This PR was squashed before being merged into the 3.3-dev branch (closes#21763).
Discussion
----------
[DI] Replace wildcard-based methods autowiring by `@required` annotation
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (affects things that are only on master)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While playing a bit with new features in master around DI configuration, several people around me got bitten by wildcard-based autowiring. The typical example is adding `autowire: [set*]` in `_defaults`: use that on `resource: ../src/Command/` PSR4-based loading and boom, `setApplication` and `setHelperSet` will now be wrongly called. You could tell me "of course, don't to that" - but being bitten so early on a master-only feature makes me really unconfident that this will be easy enough for people after the release.
If wildcard-based autowiring is removed, then I don't see anymore the need for allowing arrays as in `autowire: [setFoo,getBar]`. Moreover, this array syntax has a core DX issue: it's a dead end as far as the learning curve is concerned. You learn it, then when becoming a more advanced dev, someone teaches you that you'd better use another syntax: explicit wiring.
And in fact, we don't need it at all, because something else already exists: just declare a method call, but don't define its arguments. If `autowire: true` is set, then the AutowiringPass already fills in the holes. There is only one tweak required to make this work: don't autowire optional arguments for method calls - or that'd be a BC break. To my PoV that's even better: this makes autowiring fit a "do the minimum to make it work" strategy. A really good one to me.
But there is still an issue: wildcard-based autowiring fits a need. Namely, it allows one to define a convention (eg. `'set*'`), and have all such methods that follow the convention be autowired. To me, this looks like doing it reverse (the DI config should adapt to the code, not reverse). So, to fill this need, let the declaration be in the source: just use an annotation!
This PR adds support for the `@required` annotation, borrowed from the Spring framework:
https://www.tutorialspoint.com/spring/spring_required_annotation.htm
Using the annotation is totally optional of course. If you do, *and if autowiring is on*, then it'll be autowired. If you don't, nothing changes: do manual wiring.
Even when not using autowiring, the annotation is still a nice hint for the consumer of your classes: it tells the reader that this method needs to be called for correct instantiation - thus lowering one drawback of setter injection (discoverability).
The implementation of the annotation parsing is done using a few regexp (no dep on any complex parser) - and works with inheritance, by leveraging the `@inheritdoc` tag (the default behavior being to *not* inherit anything from parent methods).
All in all, looking at the diff stats, it makes everything simpler. Good sign, isn't it?
Commits
-------
f286fcc25f [DI] Replace wildcard-based methods autowiring by `@required` annotation
9081699980 Revert "minor #21315 [DI][FrameworkBundle] Show autowired methods in descriptors (ogizanagi)"
* 3.2:
fixed tests
fixed tests
revert typo fix
[Form] Fix ChoiceType to ensure submitted data is not nested unnecessarily
Fix phpstorm helper to the official format
Test inline styles with non-decorated formatter
Fix RuntimeException when an Emacs buffer is modified
[Yaml] add tests for specific mapping keys
This PR was merged into the 3.3-dev branch.
Discussion
----------
Revert "[SecurityBundle] only pass relevant user provider"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21809, #21810
| License | MIT
| Doc PR |
This reverts commit d97e07fd6a (applies #21798 on `master`). There is no merge commit that could be reverted.
Commits
-------
5b016cef7b Revert "[SecurityBundle] only pass relevant user provider"
This PR was merged into the 3.2 branch.
Discussion
----------
Update phpstorm helper to the official format
| Q | A
| ------------- | ---
| Branch? | 3.2 <!--see comment below-->
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
eb09d7cc2e Fix phpstorm helper to the official format
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DependencyInjection] make the service container builder register its own self referencing definition
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
9c97496b5f [DependencyInjection] make the service container builder register the definition of its related service container service (and aliases) in order to make compiler passes be able to reference the special service_container service.
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel] Add a ContainerControllerResolver (psr-11)
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Extracts the controller as service resolution from the framework bundle controller resolver in a `Symfony/Component/HttpKernel/Controller/Psr11ControllerResolver`, allowing you to use `HttpKernel` with your own psr-11 container.
