This PR was squashed before being merged into the 5.1-dev branch (closes#35960).
Discussion
----------
[Security/Http] Hash Persistent RememberMe token
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#27910
| License | MIT
| Doc PR | Not sure this enhancement needs documentation
The purpose of this PR is to enhance the Remember Me persistent token feature: instead of storing cleared token value in DB, the values will be hashed.
To make sure that existing remember me cookies will keep being valid after this change, we prefix the new token values with 'hash_'. In case the token value doesn't match this prefix, we keep validating it the old way.
Commits
-------
e2425b9ece [Security/Http] Hash Persistent RememberMe token
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] ignore extra tags added by autoconfiguration in PriorityTaggedServiceTrait
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35916, Fix#35953
| License | MIT
| Doc PR | -
Commits
-------
09770aa930 [DI] ignore extra tags added by autoconfiguration in PriorityTaggedServiceTrait
This PR was merged into the 4.4 branch.
Discussion
----------
Add new packages on the link script
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Add the support of the new package on the link script
Commits
-------
2a2bb66ff2 Add new packages on the link script
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
improve PlaintextPasswordEncoder docBlock summary
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Updates class summary as suggested in tkt #35927 & pr #35929 to suggest the encoder is for test usage.
Commits
-------
622facfe94 Tweak message
a56d262639 improve PlaintextPasswordEncoder docBlock summary
This PR was merged into the 3.4 branch.
Discussion
----------
Use some PHP 5.4 constants unconditionally
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since we are PHP >= 5.5.9 only, we can use those constants unconditionally.
Commits
-------
0caf947924 Use some PHP 5.4 constants unconditionally
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] relax test to ignore changes to error message in master
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Required to make https://github.com/symfony/symfony/pull/35945 green (check https://travis-ci.org/symfony/symfony/jobs/657931002#L4720)
Commits
-------
bf5d25c838 [DI] relax test to ignore changes to error message in master
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] move symfony/translation-contracts to require-dev
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since it's needed only if `AsciiSlugger` is used.
Surprisingly, the code in `FrameworkExtension` deals with this as if the dep was already optional:
210ea2202b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php (L217-L220)
Commits
-------
aea80edc78 [String] move symfony/translation-contracts to require-dev
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] fix failing test on PHP 8
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`__toString()` must be public in PHP 8.
Commits
-------
0a2f7b2ceb [String] fix failing test on PHP 8
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Fix some wrong localized routes tests
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
~~Since https://github.com/symfony/symfony/pull/35855, the `_locale` path param is directly substituted so those tests are not valid cases anymore. Instead, the path directly contain the right locale.~~ Actually, the compilation is done after, so instead we need to set the new requirement in all tests to reflect the "reality".
https://github.com/symfony/symfony/pull/35855 also causes a BC break on one case:
```php
$compiledUrlGenerator->generate('foo.fr', ['_locale' => 'en']))
```
Previously, the generated route would be the `/en/fourchette`. Now that the locale is hardcoded in the route path, it will always be `/fr/fourchette`. I changed `foo` to relevant words because it is easier to understand like that.
Commits
-------
99ae55ff1a [Routing] Fix some wrong localized routes tests
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Prevent localized routes _locale default & requirement from being overridden
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/35915
| License | MIT
| Doc PR | -
When we have configured a localized route, its default _locale and _locale requirement should not be modified to ensure it works as expected.
Commits
-------
096dc0aeef [Routing] Prevent localized routes _locale default & requirement from being overridden
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] Add portable HTTP/2 implementation based on Amp's HTTP client
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR provides an `AmpHttpClient`, which is an adapter between [`amphp/http-client`](https://github.com/amphp/http-client) and `symfony/http-client-contracts`.
~This is an early experiment for now, but it works already on the happy path:~ I have a local h2-intensive script, and while it's slower than CurlHttpClient, this performs quite well!
This could provide a portable implementation of HTTP/2 \o/
/cc @kelunik FYI
Todo:
- [x] async request/response
- [x] streaming and multiplexing
- [x] handle all ssl options
- [x] timers info
- [x] upload/download progress info
- [x] upload/download progress callback
- [x] HTTP proxy support
- [x] streamed upload
- [x] public-key pinning
- [x] peer certificate capturing
- [x] stream casting with `$response->toStream()`
- [x] ~https://github.com/amphp/http-client/pull/241~
- [x] extensive debug info
- [x] HTTP/2 PUSH support
- [x] https://github.com/amphp/http-client/issues/243
- [x] https://github.com/amphp/http-client/issues/242
- [x] https://github.com/amphp/http-client/pull/250
- [x] https://github.com/amphp/http-client/pull/239
- [x] ~https://github.com/kelunik/certificate/pull/2~
- [x] https://github.com/amphp/socket/pull/71
- [x] https://github.com/amphp/http-client/issues/252
Commits
-------
ef113feeb3 [HttpClient] Add portable HTTP/2 implementation based on Amp's HTTP client
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] register only existing transport factories
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35866
| License | MIT
| Doc PR |
Commits
-------
24322cffdb register only existing transport factories
* 5.0:
register only existing transport factories
prevent deprecation being triggered from assertion
bumped Symfony version to 5.0.6
updated VERSION for 5.0.5
updated CHANGELOG for 5.0.5
bumped Symfony version to 4.4.6
updated VERSION for 4.4.5
updated CHANGELOG for 4.4.5
* 4.4:
register only existing transport factories
prevent deprecation being triggered from assertion
bumped Symfony version to 4.4.6
updated VERSION for 4.4.5
updated CHANGELOG for 4.4.5
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] register only existing transport factories
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35866
| License | MIT
| Doc PR |
The parts from #35907 that also apply to the `4.4` branch.
Commits
-------
650c9f3f4b register only existing transport factories
This PR was merged into the 4.4 branch.
Discussion
----------
[DomCrawler] prevent deprecation being triggered from assertion
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35889
| License | MIT
| Doc PR |
Commits
-------
b01a10c760 prevent deprecation being triggered from assertion
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[LDAP] Add error code in exceptions generated by ldap
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? |no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This PR add the exception code returned by ldap PHP component to LdapException, and allow users a better way to detect the errors. Before this LdapException allways return code 0, and make neccesary evaluate the string returned to detect the error.
Commits
-------
b4c90f08f1 [LDAP] Add error code in exceptions generated by ldap
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Minor fixes in configuration tree builder
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
1bd779d7c8 [SecurityBundle] Minor fixes in configuration tree builder
This PR was merged into the 3.4 branch.
Discussion
----------
Add Spanish translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
@javiereguiluz I know it's not very significant, but in order to make distinction between `must be` and `should be`, shouldn't translation no. 94 be changed to `Este valor debería estar entre...`?
Commits
-------
9e67b57baa Add Spanish translation