* 2.3:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
This PR was merged into the 2.3 branch.
Discussion
----------
[php7] Fix for substr() always returning a string
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14086
| License | MIT
| Doc PR | -
This should be the last required fix for PHP7 support.
The patch in the debug component is a workaround for a bug in PHP7 (http://3v4l.org/8rm9B) that is going to be fixed soon (@jpauli power).
Commits
-------
77ee866 [php7] Fix for substr() always returning a string
This PR was submitted for the 2.8 branch but it was merged into the 2.3 branch instead (closes#15355).
Discussion
----------
[Security] Do not save the target path in the session for a stateless firewall
| Q | A
| ------------- | ---
| Bug fix? | partially
| New feature? | partially
| BC breaks? | no
| Deprecations? | no
| Tests pass? | -
| Fixed tickets | -
| License | MIT
| Doc PR | -
Note: I think this PR can be merged into 2.3 because it's like a bug fix
Commits
-------
3358253 [Security] Do not save the target path in the session for a stateless firewall
This PR was submitted for the 2.8 branch but it was merged into the 2.7 branch instead (closes#15306).
Discussion
----------
[HttpKernel] [HttpCache] Fix deprecated error in HttpCache#getSurrogate
| Q | A
| ------------- | ---
| Bug fix? | yes? - I could not find an open issue, but it does appear to be a but to throw a `E_USER_DEPRECATED` when calling a non-depreciated method.
| New feature? | no
| BC breaks? | no
| Deprecations? | no - but related to
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Currently calls to `HttpCache#getEsi` correctly trigger a `E_USER_DEPRECATED` error and inform the user that they should instead use `HttpCache#getSurrogate`.
Unfortunately `HttpCache#getSurrogate` currently calls `$this->getEsi();` which will result in the `E_USER_DEPRECATED` still being triggered.
This pull request simply moves the logic that was previously in `getEsi` to `getSurrogate`, and leaves `getEsi` as a wrapper around `getSurrogate` with the addition of also triggering this warning.
This pull request also effects the 2.7 branch.
Commits
-------
32d964b Fix calls to HttpCache#getSurrogate triggering E_USER_DEPRECATED errors.
This PR was squashed before being merged into the 2.3 branch (closes#15172).
Discussion
----------
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
The ParameterBagInterface was missing some @throws annotations, so the FrozenParameterBag class was a violation of Liskov subtitution principle. Also the ParameterBagInterface was missing the remove method.
(Optionally the ParameterBagInterface can be later split into two smaller interfaces, because the FrozenParameterBag shouldn't have the add, remove methods in the first place.)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I have also fixed removing elements from FrozenParameterBag, as introduced by @satahippy
https://github.com/symfony/DependencyInjection/pull/8
Commits
-------
3ad0794 [DependencyInjection] fixed FrozenParameterBag and improved Parameter…
* 2.7:
[Yaml] throw a ParseException on invalid data type
[TwigBridge] type-dependent path discovery
Resources as string have the same problem
Introduce failing test case when a SplFileInfo object is passed to the extract() method in the TwigExtractor.
#15331 add infos about deprecated classes to UPGRADE-3.0
[Asset] removed unused private property.
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
[Console] Fix console output with closed stdout
* 2.6:
[Yaml] throw a ParseException on invalid data type
#15331 add infos about deprecated classes to UPGRADE-3.0
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
[Console] Fix console output with closed stdout
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Tests deps=low with PHP 5.6
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I noticed that testing deps=low with the lowest supported PHP skips some tests/features.
I propose to merge the 5.6 and deps=low lines of the test matrix in order to both fix this issue and remove one line in the matrix (thus making tests a bit lighter/faster on travis).
Commits
-------
d3874ec [travis] Tests deps=low with PHP 5.6
This PR was merged into the 2.3 branch.
Discussion
----------
#15331 add infos about deprecated classes to UPGRADE-3.0
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15331
| License | MIT
| Doc PR |
Commits
-------
e391446#15331 add infos about deprecated classes to UPGRADE-3.0
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] type-dependent path discovery
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15340
| License | MIT
| Doc PR |
With the introduction of the `AbstractFileExtractor` in Symfony 2.7, the
`extract()` method in the `TwigExtractor` class does not necessarily
deal with `SplFileInfo` instances from the Finder component, but also
receives `\SplFileInfo` objects initialized by the base extractor class.
Commits
-------
1e15761 [TwigBridge] type-dependent path discovery
2bf78e5 Resources as string have the same problem
aa7cbbd Introduce failing test case when a SplFileInfo object is passed to the extract() method in the TwigExtractor.
This PR was submitted for the 2.8 branch but it was merged into the 2.6 branch instead (closes#15361).
