This PR was squashed before being merged into the 2.3 branch (closes#12626).
Discussion
----------
Add reference to documentation in FormEvents phpdocs
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #12512
| License | MIT
| Doc PR |
Commits
-------
2b33ba6 Add reference to documentation in FormEvents phpdocs
This PR was merged into the 2.3 branch.
Discussion
----------
[Console][Table] Fix cell padding with multi-byte
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
When the `TableHelper` dealing with East Asian text, it renders wrong widths. This fixes that problem.
Commits
-------
11014c2 [Console][Table] Fix cell padding with multi-byte
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] Keep "pre" meaning for var_dump quick-and-dirty debug
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is a minor fix to have a quick-and-dirty var_dump nicely work with the exception output from Symfony.
In short, the default "pre" whitespace CSS rules should be kept outside of block "#content", so that var_dump output is not diplayed in a single huge line.
Commits
-------
b6d4390 Keep "pre" meaning for var_dump quick-and-dirty debug
This PR was merged into the 2.3 branch.
Discussion
----------
[Routing] make host matching case-insensitive
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9072
| License | MIT
| Doc PR |
Ignore case in host which means:
- When generating URLs we leave the case in the host as specified.
- When matching we always return lower-cased versions of parameters (because of https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Routing/RequestContext.php#L190 ) in the host. This is also what browers do. They lowercase the host before sending the request, i.e. WWW.eXample.org is sent as www.example.org. But when using curl for example it sends the host as-is. So the HttpFoundation Request class can actually have a non-lowercased host because it doesn't have this normalization.
Commits
-------
952388c [Routing] make host matching case-insensitive according to RFC 3986
This PR was squashed before being merged into the 2.3 branch (closes#13446).
Discussion
----------
[Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The test AbstractProcessTest::testStartAfterATimeout() is pretty useless, due to two reasons:
1. Any exception is caught
This means even the exception thrown with
<code>$this->fail('A RuntimeException should have been raised.');</code>
is caught, making the test pretty useless.
2. Invalid PHP code gets executed
The command that is executed in the tests actually is:
<code># php -r "$n = 1000; while ($n--) {echo ''; usleep(1000); }"</code>
.
This does not wait ~1s, but produces the following error:
<code>PHP Parse error: syntax error, unexpected '=' in Command line code on line 1</code>
Commits
-------
1be266f [Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Add a Russian translation for invalid charset message
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
503f061 [Validator] Add a Russian translation for invalid charset message
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] fix DOS-style line endings
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
603fec5 [Validator] fix DOS-style line endings
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Add a Polish translation for invalid charset message
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
re #13528
Commits
-------
0d562eb Add a Polish translation.
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Dutch translation for invalid charset message
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
re https://github.com/symfony/symfony/pull/13528
Commits
-------
0f72a1e Dutch translation for invalid charset message
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] German translation for invalid charset message
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
Commits
-------
97576ff German translation for invalid charset message
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Add a Slovenian translation for invalid charset message
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Concerning PR #13528
Commits
-------
bd804e6 Add a Slovenian translation for invalid charset message
This PR was squashed before being merged into the 2.3 branch (closes#13469).
Discussion
----------
Fix docblocks to comments
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Change docblock into comment when it's not a proper docblock.
Commits
-------
779926a Fix docblocks to comments
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Removed dead code and various cleaning
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
50973ba Removed dead code and various cleaning
This PR was merged into the 2.3 branch.
Discussion
----------
Make the container considered non-fresh if the environment parameters are changed
| Q | A
| ------------- | ---
| Bug fix? | not really
| New feature? | kind of
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11365
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/4645Fixes#11365 by making the container non-fresh if any of the prefixed environment parameters are added/removed/changed. Not a bug as it was documented as behaving as such, but I think it's worth applying to 2.3 rather than considering it a new feature.
Commits
-------
b49fa12 Make the container considered non-fresh if the environment parameters are changed
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] fixed 10531
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10531
| License | MIT
| Doc PR | -
This is a fix for #10531. It works by extracting all the parent namespaces of a command.
Commits
-------
e6afff4 [Console] fixed#10531
This PR was merged into the 2.3 branch.
Discussion
----------
Consistent spaceless nodes in form templates
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Added '-' at the start and at the end of all if, for, set and block nodes. Related to #12422.
Replaces #12560.
Commits
-------
41c5be6 Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
This PR was squashed before being merged into the 2.3 branch (closes#13039).
Discussion
----------
[HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
Hi everyone!
We at trivago had an issue with the Request object. It seems that all versions of symfony 2.x and 3.x are affected from this (possible) bug (don't checked 1.x).
