This PR was merged into the 2.5-dev branch.
Discussion
----------
Made some HHVM-related fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
1240758 [Routing] fixed CS
e223395 [Debug] fixed case differences between PHP and HHVM (classes are case-insensitive anyway in PHP)
23acc24 [Debug] made order of suggestions predictable in error messages
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] fixed wrong reference in TraceableEventDispatcher
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9748, #9727
| License | MIT
| Doc PR | n/a
This PR fixes#9748 and #9727 by removing the `id` state. Only private method signatures have been changed, so that qualifies for a fix in 2.3.
The `getNotCalledListeners()` is a bit special as it tries to get non-called listeners. It passes `null` as the event id as if a listener has been called more than once, getting the first call is enough.
Commits
-------
acd3317 [HttpKernel] fixed wrong reference in TraceableEventDispatcher
* 2.4:
$default can be string
Fix wording for Process class documentation
Option can be bool too (eg. --force)
[Form] Update DateTime objects only if the actual value has changed
Revert "bug #10091 [Translation] Update PluralizationRules.php (guilhermeblanco)"
[HttpFoundation] fixed typo
Added delta for Request comparison
add zh_TW validator translations
Added Bulgarian translation for security component
* 2.3:
$default can be string
Fix wording for Process class documentation
Option can be bool too (eg. --force)
[Form] Update DateTime objects only if the actual value has changed
Revert "bug #10091 [Translation] Update PluralizationRules.php (guilhermeblanco)"
[HttpFoundation] fixed typo
Added delta for Request comparison
add zh_TW validator translations
Added Bulgarian translation for security component
This PR was merged into the 2.5-dev branch.
Discussion
----------
Adds PTY mode & convenience method mustRun()
This makes two additions. I've split them into separate commits so that you can pull them separately if required.
1. Adds PTY mode.
In contrast to the existing TTY mode, the proc_open call becomes the master not the process currently executing.
2. Adds a ``mustRun`` method
This is merely for convenience:
```php
# Before
$proc = new Process($cmd);
if (0 !== $proc->run()) {
throw new ProcessFailedException($proc);
}
$proc = new Process($cmd);
if (0 !== $proc->run()) {
throw new ProcessFailedException($proc);
}
# After
(new Process($cmd))->mustRun();
(new Process($cmd))->mustRun();
Commits
-------
dbd264a adds cache for isPtySupported()
6c11207 attempts to fix tests on Travis
2ff1870 adds convenience method mustRun
53441aa adds support for PTY mode
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | no
| Fixed tickets |
| License | MIT
| Doc PR |
INI_SCANNER_RAW change the default scanner mode of parse_ini_files to parse all values without evaluate. This allow values with single quotes, "no" and "false" and raise an error if you use the deprecated "#" as comment character.
This change is specially good for shared translations, because a translator haven't to know that he can't use a few restricted terms.
And has a residual improvement: it's twice fast that use the default value (INI_SCANNER_NORMAL) in my tests
This PR was squashed before being merged into the 2.3 branch (closes#10151).
Discussion
----------
[Form] Update DateTime objects only if the actual value has changed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Right now the Form component replaces DateTime fields with new Objects, therefore the hash is changing.
This leads to unnecessary database updated when working with doctrine. With this patch the DateTime object
of the actual entity is only replaced if the value has been changed.
Commits
-------
1f22d3a [Form] Update DateTime objects only if the actual value has changed
Sometimes, tests are failing because REQUEST_TIME
changes between the creation of the various sub-requests.
By using delta, we allow maximum of second of difference.
Example: https://travis-ci.org/symfony/symfony/jobs/17668158#L511
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator][Translation] add zh_TW validator translations
add Traditional Chinese validator translations.
Commits
-------
c755e85 add zh_TW validator translations
* 2.4:
fixed CS
allow the TextAreaFormField to be used with valid/invalid HTML
Create security.id.xlf
[DependencyInjection] Remove unneeded file
[Twig] removed obsolete conditions on Twig versions
added lines to exceptions for the trans and transchoice tags
[FrameworkBundle] Merged multiple line input into one line to fix the tests.
[Form] Make FormInterface::add docblock more explicit
[Security] Add zh_CN translations
Routing condition bugfix
[Validator][Translation]update zh_CN translations
[Validator] Minor fix in XmlLoader
* 2.3:
fixed CS
allow the TextAreaFormField to be used with valid/invalid HTML
Create security.id.xlf
[DependencyInjection] Remove unneeded file
[Twig] removed obsolete conditions on Twig versions
added lines to exceptions for the trans and transchoice tags
[Form] Make FormInterface::add docblock more explicit
[Security] Add zh_CN translations
[Validator][Translation]update zh_CN translations
[Validator] Minor fix in XmlLoader
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] Remove unneeded file
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I think the file was moved here by mistake from the fixtures.
Commits
-------
caf1809 [DependencyInjection] Remove unneeded file
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Routing] Add createRoute method for AnnotationClassLoader
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
This allows to use a custom route class. So if you want to support
annotations for Routing in Silex it can now be done while keeping the
custom routing options Silex supports.
Commits
-------
97404b3 Add createRoute method for AnnotationClassLoader
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Make FormInterface::add docblock more explicit
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When replacing a child form from within a form event, it's not obvious that you have to use the 'add' method. Though it's minor, this will save somebody a google search.
Commits
-------
23216aa [Form] Make FormInterface::add docblock more explicit
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When replacing a child form from within a form event, it's not obvious that you have to use the 'add' method. Though it's minor, this will save somebody a google search.
This allows to use a custom route class. So if you want to support
annotations for Routing in Silex it can now be done while keeping the
custom routing options Silex supports.
This PR was squashed before being merged into the 2.5-dev branch (closes#10005).
Discussion
----------
[Security] Added named encoders to EncoderFactory
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9743
| License | MIT
| Doc PR | -
This PR is basically merging FOSAdvancedEncoder. I think it's better than having a separate bundle that most of it's code is a copy of the core.
A use case is: having a different encoders or bcrypt cost based on the user's roles.
Commits
-------
c69e2ca [Security] Added named encoders to EncoderFactory
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Routing] Added an extension point for globals in AnnotationClassLoader
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We need to add a new extension point for global to be able to support
`@Method` on class:
``` php
/**
* @Route("/api")
* @Method("GET")
*/
class FooBarController
{
/**
* @Route("/")
*/
public function listAction()
{
}
/**
* @Route("/new")
* @Method("POST")
*/
public function newAction()
{
}
}
```
Commits
-------
8f7524e [Routing] Added an extension point for globals in AnnotationClassLoader
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3][Component/Security] Fixed some phpdocs in Security/Core
| Q | A
| ------------- | ---
| Bug fix? | kinda*
| New feature? | no
| License | MIT
\* - those missing phpdocs lead to problems when debugging with IDE, as well as some were wrong (i.e. `SecurityContextInterface::isGranted()`) as parameters differ in interface & class implementing it
Commits
-------
80fae1d [Component/Security] Fixed some phpdocs in Security/Core
This PR was squashed before being merged into the 2.5-dev branch (closes#9980).
Discussion
----------
[Routing][FrameworkBundle] Deprecated the apache dumper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #9652
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/3446
Commits
-------
6258cfa [Routing][FrameworkBundle] Deprecated the apache dumper
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Form] Errors now reference the field they were added to and the violation/exception that caused them
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9472, #9582
| License | MIT
| Doc PR | -
Commits
-------
c8a0ee6 [Form] Errors now reference the field they were added to and the violation/exception that caused them
This PR was squashed before being merged into the 2.5-dev branch (closes#9776).
Discussion
----------
[Console] Added the possibility to set a different default command
I am not quite sure if this is the best approach to solve the issue but the solution I provide works. Let me know your suggestions to improve it.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8058
| License | MIT
| Doc PR | symfony/symfony-docs#3426
Commits
-------
418de05 [Console] Added the possibility to set a different default command
* 2.4:
udpated LICENSE year
update year on licenses
rundown and typo fix
[Process] Fix#9861 : Revert TTY mode
[Form] Update minimal requirement in composer.json
Fix Empty translations with Qt files
[Console] Fixed command name guessing if an alternative is an alias.
Update UPGRADE-2.3.md to account for #9388
[WebProfilerBundle] Fixed profiler toolbar icons for XHTML.
[BrowserKit] Throw exception on invalid cookie expiration timestamp
[Propel1Bridge][ModelChoiceList] add exception message for invalid classes
This PR was merged into the 2.3 branch.
Discussion
----------
[All] update license year to 2014
| Q | A |
| --- | --- |
| Bug fix? | n |
| New feature? | n |
| BC breaks? | n |
| Deprecations? | n |
| Tests pass? | y |
| Fixed tickets | na |
| License | MIT |
| Doc PR | na |
Sent using [Gush](https://github.com/cordoval/gush)
sorry about the previous PR now closed, forgot Gush had branched off of master and not 2.3
Commits
-------
8ace5f9 update year on licenses
This PR was merged into the 2.5-dev branch.
Discussion
----------
[OptionsResolver] Allow giving a callback as an allowedValue to OptionsResolver
I recently had to use an option which was an array and could contain some one or multiple values from a list. As it could contain all possible combinations, it was not possible to validate it with a list of allowed values.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | --
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/3437
Commits
-------
07d1d30 Allow giving a callback as an allowedValue to OptionsResolver
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Fix#9861 : Revert TTY mode
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9861
| License | MIT
This revert the TTY mode support for the process component
Commits
-------
160b1cf [Process] Fix#9861 : Revert TTY mode
Instead correctly use the array of schemes from the Route.
Also adjusted the dumpers to dump the correct data.
I extended the tests to not only test the deprecated behavior, but also
the new schemes-requirement.
* 2.4:
Revert "bug #9601 [Routing] Remove usage of deprecated _scheme requirement (Danez)"
bumped Symfony version to 2.4.2
updated VERSION for 2.4.1
updated CHANGELOG for 2.4.1
bumped Symfony version to 2.3.10
updated VERSION for 2.3.9
update CONTRIBUTORS for 2.3.9
updated CHANGELOG for 2.3.9
Add support SAPI cli-server
Fix hardcoded listenerTag name in error message
[HttpFoundation] Documented public properties.
