Commit Graph

20180 Commits

Author SHA1 Message Date
Oleksii Zhurbytskyi
bdae7f530c [Validator] Fix Greek translation 2017-08-22 13:13:34 +03:00
Nicolas Grekas
62174fda10 [Console] Initialize lazily to render exceptions properly 2017-08-17 10:44:22 +02:00
Johannes Goslar
22a6642632 Update JsonBundleReader.php 2017-08-15 15:19:50 +02:00
Nicolas Grekas
0b613dbb57 minor #23893 [HttpKernel] Clean test directory on tear down (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[HttpKernel] Clean test directory on tear down

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

I've been bitten by this leftover too often.

Commits
-------

0a3dc11 [HttpKernel] Clean test directory on tear down
2017-08-15 15:15:08 +02:00
Nicolas Grekas
0a3dc11af9 [HttpKernel] Clean test directory on tear down 2017-08-15 15:06:19 +02:00
Matthieu Mota
339592da14 Fix testHtml method with regexp 2017-08-14 12:36:32 +02:00
Nicolas Grekas
1b9619c6ba bug #23856 [DI] Fix dumping abstract with YamlDumper (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[DI] Fix dumping abstract with YamlDumper

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

Commits
-------

c396e8c [DI] Fix dumping abstract with YamlDumper
2017-08-10 16:40:16 +02:00
Nicolas Grekas
c396e8cb9c [DI] Fix dumping abstract with YamlDumper 2017-08-10 16:37:13 +02:00
Nicolas Grekas
c951ca6e5d minor #23841 [DebugBundle] Reword an outdated comment about var dumper wiring (ogizanagi)
This PR was merged into the 2.7 branch.

Discussion
----------

[DebugBundle] Reword an outdated comment about var dumper wiring

| Q             | A
| ------------- | ---
| Branch?       | 2.7 <!-- see comment below -->
| Bug fix?      | no
| New feature?  | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks?    | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass?   | no
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License       | MIT
| Doc PR        | N/A

This comment is outdated since #19647, as the default config is now the one used all the way through in HTTP mode, while it's overridden in CLI mode by the `DumpListener` on `console.command` event.

Commits
-------

f876fd9 [DebugBundle] Reword an outdated comment about var dumper wiring
2017-08-09 18:16:35 +02:00
Maxime Steinhausser
f876fd9253 [DebugBundle] Reword an outdated comment about var dumper wiring 2017-08-09 13:56:35 +02:00
Fabien Potencier
9c84776861 bug #23752 Ignore memcached missing key error on session destroy (jderusse)
This PR was merged into the 2.7 branch.

Discussion
----------

Ignore memcached missing key error on session destroy

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #18574
| License       | MIT
| Doc PR        | NA

Since PHP 7 session_regenerate_id triggers a warning when the session is not started.

This PR, changes the behaviours of session_destroy in the `MemcachedSessionHandler` by returning true when the user try to delete a non-existing session.

Other handler:
- LegacyPdoSessionHandler  => don't check if key exists
- MongoDbSessionHandler  => don't check if key exists
- NullSessionHandler => always true
- PdoSessionHandler => don't check if key exists

Commits
-------

29538b621c Ignore memcached missing key error on dession destroy
2017-08-09 12:15:13 +02:00
Nicolas Grekas
dd8622915d [DI] Fix some docblocks 2017-08-08 20:36:00 +02:00
Jérémy Derussé
29538b621c
Ignore memcached missing key error on dession destroy 2017-08-07 09:30:13 +02:00
Maxime Steinhausser
f6c83cf518 [Security] Fix security.interactive_login event const doc block 2017-08-06 13:40:38 +02:00
Nicolas Grekas
ffa005c036 bug #23658 [HttpFoundation] Generate safe fallback filename for wrongly encoded filename (xelaris)
This PR was merged into the 2.7 branch.

Discussion
----------

[HttpFoundation] Generate safe fallback filename for wrongly encoded filename

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

This handles the case where the encoding of a random string cannot be detected. Until now this causes a PHP Warning `mb_strlen(): Unknown encoding ""`.

