* 3.4:
[Filesystem] Handle paths on different drives
[WebProfiler] Do not add src-elem CSP directives if they do not exist
[Yaml] fix parse error when unindented collections contain a comment
[3.4][Inflector] Improve testSingularize() argument name
[PhpUnitBridge] fix PHP 5.3 compat again
Skip validation when email is an empty object
fix sr_Latn translation
[Validator] fix lazy property usage.
Fix annotation
[PhpUnitBridge] fix compat with PHP 5.3
[DX] Show the ParseException message in YAML file loaders
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Default hidden question to 1 attempt for non-tty session
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36565
| License | MIT
| Doc PR |
### Problem 1
`validateAttempts()` method repeats validation forever by default, until exception extending `RuntimeException` isn't thrown. This currently happens disregarding if user is in tty session where they can actually type input, or non-tty session. This presents a problem when user code throws custom exceptions for hidden questions -> loop doesn't stop. As far as I can tell this issue is in all Symfony versions, but it was uncovered only after we stopped marking interactive flag to false automatically ourselves. Actually, all 3 problems were already existing problems, just hidden until now.
### Problem 2
Infinite loop problem is related to hidden questions, but this one isn't. If validation fails, another attempt to read & validate happens. This means user will get two prompts: 2x same question with 2 different error messages. One error message coming from validator, second error message about inability to read input (because this loop repeats until this kind of error happens, so last output will always be this error). As an example, output in practice would look like following
```
What do you want to do:
>
[ERROR] Action must not be empty.
What do you want to do:
>
Aborted.
```
So even if loop stops, output is more than expected.
### Problem 3
This is purely cosmetic issue, but currently user gets `stty: stdin isn't a terminal` printed additionally when question helper tries to ask a hidden question without having tty. I have fixed this in same fashion as was already done for [getShell() method](ee7fc5544e/src/Symfony/Component/Console/Helper/QuestionHelper.php (L500)).
### More details
Well root of the first problem is that `\Symfony\Component\Console\Helper\QuestionHelper::getHiddenResponse` is inconsistent. In some cases it does throw `MissingInputException` (which extends `RuntimeException`), in others doesn't. This is because in others, `shell_exec` is used, which won't return `false` even in non-tty sessions. Initially I attempted to fix this and make them consistent by checking for empty result + `isTty` call, but during my testing I found that at least last, `bash -c` method returns `\n` as output both when passing empty input and when passing newline as input. This means we cannot differentiate with this technique when input is really empty, or at least I can't currently tell how, maybe someone does. I had also idea to use proc_open and check if `STDERR` cotains message about stdin not being a terminal, but I realized these functions might not be available. In future we should modernize this method to use less hacky techniques. Other solutions, eg. Inquirer.js or [hoa/console](https://github.com/hoaproject/Console/blob/master/Source/Readline/Readline.php) have much more elegant solutions. Anyway, since I encountered this issue and additionally this doesn't solve Problem 2, I stopped trying to fix this on this level.
### Alternative solution
Alternative solution to problem 1 and 3 would be to fallback to default in case of hidden questions when tty is missing. But this still doesn't solve problem 2 and I can't think about solution right now which would fix problem 2 separately. We also didn't really reach consensus if reading passwords via stdin is desired. I tried this in `Inquirer.js` and this library *does read password from stdin*
Commits
-------
ee7fc5544e [Console] Default hidden question to 1 attempt for non-tty session
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Filesystem] Handle paths on different drives
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
`makePathRelative` strips and ignores the drive letters given Windows paths on different drives, resulting in a relative path which does not resolve to the desired target.
This PR makes `makePathRelative` notice paths on different drives, and return the full (absolute) target path in case instead.
Commits
-------
00e727ae4e [Filesystem] Handle paths on different drives
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfiler] Do not add src-elem CSP directives if they do not exist
| Q | A
| ------------- | ---
| Branch? | 3.4, 4.4, 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36643
| License | MIT
| Doc PR | n/a
In the latest 3.4.*, 4.4.* and 5.0.* branches the `script-src-elem` and `style-src-elem` directives are added to the Content-Security-Policy header if they don't exist by copying the `default-src`. This causes browsers to ignore the `script-src` and `style-src` directives which likely contain scripts and styles the developer wanted to allow.