[Routing] add missing unit tests for Route and RouteCollection classes
Conflicts:
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
bumped Symfony version to 2.3.10
updated VERSION for 2.3.9
update CONTRIBUTORS for 2.3.9
updated CHANGELOG for 2.3.9
Add support SAPI cli-server
Fix hardcoded listenerTag name in error message
[HttpFoundation] Documented public properties.
[Routing] add missing unit tests for Route and RouteCollection classes
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Tests/RouteCollectionTest.php
This PR was merged into the 2.5-dev branch.
Discussion
----------
test for class route annotation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I mention that AnnotationClassLoaderTest don't test class route annotation functional.
This patch add test for class route annotation
Commits
-------
ac94ddb test for class route annotation
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Documented public properties
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9670
| License | MIT
| Doc PR | -
`$request` and `$query` parameter bags could be hard to get for a newcommer, who's used to `$_POST` and `$_GET` variables. Some people claim naming makes no sense (see #9671).
For consistency I documented all public properties.
Commits
-------
1b79831 [HttpFoundation] Documented public properties.
These annotations are artificially bumping the code coverage. Unreached
code should be reported in the coverage report, even if we cannot reach
100% coverage for some safeguards.
Thus, some places using them were actually testable (and tested) code.
* 2.4:
removed unneeded use statements
[DoctrineBridge] Fixed an issue with DoctrineParserCache
removed unneeded use statements
Prepend Child Bundle paths before the parent
[Routing] add unit tests for Symfony\Component\Routing\RequestContext class
* 2.3:
removed unneeded use statements
Prepend Child Bundle paths before the parent
[Routing] add unit tests for Symfony\Component\Routing\RequestContext class
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/CsrfExtension.php
src/Symfony/Component/HttpKernel/DataCollector/TimeDataCollector.php
src/Symfony/Component/Validator/ConstraintValidatorFactory.php
This PR was merged into the 2.3 branch.
Discussion
----------
removed unneeded use statements
| Q | A
| ------------- | ---
| License | MIT
Commits
-------
7f9a366 removed unneeded use statements
* 2.4:
[Security] fixed pre/post authentication checks
fixed missing use statements
Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term.
Fixed CSS
[Intl] Added round support for ROUND_CEILING, ROUND_FLOOR, ROUND_DOWN, ROUND_UP
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
addressed == -> === suggestion
Fixed#9020 - Added support for collections in service#parameters
fixes PSR-0 issues in tests
adjusted behavior to always copy override on url files
Skips test that need full lib-intl.
* 2.3:
[Security] fixed pre/post authentication checks
Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term.
Fixed CSS
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
addressed == -> === suggestion
Fixed#9020 - Added support for collections in service#parameters
fixes PSR-0 issues in tests
adjusted behavior to always copy override on url files
Skips test that need full lib-intl.
Conflicts:
src/Symfony/Component/Security/Acl/Tests/Permission/MaskBuilderTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememerMeTokenTest.php
src/Symfony/Component/Security/Core/Tests/User/AccountCheckerTest.php
src/Symfony/Component/Security/Core/Tests/User/InMemoryProviderTest.php
src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php
src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php
src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememberMeTokenTest.php
src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememerMeTokenTest.php
src/Symfony/Component/Security/Tests/Core/User/AccountCheckerTest.php
src/Symfony/Component/Security/Tests/Core/User/InMemoryProviderTest.php
src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php
src/Symfony/Component/Security/Tests/Core/User/UserCheckerTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
| Q | A
| ------------- | ---
| Bug fix? | yes
| BC breaks? | no*
| Tests pass? | yes
| Fixed tickets | #9903
| License | MIT
\* as described in mentioned issue, before this PR there was thrown exception `UnexpectedValueException`, which was not correct, but I guess some people trying to hide the bug could use `try {} catch` on it.
Commits
-------
38287e7 [HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] fixed pre/post authentication checks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8510, #9622
| License | MIT
| Doc PR | N/A
After further investigation of #8510, I found that all checks in the `checkPreAuth` actually belongs to `checkPostAuth` and the same goes for checks in `CheckPostAuth` (I checked the original source from Spring and indeed, that's how it is implemented there: see https://github.com/spring-projects/spring-security/blob/master/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java#L305
).
So, this PR fixes that issue. I think that we can do this change safely in 2.3 as the error message is the same for all causes by default (`$hideUserNotFoundExceptions` is `true` by default in `UserAuthenticationProvider`).
The only "real" change is whether the authentication is checked or not.
Commits
-------
ada82a2 [Security] fixed pre/post authentication checks
This PR was merged into the 2.3 branch.
Discussion
----------
fixed some PSR-0 class names
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
a38e2c0 fixes PSR-0 issues in tests
This PR was merged into the 2.3 branch.
Discussion
----------
[Filesystem | WCM] 9339 fix stat on url for filesystem copy
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9339
| License | MIT
| Doc PR | na
supersedes https://github.com/symfony/symfony/pull/9863
Commits
-------
4fba412 adjusted behavior to always copy override on url files
When overriding the Symfony RoleHierarchy it would be great to be able to get access to the buildRoleMap-method and map-variable for more advanced usage.
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Validator] Added Doctrine cache
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/9887
| License | MIT
| Doc PR |
I propose to keep the `CacheInterface` and deprecate only the `ApcCache`.
It will leave the classes depending on a `CacheInterface` unchanged and will allow to adapt new cache providers in the future.
Commits
-------
3c4de45 [Validator] Added Doctrine cache
* 2.4:
fix some cs
use restore_error_handler instead of set_error_handler($previous)
fix#9321 Crawler::addHtmlContent add gbk encoding support
[Console] fixed column width when using the Table helper with some decoration in cells
[Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
Fix for cache-key conflict when having a \Traversable as choices
[Security] removed obsolete comment
* 2.3:
fix some cs
use restore_error_handler instead of set_error_handler($previous)
fix#9321 Crawler::addHtmlContent add gbk encoding support
[Console] fixed column width when using the Table helper with some decoration in cells
[Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
Fix for cache-key conflict when having a \Traversable as choices
[Security] removed obsolete comment
Conflicts:
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/Security/Tests/Http/Firewall/ExceptionListenerTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] fixed column width when using the Table helper with some decoration in cells
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8152, #9366
| License | MIT
| Doc PR | n/a
This PR fixes the same issue as #9366 but works in all situations (all kind of styles, when the string is shorter than any other one or larger than any other ones, ...).
I'm not very satisfied with the fix and especially the `computeLengthWithoutDecoration` method, but the whole helper should be rethought to make it stateless (out of the scope of this PR).
Commits
-------
5b4d057 [Console] fixed column width when using the Table helper with some decoration in cells
This PR was squashed before being merged into the 2.3 branch (closes#8997).
Discussion
----------
[Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
<table>
<tr>
<td><b>Q</b></td>
<td><b>A</b></td>
</tr>
<tr>
<td>Bug fix?</td>
<td>yes</td>
</tr>
<tr>
<td>New feature</td>
<td>no</td>
</tr>
<tr>
<td>BC breaks?</td>
<td>no</td>
</tr>
<tr>
<td>Deprecations?</td>
<td>no</td>
</tr>
<tr>
<td>Tests pass?</td>
<td>yes</td>
</tr>
<tr>
<td>Fixed tickets</td>
<td>#3085, #8974</td>
</tr>
<tr>
<td>License</td>
<td>MIT</td>
</tr>
<tr>
<td>Doc PR</td>
<td>n/a</td>
</tr>
</table>
Problem occurs while user is impersonated. Authentication process generates new token and doeas not preserve role ```ROLE_PREVIOUS_ADMIN```. Ex. when parameter ```security.always_authenticate_before_granting``` is enabled.
Commits
-------
a7baa3b [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
* 2.4:
[Security] simplified some unit tests
[Security] made code easier to understand, added some missing unit tests
[DependencyInjection] fixed InlineServiceDefinitionsPass to not inline a service if it's part of the current definition (to avoid an infinite loop)
[DomCrawler] Fixed creating form objects from form nodes.
disabled php.ini changes when using HHVM in .travis.yml
[Process] fixed HHVM support
Add support for HHVM in the getting of the PHP executable
[Security] fixed error 500 instead of 403 if previous exception is provided to AccessDeniedException
* 2.3:
[Security] made code easier to understand, added some missing unit tests
[DependencyInjection] fixed InlineServiceDefinitionsPass to not inline a service if it's part of the current definition (to avoid an infinite loop)
[DomCrawler] Fixed creating form objects from form nodes.
disabled php.ini changes when using HHVM in .travis.yml
[Process] fixed HHVM support
Add support for HHVM in the getting of the PHP executable
[Security] fixed error 500 instead of 403 if previous exception is provided to AccessDeniedException
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Fix ExceptionListener to catch correctly AccessDeniedException if is not first exception
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9544, #8467?, #9823
| License | MIT
| Doc PR |
Same as #9823 but with some refactoring of the code and with some unit tests.
When merging to 2.4, the unit tests can be simplified a bit.
Commits
-------
172fd63 [Security] made code easier to understand, added some missing unit tests
616b6c5 [Security] fixed error 500 instead of 403 if previous exception is provided to AccessDeniedException
This PR was merged into the 2.3 branch.
Discussion
----------
[Dependencyinjection] Fixed handling of inlined references in the AnalyzeServiceReferencesPass
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8299, #9829
| License | MIT
| Doc PR | n/a
Hopefully a better fix for #9829 (ping @jakzal). Unit tests coming soon.
In some cases `InlineServiceDefinitionsPass` replaces a Reference with a service Definition. In such scenarios `AnalyzeServiceReferencesPass` was falling into an infinite loop.