Here is the problem:
some old legacy pages are deployed in the Document Root, let's say /var/www/www.test.com/ .
one or more new applications based on symfony are deployed to /var/release/new_app1/ , /var/release/new_app2/ , ... .
in /var/www/www.test.com/ there is a symlink "app" to /var/release/new_app1/web, like:
/var/www/www.test.com/app --> /var/release/new_app1/web/
there is a "SEO"/human-readable rewrite rule for Document Root (if called path/file not exist): (.*) --> app/app.php
the problem comes, when the user calls a uri starting with "app" or whatever the rewrite rule / symlink points to:
the user calls "http://www.test.com/apparthotel-1234"
results in $_SERVER parameters like this
```
'DOCUMENT_ROOT' =>'/var/www/www.test.com',
'SCRIPT_FILENAME' => '/var/www/www.test.com/app/app.php',
'SCRIPT_NAME' => '/app/app.php',
'PHP_SELF' => '/app/app.php/apparthotel-1234'
```
in Request::prepareBaseUrl() there are checks to find the baseUrl:
```
if ($baseUrl && false !== $prefix = $this->getUrlencodedPrefix($requestUri, $baseUrl)) {
// full $baseUrl matches
return $prefix;
}
if ($baseUrl && false !== $prefix = $this->getUrlencodedPrefix($requestUri, dirname($baseUrl))) {
// directory portion of $baseUrl matches
return rtrim($prefix, '/');
}
```
first it is checked if (in our case) "/app/app.php" is in the request uri (/apparthotel-1234).
it's not.
then it takes the dirname (of /app/app.php) which is /app and checks if it is in the request uri (/apparthotel-1234), and YES, it is! and "/app" is returned, but this is wrong, it should be empty (because it comes from a rewrite rule from root: /)!
later in preparePathInfo(), if there is a baseUrl, then the baseUrl is removed from the request uri:
/apparthotel-1234 ---> /arthotel-1234
The cause is, the second baseUrl check, checks if the path of the application is already in the uri, like when the request was "http://www.test.com/app/apparthotel-1234" and hit a rewrite rule like (.*) --> app.php in there, but because it matches a directory it must match "dirname($baseUrl) . '/'".
I also needed to fix one unit test of the getBaseUrl test:
the request uri recently was "/foo%20bar".
but from the $_SERVER infos "foo bar" is a directory, see:
```
'SCRIPT_FILENAME' => '/home/John Doe/public_html/foo bar/app.php',
'SCRIPT_NAME' => '/foo bar/app.php',
'PHP_SELF' => '/foo bar/app.php',
```
webservers will redirect a request "http://www.test.com/foo%20bar" to "http://www.test.com/foo%20bar/" when "foo bar" is a directory. checked this for apache 2.x and nginx 1.4.x.
this fix is for symfony master (3.0.x, see #13039).
I also prepared a merge request for actual 2.7 branch, it will also follow in some minutes. (see #13040)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | this, #13040, #13038, #7329
| License | MIT
[HttpFoundation] [Request]
* added missing slash to baseUrl-path part check to remove the path, only when it's also a path in the uri
[HttpFoundation] [Tests] [RequestTest]
* fixed and added unittests
This is the symfony 2.3 branch fix for the issue related to #13038 and #13040
Happy christmas!
Commits
-------
3a3ecd3 [HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Improved exception message if the data class is not found
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12359, #12367
| License | MIT
| Doc PR | -
Commits
-------
4145836 [Form] Improved exception message if the data class is not found
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] execute cheaper checks before more expensive ones
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Minor improvements to the checks as suggested by @stof in #13262.
Commits
-------
cd4349d execute cheaper checks before more expensive ones
If an empty token is provided (from automated tools, or on purpose when
running a command), the argument getter was not checking the other
tokens, as '' == false in php, which is the stop condition of the while
loop in this method.
This method should now rely on the count of tokens rather than the value
of the return of array_shift
* Support services using a parameter for their class name.
* Prevent abstract services as event subscribers.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Improve YAML boolean escaping
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13209
| License | MIT
| Doc PR | None
This PR ensures that PHP [values which would be interpreted as booleans][1] in older versions of the YAML spec are escaped with single quotes when dumped by the Dumper.
For example, dumping this:
```php
array(
'country_code' => 'no',
'speaks_norwegian' => 'y',
'heating' => 'on',
)
```
Will produce this YAML:
```yaml
country_code: 'no'
speaks_norwegian: 'y'
heating: 'on'
```
[1]: http://yaml.org/type/bool.html
Commits
-------
8fa056b Inline private 'is quoting required' methods in Escaper
afe827a Merge pull request #2 from larowlan/patch-2
a0ec0fe Add comment as requested
1e0633e Merge pull request #1 from larowlan/patch-1
81a8090 Remove duplicate 'require'
3760e67 [Yaml] Improve YAML boolean escaping
This PR was merged into the 2.3 branch.
Discussion
----------
fix missing comma in YamlDumper
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The YamlDumper were missing commas between tag attributes.
See https://github.com/rosstuck/TuckConverterBundle/issues/6
Commits
-------
f600d1a fix missing comma in YamlDumper
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Set a child type to text if added to the form without a type.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13167
| License | MIT
| Doc PR | -
This copies the behaviour of `FormBuilder::create()` to `Form::add()`.
ping @webmozart
Commits
-------
57070a2 [Form] Set a child type to text if added to the form without a type.
This PR was squashed before being merged into the 2.3 branch (closes#13286).
Discussion
----------
[Security] Don't destroy the session on buggy php releases.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13269, #13283
| License | MIT
| Doc PR | none
See #13269 for the discussion. This workaround avoids destroying the old session after login on the migrate strategy when running under a php version that we know to be broken.
Corresponding php bug: https://bugs.php.net/bug.php?id=63379
Commits
-------
5d0b527 [Security] Don't destroy the session on buggy php releases.
This PR was squashed before being merged into the 2.3 branch (closes#13231).
Discussion
----------
[WIP] Made help information of commands more consistent
| Q | A
| --- | ---
| Test pass | Not yet
| License | MIT
| Fixed tickets | -
Commits
-------
602d687 [WIP] Made help information of commands more consistent
This PR was merged into the 2.3 branch.
