This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix the retrieval of the last username when using forwarding
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using forwarding to render the login page (which is not the default), the info are stored in the subrequest attributes rather than the session. ``getLastAuthenticationError`` was handling this properly but ``getLastUsername`` was not checking the attributes.
This fixes it by checking the attributes (I'm checking them before the session, to be consistent with ``getLastAuthenticationError``)
Commits
-------
e041365 Fix the retrieval of the last username when using forwarding
This PR was squashed before being merged into the 3.1 branch (closes#19352).
Discussion
----------
[Serializer] Include the format in the cache key
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Attributes to normalize can vary by format. For instance in API Platform normalized attributes aren't the same in JSON-LD (all attributes) and HAL (relations are not serialized in the document body).
This PR fixes that.
Commits
-------
282eb9c [Serializer] Include the format in the cache key
This PR was squashed before being merged into the 2.7 branch (closes#19327).
Discussion
----------
[Yaml] Fix PHPDoc of the Yaml class
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The YAML dumper is able to serialize any PHP type, not just arrays.
Commits
-------
a3fd991 [Yaml] Fix PHPDoc of the Yaml class
This PR was squashed before being merged into the 2.7 branch (closes#19321).
Discussion
----------
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
According to [RFC 7231](https://tools.ietf.org/html/rfc7231#section-8.1.3) `OPTIONS` and `TRACE` are safe methods.
Commits
-------
1404607 [HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Update Client::getAbsoluteUri() for query string only URIs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19303
| License | MIT
| Doc PR | -
This PR allows BrowserKit to treat a value containing only query string parameters the same way anchor/hash values are treated when passed as a URI argument to the getAbsoluteUri() method. Helps when encountering sites that force a redirect with a location header value containing only a query string.
Commits
-------
965408f Update getAbsoluteUri() for query string uris
* 3.0:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[DoctrineBridge] added missing error code for constraint.
[ClassLoader] Fix declared classes being computed when not needed
[varDumper] Fix missing usage of ExceptionCaster::$traceArgs
* 2.8:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[DoctrineBridge] added missing error code for constraint.
[ClassLoader] Fix declared classes being computed when not needed
[varDumper] Fix missing usage of ExceptionCaster::$traceArgs
Conflicts:
src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntityValidator.php
src/Symfony/Component/ClassLoader/ClassCollectionLoader.php
* 2.7:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[ClassLoader] Fix declared classes being computed when not needed
This PR was merged into the 2.7 branch.
Discussion
----------
[ClassLoader] Fix declared classes being computed when not needed
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d513eae [ClassLoader] Fix declared classes being computed when not needed
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Added additional MasterCard range to the CardSchemeValidator
From October 2016 MasterCard will introduce a new card range, 222100 through 272099.
See: https://www.mctestcards.com/ (click the help in top right)
This implements the additional regex for validation to succeed, and some additional unit tests for this new range.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
4d68f56 [Validator] Added additional MasterCard range to the CardSchemeValidator
This PR was squashed before being merged into the 2.7 branch (closes#19290).
Discussion
----------
[HttpKernel] fixed internal subrequests having an if-modified-since-header
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As the InlineFragmentRenderer has no access to a cached copy of a subrequest's target and hence couldn't handle a response with a HTTP status code of 304 (not modified), it makes no sense to send an if-not-modified-since header.
Commits
-------
e90038c [HttpKernel] fixed internal subrequests having an if-modified-since-header
This PR was squashed before being merged into the 2.8 branch (closes#19307).
Discussion
----------
[Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fix the following deprecation triggered by Symfony when using the `http_digest` authentication:
<details>
<summary>Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint::getKey() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead. </summary>
> DigestAuthenticationEntryPoint::getKey() (called from DigestAuthenticationListener.php at line 81)
DigestAuthenticationListener::handle() (called from classes.php at line 2622)
Firewall::onKernelRequest()
call_user_func() (called from WrappedListener.php at line 61)
WrappedListener::__invoke()
call_user_func() (called from classes.php at line 1858)
EventDispatcher::doDispatch() (called from classes.php at line 1773)
EventDispatcher::dispatch() (called from TraceableEventDispatcher.php at line 140)
TraceableEventDispatcher::dispatch() (called from HttpKernel.php at line 125)
HttpKernel::handleRaw() (called from HttpKernel.php at line 64)
HttpKernel::handle() (called from ContainerAwareHttpKernel.php at line 69)
ContainerAwareHttpKernel::handle() (called from Kernel.php at line 193)
Kernel::handle() (called from app_dev.php at line 36)
</details>
Refs: #16493
Commits
-------
880a392 [Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
From October 2016 MasterCard will introduce a new card range,
222100 through 272099.
See: https://www.mctestcards.com/ (click the help in top right)
Implements unit tests and validation for this new card range.
This PR was submitted for the master branch but it was merged into the 2.7 branch instead (closes#19310).
Discussion
----------
Make the exception message more clear.
| Q | A
| ------------- | ---
| Branch? | "master"
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
A small change that makes the error message more clear. If your property is named "type", "value" or something similar it is not obvious that we refer to the property name.
See example: https://github.com/schmittjoh/JMSTranslationBundle/issues/373
Commits
-------
6344ccd Make the exception message more clear.
This PR was merged into the 2.8 branch.
Discussion
----------
[varDumper] Fix missing usage of ExceptionCaster::$traceArgs
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Used in 2.7 but lost in 2.8
Commits
-------
6c5237c [varDumper] Fix missing usage of ExceptionCaster::$traceArgs
* 3.0:
[VarDumper] Fix indentation trimming in ExceptionCaster
removed @since
Remove and change unrelevant comments in Validator and Security components.
[Validator] add missing interface use statement for phpdoc block return type.
[Validator] UuidValidator must accept a Uuid constraint.
[Validator] make UuidValidator class formatting consistent.
* 2.7:
removed @since
Remove and change unrelevant comments in Validator and Security components.
[Validator] UuidValidator must accept a Uuid constraint.
[Validator] make UuidValidator class formatting consistent.
This PR was merged into the 3.1 branch.
Discussion
----------
[HttpKernel] Clarify deprecation of non-scalar values in surrogate fragment renderer
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19262
| License | MIT
| Doc PR | ~
Commits
-------
b088978 [HttpKernel] Clarify deprecation of non-scalar values in surrogate renderer
This PR was merged into the 2.7 branch.
Discussion
----------
removed @since
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
`@since` is not an annotation we use in Symfony, so let's remove the exiting ones.
Commits
-------
5d6f6aa removed @since
This PR was merged into the 3.0 branch.
Discussion
----------
[Validator] add missing interface use statement for phpdoc block return type
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
43dff0e [Validator] add missing interface use statement for phpdoc block return type.
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] [Security] Remove unrelevant comments in Security and Validator components
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
2cec4a6 Remove and change unrelevant comments in Validator and Security components.
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] make UuidValidator class formatting consistent.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
3cc2f10 [Validator] make UuidValidator class formatting consistent.