This PR was squashed before being merged into the 5.x branch.
Discussion
----------
[Validator] Upgraded constraints to enable named arguments and attributes
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #38096
| License | MIT
| Doc PR | TODO with symfony/symfony-docs#14305
This PR enables all remaining atomic (!= composite) constraints to be used as attributes.
The only exception is `UniqueEntity` from Doctrine bridge because we don't have a Doctrine ORM release yet that supports PHP 8. So I could migrate that one as well, but I cannot really test it.
Commits
-------
fb99eb2052 [Validator] Upgraded constraints to enable named arguments and attributes
This PR was merged into the 5.x branch.
Discussion
----------
[Security][Login Link] Allow null and DateTime objects to be used as signatureProperties
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Returning `DateTime` objects seems like a common use-case to automatically expire all login links when one is used or to only allow the login link to be used once.
**Before**
```php
class User
{
private ?\DateTime $lastAuthenticatedAt = null;
// ...
public function getLastAuthenticatedAtString(): string
{
return null === $this->lastAuthenticatedAt ? '' : $this->lastAuthenticatedAt->format('c');
}
}
```
```yaml
security:
firewalls:
main:
login_link:
# ...
signature_properties: ['lastAuthenticatedAtString']
````
**After**
```php
class User
{
private ?\DateTime $lastAuthenticatedAt = null;
// ...
public function getLastAuthenticatedAt(): ?\DateTime
{
return $this->lastAuthenticatedAt;
}
}
```
```yaml
security:
firewalls:
main:
login_link:
# ...
signature_properties: ['lastAuthenticatedAt']
````
---
The disadvantage of this patch is that there needs to be some boundary as to which objects we want to support casting to a scalar, but I'm convinced that `DateTime` objects will commonly be used as signature properties.
cc @weaverryan
Commits
-------
0f947b2e84 Allow null and DateTime objects to be used as signatureProperties
This PR was merged into the 5.x branch.
Discussion
----------
[Security] Add error message when using LoginLinkHandler outside a firewall
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Add a more friendly error message when autowiring `LoginLinkHanderInterface` in a route outside the firewall. Current error was `Call to a member function getName() on null`.
Commits
-------
f807b5fc15 Add error message when using LoginLinkHandler outside a firewall
Small mistake in the rate limiter configuration, instead of unsetting the `storage_service` option the never existing `storage` option was unset, resulting into an application error when trying to use a Limiter in your application.
Uncaught PHP Exception: The option "storage_service" does not exist. Defined options are: "id", "interval", "limit", "rate", "strategy"."
Returning DateTime objects seems like a common use-case to automatically expire
all login links when one is used or to only allow the login link to be used
once.
This PR was merged into the 5.x branch.
Discussion
----------
[Notifier] Introduce NullMessage and remove transport setter in MessageInterface
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | - <!-- required for new features -->
Follow-up PR of https://github.com/symfony/symfony/pull/36479
Commits
-------
5701e89960 Introduce NullMessage and remove transport setter in MessageInterface
This PR was merged into the 5.x branch.
Discussion
----------
[lock] Mark Key unserializable whith PgsqlStore
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
Marks key unserializable #38395 with the new PgsqlStore #38346
Commits
-------
eb934e9015 Mark Key unserializable whith PgsqlStore
This PR was merged into the 5.x branch.
Discussion
----------
[SecurityBundle] Make user lazy loading working without user provider
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#38429 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
Make user lazy loading in security working again without user provider.
Commits
-------
df9e8486f5 Make user lazy loading working without user provider
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Ldap] Bypass the use of `ldap_control_paged_result` on PHP >= 7.3
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38352
| License | MIT
| Doc PR |
As stated on #38352 [ldap_control_paged_result](https://www.php.net/manual/en/function.ldap-control-paged-result.php) and [ldap_control_paged_result_response](https://www.php.net/manual/en/function.ldap-control-paged-result-response.php) have been deprecated since PHP 7.4 and will be removed on PHP 8.0.
With this fix, Query uses serverctrls to handle LDAP results pagination.
Since `serverctrls` where introduced in PHP 7.3 and they are the only way to circumvent the usage of `ldap_control_paged_result`, I've added a new Query class implementation which uses `serverctrls` to control pagination.
To do so I've also had to update the LDAP Adapter in order to use the new class if PHP version 7.3 or greater are found
Commits
-------
d332b30526 [Ldap] Bypass the use of `ldap_control_paged_result` on PHP >= 7.3
This PR was merged into the 5.x branch.
Discussion
----------
[HttpClient] Add jitter to RetryBackoff
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | TODO
From the idea https://twitter.com/mtdowling/status/1313205613158043648 this PR adds a new `jitter` parameter to the ExponentialBackOff implementation.
jitter is a percentage (float between 0 and 1) of randomness to apply to the computed delay.
ie. if the initial delay is 1000ms, and jitter=0.2, the finale delay will be an number between 800 and 1200 (1000 +/- 20%)
Commits
-------
ace731437e Add jitter to RetryBackof
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Form] [Validator] added pt_BR translations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | --
| License | MIT
| Doc PR | --
Added missing pt_BR translations to Form and Validator components.
Commits
-------
4bede2824c [Form] [Validator] added pt_BR translations
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Mime] Fix serialization of RawMessage
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#38430, Related #33394 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | - <!-- required for new features -->
The serialization of RawMessage is currently broken if using a generator for message like done by `Symfony\Component\Mailer\SentMessage` see 5f1c3a7972/src/Symfony/Component/Mailer/SentMessage.php (L45)
This patch converts the message to a string so further serialization can be done.
