passwords are not encoded when algorithm set to "true"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34725
| License | MIT
| Doc PR | -
If the algorithm is set to `true`, password will be encode as plain password.
```
security:
encoders:
App\User\User:
algorithm: true
```
The reason for this is the not strict comparison of php switches.
```
switch ($config['algorithm']) {
case 'plaintext':
}
```
`true == 'plaintext'` is `true`, so the first case is hit. My first solution was to cast the algorithm to a string, to prevent this. After some feedback I have catch this problem earlier and does not allow true as valid value to the algorithm option.
Ps. This is my first PR for Symfony, any feedback is welcome :-)!
Commits
-------
83a5517c01 [SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] do not validate passwords when the hash is null
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34775
| License | MIT
| Doc PR |
Commits
-------
5699cb22bb do not validate passwords when the hash is null
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] Use config variable in AnonymousFactory
| Q | A
| ------------- | ---
| Branch? | 4.4 and 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
It looks like the `AnonymousFactory` was copied incorrectly in https://github.com/symfony/symfony/pull/33503 as it uses the old `$firewall` variable available in `SecurityExtension.php`. Changing this to `$config` yields the desired results
Commits
-------
8d850d2da4 When set, get secret from config variable
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Set the parameter bag as resolved in ContainerLintCommand
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/34526, Closes#34767
| License | MIT
| Doc PR | -
Alternative to https://github.com/symfony/symfony/pull/34767, idea by @nicolas-grekas.
Commits
-------
e8d3c2b969 [FrameworkBundle] Set the parameter bag as resolved in ContainerLintCommand
This PR was merged into the 4.3 branch.
Discussion
----------
[MonologBridge] Add test on ServerLogHandler
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
After writing https://github.com/symfony/symfony/pull/34697#issuecomment-559840469 I realized that ServerLogHandler wasn't tested.
Tell me if it's a BugFix and should be rebased on 4.3
Commits
-------
8c7947f827 Add test on ServerLogHandler
This PR was merged into the 3.4 branch.
Discussion
----------
Allow copy instead of symlink for ./link script
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
Not the most efficient way to work, but sometimes it helps to test a bug fix/feature within an existing project for which symlinks can't be resolved due to the dev environment (e.g: a Vagrant where only the current project directory is mounted).
Commits
-------
b28fe66363 Allow copy instead of symlink for ./link script
This PR was merged into the 4.4 branch.
Discussion
----------
[Security/Core] Fix checking for SHA256/SHA512 passwords
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
The code to validate bcrypt passwords (#31763) needs to include SHA256 and SHA512-hashed passwords. These are used on RedHat (and derived) systems.
Since SHA256/512 don't appear to have a limit of 72 characters, I simply created a new if() block.
-->
Commits
-------
799c85b67c [Security/Core] Fix checking for SHA256/SHA512 passwords
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix making the container path-independent when the app is in /app
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34750, Fix#34611
| License | MIT
| Doc PR | -
Right now, we mandate the app to be nested in a directory of level 2 minimum. This means apps cannot be made path-independent if they are built in e.g. `/app`.
Commits
-------
b33b9a6ad9 [DI] Fix making the container path-independent when the app is in /app