As mentioned in the fixed ticket, we shouldn't be adding these directives if they don't exist because the browser will automatically fallback to `script-src` and `style-src` which we have already added `unsafe-inlen` and the `nonce-*` to.
This will need to be merged into 3.4, 4.4 and 5.0, but I was unsure which branch I am meant to base it off to start with. I've put it on 4.4 but can move it to another if required.
Commits
-------
d9c47087c9 [WebProfiler] Do not add src-elem CSP directives if they do not exist
This PR was merged into the 3.4 branch.
Discussion
----------
[DX] Show the ParseException message in all YAML file loaders
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR synchronizes the exception message in the Routing, Validator and Translation YAML file loaders with the DependencyInjection YAML file loader behavior. Adding the ParseException message is a big DX gain because it highlights the problem directly instead of having to scroll down 7 previous exceptions.
I'm targetting 3.4 because DX can be considered as a bug fix AFAIK.
Commits
-------
fc6cf3d3c6 [DX] Show the ParseException message in YAML file loaders
This PR was merged into the 4.4 branch.
Discussion
----------
Execute docker dependent tests with github actions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fixes#36427
| License | MIT
| Doc PR | -
* redis, memcached, rabbitmq and vulcain dependent tests moved to the github action
* run on PHP 7.1 and 7.4 only
* use the `integration` group for all tests that depend on docker services
* do not exclude the `integration` group on Travis, but make sure tests that depend on docker services are skipped properly
[<img width="1222" alt="image" src="https://user-images.githubusercontent.com/190447/80806323-48339100-8bb2-11ea-95cd-5ce773c74ce6.png">](https://github.com/jakzal/symfony/runs/636461875?check_suite_focus=true)
Commits
-------
d710c1b654 Execute docker dependent tests with github actions
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Skip validation when email is an empty object
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
When the value passed to the email validator is an empty object the validator is still called and will mark the value as invalid. The object should be skipped in this case, as it is also done in the `UrlValidator`
bfdbb244fe/src/Symfony/Component/Validator/Constraints/UrlValidator.php (L59-L62)
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
de5d68ef2a Skip validation when email is an empty object
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Allow configuring the default base URI with a DSN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#35121, replaces #35580, partially reverts #35281
| License | MIT
| Doc PR | -
Instead of defining 3-4 parameters, this PR enables using a single DSN to configure the default URL context (for commands mainly):
```
framework:
router:
base_uri: 'https://my.host:8443/base-path/'
```
When using parameters directly, one can now set the same absolute URI in the `router.request_context.base_url` parameter, this will provide the same benefit.
Commits
-------
250fa7e979 [FrameworkBundle] Allow configuring the default base URI with a DSN
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security] Added LDAP support to Authenticator system
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The last missing authenticator in the new system 🎉
I have no experience with LDAP at all and I didn't succeed in setting up a server locally. So I can't test whether this works, but the unit test works (and also tested in a real app, while adding a `dd()` call in the listener).
---
I want to share with you the current state of Security LDAP, how this PR implements it and a possible other solution (which I think I would prefer most). Is there anyone who can share their opinions on this? (hopefully @weaverryan and @csarrazi can share their opinion, as they have most experience on this topic)
1. **Current Solution: An LDAP authentication provider + duplicated `SecurityFactory` classes**
LDAP is done in one centralized authentication provider. This provider is configured by security factories for each core factory (e.g. `form_login` becomes `form_login_ldap`, `http_basic` becomes `http_basic_ldap`).