Discussion
----------
[Yaml] throw a ParseException on invalid data type
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15234
| License | MIT
| Doc PR |
Without this check, PHP would trigger a warning when an array was passed
to `trim()`. The parser must throw a `ParseException` instance on a
malformed YAML string instead.
Commits
-------
adc6b30 [Yaml] throw a ParseException on invalid data type
Without this check, PHP would trigger a warning when an array was passed
to `trim()`. The parser must throw a `ParseException` instance on a
malformed YAML string instead.
With the introduction of the `AbstractFileExtractor` in Symfony 2.7, the
`extract()` method in the `TwigExtractor` class does not necessarily
deal with `SplFileInfo` instances from the Finder component, but also
receives `\SplFileInfo` objects initialized by the base extractor class.
* 2.7:
[Twig+FrameworkBundle] Fix forward compat with Form 2.8
[2.6] Static Code Analysis for Components
[Security/Http] Fix test relying on a private property
[Serializer] Fix bugs reported in b5990be491 (commitcomment-12301266)
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/widget_attributes.html.php
src/Symfony/Component/Security/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Fix not-BC test assertion
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The 2.6 branch is failing because of this case for `Validation::API_VERSION_2_4`, that can't work because `$this->context` is not a mock object, thus has no "expect" method.
See https://travis-ci.org/symfony/symfony/jobs/72100346#L2902
This got unnoticed because only 2.6 is testing the 2.4 validator api.
Commits
-------
5ef7ae9 [Form] Fix not-BC test assertion
This PR was merged into the 2.7 branch.
Discussion
----------
[Twig+FrameworkBundle] Fix forward compat with Form 2.8
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When these layouts are used with form 2.8, the readonly attribute is rendered twice. This has no practical consequence, but it breaks tests. This is the last fix required to make 2.7 green again.
Commits
-------
75dc464 [Twig+FrameworkBundle] Fix forward compat with Form 2.8
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fix 2 bugs regarding private setters
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fix two bugs reported in b5990be491 (commitcomment-12301266)
1. Arguments set in the constructor was not properly removed from `$data`
2. `GetSetMethodNormalizer` was calling private setters, throwing an exception
cc @StanAngeloff
Commits
-------
65e9f26 [Serializer] Fix bugs reported in b5990be491 (commitcomment-12301266)
This PR was squashed before being merged into the 2.6 branch (closes#15317).
Discussion
----------
[2.6] Static Code Analysis for Components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended):
- fixed couple potential issues when code is running in a phar-file
Commits
-------
37a2353 [2.6] Static Code Analysis for Components
This PR was merged into the 2.6 branch.
Discussion
----------
[Security/Http] Fix test relying on a private property
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm not 100% sure what was tested by this, but this test was using a private property (`AnonymousToken->key`), that has been renamed to `secret` in later Sf versions.
Commits
-------
2d29ac1 [Security/Http] Fix test relying on a private property
This PR was merged into the 2.8 branch.
Discussion
----------
Implement resettable containers
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | small one
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13448
| License | MIT
| Doc PR | n/a
This allows to release remove references to all services during shutdown, giving much more chances to destruct services and the container through refcounting rather than waiting GC, as it will break cycles between the container and container-aware services.
There is a small BC break for a very edge case: if someone keeps a reference to the container and then shutdowns the kernel, the container would now be cleared and so would not work as intended anymore. But I don't think it is a supported use case. If you shutdown the kernel, the container of this kernel is released by the kernel and should not be used anymore IMO.
Thus, shutting down the kernel generally does not happen except during tests on teardown.
I'm not sure a doc PR is needed here: users of the fullstack framework should never use this feature (the kernel is using it for them). What do you think @weaverryan ?
Commits
-------
4457745 Implement resettable containers
This PR was squashed before being merged into the 2.8 branch (closes#15131).
Discussion
----------
[Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
Description
---
The `SimpleFormAuthenticatorInterface` and `SimplePreAuthenticatorInterface` rely on `Request`, which means it's a Http land class. This means they don't belong in core.
Having a form login that doesn't depend on the request is an option as well (e.g. a console application might use the question helper to implement a "form" login). However, then there is a need for a new abstraction of the request. I don't think it's worth it.
Furthermore, the only classes typehinting/relying on this interfaces can be found in `Security\Http`.
Implementation
---
The new interfaces extend the old ones for better backwards compability. Symfony doesn't trigger deprecation errors for interfaces, see 6f57b7b552
PR Info Table
---
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ebb2064 [Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] Fix 3.0 incompatible deps
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This should fix the failing the deps=2.8 tests on master.
Commits
-------
753812e [2.8] Fix 3.0 incompatible deps