Commits
-------
d650295 [DependencyInjection] fixed InlineServiceDefinitionsPass to not inline a service if it's part of the current definition (to avoid an infinite loop)
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Fixed IBAN validator with 0750447346 value
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
cf88ba5 [Validator] Fixed IBAN validator with 0750447346 value
This PR was squashed before being merged into the 2.3 branch (closes#9875).
Discussion
----------
Fixed typo
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
660ab38 Fixed typo
* 2.4:
fixed CS
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
avoid tables to have apparently long blank line breaks and be too far appart for long nested array params
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
* 2.3:
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/ContainerAwareHttpKernelTest.php
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Finder] Fix finder date constraints and tests
Description:
When you search some files with date constraints, all folders are given, even if they are not in the date scope.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? |no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9303
| License | MIT
Commits
-------
4ccafa6 Fix finder date constraints and tests
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Form] added getter to transformer chain
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9503
| License | MIT
| Doc PR | na
Commits
-------
3565d96 added getter to transformer chain
This PR was merged into the 2.5-dev branch.
Discussion
----------
Added MutableAclProvider::deleteSecurityIdentity
This provides a very simple function to enable the deletion of a SecurityIdentity.
Developers can add a listener on the delete of a user and remove all the related ACLs.
Foreign keys already ensure that the ACEs are properly deleted.
Among the problems of not deleting the SecurityIdentity:
* Inconsistent database, referring to a non-existent user.
* If a user is deleted and another is created with the same name, it will inherit all the old user’s ACEs
Not addressed by this PR: Changing a user’s username breaks the related ACLs. See #5787
See also: https://groups.google.com/forum/#!topic/symfony2/mGTXlTWiMs8/discussion
Commits
-------
bdbbe58 [Security][Acl] Issue #5787 : Added MutableAclProvider::deleteSecurityIdentity
This PR was squashed before being merged into the 2.5-dev branch (closes#8423).
Discussion
----------
Update LocaleTest.php
de_CH locales does not fallback to de
see https://github.com/symfony/symfony/issues/5314
Commits
-------
572126b Update LocaleTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
fixed various typos
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
2f15ac7 fixed various typos
* 2.4: (44 commits)
[FrameworkBundle] Add missing license headers
Fix parent serialization of user object
[DependencyInjection] fixed typo
added condition to avoid skipping tests on JSON_PRETTY support
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[FrameworkBundle] Added extra details in XMLDescriptor to improve container description
fixed CS
Crawler default namespace fix
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
fix deprecated usage and clarify constructor defaults for number formatter
Bumping dependency to ProxyManager to allow testing against the new 0.5.x branch changes
Do normalization on tag options
bumped Symfony version to 2.3.9
...
* 2.3: (31 commits)
Fix parent serialization of user object
[DependencyInjection] fixed typo
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
Do normalization on tag options
bumped Symfony version to 2.3.9
updated VERSION for 2.3.8
update CONTRIBUTORS for 2.3.8
updated CHANGELOG for 2.3.8
[Filesystem] Changed the mode for a target file in copy() to be write only.
[Console] fixed CS
fixed TableHelper when cell value has new line
Improved and fixed grammar mistakes. Added pluralized messages
...
Conflicts:
src/Symfony/Component/BrowserKit/Cookie.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Matcher/UrlMatcher.php
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Console] hide output of ProgressHelper when isDecorated is false
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9511
| License | MIT
| Doc PR | n/a
Commits
-------
006cb81 [Console] show no output in ProgressHelper when isDecorated is false (fixes#9511)
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Security][Acl] Add MutableAclProvider::updateUserSecurityIdentity
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5787
| License | MIT
| Doc PR | symfony/symfony-docs#3319
This provides a very simple function to enable the update of a User's username while keeping its associated ACEs (by updating its corresponding UserSecurityIdentity)
Developers can add a listener on the preUpdate of a user and remove all the related ACLs:
```php
if ($args->hasChangedField('username')) {
$aclProvider = $this->container->get('security.acl.provider');
$oldUsername = $args->getOldValue ('username');
$user = $args->getEntity();
$aclProvider->updateUserSecurityIdentity(UserSecurityIdentity::fromAccount($user) , $oldUsername);
}
```
Among the problems of not updating the UserSecurityIdentity:
- Inconsistent database, referring to a non-existent user.
- The user loses all its associated permissions
- If another user is created with the old username, it will inherit all the first user’s ACEs
This PR intends to fix Issue #5787 and is similar to and inspired from PR #8305.
This will also be heavily impacted by the outcome of #8848
Commits
-------
da53d92 [Security][Acl] Fix#5787 : Add MutableAclProvider::updateUserSecurityIdentity
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] Fixed support for backslashes in service ids.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9801
| License | MIT
| Doc PR |
This change is needed for consistency with `camelize()` which is used in [`ProxyDumper`](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bridge/ProxyManager/LazyProxy/PhpDumper/ProxyDumper.php#L69) and [`PhpDumper`](https://github.com/symfony/DependencyInjection/blob/2.3/Dumper/PhpDumper.php#L1275).
Either this PR needs to be merged for consistency or #9610 rolled back (if we don't want to support backslashes in service ids).
Anyone could tell me why we're not using the `camelize()` method internally in the `Container`?
Commits
-------
c6f210b [DependencyInjection] Fixed support for backslashes in service ids.
This PR was merged into the 2.5-dev branch.
Discussion
----------
[EventDispatcher][HttpKernel] Move RegisterListenersPass from HttpKernel to EventDispatcher.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've been recently in the position to use the DependencyInjection Component and the EventDispatcher together but not HttpKernel. To make it easier to use these two together I propose moving RegisterListenersPass to the EventDispatcher component where the ContainerAwareEventDispatcher already resides.
Commits
-------
89b8e0a [EventDispatcher][HttpKernel] Move RegisterListenersPass from HttpKernel to EventDispatcher.
This PR was squashed before being merged into the 2.5-dev branch (closes#9668).
Discussion
----------
[DepdencyInjection] forgot to add definition of dumped container member variable parameters
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5408
| License | MIT
| Doc PR | n/a
this fixes the allowing of access to parameters property of the dumped container
Commits
-------
5b02d3f [DepdencyInjection] forgot to add definition of dumped container member variable parameters
This PR was merged into the 2.5-dev branch.
Discussion
----------
[HttpKernel] Remove FrameworkBundle dependency in BundleTest
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
`HttpKernel` tests fatal due to missing dependency `AddConsoleCommandPass`.
Also removed unused import.
Commits
-------
20a064f [HttpKernel] Remove FrameworkBundle dependency in BundleTest
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Console] Added a way to set the process title
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
* I did not write test, because I want to RFC the idea before
* Do we want the process update its name when a sub command is executed by a master command ?
Commits
-------
204a25e [Console] Added a way to set the process title
This PR was squashed before being merged into the 2.4 branch (closes#9771).
Discussion
----------
Crawler default namespace fix
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9732, #6650
| License | MIT
| Doc PR | symfony/symfony-docs/pull/2979
Fix backwards compatibility of xml namespaces for having only one default namespace.
Commits
-------
cfff054 Crawler default namespace fix
This PR was squashed before being merged into the 2.5-dev branch (closes#9773).
Discussion
----------
[Form] Added delete_empty option to allow proper emptyData handling of collections
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes/no?
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9375
| License | MIT
| Doc PR | symfony/symfony-docs#3338
This PR adresses the issue that if you have a form collection with the option required => false and you submit an empty collection so you will get a ArrayCollection that contains en element with the value null.
This behaviour was introduced with the following changes from symfony/symfony#3257
In addition to the above mentioned ticket there is also a description about the same issue here: http://stackoverflow.com/questions/19474872/symfony2-form-collection-allow-add-and-allow-delete-null-error-silex
With the changes of this PR the new option empty_data is introduced. With this option you will be able to ignore/delete such empty collections, so they will neither be validated nor appear as empty field in the result.
The option will remove/ignore such empty collections if you add them newly and if allow_add is enabled and
removes such empty collections only if allow_delete is enabled.
With setting required and empty_data accordingly it will be now flexible to customize to the outcome you want to achieve.
Thanks to @bschussek for the great work together - We have to discuss how to name this option so if delete
or ignore is the appropriate name.
Commits
-------
8bdb7a0 [Form] Added delete_empty option to allow proper emptyData handling of collections
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Security] [Acl] [MaskBuilder] Refactor common code and reduce nesting
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Refactored some common code and moved a comparison to an earlier statement.
Commits
-------
7d85809 Refactor common code and reduce nesting
This PR was squashed before being merged into the 2.3 branch (closes#9769).
Discussion
----------
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8311
| License | MIT
| Doc PR |
Commits
-------
3132b04 [BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
This PR was merged into the 2.3 branch.
Discussion
----------
[Routing] Remove usage of deprecated _scheme requirement
**This is exact the same commit as it was in #9585, which was not merged due to my fault. Sorry for the noise.**
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8898, #8176
| License | MIT
| Doc PR |
I removed all usages of the deprecated _scheme requirement inside the Routing Component.
Most parts were pretty easy and after multiple refactorings I came up with the solution to have a Route::hasScheme() method and check against this method.
I also checked for performance and after trying in_array, arra_flip+isset and foreach, the last one was clearly the winner.
https://gist.github.com/Danez/7609898#file-test_performance-php
I also adjusted all tests that test '_scheme' to also check the new schemes-requirement.
Commits
-------
557dfaa Remove usage of deprecated _scheme in Routing Component
This PR was merged into the 2.3 branch.
Discussion
----------
[Filesystem] Changed the mode for a target file in copy() to be write only
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9789
| License | MIT
| Doc PR | -
Stream wrappers like S3 [do not support w+](http://docs.aws.amazon.com/aws-sdk-php/latest/class-Aws.S3.StreamWrapper.html) and we don't read here anyway (as pointed out in #9789).
Commits
-------
10e43b7 [Filesystem] Changed the mode for a target file in copy() to be write only.
This PR was merged into the 2.3 branch.