Commits
-------

8fd5569 [HttpFoundation] Generate safe fallback filename for wrongly encoded filename
2017-08-05 16:30:39 +02:00
Javier Eguiluz
e5ef9fb74a Avoid infinite loops when profiler data is malformed 2017-08-03 22:11:44 +02:00
Fabien Potencier
e1ffb3341d bug #23729 [Bridge\ProxyManager] Dont call __destruct() on non-instantiated services (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[Bridge\ProxyManager] Dont call __destruct() on non-instantiated services

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

While working on making #23678 green, I discovered that if a lazy service implements `__destruct`, then that service is not lazy anymore: it is created at destruct time.
That behavior is documented at https://github.com/Ocramius/ProxyManager/issues/258 (+related issues).

While I may understand why this behavior is the default for ProxyManager, it does not fit our "lazy-services" use case to me. Typically, nobody wants a database connection to be created to destruct the uninitialized lazy-proxy.

Blocks #23678

Commits
-------

2d79ffa0ca [Bridge\ProxyManager] Dont call __destruct() on non-instantiated services
2017-08-03 14:06:53 +02:00
Nicolas Grekas
2d79ffa0ca [Bridge\ProxyManager] Dont call __destruct() on non-instantiated services 2017-08-03 13:36:00 +02:00
Fabien Potencier
8acbd12a24 bumped Symfony version to 2.7.34 2017-08-01 09:21:40 +02:00
Fabien Potencier
b30d34baf6 updated VERSION for 2.7.33 2017-08-01 09:07:03 +02:00
Fabien Potencier
8f5141d4f7 bug #22244 [Console] Fix passing options with defaultCommand (Jakub Sacha)
This PR was merged into the 2.7 branch.

Discussion
----------

[Console] Fix passing options with defaultCommand

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

Seems like overwriting input for the default command is not needed (anymore?). I don't know where the removed comment comes from originally.

Use case: i want to call default command and use options at the same time:
app/console --abc=true

Commits
-------

761de99552 Fix passing options with defaultCommand
2017-07-29 09:58:31 +02:00
AbdElKader Bouadjadja
7168d89cf2 Remove unused constant 2017-07-28 23:20:34 +02:00
Alexander Schwenn
8fd5569577 [HttpFoundation] Generate safe fallback filename for wrongly encoded filename 2017-07-28 22:45:10 +02:00
Kévin Dunglas
f1aa45c517 [DI] Remove unused props from the PhpDumper 2017-07-28 10:50:38 +02:00
Fabien Potencier
3f31266f18 minor #23689 [ProxyManager] Cleanup fixtures (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[ProxyManager] Cleanup fixtures

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

Just noticed that these fixture files are not maintainable. And we don't need them at all in fact, let's drop them.

Commits
-------

31843d6f98 [ProxyManager] Cleanup fixtures
2017-07-28 07:41:14 +02:00
Nicolas Grekas
31843d6f98 [ProxyManager] Cleanup fixtures 2017-07-27 10:00:51 +02:00
Fabien Potencier
a96d85ecff minor #23633 [Form] Add some phpdocs for IDE autocompletion and better SCA (Koc)
This PR was merged into the 2.7 branch.

Discussion
----------

[Form] Add some phpdocs for IDE autocompletion and better SCA

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

@ogizanagi I've tryed add single phpdoc `@method FormInterface[] getIterator()` to `FormInterface` but it not works correctly in PHPStorm. Have you any ideas?

<!--
- Bug fixes must be submitted against the lowest branch where they apply
  (lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the 3.4,
  legacy code removals go to the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->

Commits
-------

d30c751781 Add some phpdocs for IDE autocompletion and better SCA
2017-07-27 08:21:20 +02:00
Nicolas Grekas
50b5696779 bug #23684 [Debug] Missing escape in debug output (c960657)
This PR was merged into the 2.7 branch.

Discussion
----------

[Debug] Missing escape in debug output

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

When pretty-printing an exception, the debug handler does not properly escape array keys.

The problem only occurs when debug output is enabled, so this is not considered a [security issue](http://symfony.com/doc/current/contributing/code/security.html) (according to @fabpot), because the debug tools [should not be used in production](https://symfony.com/doc/current/components/debug.html#usage).

A test for this is included in my patch for #18722.

Commits
-------

636777d [Debug] HTML-escape array key
2017-07-26 22:00:18 +02:00
Christian Schmidt
636777dc61 [Debug] HTML-escape array key 2017-07-26 17:00:11 +02:00
Nicolas Grekas
1ade5d8658 [DI] Make dumped docblocks less verbose 2017-07-26 09:27:50 +02:00
Nicolas Grekas
072c866d70 minor #23670 [DI] use assertStringEqualsFile when possible (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[DI] use assertStringEqualsFile when possible

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

To make failure reporting more accurate, and maintaining tests easier (assertStringEqualsFile is already heavily used in the same file.)