Discussion
----------
CS: add missing param names to @param annotation
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
as stated by @stof [here](https://github.com/symfony/symfony/pull/12886#issuecomment-68626732)
Commits
-------
665825b add missing param names to @param annotation
- Moves dumping single-quoting logic into Yaml\Escaper
- Ensures that PHP values which would be interpreted as booleans in
older versions of the YAML spec are escaped with single quotes when
dumped by the Dumper.
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] missing cleanup for legacy test
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7e929ab [2.3] missing cleanup for legacy test
This PR was merged into the 2.3 branch.
Discussion
----------
[Filesystem] enforce umask while testing
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Having a predictable umask (but not the usual one) should help (TDD for #13222).
When merging in 2.5, the patch should be moved to the new `FilesystemTestCase`
Commits
-------
1e547be [Filesystem] enforce umask while testing
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBridge] moved fixtures into their own directory
Commits
-------
0b775cd [TwigBridge] moved fixtures into their own directory
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBundle] added missing @deprecated tags
The `Symfony\Bundle\TwigBundle\Extension\ActionsExtension` class has been deprecated in Symfony 2.2 but we forgot to deprecate the related classes.
Commits
-------
82f8a79 [TwigBundle] added missing @deprecated tags
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Update README.md
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
The ability to pass file names to Yaml::parse() was deprecated in 2.2 and will be removed in 3.0. So show an up-to-date example.
Commits
-------
bab98f0 [Yaml] Update README.md
PHPUnit ini_set wrapper is now used in tests to automatically reset
ini settings after the test is run. This avoids possible side effects
and test skipping.
Native ini_set is still used in DefaultCsrfProviderTest, but its
tests are run in isolation.
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] for consistency, use value of DIRECTORY_SEPARATOR to detect Windows
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This commit unifies the detection of Windows builds across the Symfony
codebase.
Commits
-------
20a427d use value of DIRECTORY_SEPARATOR to detect Windows
This PR was merged into the 2.3 branch.
Discussion
----------
Fix the implementation of deprecated Locale classes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The ICU component does not exist anymore, but the BC layer was still referencing it.
Commits
-------
eb0637f Fix the implementation of deprecated Locale classes
This PR was merged into the 2.3 branch.
Discussion
----------
Fix phpdoc and coding standards
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
This removes the unused use statements which were not catched by PHP-CS-Fixer because of string occurences. It also fixes some invalid phpdoc (scalar is not recognized as a valid type for instance).
This is complementary to https://github.com/symfony/symfony/pull/13134
Commits
-------
8cc3f6a Fix phpdoc and coding standards
This PR was merged into the 2.3 branch.
Discussion
----------
Remove usages of deprecated constants
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This removes the usage of deprecated constants in our code.
I'm applying this in 2.3 to make merging branches easier. This is especially needed for 2.7 because of deprecation warnings added in #13060 (warnings are triggered in this PR because of these usages)
Commits
-------
6c00c22 Remove usages of deprecated constants
This PR was merged into the 2.3 branch.
Discussion
----------
Update functional tests to use the PSR NullLogger
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This avoids using the deprecated NullLogger in tests.
I'm applying this in 2.3 to make merging branches easier. This is especially needed for 2.7 because of deprecation warnings added in #13060 (tests are failing in this PR currently because of that)
Commits
-------
30cff26 Update functional tests to use the PSR NullLogger
This removes the unused use statements which were not catched by
PHP-CS-Fixer because of string occurences. It also fixes some invalid
phpdoc (scalar is not recognized as a valid type for instance).
This PR was merged into the 2.3 branch.
Discussion
----------
No global state for isolated tests and other fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
By default, phpunit preserves global state for isolated processes. This made the tests break on my laptop.
Other tweaks included.
In branch 2.5, `src/Symfony/Component/Security/Csrf/Tests/TokenStorage/NativeSessionTokenStorageTest.php` also misses the `@preserveGlobalState disabled` annotation. Please add it when merging
Commits
-------
750f3a6 No global state for isolated tests and other fixes
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11773
| License | MIT
| Doc PR | n/a
The default escaping strategy was set on the Twig Engine and not the Twig Environment. That's a problem under some circumstances (like what #11773 describes), but it's also much better to set everything on the Twig Environment directly.
Commits
-------
91b24e8 [TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP head...
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
On symfony.com, we have errors related to IP addresses in the `X-Forwarded-For` HTTP header that have a port. If that happens (I have no ideas what is doing that), the page crashes with an error like `inet_pton(): Unrecognized address 187.65.229.211:63479` (which comes from IpUtils::checkIpv6()). This fixes the root cause by removing the port.
#12572 is solving the consequence and I propose to also merge it.
Commits
-------
60ad382 [HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP header contains a port
This PR was merged into the 2.3 branch.
Discussion
----------
[CssSelector] added the license of the Python library we ported to PHP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11894
| License | MIT
| Doc PR | n/a
Commits
-------
fa36b98 [CssSelector] added the license of the Python library we ported to PHP
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] [Bridge] [Propel] minor improvements to the Propel bridge.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
6d9d460 [Bridge] [Propel] minor improvements to the Propel bridge.