Discussion
----------
[Routing] Fix router matching pattern against multiple hosts
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8811, #6744
| License | MIT
| Doc PR |
When you had a pattern that matched on multiple host then only the first one was displayed as "almost matching". Fixed router matching against the same pattern on multiple hosts so now it shows every "almost match" on different hosts.
Commits
-------
f727b22 [Routing] Fix router matching pattern against multiple hosts
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
Removed unnecessary condition (looks like it's been copy/pasted from
line 84).
Instead correctly use the array of schemes from the Route.
Also adjusted the dumpers to dump the correct data.
I extended the tests to not only test the deprecated behavior, but also
the new schemes-requirement.
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator]Fixed getting wrong msg when value is an object in Exception
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
cdb5ae0 [Validator]Fixed getting wrong msg when value is an object in UnexpectedTypeException
This PR was merged into the 2.3 branch.
Discussion
----------
allow TraceableEventDispatcher to reuse event instance in nested events
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9710, #9727
| License | MIT
Commits
-------
454ce16 allow TraceableEventDispatcher to reuse event instance in nested events
* 2.4:
[Debug] fixed tests
ErrorHandlerTest: restore_error_handler() on assertion failure
Fixed typo
[validator] throw an exception if isn't an instance of ConstraintValidatorInterface.
Reset the box model to content-box in the web debug toolbar
[FrameworkBundle] Allowed "0" as a checkbox value in the php template.
raising delta on stopwatch as travis really breaks with less than 35
Switched to correct gender of "Token"
bumped Symfony version to 2.4.1
updated VERSION for 2.4.0
updated CHANGELOG for 2.4.0
fixed typos in several translations
[HttpKernel] use static late binding when dumping out container
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
Fixed typo
[validator] throw an exception if isn't an instance of ConstraintValidatorInterface.
Reset the box model to content-box in the web debug toolbar
[FrameworkBundle] Allowed "0" as a checkbox value in the php template.
raising delta on stopwatch as travis really breaks with less than 35
Switched to correct gender of "Token"
fixed typos in several translations
[HttpKernel] use static late binding when dumping out container
This PR was submitted for the 2.2 branch but it was merged into the 2.3 branch instead (closes#9678).
Discussion
----------
[HttpKernel] use static late binding when dumping out container
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no?
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9649
| License | MIT
| Doc PR |
This PR gives the ability to override the stripComments method in descendants (and to disable the memory-eater container whitespace stripping)
Commits
-------
2e241cc [HttpKernel] use static late binding when dumping out container
The neutral gender "das Token" is used in science to describe an array of bits or chars, where as the masculin "der Token" is commenly used for keys in communications and authentication in the network.
I guess the a CSRF-Token is more a key for authentication then a bit array.
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] fix typos in several translations
| Q | A
| ------------- | ---
| Fixed tickets | --
| License | MIT
Similar to #9681, but for 2.3, with one additional change.
Commits
-------
8209a7f fixed typos in several translations
* 2.4:
updated Composer suggested packages
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
Fixed typo in phpdoc
Default form.csrf_protection.enabled to csrf_protection.enabled
Handled the scenario when no entity manager is passed with closure query builder.
Enabled csrf_protection by default if form.csrf_protection is enabled
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
[Debug] ensured that a fatal PHP error is actually fatal after being handled by our error handler
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
* 2.3:
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
Fixed typo in phpdoc
Handled the scenario when no entity manager is passed with closure query builder.
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
[Debug] ensured that a fatal PHP error is actually fatal after being handled by our error handler
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
Conflicts:
src/Symfony/Component/Debug/ErrorHandler.php
* 2.2:
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/time.html.twig
src/Symfony/Component/HttpKernel/Kernel.php
Cache the value of `count($attributes)` to avoid recalculating it for each iteration of the loop.
Since this count will never change during the method execution, this change make the code a bit more efficient.
* 2.4:
[Debug] fixed unit tests
Avoid notice from being *eaten* by fatal error.
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
fixed lexing expression ending with spaces
Fixes#9633, Removed dependency to Symfony\Bundle\FrameworkBundle\Tests\TestCase
[Validator] Replaced inexistent interface.
[HttpKernel] Fix profiler event-listener usage outside request stack context
When getting the session's id, check if the session is not closed
Fix undefined offset when formatting namespace suggestions
Adjusting CacheClear Warmup method to namespaced kernels
* 2.3:
[Debug] fixed unit tests
Avoid notice from being *eaten* by fatal error.
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
Fixes#9633, Removed dependency to Symfony\Bundle\FrameworkBundle\Tests\TestCase
[Validator] Replaced inexistent interface.
When getting the session's id, check if the session is not closed
Adjusting CacheClear Warmup method to namespaced kernels
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/CacheClearCommand.php
* 2.2:
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
When getting the session's id, check if the session is not closed
This introduced a regression from #9246, with an incomplete fix ;
As the `started` flag on the NativeSessionStorage was not `true`
anymore when saving the session, the session id was always empty
when saving it, and thus when sending the `PHPSESSID` cookie
* 2.4:
[HttpKernel] fixed regression introduced in 2.4 in the base DataCollector class. Added more unit tests coverage for the RequestDataCollector object.
Fixed mistake in upgrade docu
bumped Symfony version to 2.4.0
updated VERSION for 2.4.0-RC1
updated CHANGELOG for 2.4.0-RC1
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
Fix an issue when overriding Client::setServerParameters() and using the getContainer() method in it.
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3:
Fixed mistake in upgrade docu
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3: (24 commits)
Add german translation for several validators (Greater/Equal/Less)
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Removed useless check if self::$trustProxies is set
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
[Intl] fixed datetime test as described in #9455
bumped Symfony version to 2.3.8
updated VERSION for 2.3.7
updated CHANGELOG for 2.3.7
re-factor Propel1 ModelChoiceList
[Form] Added method Form::getClickedButton() to remove memory leak in FormValidator
[Locale] fixed the failing test described in #9455
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bridge/Propel1/Tests/Fixtures/ItemQuery.php
src/Symfony/Bridge/Propel1/Tests/Form/ChoiceList/ModelChoiceListTest.php
src/Symfony/Bridge/Propel1/Tests/Propel1TestCase.php
src/Symfony/Component/Form/Tests/CompoundFormTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/Process.php
* 2.2:
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
re-factor Propel1 ModelChoiceList
[Locale] fixed the failing test described in #9455
[Process] fix phpdoc and timeout of 0
bug #9445 [BrowserKit] fixed protocol-relative url redirection
Conflicts:
src/Symfony/Component/BrowserKit/Tests/ClientTest.php
src/Symfony/Component/Locale/Tests/Stub/StubIntlDateFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
[Debug] Fixed ClassNotFoundFatalErrorHandler which could cause a fatal error
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9104
| License | MIT
| Doc PR | -
It might happen that `require_once` will include a file second time (for example with links or case-changed paths). Therefore we need to check if a class exists before requiring the file.
I also removed an unused argument from two methods (`$loader`).
Commits
-------
0baae4c [Debug] Fixed ClassNotFoundFatalErrorHandler which could cause a fatal error.
It might happen that require_once will include a file second time (for
example with links or case-changed paths). Therefore we need to check
if a class exists before requiring the file.
This PR was merged into the 2.2 branch.
Discussion
----------
[BrowserKit] fixed protocol-relative url redirection
Fixed redirects to protocol relative URLs, e.g. //www.example.org. Previously the code would treat this as a relative URL.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9445
| License | MIT
| Doc PR |
Commits
-------
e8b5c84 bug #9445 [BrowserKit] fixed protocol-relative url redirection
This PR was merged into the master branch.
Discussion
----------
unify constructor initialization style throughout symfony
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
In almost all classes symfony uses property initialization when the value is static. Constructor initialization is only used for things that actually have logic, like passed parameters or dynamic values. IMHO it makes the code much more readable because property definition, phpdoc and default value is in one place. Also one can easily see what the constructor implements for logic like overridden default value of a parent class. Otherwise the real deal is just hidden behind 10 property initializations. One more advantage is that it requires less code. As you can see, the code was almost cut in half (210 additions and 395 deletions).
I unified it accordingly across symfony. Sometimes it was [not even consistent within one class](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Config/Definition/BaseNode.php#L32). At the same time I recognized some errors like missing parent constructor call, or undefined properties or private properties that are not even used.
I then realized that a few Kernel tests were not passing because they were deeply implementation specific like modifying booted flag with a custom `KernelForTest->setIsBooted();`. I improved and refactored the kernel tests in the __second commit__.
__Third commit__ unifies short ternary operator, e.g. `$foo ?: new Foo()`. __Forth commit__ unifies missing parentheses, e.g. `new Foo()`.
Commits
-------
077a089 unify missing parentheses
2888594 unify short ternary operator
2a9daff [HttpKernel] better written kernel tests
111ac18 unify constructor initialization style throughout symfony
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation] fixed the issue described in #9480
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9480
| License | MIT
| Doc PR | -
Commits
-------
7d35ce3 [HttpFoundation] fixed the issue described in #9480
This PR was squashed before being merged into the 2.2 branch (closes#9485).
Discussion
----------
[Acl] Fix for issue #9433
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9433
| License | MIT
| Doc PR |
Two new test for issue #9433 :
`testUpdateAclInsertingMultipleObjectFieldAcesThrowsDBConstraintViolations()`
`testUpdateAclDeletingObjectFieldAcesThrowsDBConstraintViolations()`
The change to `updateAces()` line 857 is enough to make the first test succeed. When changing the `order` field value to a higher value, we must first change the value of the next entry (and all the next entries recursively) to preserve uniqueness of the `order` field in the database.
All the other changes are for the second test. In the former `updateAcl()` method, we commit the changes of the existing ACEs to the database before deleting or adding the new ones. We must delete the old ACEs before changing the existing ACEs in order to preserve uniqueness of the `order` field in the database.
Commits
-------
a38fab9 [Acl] Fix for issue #9433
This PR was merged into the 2.2 branch.
Discussion
----------
[Process] fix phpdoc and timeout of 0
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
getTimeout says it returns null when it's disabled. But passing 0 or 0.0 also disabled timeouts. So it should be treated as null as well. also it says it returns integer whereas it returns float.