2. **Implementation in this PR: A listener is executed before the default `VerifyCredentialsListener`, to verify `PasswordCredentials`**
This listener must be configured for each specific authenticator wanting to use LDAP. This is a technique similar to (1). It's a bit difficult to use this for your own authenticator (you need to configure a custom listener service) and still needs the duplicated factory classes
3. **Proposal: Introduce a `LdapCredentials` class and always register a listener**
If an authentictor returns `LdapCredentials`, it'll be checked using the LDAP verification listener. This is the easiest for custom authenticators and would remove the duplicated factories, I can imagine `form_login` getting a new `ldap` sub option to configure the settings.
The main disadvantage (I think) is that we would need to make `LdapCredentials` configure all options: ldap service, dnString, searchDn, searchPassword & queryString. Especially passing around the ldap service seems a bit weird. The main questions here are: Is it weird to pass all these things in the `LdapCredentials`? And, do we really need to support having multiple LDAP configuration sets for different authenticators? Or can we e.g. add a global `security.ldap` configuration, that registers the listener for all authenticators returning `LdapCredentials`?
Commits
-------
20962e604a [Security] Added LDAP support to Authenticator system
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Translations] Throw exception if xFileLoader dependencies don't exist.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36658
| License | MIT
| Doc PR |
`XliffFileLoader` & `QtFileLoader` both require `XmlUtils::class` from the `Config` component. This PR throws a friendly exception is the `Config` component does not exist.
Original idea by @xabbuh was to throw the exception from the __constructor. This PR throws the exception from the `load()` method to be consistent with the `YamlFileLoader::class`. But that can easily be changed.
Commits
-------
627e476eb4 [Translations] Throw exception if xFileLoader dependencies don't exist.
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[AmazonSqsMessenger] Use AsyncAws to handle SQS communication
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
Similar to #35992 this PR use AsyncAws to handle Sqs messages sent/receive
It move complexity of authentication/streaming outside Symfony while keeping HttpClient integration.
Commits
-------
7c4888eed1 [AmazonSqsMessenger] Use AsyncAws to handle SQS communication
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Fix messenger:failed:remove can not remove single message
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36659
| License | MIT
| Doc PR | -
Fix this error:
```
count(): Parameter must be an array or an object that implements Countable
```
When calling `messenger:failed:remove` command from other code with single id
Commits
-------
e66cd97ec3 [Messenger] Fix messenger:failed:remove can not remove single message
This PR was merged into the 5.1-dev branch.
Discussion
----------
Add support of PHP8 static return type for withers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/orgs/symfony/projects/1#card-35852557
| License | MIT
| Doc PR |
Commits
-------
04fdf05cff Add support of PHP8 static return type for withers
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] allow loading and dumping tags with an attribute named "name"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This is a minor feature added for consistency: using PHP, we can already define tags with an attribute named `"name"`. But then, we cannot dump such definitions in YAML nor XML since we don't have a syntax to declare such tags in these formats.
I spotted this while looking at a dumped container: we already use an attribute named `"name"` on two tags: `cache.pool` and `workflow.definition`. Currently, the dumped XML is wrong because of this.
This PR enables the following new syntaxes (the current style still works as usual):
- in YAML, consistently with the new syntax for method calls:
```yaml
tags:
- cache.pool: { name: my_cache_pool }
```
- in XML:
```xml
<tag name="my_cache_pool">cache.pool</tag>
```
Commits
-------
b023e4cac3 [DI] allow loading and dumping tags with an attribute named "name"
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] make kernels implementing `WarmableInterface` be part of the cache warmup stage
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This allows your kernel to return extra classes to preload also (which was my main motivation for creating this PR actually.)
```php
// ...
use Symfony\Component\HttpKernel\CacheWarmer\WarmableInterface;
// ...
class Kernel ... implements ..., WarmableInterface
{
// ...
public function warmUp(string $cacheDir): array
{
// ...
return [
SomeClassToPreload::class,
AnotherClassClassToPreload::class,
$cacheDir.'/some-file-to-preload.php',
// ...
];
}
// ...