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] fix error handler restoration in test
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
266afeb [Config] fix error handler restoration in test
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] forward error reporting level to insulated Client
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Especially if deprecation notices are silenced on the main php instance, we should also silence them in the insulated Client
Commits
-------
d82e062 [FrameworkBundle] forward error reporting level to insulated Client
This PR was squashed before being merged into the 2.3 branch (closes#13054).
Discussion
----------
[2.3] CS Fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request provides some cs fixes.
Commits
-------
b521c20 [2.3] CS Fixes
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] [SecurityBundle] adds unit tests suite for SecurityDataCollector class.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
85f72f4 [SecurityBundle] adds unit tests suite for SecurityDataCollector class.
This PR was merged into the 2.3 branch.
Discussion
----------
[PropertyAccess] Added test to verify #5775 is fixed
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5775
| License | MIT
| Doc PR |
Added regression test to verify #5775 has been fixed some time ago, so that it can be closed.
Commits
-------
45651c6 [PropertyAccess] Added test to verify #5775 is fixed
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] fixes broken unit test on ArrayNode class.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
a7ee58a [Config] fixes broken unit test on ArrayNode class.
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] adds missing « use » statement for InvalidTypeException type hint in documentation.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
e855424 [Config] adds missing « use » statement for InvalidTypeException type hint in documentation.
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Delete old session on auth strategy migrate
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13026
| License | MIT
| Doc PR |
As identified by @austinh in #13026 there are two sessions after authentication, since the previous session is migrated to a new one by ``session_regenerate_id``. This PR ensures the old session is been deleted immediately on migration.
I can't see any drawbacks, but if the change would break BC, another approach would be to add a new strategy like ``switch`` to enable instant deletion of the old session.
Commits
-------
5dd11e6 [Security] Delete old session on auth strategy migrate
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] Very minor grammar fix in error message
It's just a tiny detail, but I found it important enough to submit a fix.
| Q | A
| --- | ---
| License | MIT
| Fixed tickets | -
Commits
-------
1c65f36 Very minor grammar fix in error message
This PR was merged into the 2.3 branch.
Discussion
----------
[Tests] Silenced all deprecations in tests for 2.3
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Also removed src/Symfony/Component/Security/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php as it was not running at all.
Commits
-------
ef4ae63 [Tests] Silenced all deprecations in tests for 2.3
To be able to use `Twig_SimpleFunction` in `AssetsExtension`, Twig has
to be present in version 1.12 or higher. The TwigBridge only enforces
this Twig version as of version 2.3.10.
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] fix cache:clear command
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12893
| License | MIT
| Doc PR | -
Reading comment on #12893 stating that using absolute paths works around the pb, I tried using realpath(),
and it works!
Pending work on #12955 can be done quietly now.
Commits
-------
a14153a [FrameworkBundle] fix cache:clear command
This PR was merged into the 2.3 branch.
Discussion
----------
CS: There should be no empty lines following phpdocs
Commits
-------
143f900 CS: There should be no empty lines following phpdocs
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Fix return phpdoc
| Q | A
| ------------- | ---
| Bug fix? | tiny (for IDE autocompletion)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
What about using `self` or `static` keyword for this?
Commits
-------
9af2d81 Fix return phpdoc
This PR was squashed before being merged into the 2.3 branch (closes#12993).
Discussion
----------
[2.3] Docblocks should not be followed by a blank line
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
There should be no blank line(s) between phpdocs that document properties, interfaces, classes, functions, or traits. This pull request was a test run of a new php-cs-fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/864.
Commits
-------
4e7ba1b [2.3] Docblocks should not be followed by a blank line
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] [Security] Fixed The AuthenticationProviderInterface Alignment
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request fixes the AuthenticationProviderInterface alignment.
Everything was indented by one too many spaces.
Commits
-------
1270327 Fixed the AuthenticationProviderInterface alignment
This PR was squashed before being merged into the 2.3 branch (closes#12761).
Discussion
----------
[Filesystem] symlink use RealPath instead LinkTarget
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
a8b8d33 [Filesystem] symlink use RealPath instead LinkTarget
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Fixed the proxy-manager version constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request fixes the `ocramius/proxy-manager` version constraint in the 2.3 branch.
`"~0.3.1"` is far cleaner than `">=0.3.1,<0.4-dev"`, and does the same thing.
Commits
-------
ed6c50f Fixed the proxy-manager version constraint
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Remove possible call_user_func()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Merging this in 2.3 enhances performance a bit, but more importantly will ease future merges into 3.0.
Commits
-------
fad7aba [2.3] Remove possible call_user_func()
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] Perf php dumper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR came up after this comment to reduce the number of calls to dirname():
https://github.com/symfony/symfony/pull/12784#issuecomment-65619179
Commits
-------
375f83e Revert "[DependencyInjection] backport perf optim"
fcd8ff9 [DependencyInjection] perf optim: call dirname() at most 5x
c11535b [DependencyInjection] backport perf optim
This PR was merged into the 2.3 branch.
Discussion
----------
[ClassLoader] Fix undefined index in ClassCollectionLoader
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
cfdb925 [ClassLoader] Fix undefined index in ClassCollectionLoader
This PR was merged into the 2.3 branch.
Discussion
----------
PSR-2 Fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request brings symfony 2.3 back inline with PSR-2.
