This PR was merged into the 2.3 branch.
Discussion
----------
[2.3][Component/Security] Fixed some phpdocs in Security/Core
| Q | A
| ------------- | ---
| Bug fix? | kinda*
| New feature? | no
| License | MIT
\* - those missing phpdocs lead to problems when debugging with IDE, as well as some were wrong (i.e. `SecurityContextInterface::isGranted()`) as parameters differ in interface & class implementing it
Commits
-------
80fae1d [Component/Security] Fixed some phpdocs in Security/Core
This PR was merged into the 2.3 branch.
Discussion
----------
[All] update license year to 2014
| Q | A |
| --- | --- |
| Bug fix? | n |
| New feature? | n |
| BC breaks? | n |
| Deprecations? | n |
| Tests pass? | y |
| Fixed tickets | na |
| License | MIT |
| Doc PR | na |
Sent using [Gush](https://github.com/cordoval/gush)
sorry about the previous PR now closed, forgot Gush had branched off of master and not 2.3
Commits
-------
8ace5f9 update year on licenses
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Fix#9861 : Revert TTY mode
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9861
| License | MIT
This revert the TTY mode support for the process component
Commits
-------
160b1cf [Process] Fix#9861 : Revert TTY mode
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Documented public properties
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9670
| License | MIT
| Doc PR | -
`$request` and `$query` parameter bags could be hard to get for a newcommer, who's used to `$_POST` and `$_GET` variables. Some people claim naming makes no sense (see #9671).
For consistency I documented all public properties.
Commits
-------
1b79831 [HttpFoundation] Documented public properties.
This PR was merged into the 2.3 branch.
Discussion
----------
removed unneeded use statements
| Q | A
| ------------- | ---
| License | MIT
Commits
-------
7f9a366 removed unneeded use statements
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
| Q | A
| ------------- | ---
| Bug fix? | yes
| BC breaks? | no*
| Tests pass? | yes
| Fixed tickets | #9903
| License | MIT
\* as described in mentioned issue, before this PR there was thrown exception `UnexpectedValueException`, which was not correct, but I guess some people trying to hide the bug could use `try {} catch` on it.
Commits
-------
38287e7 [HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] fixed pre/post authentication checks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8510, #9622
| License | MIT
| Doc PR | N/A
After further investigation of #8510, I found that all checks in the `checkPreAuth` actually belongs to `checkPostAuth` and the same goes for checks in `CheckPostAuth` (I checked the original source from Spring and indeed, that's how it is implemented there: see https://github.com/spring-projects/spring-security/blob/master/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java#L305
).
So, this PR fixes that issue. I think that we can do this change safely in 2.3 as the error message is the same for all causes by default (`$hideUserNotFoundExceptions` is `true` by default in `UserAuthenticationProvider`).
The only "real" change is whether the authentication is checked or not.
Commits
-------
ada82a2 [Security] fixed pre/post authentication checks