Commits
-------

eebae7e [DI] use assertStringEqualsFile when possible
2017-07-26 08:23:02 +02:00
Nicolas Grekas
e5790afa80 bug #23662 [VarDumper] Adapt to php 7.2 changes (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[VarDumper] Adapt to php 7.2 changes

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

As required by this change on PHP 7.2:
https://wiki.php.net/rfc/convert_numeric_keys_in_object_array_casts

Tests pass locally (until we add 7.2 to Travis)

Commits
-------

3c2f5f7 [VarDumper] Adapt to php 7.2 changes
2017-07-26 08:17:43 +02:00
Nicolas Grekas
eebae7ec71 [DI] use assertStringEqualsFile when possible 2017-07-26 08:11:54 +02:00
Nicolas Grekas
3c2f5f7a24 [VarDumper] Adapt to php 7.2 changes 2017-07-25 16:57:06 +02:00
fmarchalemisys
973b2d3973 [Form][TwigBridge] Don't render _method in form_rest() for a child form 2017-07-25 11:24:41 +02:00
Konstantin.Myakshin
d30c751781 Add some phpdocs for IDE autocompletion and better SCA 2017-07-23 12:48:31 +03:00
Christopher Parotat
1ba95738fb [Validator] Fix IbanValidator for ukrainian IBANs
The ukrainian bank identifier consists of six digits and not letters.
Also fix the broken links to the current SWIFT IBAN registry pdf.
2017-07-22 09:54:37 +02:00
Gavin Staniforth
7ae578cc1a fix(security): ensure the 'route' index is set before attempting to use it 2017-07-20 09:38:09 +02:00
Fabien Potencier
022ac0be09 [Security] added more tests 2017-07-19 08:09:02 +02:00
Fabien Potencier
9c7a1406cb [Security] fixed default target path when referer contains a query string 2017-07-19 07:57:00 +02:00
Fabien Potencier
b1f1ae26b4 [Security] simplified tests 2017-07-19 07:53:07 +02:00
Fabien Potencier
3387612451 [Security] refactored tests 2017-07-19 07:49:47 +02:00
Nicolas Grekas
eed8a5143d [VarDumper] Move locale sniffing to dump() time 2017-07-18 18:11:53 +02:00
Fabien Potencier
910a8debd8 minor #23559 [DI] Resolve aliases earlier (nicolas-grekas)
This PR was merged into the 2.7 branch.

Discussion
----------

[DI] Resolve aliases earlier

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

Not a bug fix because a compiler pass already resolves aliases, but makes reasoning locally about the code easier.

Commits
-------

9922827cc2 [DI] Resolve aliases earlier
2017-07-18 09:30:09 +02:00
Nicolas Grekas
9922827cc2 [DI] Resolve aliases earlier 2017-07-18 09:15:21 +02:00
Fabien Potencier
3d4e143619 bumped Symfony version to 2.7.33 2017-07-17 19:58:04 +02:00
Fabien Potencier
f01f3d328a updated VERSION for 2.7.32 2017-07-17 19:33:19 +02:00
Fabien Potencier
559ccb2c66 security #23507 [Security] validate empty passwords again (xabbuh)
This PR was merged into the 2.7 branch.

Discussion
----------

[Security] validate empty passwords again

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23341#issuecomment-315341226
| License       | MIT
| Doc PR        |

It looks like this part of #23341 causes serious security issues for some users who rely on the validator to also compare the empty string with their user's password (see for example https://github.com/symfony/symfony/pull/23341#issuecomment-315341226). Thus I suggest to revert this part of #23341.

Commits
-------

878198cefa [Security] validate empty passwords again
2017-07-17 12:54:11 +02:00
Issei.M
b5b8c15831 [Security] Fix wrong term in UserProviderInterface 2017-07-17 12:41:13 +02:00
Fabien Potencier
0100ca145d minor #23452 [DI] Remove irrelevant comment from container (ro0NL)
This PR was merged into the 2.7 branch.

Discussion
----------

[DI] Remove irrelevant comment from container

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes-ish
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License       | MIT
| Doc PR        | symfony/symfony-docs#... <!--highly recommended for new features-->

Spotted in #22811

Commits
-------

595a225a0f [DI] Remove irrelevant comment from container
2017-07-17 12:28:17 +02:00