Commits
-------
eda746b PSR-2 fixes
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] make paths relative to __DIR__ in the generated container
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6484, #3079, partially #9238, #10894, #10999
| License | MIT
| Doc PR | n/a
This is an alternative approach to #10999 for removing absolute paths from the generated container:
instead of trying to fix the container file after it has been dumped, telling to the PhpDumper where its output will be written allows it to replace parts of strings by an equivalent value based on `__DIR__`.
This should be safe, thus the PR is on 2.3.
Commits
-------
edd7057 [DependencyInjection] make paths relative to __DIR__ in the generated container
This PR was merged into the 2.3 branch.
Discussion
----------
Fixed the symfony/config version constraint
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request fixes the `symfony/config` version constraint in the proxy manager bridge.
Before this pull, composer was only allowing `v2.3.0` to be downloaded. This surely was not the intention. I've updated the version constraint from `"2.3"` to `"~2.3"` thus allowing all 2.x versions that are equal to or greater than `v2.3.0`.
Commits
-------
ec14f0f Fixed the symfony/config version constraint
This PR was merged into the 2.3 branch.
Discussion
----------
Docblock Fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request fixes the docblock alignment as requested in #12760.
It was also necessary for me to ensure the `@return` annotations were correctly separated in order to accurately align the `@param` annotations.
Commits
-------
443307e Docblock fixes
This PR was merged into the 2.3 branch.
Discussion
----------
Tweaked the password-compat version constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request tweaks the `"ircmaxell/password-compat` version constraint in the 2.3 branch.
I've updated the version constraint to `"~1.0"` match the way we require all "stable" releases. Note that this version constraint is technically different, but I consider it safe still.
Commits
-------
f703e56 Tweaked the password-compat version constraint
This PR was merged into the 2.3 branch.
Discussion
----------
[ClassLoader] define constant only if it wasn't defined before
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
388229b define constant only if it wasn't defined before
This PR was merged into the 2.3 branch.
Discussion
----------
Rename Symfony2 to Symfony
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
Replaces #12563
Commits
-------
0a76b7e Rename Symfony2 to Symfony
This PR was merged into the 2.3 branch.
Discussion
----------
[Bundle][FrameworkBundle] be smarter when guessing the document root
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12524
| License | MIT
| Doc PR |
Commits
-------
e28f5b8 be smarter when guessing the document root
This PR was merged into the 2.3 branch.
Discussion
----------
compare version using PHP_VERSION_ID
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
To let opcode caches optimize cached code, the `PHP_VERSION_ID`
constant is used to detect the current PHP version instead of calling
`version_compare()` with `PHP_VERSION`.
Commits
-------
367ed3c compare version using PHP_VERSION_ID
To let opcode caches optimize cached code, the `PHP_VERSION_ID`
constant is used to detect the current PHP version instead of calling
`version_compare()` with `PHP_VERSION`.
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] CSRF warning docs on Request::enableHttpMethodParameterOverride()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12043
| License | MIT
| Doc PR | /
Since I wanted to understand this issue I did some research and altered the comment block. Is this a clear enough explanation or does it need more?
Commits
-------
deb70ab CSRF warning docs on Request::enableHttpMethodParameterOverride()
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] improve error message for multiple documents
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The YAML parser doesn't support multiple documents. This pull requests
improves the error message when the parser detects multiple YAML
documents.
see also #11840
Commits
-------
c77fdcb improve error message for multiple documents
This PR was merged into the 2.3 branch.
Discussion
----------
Translation debug improve error reporting
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12252
| License | MIT
| Doc PR |
Indicate which file was being parsed if an exception is thrown while running translation:debug
When running the translation:debug command, if a template contains invalid twig markup,
an exception is thrown. This patch rethrows a new exception that includes the filename
being parsed in the message to aid debugging.
Commits
-------
97a8f7e [TwigBundle] added a test
b1bffc0 Indicate which file was being parsed if an exception is thrown while running translation:debug
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] fix form handling with OPTIONS request method
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8282
| License | MIT
| Doc PR | -
The OPTIONS request is just handled as any other request method. And accoring to the spec, an options request can also contain a request body like a POST. This only applied when using the deprecated form processing with `$form->submit($request)`. The change also makes the handling consistent with the `handleRequest` behavior via https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Extension/HttpFoundation/HttpFoundationRequestHandler.php
Commits
-------
28eabd8 [Form] fix form handling with unconventional request methods like OPTIONS
When running the translation:debug command, if a template contains invalid twig markup,
an exception is thrown. This patch rethrows a new exception that includes the filename
being parsed in the message to aid debuging.
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5307
| License | MIT
| Doc PR | -
According to my own testing, this should fix the generation of HTML patterns when `Regex::$match` is set to false. Additionally, patterns containing pipes (or statements) are fixed. See the test cases for examples.
Commits
-------
bf006f5 [Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
This PR was merged into the 2.3 branch.
Discussion
----------
[Session] remove invalid hack in session regenerate
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The original issue #7380 was just caused because the developer missed to save the session before doing the redirect. That's all. Such mistakes won't happen anymore with #12341
This reverts #8270 and following. Also it makes absolutely no sense to do this only for the `files` save handler which creates huge inconsistencies. All save handlers are affected and it's more a documentation thing.
Commits
-------
703d906 [Session] remove invalid workaround in session regenerate
This PR was merged into the 2.3 branch.
Discussion
----------
[Kernel] ensure session is saved before sending response
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6417, #7885
| License | MIT
| Doc PR | n/a
Saves the session, in case it is still open, before sending the response.