Commits
-------
1758010 [Process] fix phpdoc and timeout of 0
This PR was merged into the 2.2 branch.
Discussion
----------
[AclProvider] Fix incorrect behavior when partial results returned from cache
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9515
| License | MIT
| Doc PR | none
[AclProvider] Fix incorrect behavior when partial results returned from cache
findAcls wasn't throwing the NotAllAclsFoundException with the partial result when some acls were retrieved from the cache. This will fix that behavior. Ideally we would update it to cache items that were not found so it wouldn't have to query the db every time for non existent items, but I'm not sure if that is possible.
I'm not sure if the ACL cache is being used very much, I didn't find any docs about it but it seems to work except for this issue. It might be more appropriate to merge the fix in master if no one is relying on it to work in 2.2.
Commits
-------
edae59c [AclProvider] Fix incorrect behaviour when partial results returned from cache
This PR was merged into the 2.2 branch.
Discussion
----------
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
7730d8d [DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
This PR was merged into the master branch.
Discussion
----------
unify and fix callable phpdoc throughout symfony
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
I unified the phpdoc to use "callable" as type. It wasn't done consistently. It varied between mixed, callback, callable.
I think callable is best because php 5.4 even has a typehint callable.
Commits
-------
6d5ddce unify and fix callable phpdoc throughout symfony
This PR was merged into the master branch.
Discussion
----------
[Console] Revert BC-break for verbose option value
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9285
| License | MIT
| Doc PR | ~
Closes#9285
----
PR #8835 "fixed" the input value for verbosity option with `VALUE_OPTIONAL`. And syntax like
```
cli.php -v command
cli.php --verbose command
```
Is broken now, because `ArgvInput` tries to use argument as verbose value (#9285).
For now i added a test for this case and revert this changes.
Commits
-------
432bbe1 [Console] Revert a28eb8 because of BC break
5e03e9a [Console] Add test for --verbose before argument
This PR was merged into the master branch.
Discussion
----------
[Translation] make IdentityTranslater consistent with normal translator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
The MessageSelector should not be required in the constructor of the IdentityTranslator because it's also optional for the [Translator](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Translation/Translator.php#L64).
I also fixed the TranslatorInterface phpdoc and the IdentityTranslator params similar to 90a20d7835
Commits
-------
7cdb260 [Translation] make IdentityTranslater consistent with normal translator
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] make currency bundle merge fallback locales when accessing data, ...
...allowing use of country-specific locales
Fixes#9262.
Commits
-------
edc287b [Intl] make currency bundle merge fallback locales when accessing data, allowing use of country-specific locales
In Request::getClientIps() on line 772 there is a check if self::$trustedProxies is not set. If this condition evaluates to true the method will return.
Because of this the second identical check on line 783 will never evaluate to true, as when reaching this position self::$trustedProxies must be set.
This PR was merged into the 2.2 branch.
Discussion
----------
[Locale] fixed the failing test described in #9455
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9455
| License | MIT
| Doc PR | -
Commits
-------
3f91039 [Locale] fixed the failing test described in #9455
* 2.3: (25 commits)
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
Fixed bug with lazy services
[Translation] fixed the error in the dumper test as described in #9475
deleted mixing string concatenation inside a sprintf
"__call()" should be displayed only if $this->magicCall is true
[Console] fix phpdoc and constructor default value
Add media-query for printing: Do not print the toolbar.
Fix ProgressHelper redraw when redrawFreq is greater than 1
Update toolbar.css.twig
slovenian translations fixed
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
[Form] fix and unify phpdoc
...
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
[Translation] fixed the error in the dumper test as described in #9475
[Console] fix phpdoc and constructor default value
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/HttpKernel/Kernel.php
According to http://php.net/manual/ja/ini.core.php ,
there's not variable_order, but variables_order (with trailing "s").
Perhaps it breaks BC for some developer who unsets
'request_order' ini value and sets 'variable_order' manually?
This PR was merged into the 2.3 branch.
Discussion
----------
[Console][ProgressHelper] Fix ProgressHelper redraw when redrawFreq is greater than 1
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When using a ProgressHelper object with redrawFreq > 1, there are situation where redraw may never occur.
E.g.
redrawFreq = 2
setContent = 1
advance(2) ... the redraw event is detected by 0 == current % redrawFreq.
I've tested the patch against phpunit and my local environment.
Maybe, a new test can be implemented to avoid the previous example, but I'm not familiar with mock object... :)
Commits
-------
5eca1fb Fix ProgressHelper redraw when redrawFreq is greater than 1
The Luhn Validator fails to work with float or large integers (internally turned into float by php, depending on precision setting).
This is problematic because developers might use number or integer form fields to capture credit card data, which will lead to a validation error even though the form input itself was valid. This commit makes validator throw UnexpectedTypeException on non-string input to avoid this confusion.
This PR was merged into the master branch.
Discussion
----------
adjust doctrine dependencies
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9384, #9385
| License | MIT
| Doc PR | -
I went through all components/bundles/bridges in symfony and searched for doctrine dependencies. Then looked if it only requires a subset (annotations instead of common for example).
Commits
-------
7366901 adjust doctrine dependencies
This PR was merged into the master branch.
Discussion
----------
[Process] Renamed flushOutput() and flushErrorOutput() to clearOutput() and clearErrorOutput()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I renamed `flushOutput()` and `flushErrorOutput()` to `clearOutput()` and `clearErrorOutput()` since I find the current naming unintuitive. When reading [the blog post about this feature](http://symfony.com/blog/new-in-symfony-2-4-flushing-stdout-and-stderr-on-a-process) I initially thought that the output would be flushed to the console (as in `ob_flush()`).
Using "clear" on the other hand conforms well with [our conventions](http://symfony.com/doc/current/contributing/code/conventions.html).
Commits
-------
1811367 [Process] Renamed flushOutput() and flushErrorOutput() to clearOutput() and clearErrorOutput()
This PR was merged into the master branch.
Discussion
----------
set mergeFallback to true,
If your default locale is de_CH for example, then you get an incomplete list of locales. This issue has been resolved in the LanguageBundle and RegionBundle but not in for the LocaleBundle. Would be also a good idea for the CurrencyBundle
Commits
-------
4587d4e set mergeFallback to true, otherwise an uncomplete list is shown with default locale is for example de_CH
This PR was merged into the master branch.
Discussion
----------
Fix bug with variable named context to securityContext
Commits
-------
38433d7 Fix bug with variable named context to securityContext in SimplePreAuthenticationListener->handle function
This PR was merged into the 2.3 branch.
Discussion
----------
Slovenian translations fixed for Symfony 2.3
Commits
-------
1ec42ec slovenian translations fixed
* 2.2:
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
update CONTRIBUTORS
added content length header to BinaryFileResponse
[Routing] added working test case for issue #5135
This PR was merged into the master branch.
Discussion
----------
[Config] Quoting reserved characters
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a5c0123 Use Inline class to quote reserved characters
This PR was merged into the master branch.
Discussion
----------
[Console] make parent constructor test more reliable
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixes | #9186 , f2b60e9
| Tests pass? | yes
| license? | MIT
It also fixes the test since f2b60e9 and improves phpdoc
The second commit improves regex performance to validate name (using possesive quantifier).
I did some basic performance tests http://3v4l.org/PuvuL
The new regex only takes 1/3 of the time compared to the old one!
Commits
-------
5798029 [Console] improve regex performance to validate name
22b09ce [Console] make parent constructor test more reliable
This PR was merged into the 2.3 branch.
Discussion
----------
fixed issue with clone now the children of the original form are preserved and the clone form is given new children
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | 9414
| License | MIT
| Doc PR |
this commit fixes#9414
Commits
-------
b952bcb fixed issue with clone now the children of the original form are preserved and the clone form is given new children
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] fix and unify phpdoc
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| license? | MIT
- Fixes FormTypeGuesserInterface that must return ValueGuess for guessRequired etc. instead of abstract Guess because its excepted for example by FormFactory.
- Unify array typehints that was not done consistently.
Commits
-------
7a754c3 [Form] fix and unify phpdoc
* 2.3:
fixed CS
fixed CS
[HttpKernel] fixed memory limit display in MemoryDataCollector
Fixed the error handling when decoding invalid XML to avoid a Warning
[Form] Fixed: The "data" option is taken into account even if it is NULL
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/Templating/TimedPhpEngineTest.php
* 2.2:
fixed CS
Fixed the error handling when decoding invalid XML to avoid a Warning
[Form] Fixed: The "data" option is taken into account even if it is NULL
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/FormType.php
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
The removal of the Profiler dependency on the TraceableEventDispatcher (#9170) allows to remerge the patch from #9068 that fixes#6686.
This PR also cleans up how profiles are stored. A Profile is now always stored only once.
The fix will only be available on 2.4+ as the changes are too deep to be backported to 2.2 and 2.3.
Commits
-------
1e1835e [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was merged into the 2.2 branch.
Discussion
----------
[Form] Fixed: The "data" option is taken into account even if it is NULL
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
c1a3eb3 [Form] Fixed: The "data" option is taken into account even if it is NULL
This PR was merged into the master branch.
Discussion
----------
prevent PHP from magically setting a 302 header
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes (for people relying on getting a magic 302 when setting a Location header)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
this needs a test case .. but first let me know if you are ok with this change.
see http://www.php.net/manual/en/function.header.php
Commits
-------
c140d4f prevent PHP from magically setting a 302 header, see http://www.php.net/manual/en/function.header.php
This PR was merged into the 2.2 branch.
Discussion
----------
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
According to [section 3.7 of RFC 2616][], media-type attribute names in the `Content-Type` header are case-insensitive.
Therefore, identification of the `text` type and the `charset` parameter in the `Content-Type` header should be case-insensitive.
[section 3.7 of RFC 2616]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7
Commits
-------
17a2d66 [DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
* 2.3:
Fixed English usage for existing users.