}
```
Commits
-------
649e530356 [HttpKernel] make kernels implementing `WarmableInterface` be part of the cache warmup stage
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] deprecate not using a rounding mode
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
25ba1a241d deprecate not using a rounding mode
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Mailer] Use AsyncAws to handle SES requests
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #33183, #35468 and #35037
| License | MIT
| Doc PR | TODO
alternative to #33326
This PR replace the native code to call AWS SES by the new [AsyncAws](https://github.com/async-aws/aws) project maintained by @Nyholm and me.
This removes complexity of signing request, and adds new features likes:
- authentication via .aws/config.ini, Instance profile, WebIdentity (K8S service account)
- usesignature V4 (the one recommanded by the Official SDK )
- fully compatible with API (uses the official AWS SDK interface contract to generate classes)
Because it's based on `symfony/http-client`, it's fully integrable with Symfony application.
Commits
-------
21243874bc [Mailer] Use AsyncAws to handle SES requests
This PR was merged into the 4.4 branch.
Discussion
----------
[Translation] Fix for translation:update command updating ICU messages
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36459
| License | MIT
If `translation:update` command executed with option `--domain=messages` – it ignore `messages-intl-icu` file and just create new `messages`
Method `TranslationUpdateCommand::filterCatalogue()` on `MessageCatalogue::all()` method to get all messages for domain
But `MessageCatalogue::all()` method disredard `intl-icu` domains and simply merge all.
[Translation] added $strict parameter for MessageCatalogueInterface::all() to be able to get only defined domain messages
[FrameworkBundle] modified translation:update command to respect intl-icu domain
Commits
-------
567cee5f02 [Translation] Fix for translation:update command updating ICU messages
* Anonymous users are actual to unauthenticated users, both are now represented by no token
* Added a PUBLIC_ACCESS Security attribute to be used in access_control
* Deprecated "anonymous: lazy" in favor of "lazy: true"
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[SecurityBundle] Fixed entry point service ID resolving and multiple guard entry points
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | n/a
@fabpot I am not able to reproduce [the error you reported](https://github.com/symfony/symfony/pull/36575#issuecomment-622272051) in any of my demo applications or in the tests introduced in this PR. The error indicates that no entry point is configured in your application, can you maybe try out this patch (given it now makes a hard error when more than one guard is used)? If it still doesn't work, can you maybe share your firewall configuration?
---
_build failures are unrelated_
Commits
-------
c75659350e Do not make AbstractFactory internal and revert method rename
6870a18803 Fixed entry point resolving and guard entry point configuration
This PR was squashed before being merged into the 3.4 branch (closes#36627).
Discussion
----------
[Validator] fix lazy property usage.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36343
| License | MIT
| Doc PR |
This attempts to fix a large regression introduced in #36343, which broke recursing values returned from `getter` Constraints, because they are now wrapped in in a `LazyProperty`. The `LazyProperty` needs to be evaluated because some checks are done on the type of `$value`, i.e `is_array` etc... in `validateGenericNode`.
I'm concerned that the original PR didn't really add sufficient test coverage for the introduction of `LazyProperty`, and I'm not 100% sure that I've caught all the cases where the `instanceof` check are needed in this PR.
For the tests, I added the `@dataProvider getConstraintMethods` to every test that hit the problem area of code.
~~The only issue is that my fixed has broken the test introduced in #36343, `testGroupedMethodConstraintValidateInSequence`.~~
~~I think I need @HeahDude to help me work through this. Maybe there is a more simple solution, one that doesn't require doing `instanceof LazyPropery` checks in multiple places, because this feels very brittle.~~
EDIT: fixed that test.
Commits
-------
281861e788 [Validator] fix lazy property usage.