This ensures several things in case the developer did not save the session explicitly:
- If a session save handler without locking is used, it ensures the data is available
on the next request, e.g. after a redirect. PHPs auto-save at script end via
session_register_shutdown is executed after fastcgi_finish_request. So in this case
the data could be missing the next request because it might not be saved the moment
the new request is processed.
- A locking save handler (e.g. the native 'files') circumvents concurrency problems like
the one above. By saving the session before long-running things in the terminate event,
we ensure the session is not blocked longer than needed.
- When regenerating the session ID no locking is involved in PHPs session design. See
https://bugs.php.net/bug.php?id=61470 for a discussion. So in this case, the session must
be saved anyway before sending the headers with the new session ID. Otherwise session
data could get lost again for concurrent requests with the new ID. One result could be
that you get logged out after just logging in.
This listener should be executed as one of the last listeners, so that previous listeners
can still operate on the open session. This prevents the overhead of restarting it.
Listeners after closing the session can still work with the session as usual because
Symfonys session implementation starts the session on demand. So writing to it after
it is saved will just restart it.
Commits
-------
b7bfef0 [Kernel] ensure session is saved before sending response
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] fix filelocator with empty name
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
fix filelocator with empty name + phpdoc in config component
Commits
-------
63b8c07 [DependencyInjection] use inheritdoc for loaders
ddd2fe2 [Config] fix filelocator with empty name
The original issue #7380 was just caused because the developer missed to save the session before doing the redirect. That's all. This reverts #8270 and following.
This also makes the CompiledRoute implement Serializable in order to:
1. make the serialization format shorter
2. have no null bytes in there, which the native serializer add for private properties, and thus would complicate saving in databases etc.
3. We should add to our symfony BC promise, that only classes that implement Serializable are ensured to be deserializable correctly with serialized representations of the class in previous symfony versions.
This PR was squashed before being merged into the 2.3 branch (closes#12293).
Discussion
----------
Remove aligned '=>' and '='
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | [https://github.com/symfony/symfony/issues/12284]
| License | MIT
Could you said to me if i should make an other PR for 2.5 branch.
Commits
-------
51312d3 Remove aligned '=>' and '='
This PR was merged into the 2.3 branch.
Discussion
----------
[Security][listener] change priority of switchuser
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Hi,
I have the following users:
- Manager: Allowed to access to (/admin) and has a role ROLE_ALLOWED_TO_SWITCH
- Partner: Allowed to access to (/partner)
When I attempt to switch to partner user I get "Access denied", well I think the switchuser listener must be registred before access listener.
Commits
-------
5f8047d [Security][listener] change priority of switchuser
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] no need to add the url listener when it does not do anything
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
In line with #11696
Commits
-------
7aea1c9 [Form] no need to add the url listener when it does not do anything
In #12253, improved feedback was added to the `server:run` command
instructing the user how to terminate the built-in web server. This
is hereby backported to the `2.3` branch.
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBundle] do not pass a template reference to twig
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
twig does not know about template references and only expects a string.
this commit also fixes that name parsing and locating was called twice for nonexistent templates.
Commits
-------
7fe33e3 [TwigBundle] do not pass a template reference to twig
twig does not know about template references and only expects a string.
this commit also fixes that name parsing and locating was called twice for nonexistent templates
This PR was merged into the 2.3 branch.
Discussion
----------
use meta charset in layouts without legacy http-equiv
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
`<meta charset="UTF-8" />` is now the recommended approach
Commits
-------
96e7b01 use meta charset in layouts without legacy http-equiv
`array_map()` raises a warning when an exception is thrown inside the
callback (see https://bugs.php.net/bug.php?id=55416). To avoid these
warnings, `selectorToXPath()` is applied inside the loop.
[HttpFoundation] fixed the docs so that it gives some explanation about how you are vulnerable to CSRF when you enable the httpMethodeParameterOverride
A small fix in the "parse" function of the "ControllerNameParser" Controller.
We should use "!==" instead of "!=" since it's better and faster in this case.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | NA
| License | MIT
| Doc PR | NA
This PR was merged into the 2.3 branch.
Discussion
----------
fix components tests
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #12006, the `ContainerBuilder` contains the `addExpressionLanguageProvider()` method which references a class from the ExpressionLanguage component. By default, the PHPUnit mock API tries to mock all methods of the class being doubled. Since the ExpressionLanguage component is not required to run the tests, creating the mock objects fails when the mock API fails to mock the `addExpressionLanguageProvider()` method.
Commits
-------
2f2a732 fix components tests
Since #12006, the `ContainerBuilder` contains the
`addExpressionLanguageProvider()` method which references a class from
the ExpressionLanguage component. By default, the PHPUnit mock API
tries to mock all methods of the class being doubled. Since the
ExpressionLanguage component is not required to run the tests,
creating the mock objects fails when the mock API fails to mock
the `addExpressionLanguageProvider()` method.
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] Integrated ICU data into Intl component #1
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11447, #10807
| License | MIT
| Doc PR | -
This PR is an alternative implementation to #11884. It depends on ~~#11906~~ and ~~#11907~~ being merged first (~~these are included in the diff until after a merge+rebase~~ merged+rebased now).
With this PR, the ICU component becomes obsolete. The ICU data is bundled with Intl in two different formats: JSON and the binary ICU resource bundle format (version 2) readable by PHP's `\ResourceBundle` class. For a performance comparison between the two, see my [benchmark](/webmozart/json-res-benchmark).