Clean up of WebProfiler Controller classes:
[Process] Fix#9343 : revert file handle usage on Windows platform
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Process] Fix#9343 : revert file handle usage on Windows platform
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9343
| License | MIT
Hello,
I propose to revert the use of file handles only for `STDOUT` on Windows platform (see implementation in 2.2.6 [here](4059720232/src/Symfony/Component/Process/Process.php (L231-L242))).
When I decoupled pipes management from `Process` in #8924, I used file handles for both `STDOUT` and `STDERR`. This was an error as it introduced random failure in reading the handles (reported as [PHP#65650](https://bugs.php.net/bug.php?id=65650)).
Reverting to the previous implementation solves the issue. My apologies for the issues it introduced.
Versions that have been affected by the bug are 2.2.7, 2.2.8, 2.2.9, 2.3.4, 2.3.5 and 2.3.6.
Side note : I thought about testing the file handles implementation on *nix, but it fails most of the time where as Windows is okay. Unit testing on windows is okay (AbstractProcessTest::testProcessPipes tests it), but I don't provide a travis compatible test.
Commits
-------
e9dd408 [Process] Fix#9343 : revert file handle usage on Windows platform
* 2.3:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
* 2.2:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php
* 2.3:
Improve documentation of X-Forwarded-For header handling
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
Replaced the @inheritdoc with an actual list of params since the original method has a different signature.
fix typo : StdClass should be stdClass with little "s"
Remove unnecessary continue from Request
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
* 2.2:
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
This PR was merged into the master branch.
Discussion
----------
[Console] make InputArgument::setDefault() chainable
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
To allow chaining of methods, setDefault should return the InputArgument. I'm not quite sure if you would tread this as a BC break?
best regards
Philipp
Commits
-------
7b7a4c1 [Console] make InputArgument::setDefault() chainable
This PR was merged into the master branch.
Discussion
----------
[Form] Add missing use in form renderer
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9296
| License | MIT
| Doc PR | -
Commits
-------
7686867 [Form] Add missing use in form renderer
This PR was merged into the master branch.
Discussion
----------
Removed dead code (unused use statements).
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
eced94b Removed dead code (unused use statements).
* 2.3:
bumped Symfony version to 2.3.7
updated VERSION for 2.3.6
updated CHANGELOG for 2.3.6
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
[HttpKernel] Fixed a test (compiler pass class name has been changed).
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/Pbkdf2PasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
src/Symfony/Component/Security/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
* 2.2:
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
This PR was merged into the master branch.
Discussion
----------
[Debug] Fixed `ClassNotFoundFatalErrorHandler`
After running the test suite, this produced a Fatal Error. Having continue in a child method is not allowed.
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | [yes]
| Fixed tickets | None
| License | MIT
| Doc PR | None
Commits
-------
ecee5c2 [Debug] Fixed `ClassNotFoundFatalErrorHandler`
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] Fixed a test (compiler pass class name has been changed)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes, if #9259 also gets merged
| Fixed tickets | -
| License | MIT
| Doc PR | -
**I've sent it against wrong branch. It should be merged in 2.3. Sorry.**
Commits
-------
fae01c1 [HttpKernel] Fixed a test (compiler pass class name has been changed).
* 2.3:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
remove MinCount and MaxCount contraints. It has been replaced by Count constraints.
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Bridge/Propel1/Tests/Form/PropelTypeGuesserTest.php
* 2.2:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
[Form] fix missing use statement for exception UnexpectedTypeException
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR |
fix missing use statement for exception `Symfony\Component\Form\Exception\UnexpectedTypeException`
cc @bschussek
Commits
-------
ea91533 [form] fix missing use statement for exception UnexpectedTypeException
This PR was merged into the master branch.
Discussion
----------
[Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9210
| License | MIT
| Doc PR | -
This is a follow-up PR of #6554 that splits the CsrfTokenGenerator into two separate classes for generating and managing CSRF tokens. As a consequence, it is now possible to explicitly remove or refresh CSRF tokens if they should be used only once. See #9210 for more information.
Commits
-------
d4bb5f4 [Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
My logs are filled with a bazillion errors stating "Warning: unlink(/var/www/mysite/app/cache/prod/http_cache/md/cf/47/c693da5dab3eccb65fa36a9b4b07ad0f7cc4.lck): No such file or directory in /var/www/mysite/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpCache/Store.php line 53"
* 2.3:
Fix: duplicate usage of Symfony\Component\HttpFoundation\Response
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
Revert "merged branch Tobion/flattenexception (PR #9111)"
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
This PR was squashed before being merged into the master branch (closes#8835).
Discussion
----------
[Console] Fixed verbose option when passing verbosity level as option value
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Currently passing a verbosity level to verbose option on console doesn't work unless using the shotcuts _-v_, _-vv_, _-vvv_.
This also fix _accept_value_ in the xml generated by __console help --xml__ for people using the xml output ;)
Commits
-------
a28eb8b [Console] Fixed verbose option when passing verbosity level as option value
* 2.2:
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
This PR was squashed before being merged into the master branch (closes#8927).
Discussion
----------
[Templating] fix logic regarding template references and many phpdocs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
this clarifies the expected types and exceptions by much. and it fixes some logic flaws.
- missing info/methods in interfaces
- respecting Twig_LoaderInterface only accepting strings, not objects
related to fabpot/Twig#1183 but does not depend on it
Commits
-------
f6c12bd [Templating] fix logic regarding template references and many phpdocs
This PR was merged into the master branch.
Discussion
----------
[RC][Form] Let null values clear fields in PATCH requests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
I've changed the way form checks wherever or not to submit childs by checking submitted data with array_key_exists and not with just isset.
This way in PATCH requests values are not processed when they are not in array and not also when the value is null. Currently there is no way to null a value with a PATCH request, even passing it null.
This can lead to some BC breaks depending on how users used form in their code.
Commits
-------
f5812c5 [Form] Let null values to unset fields in PATCH requests
This PR was squashed before being merged into the master branch (closes#8637).
Discussion
----------
[DomCrawler] Allowed internal validation of ChoiceFormField to be disabled
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7672
| License | MIT
| Doc PR | Not yet
Hi,
Here is a quite basic attempt to be able to disable the internal validation of the ChoiceFormField. It's pretty basic.
Feel free to tell me what you think guys. Maybe I should check the `validationDisabled` property at the beginning of the `containsOption()` method ?
I'll make the documentation PR as soon as the implementation will be validated.
Regards.
Commits
-------
739bf71 [DomCrawler] Allowed internal validation of ChoiceFormField to be disabled
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation] added a way to override the Request class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7461, #7453
| License | MIT
| Doc PR | symfony/symfony-docs#3021
This is an alternative implementation for #7461.
I've also reverted #7381 and #7390 as these changes are not needed anymore.
Todo:
- [ ] add some tests
Commits
-------
464439d [HttpFoundation] added a way to override the Request class
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation] Add a way to avoid the session be written at each request
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (maybe the DI config ?)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/3017
Commits
-------
191418d [HttpFoundation] Add a way to avoid the session be written at each request
This PR was merged into the master branch.
Discussion
----------
Decoupled TraceableEventDispatcher from the Profiler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR removes the Profiler dependency on the TraceableEventDispatcher. That makes things more decoupled and cleaner. This PR also cleans up how profiles are stored; a Profile is now always stored only once.
I've created a `LateDataCollectorInterface` that is implemented for data collector that needs to get information from data that are available very late in the request process (when the request and the response are not even available anymore). The `lateCollect()` method is called just before the profile is stored.
We have 3 data collectors that implement that interface:
* Time: As the traceable event dipsatcher gets inject timing information via the stopwatch about all events (including the `terminate` one), we need to get events from the stopwatch as late as possible.
* Event: The traceable event dispatcher gathers all called listeners to determine non-called ones. To be able to accurately do that for all events (including the `terminate` one), we need to get the data as late as possible.
* Memory: We want to get the memory as late as possible to get the most accurate number as possible
I'm not very happy with the name and as always, better suggestions would be much appreciated.
This is an extract from #9168
Commits
-------
5cedea2 [HttpKernel] added LateDataCollectorInterface
9c4bc9a [HttpKernel] decoupled TraceableEventDispatcher and Profiler
This PR was merged into the master branch.
Discussion
----------
[Security] Added Security\Csrf sub-component with better token generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
**Update September 27, 2013**
This PR simplifies the CSRF mechanism to generate completely random tokens. A random token is generated once per ~~intention~~ token ID and then stored in the session. Tokens are valid until the session expires.
Since the CSRF token generator depends on `StringUtils` and `SecureRandom` from Security\Core, and since Security\Http currently depends on the Form component for token generation, I decided to add a new Security\Csrf sub-component that contains the improved CSRF token generator. Consequences:
* Security\Http now depends on Security\Csrf instead of Form
* Form now optionally depends on Security\Csrf
* The configuration for the "security.secure_random" service and the "security.csrf.*" services was moved to FrameworkBundle to guarantee BC
In the new Security\Csrf sub-component, I tried to improve the naming where I could do so without breaking BC:
* CSRF "providers" are now called "token generators"
* CSRF "intentions" are now called "token IDs", because that's really what they are
##### TODO
- [ ] The documentation needs to be checked for references to the configuration of the application secret. Remarks that the secret is used for CSRF protection need to be removed.
- [ ] Add aliases "csrf_token_generator" and "csrf_token_id" for "csrf_provider" and "intention" in the SecurityBundle configuration
- [x] Make sure `SecureRandom` never blocks for `CsrfTokenGenerator`
Commits
-------
7f02304 [Security] Added missing PHPDoc tag
2e04e32 Updated Composer dependencies to require the Security\Csrf component where necessary
bf85e83 [FrameworkBundle][SecurityBundle] Added service configuration for the new Security CSRF sub-component
2048cf6 [Form] Deprecated the CSRF implementation and added an optional dependency to the Security CSRF sub-component instead
85d4959 [Security] Changed Security HTTP sub-component to depend on CSRF sub-component instead of Form
1bf1640 [Security] Added CSRF sub-component
This PR was merged into the master branch.
