This PR was merged into the 5.1 branch.
Discussion
----------
[HttpFoundation] use InputBag for Request::$request only if data is coming from a form
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37100
| License | MIT
| Doc PR | -
Commits
-------
786ba109d0 [HttpFoundation] use InputBag for Request::$request only if data is coming from a form
This PR was merged into the 5.1 branch.
Discussion
----------
[Form] Fixed prototype block prefixes hierarchy of the CollectionType
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37024
| License | MIT
| Doc PR |
Following https://github.com/symfony/symfony/pull/37276
Commits
-------
65efc36e94 fixed prototype block prefixes hierarchy of the CollectionType
This PR was merged into the 5.1 branch.
Discussion
----------
[SecurityBundle] Run functional tests for the authenticator system
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
<s>Includes https://github.com/symfony/symfony/pull/37261 until it's merged.</s>
This runs all relevant functional tests in the security bundle for both the traditional and the authenticator system. This will hopefully avoid breaking more code in further releases.
deps=high builds will be green once this has been merged up into master.
---
During the functional tests, some inconsistencies were fixed. Three tests revealed larger inconsistencies that couldn't be fixed easily. These are not run for the new system as of now, we need to investigate further how to proceed with them. I'll create a separate issue/discussion for these:
* `Symfony\Bundle\SecurityBundle\Tests\Functional\FirewallEntryPointTest::testItUsesTheConfiguredEntryPointWhenUsingUnknownCredentials`
* `Symfony\Bundle\SecurityBundle\Tests\Functional\CsrfFormLoginTest::testFormLoginWithInvalidCsrfToken`
* `Symfony\Bundle\SecurityBundle\Tests\Functional\SecurityRoutingIntegrationTest::testSecurityConfigurationForExpression`
Commits
-------
49639caeaf [Security] Run functional tests also for the authenticator system
* 5.0:
[DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
switch the context when validating nested forms
remove unused param from validator service config
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
* 4.4:
[DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
switch the context when validating nested forms
remove unused param from validator service config
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
* 3.4:
switch the context when validating nested forms
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follow up to https://github.com/symfony/symfony/pull/37193
Unresolved parameters pointing to environment variables can be added to definitions after ResolveParameterPlaceHoldersPass execution. It is the case in the initial reported bug (RegisterListenersPass is executed after ResolveParameterPlaceHoldersPass). In this case, the parameter value is an env placeholder, so we need to try to resolve it.
Commits
-------
dac3c8fae8 [DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] switch the context when validating nested forms
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37072
| License | MIT
| Doc PR |
Commits
-------
38135de549 switch the context when validating nested forms
This PR was merged into the 4.4 branch.
Discussion
----------
Remove non-existing arg and param from serializer service config
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
Leftover from #22741
Commits
-------
d179d71f45 Remove non-existing arg and param from serializer service config
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix regression where Store does not return response body correctly
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37174
| License | MIT
| Doc PR |
Since #36833, the `Store` no longer uses or trusts the `X-Content-Digest` header present on a response, since that may come (in the case of using `CachingHttpClient`) from upstream HTTP sources. Instead, the `X-Content-Digest` is re-computed every time a response is written by the `Store`.
Additionally, the `Store` is implemented in a way that when restoring responses, it does _not_ actually load the response body, but just keeps the file path to the content on disk in another internal header called `X-Body-File`. It is up to others (`HttpCache`, for example) to actually load the content from there. For reasons I could not determine, the file path is also set as the response body.
When the `HttpCache` performs revalidations, it may happen that it wants the `Store` to persist a previously restored response. In that case, the `Store` fails to honor its own `X-Body-File` header. Instead, it would compute (since #36833) the `X-Content-Digest`, which now is a hash of the cache file path.
So, we end up with a response that still carries `X-Body-File` for the original, correct response. Since the `HttpCache` honors this value, we don't immediately notice that. But inside the `Store`, the request is now associated with the _new_ (bogus) content entry.
It takes another round of looking up the content in the `Store` to now get a response where the `X-Body-File` _also_ points to the wrong content entry.
Although I feel a bit uncomfortable with trusting headers that seemingly need to be evaluated in different classes and may come from elsewhere, my suggestion is to skip the write inside `Store` if `X-Body-File` and `X-Content-Digest` are both present and consistent with each other.
Additionally, a `file_exists` check could be added to provide additional assertions, at the cost of accessing the filesystem.
Commits
-------
176e769e5f [HttpKernel] Fix regression where Store does not return response body correctly
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][CheckTypeDeclarationsPass] Always resolve parameters
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/37166
| License | MIT
| Doc PR | -
> Only array parameters are not inlined when dumped.
This is true only when the XML debug container is used, not on a live container that can contain unresolved parameters in the `%my_param%` form. That was my mistake. We have to resolve to get the parameter type.
`$value = [];` was just an improvement to avoid useless parameter resolve btw.
Commits
-------
da0e2c36ef [DependencyInjection][CheckTypeDeclarationsPass] Always resolve parameters
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[DependencyInjection] Apply ExpressionLanguageProviderPass to router.default
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/37042
| License | MIT
Using a `chain_router` usually replaces the `router` and add the `router.default` to it's chain.
This would `addExpressionLanguageProvider` to the default router only as the chain router is not expected to have `addExpressionLanguageProvider` as it is not part of the router interface.
Commits
-------
215ad1f93d [DependencyInjection] Apply ExpressionLanguageProviderPass to router.default
This PR was merged into the 5.1 branch.
Discussion
----------
[String] Fix ellipsis of truncate when not using cut option
| Q | A
| ------------- | ---
| Branch? | 5.1 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
[Since 5.1](https://symfony.com/blog/new-in-symfony-5-1-string-improvements#keep-the-last-word-when-truncating), we can use a cut option on truncate.
But with this option, we don't have the expected behavior when the entire chain is returned.
Currently:
`u('Lorem Ipsum')->truncate(8, '…', false); // 'Lorem Ipsum...'`
Instead of:
`u('Lorem Ipsum')->truncate(8, '…', false); // 'Lorem Ipsum'`
Thanks to @jmsche for his help.
Commits
-------
a2ee6c6cf4 [String] Fix ellipsis of truncate when not using cut option
This PR was merged into the 5.1 branch.
Discussion
----------
[HttpClient] disable AMP's inactivity timeout, we deal with it on our own already
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36911
| License | MIT
| Doc PR | -
I encountered this today also.
Commits
-------
a7b18ff590 [HttpClient] disable AMP's inactivity timeout, we deal with it on our own already
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix offset computation for data chunks
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A minor thingy, still a bugfix.
Commits
-------
ff05be06ec [HttpClient] fix offset computation for data chunks