~~The data is contained in two zip files: json.zip (2.6MB) and rb-v2.zip (3.8MB). The handler~~
```php
\Symfony\Component\Intl\Composer\ScriptHandler::decompressData()
```
~~needs to be added as Composer hook and decompresses the data after install/update.~~
The data is included as text/binary now. Git takes care of the compression.
Before this PR can be merged, I would like to find out what the performance difference between the two formats is in real applications. For that, I need benchmarks from some real-life applications which use ICU data - e.g. in forms (language drop-downs, country selectors etc.) - for both the JSON and the binary data. You can force either format to be used by hard-coding the return value of `Intl::detectDataFormat()` to `Intl::JSON` and `Intl::RB_V2` respectively. I'll also try to create some more realistic benchmarks.
If JSON is not significantly slower/takes up significantly more memory than the binary format, we can drop the binary format altogether.
Commits
-------
be819c1 [Intl] Integrated ICU data into Intl component
[Doctrine][DependencyInjection] The test checks that a few items are ordered according to the value of their 'priority' attribute. However, a few of the items have the same value of this attribute. RegisterEventListenersAndSubscribersPass doesn't use a stable sorting, yet the test asserts that items that are 'equal' shall go in the original order. Modified so that the order of the original items is not checked.
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Simplified testing of violations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I simplified the assertion of violations in preparation of a replacement PR for #7276.
Commits
-------
8e5537b [Validator] Simplified testing of violations
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Fixed StaticMethodLoaderTest to actually test something
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This test is not testing anything, except for whether PHP throws a strict standards error when invalid code is loaded.
I disabled error reporting for this test, so that the actual functionality (ignoring static+abstract functions) is tested.
Commits
-------
1b1303a [Validator] Fixed StaticMethodLoaderTest to actually test something
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] output failed matched path for clarification
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11780
| License | MIT
| Doc PR | -
Because cygwin resolves the path behind the scenes, it is otherwise very unclear what path is actually used for matching.
Commits
-------
8d13af7 [FrameworkBundle] output failed matched path for clarification
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6645
| License | MIT
| Doc PR | -
Consider the following entity:
```php
class Author
{
/**
* @Assert\NotBlank
*/
private $name;
private $age;
}
```
Right now, the "required" HTML attribute is set for both fields (since the default value of the "required" option is true). IMO this is wrong.
With this fix, the ValidatorTypeGuesser guesses `false` for the "required" option unless a NotNull/NotBlank constraint is present.
Commits
-------
fd77b09 [Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11729, #11877
| License | MIT
| Doc PR | -
Commits
-------
759ae1a [Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
4780210 [Form] Add a form error if post_max_size has been reached.
This PR was merged into the 2.3 branch.
Discussion
----------
[WebProfilerBundle] turbolinks compatibility
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fix profiler when using turbolinks. (Without this, profiler is rendered without assets)
Commits
-------
c65b4c7 [WebProfilerBundle] turbolinks compatibility
This PR was merged into the 2.3 branch.
Discussion
----------
[Finder][Urgent] Remove asterisk and question mark from folder name in test to prevent windows file system issues.
Bugfix: Yes
Fixed tickets: #11984 , #11985
Related tickets: #11970
Commit #11970 prevented Symphony from being checked out via windows due to invalid characters in a folder name within the tests.
The issue was reported in #11984 and was attempted to be fixed in #11985 but wasn't due to still including the question mark.
Please accept this ASAP as it entirely breaks any composer that relies on it.
Commits
-------
5fbb278 Avoid question mark and asterisk in folder names to prevent windows filesystem issues.
This PR was merged into the 2.3 branch.
Discussion
----------
[Translation] [Config] Clear libxml errors after parsing xliff file
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
If libxml_use_internal_errors is set to `true` before parsing xliff file, the libxml errors are not cleared correctly. An error `Validation failed: no DTD found !` occurs in libxml errors after parsing and it's available outside the xliff parser (can break other functionality that use `libxml_get_errors` function).
Commits
-------
fab61ef [Translation] [Config] Clear libxml errors after parsing XML file
A previous commit introduced a folder with a question mark and an asterisk which are invalid NTFS folder name characters and prevented checkout on those systems.
This PR was squashed before being merged into the 2.3 branch (closes#11340).
Discussion
----------
[2.3] Add missing development dependencies
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
I've also added a run of the test suite in every component scope.
Commits
-------
3b02af9 [2.3] Add missing development dependencies
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Make sure HttpCache is a trusted proxy
| Q | A
| ------------- | ---
| Bug fix? | yes (of sorts)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9292
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/4239Fixes#9292 by adding `127.0.0.1` as a trusted proxy when using `HttpCache` (assuming it hasn't been already).
Commits
-------
ca65362 Make sure HttpCache is a trusted proxy
This PR was squashed before being merged into the 2.3 branch (closes#11970).