Commits
-------
7bbae4159b [HttpKernel] Add a ContainerControllerResolver (psr-11)
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Form] allow form types + form type extensions + form type guessers to be private services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
This pull request is about making internal form services (aka form types, form type extensions and form type guessers) private. They used to be public until Symfony 3.2 for one valid reason: lazyness. However, Symfony 3.3 now comes with built-in mechanism to support effective lazy loading of private services with service locators and proxies.
This PR makes the `DependencyInjectionExtension` class of the `Form` component leverage these new DI component mechanisms. Form types, form type extensions and form type guessers can now be declared private as a best practice. We decided to make these services private as of Symfony 3.3 and of course it would break BC. But this PR introduces a BC layer using a Symfony trick to keep internal form services public. The service container currently has a known issue where private services are not really private if they're referenced by at least two other services in the container. We use this trick to maintain the legacy services public even though the new API relies on private ones. This trick is done thanks to the `deprecated.form.registry` and `deprecated.form.registry.csrf` fake services that will be removed in Symfony 4.0.
Commits
-------
600e75ce88 [Form] use new service locator in DependencyInjectionExtension class, so that form types can be made private at some point.
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle][Config] Move ConfigCachePass from FrameworkBundle to Config
| Q | A
| ------------- | ---
| Branch? | master<!--see comment below-->
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes/no
| Fixed tickets | - <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!--highly recommended for new features-->
This MR is part of the #21284 todo list
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
bce445f452 Move ConfigCachePass from FrameworkBundle to Config
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Simplify AutowirePass and other master-only cleanups
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
A few minor cleanups and fixes, and an overall simplification of AutowirePass.
Commits
-------
34e5cc7698 [DI] Simplify AutowirePass and other master-only cleanups
This PR was squashed before being merged into the 3.3-dev branch (closes#21792).
Discussion
----------
[Security] deprecate multiple providers in context listener
Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Passing multiple user providers to the context listener does not make
much sense. The listener is only responsible to refresh users for a
particular firewall. Thus, it must only be aware of the user provider
for this particular firewall.
Commits
-------
53df0de7fc [Security] deprecate multiple providers in context listener
fbd9f88e31 [SecurityBundle] only pass relevant user provider
* 3.2:
[SecurityBundle] only pass relevant user provider
[Intl] Make tests pass after the ICU data update
[Intl] Update ICU data to 58.2
do not register the test listener twice
[DependencyInjection] removed dead code.
[Yaml] Stop replacing NULLs when merging
[WebServerBundle] fixed html attribute escape
* 2.8:
[SecurityBundle] only pass relevant user provider
[Intl] Make tests pass after the ICU data update
[Intl] Update ICU data to 58.2
do not register the test listener twice
[DependencyInjection] removed dead code.
[Yaml] Stop replacing NULLs when merging
[WebServerBundle] fixed html attribute escape
* 2.7:
[SecurityBundle] only pass relevant user provider
[Intl] Make tests pass after the ICU data update
[Intl] Update ICU data to 58.2
[DependencyInjection] removed dead code.
[Yaml] Stop replacing NULLs when merging
This PR was merged into the 3.3-dev branch.
Discussion
----------
Remove some container injections in favor of service locators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/21553#issuecomment-279214666
| License | MIT
| Doc PR | n/a
Commits
-------
8293b753cf Replace some container injections by service locators
0be9ea8ba1 [EventDispatcher] Fix abstract event subscribers registration
Passing multiple user providers to the context listener does not make
much sense. The listener is only responsible to refresh users for a
particular firewall. Thus, it must only be aware of the user provider
for this particular firewall.
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel] Added the SessionValueResolver
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21159
| License | MIT
| Doc PR | (soon)
This feature adds the `SessionValueResolver`. That means that you no longer have to rely on injecting a `SessionInterface` implementation via the constructor or getting this implementation from the `Request`. Regardless of method, it does not know about the `getFlashBag()`.
By adding the `Session` to the action arguments, you can now type-hint against the implementation rather than interface, which contains the `getFlashBag()`, making it accessible rather than using duck-typing.