Discussion
----------
[Form] Rewrite boolean attributes to match HTML spec
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #7856
> 'The presence of a boolean attribute on an element represents the true value, and the absence of the attribute represents the false value.' - http://www.w3.org/html/wg/drafts/html/master/infrastructure.html#boolean-attribute
This commit modifies widget_container_attributes and widget_attributes so that:
* `true` values render as the attribute name with the attribute name repeated as the value
* `false` values are not rendered
The comparison is strict using sames() in twig.
Previously `false` values would have been rendered as `some-attribute=""` which according to the spec would actually make them a boolean attribute and therefore equal to true.
Commits
-------
b85577b [Form] Improved test coverage of widget_attributes and widget_container_attributes blocks
8e4c2a7 [Form] Rewrite boolean attributes to match HTML spec
This PR was merged into the 2.2 branch.
Discussion
----------
[Form] enforce correct timezone
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | not sure if this is a BC break...
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm using the Form component to handle JSON requests which come from AJAX requests. The JSON is formed by the Angular toJson method
A typical request would be:
```
{
name: "Some name"
start: "2013-08-21T05:00:00.000Z"
end: "2013-08-21T15:00:00.000Z"
}
```
Note that in this case, what I entered in my input boxes are 7:00 for start and 17:00 for end times. As you can see, Angular (or Chrome, I'm not sure), converts this to the "Z" timezone. Since I cannot enforce the correct timezone client side, the timezone will differ from the one configured in the DateTimeType, however, instead of resulting in either an error or a conversion to the correct timezone, I get a datetime object in the wrong timezone, eventually resulting in wrong values in the database.
By checking the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied, this problem is solved.
Commits
-------
b0349a1 [Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
* 2.3:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[DependencyInjection] Prevented inlining of lazy loaded private service definitions.
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/Routing/Router.php
src/Symfony/Component/Security/Http/Firewall.php
* 2.2:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
This PR was merged into the master branch.
Discussion
----------
[Filesystem] introduced new Exception base classes
The Filesystem class now throws a ```FileNotFoundException``` if a file could not be found, rather than an basic ```IOException```. The new exception is still a child of the ```IOException```, this way it doesn' t breack BC.
The ```IOException``` now also takes as the first argument an path to the file of interest, which can be used via the ```getPath()``` method.
The switch to the FilesystemInterface will allow you to have an implementation accessing S3 or Dropbox, etc. and still inject it into a classes, which are requiring the Filesystem.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| Doc PR | symfony/symfony-docs#2947
Commits
-------
c2e43d0 [Filesystem] removed getPath() on Exceptions and cleaned up CS and error messages
785080a [Filesystem] introduced new Exception base classes
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] made the cache key generation configurable for the default HttpCache store
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9088
| License | MIT
| Doc PR | n/a
Commits
-------
780b77a [HttpKernel] made the cache key generation configurable for the default HttpCache store
This PR was merged into the 2.2 branch.
Discussion
----------
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values
Header `HTTP_X_FORWARDED_PROTO` can contain various values. Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Tests pass? | yes
| Fixed tickets | #9101
| License | MIT
Commits
-------
d997443 [HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
* 2.3:
bumped Symfony version to 2.3.6
updated VERSION for 2.3.5
updated CHANGELOG for 2.3.5
Set cost type to integer
bumped Symfony version to 2.2.9
updated VERSION for 2.2.8
updated CHANGELOG for 2.2.8
bumped the version
fixed typo
updated VERSION for 2.2.7
update CONTRIBUTORS for 2.2.7
updated CHANGELOG for 2.2.7
bugix: CookieJar returns cookies with domain "domain.com" for domain "foodomain.com"
fixed HTML5 form attribute handling XPath query
Removed old way of building icu data.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
Make the getNode function public (DomCrawler)
The getNode function should be public so that DomElement objects can be accessed directly if need be without having to loop manually.
Use case: Want to get to the tagname of a specific domelement.
Commits
-------
9868415 Make getNode function public
This PR was squashed before being merged into the master branch (closes#8288).
Discussion
----------
[Process] Added support for stdout and stderr flush (Issue #7884)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7884
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/2728
**To-do**
- [x] Submit changes to the documentation.
- [x] Fix a test broken on travis.
- [x] Fix mistakes on the documentation.
- [x] Removed flush + get methods.
- [x] Changed tests assert calls.
This PR introduces flushing methods for both stdout and stderr on Process class. The new methods are:
- flushOutput(): clears the output buffer.
- flushErrorOutput(): clears the error output buffer.
Tests for new methods are included on the PR.
Commits
-------
90daef7 [Process] Added support for stdout and stderr flush (Issue #7884)
This PR was merged into the master branch.
Discussion
----------
[Translation] Added support for JSON format (both loader and dumper).
Based on `IniFileLoader\Dumper`.
Q | A
--- | ---
Bug fix? |no
New feature? | yes
BC breaks?| no
Deprecations? |no
Tests pass? | yes
Fixed tickets | -
License | MIT
Doc | this component don't have docs
Commits
-------
fcef021 [Translation] Added support for JSON format (both loader and dumper).
This seems to be a remnant of when the code dealt with crypt() directly. The password_hash() function expects the cost option to be an LVAL (it does a type conversion for strings).
This PR was merged into the master branch.
Discussion
----------
Update FormTypeCsrfExtension.php
There is no need to store the FormFactory in an Attribute.
The FormFactory can be retrieved directly.
Commits
-------
90d59ea Update FormTypeCsrfExtension.php
This PR was merged into the master branch.
Discussion
----------
[Validator] Simplified usage of the Callback constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | fixes#2480, replaces #3939
| License | MIT
| Doc PR | symfony/symfony-docs#3012
Commits
-------
cccb1db [Validator] Simplified usage of the Callback constraint
* 2.2:
bumped Symfony version to 2.2.9
updated VERSION for 2.2.8
updated CHANGELOG for 2.2.8
bumped the version
fixed typo
updated VERSION for 2.2.7
update CONTRIBUTORS for 2.2.7
updated CHANGELOG for 2.2.7
bugix: CookieJar returns cookies with domain "domain.com" for domain "foodomain.com"
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
The regexp matching prefixes is naive and matches most of strings followed by a colon. It is also incomplete as it does not match all the supported characters (like the unicode ones). It is simple though and sufficient in most situations.
This PR was merged into the master branch.
Discussion
----------
[DomCrawler] Added auto-discovery and explicit registration of namespaces in filter() and filterByXPath()
| Q | A
| --- | ---
|Bug fix: | no
|Feature addition: |yes
|Backwards compatibility break: | yes, default namespace is no longer removed in the `addContent` method
|Symfony2 tests pass: | yes|
|Fixes the following tickets: | #4845
|Todo: | -
|License of the code:| MIT
|Documentation PR: | symfony/symfony-docs#2979
* added support for automatic discovery and explicit registration of document namespaces for `Crawler::filterXPath()` and `Crawler::filter()`
* improved content type guessing in `Crawler::addContent()`
* [BC BREAK] `Crawler::addXmlContent()` no longer removes the default document namespace
I mentioned in #4845 it would probably be possible to use [DOMNode::lookupNamespaceURI()](http://www.php.net/manual/en/domnode.lookupnamespaceuri.php) to find a namespace URI by given prefix. Unfortunately we cannot use it here since we'd have to call it on a node in the namespace we're looking for.
Current implementation makes the following query to find a namespace:
```php
$domxpath->query('(//namespace::*[name()="media"])[last()]')
```
Commits
-------
77e2fa5 [DomCrawler] Removed checks if CssSelector is present.
9110468 [DomCrawler] Enabled manual namespace registration.
be1e4e6 [DomCrawler] Enabled default namespace prefix overloading.
943d446 [DomCrawler] Updated the CHANGELOG with namespace auto-registration details.
c6fbb13 [DomCrawler] Added support for an automatic default namespace registration.
587e2dd [DomCrawler] Made that default namespace is no longer removed when loading documents with addXmlContent().
c905bba [DomCrawler] Added more tests for namespaced filtering.
6e717a3 [DomCrawler] Made sure only the default namespace is removed when loading an XML content.
e5b8abb [DomCrawler] Added auto-discovery of namespaces in Crawler::filter() and Crawler::filterByXPath().
* 2.3:
Run all tests in parallel.
Fixed an entity class name.
[HttpKernel] fix usage of deprecated FlattenException
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
* 2.2:
Run all tests in parallel.
Fixed an entity class name.
Conflicts:
.travis.yml
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypePerformanceTest.php
This PR was squashed before being merged into the master branch (closes#9095).
Discussion
----------
[ExpressionLanguage] Introduce a ParserCacheInterface with array/doctrine implementations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
c8e6799 [ExpressionLanguage] Introduce a ParserCacheInterface with array/doctrine implementations
Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows
value chaining (`https, http`, where `https` is always first when request is encrypted).
* 2.3:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
* 2.2:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
Conflicts:
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/Locale/Stub/StubNumberFormatter.php
src/Symfony/Component/Locale/Tests/Stub/StubNumberFormatterTest.php
This PR was squashed before being merged into the 2.2 branch (closes#9074).
Discussion
----------
[DomCrawler]Crawler guess charset from html
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9061
| License | MIT
| Doc PR | n/a
Commits
-------
e5282e8 [DomCrawler]Crawler guess charset from html
This PR was merged into the 2.2 branch.
Discussion
----------
[Yaml] Fixed filename in the ParseException message
| Q | A
| ------------- | ---
| Bug fix? | sort of
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
Yaml component throws an exception with corrupt filename because of `json_encode`:
```
[Symfony\Component\Yaml\Exception\ParseException]
A YAML file cannot contain tabs as indentation in "\/var\/www\/app\/config.yml" at line 42 (near " foo: bar").
```
Commits
-------
da44651 [Yaml] Fixed filename in the ParseException message
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] [Fragment] Fixed CS
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Only two simple CS fixes.