Discussion
----------
[Finder] Escape location for regex searches
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
If the location to start searching in contains a regex special char
like + or ? and the path restriction is a regular expresion with a start
limitation. No results will be found wtih at least GnuFindAdapter - e.g.:
```
use Symfony\Component\Finder\Finder;
use Symfony\Component\Finder\Adapter;
mkdir('/tmp/reg+ex/dir/subdir', 0777, true);
$finder = Finder::create()
->removeAdapters()
->addAdapter(new Adapter\GnuFindAdapter());
$finder->in('/tmp/reg+ex')->path('/^dir/');
print count($finder)."\n";
```
Expected result: 2
Actual result is: 0
This pull request consists of:
* a new test checking for this bug (0e81086a49425d0e12cff4f479fabeb97e9ed757)
* the actual fix (6595b6b2b71afc57ef08686b4584713c0e4e48ed)
* changes to comply with the coding standard (7f199c5b53b3c1f38b36dcc286d3b20ae877425b)
## How to reproduce
### Fastest way
1. Move or copy your local symfony clone into a location containing special regex chars:
* `mv symfony symfony+regex`
2. Run tests in there
* `cd symfony+regex && phpunit`
> Result: Some tests in the finder component will fail.
### Alternative: A new clone
1. Clone symfony in a directory containing at least one regex special char
* `git clone https://github.com/symfony/symfony.git /tmp/symfony+regexchar`
2. As usual get composer, install dependencies and get phpunit
* You might simply want to follow [this guide](http://symfony.com/doc/current/contributing/code/tests.html)
3. Run tests in there
* `cd /tmp/symfony+regexchar && phpunit`
> Result: Some tests in the finder component will fail.
### Alternative: Apply the new test
1. Apply commit a29d1207ced2949c918357cf271200523960caef to your symfony clone
2. Run tests
> Result: The new test will fail.
Commits
-------
b63926b [Finder] Escape location for regex searches
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] fixed some volatile tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | see #11588
| License | MIT
| Doc PR | n/a
Commits
-------
00c1b75 [Process] fixed some volatile tests
974bf01 [HttpKernel] fixed a volatile test
6020c43 [HttpFoundation] fixed some volatile tests
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Uniform AccessDecisionManager decide behaviour
| Q | A
| --------------------|---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10170
| License | MIT
| Doc PR | none
This PR uniforms the way the 3 decision policies (affirmative, consensus, unanimous) are handled in the Security\Core\Authoritzation\AccessDecisionManager.php
See #10170
Commits
-------
938ae4b [Security] Added more tests
This PR was merged into the 2.3 branch.
Discussion
----------
[Translation] made XliffFileDumper support CDATA sections.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11256
| License | MIT
Commits
-------
9926845 [Translation] made XliffFileDumper support CDATA sections.
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] Improved bundle reader implementations
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR extracts bundle reader improvements from #9206.
The code is internal and used for resource bundle generation only, so I did not care about BC too much.
Commits
-------
c3cce5c [Intl] Improved bundle reader implementations
This PR was merged into the 2.3 branch.
Discussion
----------
[YAML] fix handling of empty sequence items
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11798
| License | MIT
| Doc PR |
When a line contains only a dash it cannot safely be assumed that it contains a nested list or an embedded mapping. If the next line starts with a dash at the same indentation, the current line's item is to be treated as `null`.
Commits
-------
fc85435 fix handling of empty sequence items
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] Fixed a few bugs in TextBundleWriter
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
See the included test cases for more information. This code was extracted from #9206.
Commits
-------
7b4a35a [Intl] Fixed a few bugs in TextBundleWriter
This PR was merged into the 2.3 branch.
Discussion
----------
[Form][Validator] All index items after children are to be considered grand-children when resolving ViolationPath
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | unsure, see note below
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11458
| License | MIT
| Doc PR | -
#### Possible BC Break
The old behavior had unit test cases specifically testing the case of a grand-children form. However, this behavior is not documented anywhere and the fix seems to have no adverse effects on form validation. `Symfony\Component\Form\FormInterface` implements `ArrayAccess`, therefore, semantically speaking, `children[direct_child].children[grand_children]` and `children[direct_child][grand_children]` are equivalent. `offsetGet` is expected to fetch an element from `children`. I do not see why both were not considered equivalent when resolving the ViolationPath.
This commit will indeed change how some errors are mapped. However since the old mapping is (in my opinion) a bug...
Commits
-------
c64a75f [Form][Validator] All index items after children are to be considered grand-children when resolving ViolationPath (fixes#11458)
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] FormBuilder::getIterator() now deals with resolved children
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I think FormBuilder::getIterator() should resolve children before makes an iterator because it seems to be used in same purpose with FormBuilder::all().
What do you think?
Commits
-------
0deb505 [Form] FormBuilder::getIterator() now deals with resolved children
This PR was merged into the 2.3 branch.
Discussion
----------
[SwiftmailerBridge] Bump allowed versions of swiftmailer
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes (but SwiftmailerBridge itself does not contain any tests)
| Fixed tickets | -
| License | MIT
| Doc PR | -
Current version of Swiftmailer is 5.2.1, while (previously to this commit)
the version installed by composer was 5.0.3.
This is rather important, since 5.2.1 closes a security issue that 5.0.3 is
vulnarable to (https://github.com/swiftmailer/swiftmailer/issues/494).
Commits
-------
a5e3fc9 [SwiftmailerBridge] Bump allowed versions of swiftmailer
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] remove `service` parameter type from XSD
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#4222
Referencing a service in a parameter doesn't work and will lead to an error when the configuration is loaded (see symfony/symfony-docs#4211).
Commits
-------
7333c2d remove `service` parameter type from XSD
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] Updated icu.ini up to ICU 53
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Extracted from #9206.
Commits
-------
260e2fe [Intl] Updated icu.ini up to ICU 53