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] provide a useful message when extension types don't match
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36610
| License | MIT
| Doc PR |
Commits
-------
88d836643a provide a useful message when extension types don't match
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] do not transform empty \Traversable to Array
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | na
| License | MIT
| Doc PR | na
Today, using `PRESERVE_EMPTY_OBJECTS` ([introduced in 4.0](f28e826627)), the JSON serialization of:
```php
<?php
$object = [];
$object['foo'] = new \ArrayObject();
$object['bar'] = new \ArrayObject(['notempty']);
$object['baz'] = new \ArrayObject(['nested' => new \ArrayObject()]);
```
Outputs:
```json
{"foo":[],"bar":["notempty"],"baz":{"nested":[]}}
```
Instead of the expected:
```json
{"foo":{},"bar":["notempty"],"baz":{"nested":{}}}
```
This issue comes from the Serializer that transforms `Traversable` to an Array [here](11a707200d/src/Symfony/Component/Serializer/Serializer.php (L159)). Also, the `AbstractObjectNormalizer` [doesn't support Traversable](11a707200d/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L134)), but he allows to preserve empty objects.
I propose this patch where the fix doesn't transform a `Traversable` to an Array. I see another way to patch this in which we could allow empty Traversable in the `AbstractObjectNormalizer` (not sure it's better though). See attached [other-fix.patch](https://github.com/symfony/symfony/files/4539865/other-fix.log) to see the alternative patch.
Commits
-------
e5c20293fa Fix serializer do not transform empty \Traversable to Array
This PR was merged into the 5.1-dev branch.
Discussion
----------
Add missing port SQS Host Header request
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
When user provides a custom endpoint, the port is missing from the `Host` headers, leading to wrong URL when calling `getQueueUrl`
Commits
-------
41165beb48 Add missing port SQS Host Header request
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Fixed not supported Redis eviction policies
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | no
**Steps to reproduce:**
1. Define the following redis service on SymfonyCloud:
```
rediscache:
type: redis:5.0
size: S
configuration:
maxmemory_policy: allkeys-lru
```
2. Deploy the change
**Expected result:**
No redis cache will be populated
**Actual result:**
Following exception is thrown:
```
[2020-04-28T05:35:58.440403-04:00] php.CRITICAL: Uncaught Error: Return value of Symfony\Component\Cache\Adapter\RedisTagAwareAdapter::doSave() must be of the type array, bool returned {"exception":"[object] (TypeError(code: 0): Return value of Symfony\\Component\\Cache\\Adapter\\RedisTagAwareAdapter::doSave() must be of the type array, bool returned at /app/vendor/symfony/cache/Adapter/RedisTagAwareAdapter.php:100)"} []
```
Commits
-------
3d6e942da5 [Cache] Fixed not supported Redis eviction policies
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][CacheWarmupCommand] Append files to preload
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Files returned by the warmUp() method must be added to the preload file.
I also added checks to avoid empty preload calls in the preload file like this:
```
$classes = [];
Preloader::preload($classes);
```
Commits
-------
a82c7ab4c0 [FrameworkBundle][CacheWarmupCommand] Append files to preload
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation][HttpKernel] Add more preload always-needed symbols
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Part of https://github.com/orgs/symfony/projects/1#card-37082675
| License | MIT
| Doc PR | -
`ConfigCache` is in the hot path because it is used for every request in the kernel boot (initializeContainer() method). I guess we can consider that every kernel is going to be booted so it should always be used.
`InputBag` should be added too - it is used in the Request initialization so it will likely be hit on every request as well - but maybe it wasn't added in the first place for a reason since other bags are already there?
Commits
-------
636a8bdf12 [HttpFoundation][HttpKernel] Add more preload always-needed symbols
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] Require entry_point to be configured with multiple authenticators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | tbd
See @weaverryan's comment at https://github.com/symfony/symfony/pull/33558#discussion_r403740402:
> I have it on my list to look at the entrypoint stuff more closely. But my gut reaction is this: let's fix them (or try to... or maybe in a PR after this) :). What I mean is this:
>
> - It's always been confusing that your firewall may have multiple auth mechanisms that have their own "entry point"... and one is chosen seemingly at random :). I know it's not random, but why does the entrypoint from `form_login` "win" over `http_basic` if I have both defined under my firewall?
>
> - Since we're moving to a new system, why not throw an exception the _moment_ that a firewall has multiple entrypoints available to it. Then we _force_ the user to choose the _one_ entrypoint that should be used.