Commits
-------
7d53314 [HttpKernel] Fragment Fixed CS
This PR was merged into the master branch.
Discussion
----------
New Component: Expression Language
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8850, #7352
| License | MIT
| Doc PR | not yet
TODO:
- [ ] write documentation
- [x] add tests for the new component
- [x] implement expression support for access rules in the security component
- [x] find a better character/convention for expressions in the YAML format
- [x] check the performance of the evaluation mode
- [x] better error messages in the evaluation mode
- [x] add support in the Routing
- [x] add support in the Validator
The ExpressionLanguage component provides an engine that can compile and
evaluate expressions.
An expression is a one-liner that returns a value (mostly, but not limited to, Booleans).
It is a strip-down version of Twig (only the expression part of it is
implemented.) Like Twig, the expression is lexed, parsed, and
compiled/evaluated. So, it is immune to external injections by design.
If we compare it to Twig, here are the main big differences:
* only support for Twig expressions
* no ambiguity for calls (foo.bar is only valid for properties, foo['bar'] is only valid for array calls, and foo.bar() is required for method calls)
* no support for naming conventions in method calls (if the method is named getFoo(), you must use getFoo() and not foo())
* no notion of a line for errors, but a cursor (we are mostly talking about one-liners here)
* removed everything specific to the templating engine (like output escaping or filters)
* no support for named arguments in method calls
* only one extension point with functions (no possibility to define new operators, ...)
* and probably even more I don't remember right now
* there is no need for a runtime environment, the compiled PHP string is self-sufficient
An open question is whether we keep the difference betweens arrays and hashes.
The other big difference with Twig is that it can work in two modes (possible
because of the restrictions described above):
* compilation: the expression is compiled to PHP and is self-sufficient
* evaluation: the expression is evaluated without being compiled to PHP (the node tree produced by the parser can be serialized and evaluated afterwards -- so it can be saved on disk or in a database to speed up things when needed)
Let's see a simple example:
```php
$language = new ExpressionLanguage();
echo $language->evaluate('1 + 1');
// will echo 2
echo $language->compile('1 + 2');
// will echo "(1 + 2)"
```
The language supports:
* all basic math operators (with precedence rules):
* unary: not, !, -, +
* binary: or, ||, and, &&, b-or, b-xor, b-and, ==, ===, !=, !==, <, >, >=, <=, not in, in, .., +, -, ~, *, /, %, **
* all literals supported by Twig: strings, numbers, arrays (`[1, 2]`), hashes
(`{a: "b"}`), Booleans, and null.
* simple variables (`foo`), array accesses (`foo[1]`), property accesses
(`foo.bar`), and method calls (`foo.bar(1, 2)`).
* the ternary operator: `true ? true : false` (and all the shortcuts
implemented in Twig).
* function calls (`constant('FOO')` -- `constant` is the only built-in
functions).
* and of course, any combination of the above.
The compilation is better for performances as the end result is just a plain PHP string without any runtime. For the evaluation, we need to tokenize, parse, and evaluate the nodes on the fly. This can be optimized by using a `ParsedExpression` or a `SerializedParsedExpression` instead:
```php
$nodes = $language->parse($expr, $names);
$expression = new SerializedParsedExpression($expr, serialize($nodes));
// You can now store the expression in a DB for later reuse
// a SerializedParsedExpression can be evaluated like any other expressions,
// but under the hood, the lexer and the parser won't be used at all, so it''s much faster.
$language->evaluate($expression);
```
That's all folks!
I can see many use cases for this new component, and we have two use cases in
Symfony that we can implement right away.
## Using Expressions in the Service Container
The first one is expression support in the service container (it would replace
#8850) -- anywhere you can pass an argument in the service container, you can
use an expression:
```php
$c->register('foo', 'Foo')->addArgument(new Expression('bar.getvalue()'));
```
You have access to the service container via `this`:
container.get("bar").getvalue(container.getParameter("value"))
The implementation comes with two functions that simplifies expressions
(`service()` to get a service, and `parameter` to get a parameter value). The
previous example can be simplified to:
service("bar").getvalue(parameter("value"))
Here is how to use it in XML:
```xml
<parameters>
<parameter key="value">foobar</parameter>
</parameters>
<services>
<service id="foo" class="Foo">
<argument type="expression">service('bar').getvalue(parameter('value'))</argument>
</service>
<service id="bar" class="Bar" />
</services>
```
and in YAML (I chose the syntax randomly ;)):
```yaml
parameters:
value: foobar
services:
bar:
class: Bar
foo:
class: Foo
arguments: [@=service("bar").getvalue(parameter("value"))]
```
When using the container builder, Symfony uses the evaluator, but with the PHP
dumper, the compiler is used, and there is no overhead as the expression
engine is not needed at runtime. The expression above would be compiled to:
```php
$this->get("bar")->getvalue($this->getParameter("value"))
```
## Using Expression for Security Access Control Rules
The second use case in Symfony is for access rules.
As we all know, the way to configure the security access control rules is confusing, which might lead to insecure applications (see http://symfony.com/blog/security-access-control-documentation-issue for more information).
Here is how the new `allow_if` works:
```yaml
access_control:
- { path: ^/_internal/secure, allow_if: "'127.0.0.1' == request.getClientIp() or has_role('ROLE_ADMIN')" }
```
This one restricts the URLs starting with `/_internal/secure` to people browsing from the localhost. Here, `request` is the current Request instance. In the expression, there is access to the following variables:
* `request`
* `token`
* `user`
And to the following functions:
* `is_anonymous`
* `is_authenticated`
* `is_fully_authenticated`
* `is_rememberme`
* `has_role`
You can also use expressions in Twig, which works well with the `is_granted` function:
```jinja
{% if is_granted(expression('has_role("FOO")')) %}
...
{% endif %}
```
## Using Expressions in the Routing
Out of the box, Symfony can only match an incoming request based on some pre-determined variables (like the path info, the method, the scheme, ...). But some people want to be able to match on more complex logic, based on other information of the Request object. That's why we introduced `RequestMatcherInterface` recently (but we no default implementation in Symfony itself).
The first change I've made (not related to expression support) is implement this interface for the default `UrlMatcher`. It was simple enough.
Then, I've added a new `condition` configuration for Route objects, which allow you to add any valid expression. An expression has access to the `request` and to the routing `context`.
Here is how one would configure it in a YAML file:
```yaml
hello:
path: /hello/{name}
condition: "context.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
Why do I keep the context as all the data are also available in the request? Because you can also use the condition without using the RequestMatcherInterface, in which case, you don't have access to the request. So, the previous example is equivalent to:
```yaml
hello:
path: /hello/{name}
condition: "request.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
When using the PHP dumper, there is no overhead as the condition is compiled. Here is how it looks like:
```php
// hello
if (0 === strpos($pathinfo, '/hello') && preg_match('#^/hello/(?P<name>[^/]++)$#s', $pathinfo, $matches) && (in_array($context->getMethod(), array(0 => "GET", 1 => "HEAD")) && preg_match("/firefox/i", $request->headers->get("User-Agent")))) {
return $this->mergeDefaults(array_replace($matches, array('_route' => 'hello')), array ());
}
```
Be warned that conditions are not taken into account when generating a URL.
## Using Expressions in the Validator
There is a new Expression constraint that you can put on a class. The expression is then evaluated for validation:
```php
use Symfony\Component\Validator\Constraints as Assert;
/**
* @Assert\Condition(condition="this.getFoo() == 'fo'", message="Not good!")
*/
class Obj
{
public function getFoo()
{
return 'foo';
}
}
```
In the expression, you get access to the current object via the `this` variable.
## Dynamic annotations
The expression language component is also very useful in annotations. the SensoLabs FrameworkExtraBundle leverages this possibility to implement HTTP validation caching in the `@Cache` annotation and to add a new `@Security` annotation (see sensiolabs/SensioFrameworkExtraBundle#238.)
Commits
-------
d4ebbfd [Validator] Renamed Condition to Expression and added possibility to set it onto properties
a3b3a78 [Validator] added a constraint that runs an expression
1bcfb40 added optimized versions of expressions
984bd38 mades things more consistent for the end user
d477f15 [Routing] added support for expression conditions in routes
86ac8d7 [ExpressionLanguage] improved performance
e369d14 added a Twig extension to create Expression instances
38b7fde added support for expression in control access rules
2777ac7 [HttpFoundation] added ExpressionRequestMatcher
c25abd9 [DependencyInjection] added support for expressions in the service container
3a41781 [ExpressionLanguage] added support for regexes
9d98fa2 [ExpressionLanguage] added the component
This PR was merged into the 2.3 branch.
Discussion
----------
Fix `use` statements in HttpKernel\Client
Commits
-------
5d5ea9a Fix `use` statements in HttpKernel\Client
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fix typo and remove unused logger
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
a33cc51 [Security] remove unused logger
62de9c1 [Security] fix typo
This PR was merged into the master branch.
Discussion
----------
[Security] Remove unused use statement
Commits
-------
6981669 Remove unused use statement
* 2.3:
fixed phpdoc
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
* 2.2:
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Command/Command.php
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php
src/Symfony/Component/Locale/Locale.php
src/Symfony/Component/Locale/README.md
src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
This PR was squashed before being merged into the 2.2 branch (closes#9067).
Discussion
----------
Fix some annotates
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
send those fixes in branch 2.2
This pr includes #9065
Commits
-------
de39bd5 Fix some annotates
This PR was merged into the master branch.
Discussion
----------
[Security] Split the component into 3 sub-components Core, ACL, HTTP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9047, #8848
| License | MIT
| Doc PR | -
The rationale behind this PR is to be able to use any of the sub components without requiring all the dependencies of the other sub components. Specifically, I'd like to use the core utils for an improved CSRF protection mechanism (#6554).
Commits
-------
14e9f46 [Security] removed unneeded hard dependencies in Core
5dbec8a [Security] fixed README files
62bda79 [Security] copied the Resources/ directory to Core/Resources/
7826781 [Security] Split the component into 3 sub-components Core, ACL, HTTP