This patch probably also solves #33394.
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Commits
-------
fd99eb26d8 [Mime] Fix serialization of RawMessage
This PR was merged into the 5.2-dev branch.
Discussion
----------
[DoctrineBridge] fix and replace namespace to Uid
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | https://github.com/symfony/symfony/pull/37678#discussion_r499709057 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | ... <!-- required for new features -->
This post should also be corrected: https://symfony.com/blog/new-in-symfony-5-2-doctrine-types-for-uuid-and-ulid cc @javiereguiluz
Commits
-------
28d1169714 [DoctrineBridge] fix and replace namespace to Uid
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Validator] Migrate File and Image constraints to attributes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #38096
| License | MIT
| Doc PR | TODO with symfony/symfony-docs#14305
I have migrated a lot of the constraints already and am preparing a big PR with them at the moment. I decided to pull this part out because it might raise some discussion.
This PR enables the `File` and `Image` constraints to be used as attributes. Especially the constructor signature of the `Image` constraint has grown pretty large this way. This by itself should be a big problem, if we don't expect the constructor to be called with ordered parameters by userland code. But it shows that the constraints have grown a bit too large. We might want to consider to split it.
Commits
-------
d8c186938e [Validator] Migrate File and Image constraints to attributes.
This PR was merged into the 5.2-dev branch.
Discussion
----------
[HttpClient] minor fixes in RetryableHttpClient
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
495562836a [HttpClient] minor fixes in RetryableHttpClient
This PR was merged into the 3.4 branch.
Discussion
----------
Fix type annotation in ExpressionLanguage\Token
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The expected argument `$type` should be a string - the strict comparison would always fail with the current annotated types (`array|int`).
See the constructor + constants for reference:
7db7dcc431/src/Symfony/Component/ExpressionLanguage/Token.php (L33)7db7dcc431/src/Symfony/Component/ExpressionLanguage/Token.php (L25-L30)
Commits
-------
bfde15b728 Fix type annotation
* 5.1:
Added Stopwatch example to the README
Bump Symfony version to 5.1.8
Update VERSION for 5.1.7
Update CHANGELOG for 5.1.7
Bump Symfony version to 4.4.16
Update VERSION for 4.4.15
Update CHANGELOG for 4.4.15
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Validator] Use comparison constraints as attributes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | #38096
| License | MIT
| Doc PR | TODO, let's add it to symfony/symfony-docs#14305
This PR enables all child classes of `AbstractComparison` to be used as attributes.
Some of those constraints used a trait called `NumberConstraintTrait` for a shared implementation. After my changes, that trait did not fit well anymore, so I've added a new `ZeroComparisonConstraintTrait` as a replacement. Although I don't expect `NumberConstraintTrait` to provide much value outside of the Symfony codebase, I think we cannot safely change it because it was not labelled as `@internal`. This is basically why I went for the deprecation.
Commits
-------
b5bdf8288f [Validator] Use comparison constraints as attributes.
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[HttpFoundation] Expired cookies string representation consistency & tests
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
These changes add consistent behavior when converting expired cookies back and forth from string representation into `Symfony\Component\HttpFoundation\Cookie` instances in `Cookie::fromString`:
- When `Max-Age` is zero and `expires` is in the past, the `expires` date is kept as is (previous behavior: `expires` is overwritten with current timestamp because it is reset to current timestamp + `Max-Age`)
- When `Max-Age` is zero and `expires` is in the future, expires is reset to current timestamp, as `Max-Age` is the preferred "source of truth" (same as previous behavior)
- Add tests for how the Cookie class handles `Max-Age` in a cookie string and how `expires` and `Max-Age` interact
- Extract helper function `expiresTimestamp` so converting to a unix timestamp can be reused in `Cookie::fromString`
This is more a new feature than a bug fix in my mind, therefore I would include it in 5.1+.
Commits
-------
4f5d5eceb0 [HttpFoundation] Expired cookies string representation consistency & tests
This PR was merged into the 5.2-dev branch.
Discussion
----------
[lock] Prevent user serializing the key when store does not support it.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
Some store relies on connection with the running process. ie. kernel relaease flock/semaphore, or zookeeper neeeds a connection to the database.
When the users tries to serialize the key to send it to another process, they are not aware that they lose the lock.
This PR throws an exception in that situation.
Commits
-------
1ec0630262 Prevent user serializing the key
This PR was merged into the 5.2-dev branch.
Discussion
----------
Remove array return type from Request::toArray()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38400
| License | MIT
| Doc PR | -
Laravel already extends Symfony's `Request` class and defines it's own `toArray` method. https://github.com/symfony/symfony/pull/38224 added a new `toArray` method to this class with a different signature to the one that is in Laravel, causing fatal errors (https://github.com/laravel/framework/issues/34660). I think the best course of action here is to remove the return type for now, and only add it in Symfony 6. This will allow Symfony 6.0 and Laravel 11 to synchronize adding the return type.
Older versions of Laravel can't just change their signature to add an array return type to them, because that would be a breaking change for Laravel users extending Laravel's request class. I'm thinking, in particular, API packages and the like, or just straight up application code.
Commits
-------
8b291a49a6 Remove array return type from Request::toArray()
