This PR was submitted for the 2.7 branch but it was merged into the 2.8 branch instead (closes#27297).
Discussion
----------
Triggering RememberMe's loginFail() when token cannot be created
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (but minor behavior change)
| Deprecations? | no->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not needed
This is an edge-case bug fix. If, for example, someone tampers with the remember me cookie, and so it is invalid, this causes the `->autoLogin()` call to throw an `AuthenticationException`. But, this did not call the `loginFail()` method.
Honestly, I'm not sure if the old or new behavior is correct. But, we should discuss and merge or close.
Commits
-------
e3412e6a67 Triggering RememberMe's loginFail() when token cannot be created
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] never inline lazy services
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should apply also:
- to deprecated services since 2.8
- to errored services since 3.4
Commits
-------
3b4d7ab56c [DI] never inline lazy services
This PR was submitted for the 2.7 branch but it was merged into the 2.8 branch instead (closes#27355).
Discussion
----------
Add code of Conduct links in our README
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | - <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
Commits
-------
40e59a6415 Add code of Conduct links in our README
This PR was submitted for the 2.7 branch but it was merged into the 2.8 branch instead (closes#27370).
Discussion
----------
Default testsuite to latest PHPUnit 6.*
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Necessary to fix each() function deprecation calls introduced in PHP 7.2
![obrazok](https://user-images.githubusercontent.com/496233/40514525-b6099d64-5fa9-11e8-906b-ccd8c358b5a5.png)
Commits
-------
37e543329a Default testsuite to latest PHPUnit 6.*
This PR was squashed before being merged into the 2.8 branch (closes#27376).
Discussion
----------
[Github] Update the pull-request template
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ø
| License | MIT
| Doc PR | ø
2.7 is end of life.
Commits
-------
99327a6153 [Github] Update the pull-request template
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] do not mock the session in token storage tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
919f93d do not mock the session in token storage tests