---
**Before** (one authenticator)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
form_login: ...
# form login is your entry point
```
**After**
Same as before
---
**Before** (multiple authenticators)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
# for some reason, FormLogin is now your entry point! (config order doesn't matter)
```
**After**
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
entry_point: form_login
```
---
**Before** (custom entry point service)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
entry_point: App\Security\CustomEntryPoint
```
**After**
Same as before
Commits
-------
7e861698e7 [Security] Require entry_point to be configured with multiple authenticators
* 5.0:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
Allow invalidateTags calls to be traced by data collector
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Mailer] Add a comment to avoid more wrong PRs on this piece of code
[Form] apply automatically step=1 for datetime-local input
remove getContainer overwrites in tests
Fixing a bug where class_alias would cause incorrect items in debug:autowiring
[DependencyInjection][ServiceSubscriber] Support late aliases
Fix profiler nullable string type
* 4.4:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
Allow invalidateTags calls to be traced by data collector
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Mailer] Add a comment to avoid more wrong PRs on this piece of code
[Form] apply automatically step=1 for datetime-local input
Fixing a bug where class_alias would cause incorrect items in debug:autowiring
[DependencyInjection][ServiceSubscriber] Support late aliases
* 3.4:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Form] apply automatically step=1 for datetime-local input
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Allow invalidateTags calls to be traced by data collector
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #34810
| License | MIT
| Doc PR |
`TraceableTagAwareAdapter` is not used in the fullstack framework since tag aware pools don't have the `cache.pool` tag (it's the decorated adapter that has it). This PR aims to use `TraceableTagAwareAdapter` when a pool is configured with `tags: true`
Commits
-------
28fdb3a879 Allow invalidateTags calls to be traced by data collector
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36533
| License | MIT
| Doc PR | none
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
This PR changes the label of the peak memory usage from `MB` into `MiB` in the time and memory panels of the web profiler, as discussed in #36533.
The changed file `Resources/views/Collector/time.html.twig` is completely updated by commit c9433b0090 for v4.3. So for correctly displaying the label in 4.4 (& 5.0), the file `Resources/views/Collector/time.js` needs to be updated.
Commits
-------
89fb0799cd [WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
This PR was merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36401
| License | MIT
| Doc PR | -
Commits
-------
6dce90d47b [PhpUnitBridge] Use COMPOSER_BINARY env var if available
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] add syntax to stack decorators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#30599
| License | MIT
| Doc PR | -
Declare this:
```yaml
services:
my_stack_of_decorators:
stack:
- class: App\ExternalDecorator
- class: App\InternalDecorator
- class: App\DecoratoredClass
```
And get this:
The PR is now ready with support for Yaml, XML and the PHP-DSL. It needs #36388, #36392 and #36389 to pass, and relates to #36390 to be DX-friendly.
The new syntax now supports composable stacks - i.e stack you can reuse in the middle of another stack.
RIP middleware, simple decorators FTW :)
From the test cases:
```yaml
services:
reusable_stack:
stack:
- class: stdClass
properties:
label: A
inner: '@.inner'
- class: stdClass
properties:
label: B
inner: '@.inner'
concrete_stack:
stack:
- parent: reusable_stack
- class: stdClass
properties:
label: C
```
This will create a service similar to:
```php
(object) [
'label' => 'A',
'inner' => (object) [
'label' => 'B',
'inner' => (object) [
'label' => 'C',
]
],
];
```
When used together with autowiring, this is enough to declare a stack of decorators:
```yaml
services:
my_processing_stack:
stack:
- App\ExternalDecorator: ~
- App\InternalDecorator: ~
- App\TheDecoratedClass: ~
```
See fixtures for the other configuration formats.
See also https://twitter.com/nicolasgrekas/status/1248198573998604288
Todo:
- [x] rebase on top of #36388, #36392 and #36389 once they are merged
- [x] test declaring deeper nested stacks
Commits
-------
98eeeae3d1 [DI] add syntax to stack decorators