_It should also feel less like injecting a service into the constructor which has a state or getting a service from the request._
**Old Situation**
```php
class Controller
{
public function __construct(SessionInterface $session) { /* ... */ }
public function fooAction(Request $request)
{
$this->get('session')->get(...);
$request->getSession()->get(...);
$this->session->get(...)
// duck-typing
$this->get('session')->getFlashBag();
$request->getSession()->getFlashBag();
$this->session->getFlashBag();
$this->addFlash(...);
}
}
```
**New Situation** _- The controller shortcut for flashbag could in theory be removed now_
```php
class Controller
{
public function fooAction(Session $session)
{
$session->get(...);
$session->getFlashBag();
}
}
```
Commits
-------
b4464dcea1 Added the SessionValueResolver
This PR was merged into the 2.8 branch.
Discussion
----------
[WebServerBundle] fixed html attribute escape
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
In the Web Debug Toolbar, when a toolbar item has extra attributes, they are not properly escaped.
(If you put your mouse over the right toolbar item with sf version, you will see a tooltip with `""`)
Currently:
```html
title=""
```
After:
```html
title=""
```
Commits
-------
1337cdb [WebServerBundle] fixed html attribute escape
* 3.2:
Revamped the README file
Fix missing namespace in AddConstraintValidatorPassTest
[SecurityBundle] simplified code
[ExpressionLanguage] Registering functions after calling evaluate(), compile() or parse() is not supported
* 2.8:
Revamped the README file
Fix missing namespace in AddConstraintValidatorPassTest
[ExpressionLanguage] Registering functions after calling evaluate(), compile() or parse() is not supported
* 2.7:
Revamped the README file
Fix missing namespace in AddConstraintValidatorPassTest
[ExpressionLanguage] Registering functions after calling evaluate(), compile() or parse() is not supported
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] fix priority ordering of security voters
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21660
| License | MIT
| Doc PR |
Could be updated in the `3.2` branch to make use of the `PriorityTaggedServiceTrait `.
Commits
-------
dcd19f3cf9 fix priority ordering of security voters
* 3.2:
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Further refactorings to PHPUnit namespaces
resolve parameters in definition classes
* 2.8:
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Further refactorings to PHPUnit namespaces
resolve parameters in definition classes
This PR was merged into the 2.8 branch.
Discussion
----------
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Continued work to make Symfony PHPUnit 6 compatible.
Commits
-------
dbe8898 Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
This PR was squashed before being merged into the 2.7 branch (closes#21688).
Discussion
----------
Further refactorings to PHPUnit namespaces
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Continued work to make Symfony PHPUnit 6 compatible
Commits
-------
de8106f Further refactorings to PHPUnit namespaces
This PR was squashed before being merged into the 2.8 branch (closes#21663).
Discussion
----------
Updated PHPUnit namespaces
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Follow Up of #21564
Commits
-------
205ced4 Updated PHPUnit namespaces
This PR was squashed before being merged into the 3.3-dev branch (closes#21478).
Discussion
----------
[Asset] Add support for preloading with links and HTTP/2 push
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
Allows compatible clients to preload mandatory assets like scripts, stylesheets or images according to [the "preload" working draft of the W3C](https://www.w3.org/TR/preload/).
Thanks to this PR, Symfony will automatically adds `Link` HTTP headers with a `preload` relation for mandatory assets. If an intermediate proxy supports HTTP/2 push, it will convert preload headers. For instance [Cloudflare supports this feature](https://blog.cloudflare.com/using-http-2-server-push-with-php/).
It dramatically increases pages speed and make the web greener because only one TCP connection is used to fetch all mandatory assets (decrease servers and devices loads, improve battery lives).
Usage:
Updated version:
```html
<html>
<body>
Hello
<script src="{{ preload(asset('/scripts/foo.js'), 'script') }}"></script>
</body>
</html>
```
~~First proposal:~~
```html
<html>
<body>
Hello
<script src="{{ preloaded_asset('/scripts/foo.js', 'script') }}"></script>
</body>
</html>
```
- [x] Add tests
Commits
-------
7bab21700d [Asset] Add support for preloading with links and HTTP/2 push