This PR was merged into the 4.3 branch.
Discussion
----------
Sync "not implementing the method" deprecations messages
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Suggested in https://github.com/symfony/symfony/pull/32747#discussion_r309307289
Useful for consistency and for future reference for similar messages.
Commits
-------
f6fae1c361 Sync "not implementing the method" deprecations messages
* 4.3:
Fix assertInternalType deprecation in phpunit 9
Ensure signatures for setUp|tearDown|setUpAfterClass|tearDownAfterClass methods in tests are compatible with phpunit 8.2
This PR was merged into the 4.4 branch.
Discussion
----------
add parameter type declarations to private methods
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
1b2aaa4a06 add parameter type declarations to private methods
This PR was squashed before being merged into the 4.4 branch (closes#32831).
Discussion
----------
[Security] Revise UserPasswordEncoderInterface::needsRehash()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
This reuses the encoded password from the user for the `UserPasswordEncoderInterface`, similar we dont pass the encoded string to `isPasswordValid()`.
This differs from the non-user aware `PasswordEncoderInterface`
cc @nicolas-grekas did i miss something?
Commits
-------
c5a283d417 [Security] Revise UserPasswordEncoderInterface::needsRehash()
* 4.3:
Fix travis script
minor fix for wrong case
[HttpFoundation] Fix `getMaxFilesize`
[Cache] fix warning on PHP 7.4
[Console] fix warning on PHP 7.4
Don't add value of (default/static) objects to the signature
fix(yml): fix comment in milti line value
Make sure trace_level is always defined
Fix bindings and tagged_locator
Recompile container when translations directory changes
* 3.4:
Fix travis script
minor fix for wrong case
[HttpFoundation] Fix `getMaxFilesize`
[Cache] fix warning on PHP 7.4
[Console] fix warning on PHP 7.4
Don't add value of (default/static) objects to the signature
fix(yml): fix comment in milti line value
* 4.3:
[Security/Core] align defaults for sodium with PHP 7.4
fix inline handling when dumping tagged values
[HttpClient] fix canceling responses in a streaming loop
[Messenger] Flatten collection of stamps collected by the traceable middleware
[PropertyAccess] Fix PropertyAccessorCollectionTest
[HttpClient] rewind stream when using Psr18Client
Typo in web profiler
[4.3] Remove dead test fixtures
[Routing] Fix CHANGELOG
relax some date parser patterns
Avoid getting right to left style
* 4.3:
[FrameworkBundle] [SecurityBundle] Rename internal WebTestCase to avoid confusion
ignore not existing translator service
[FrameworkBundle] [SecurityBundle] Rename internal WebTestCase to avoid confusion
revert private properties handling
[HttpFoundation] Fix URLs
[VarDumper] finish PHP 7.4 support and add tests
[VarDumper] Use \ReflectionReference for determining if a key is a reference (php >= 7.4)
Ignore missing translation dependency in FrameworkBundle
[Security/Http] Don't mark AbstractAuthenticationListener as internal
Remove dead tests fixtures
Remove more dead tests fixtures
[Mime] Add missing changelog entry for BC-break
[Messenger] fix transport_name option not passing validation
Remove dead tests fixtures
[Debug][ExceptionHandler] Add tests for custom handlers
* 4.2:
[FrameworkBundle] [SecurityBundle] Rename internal WebTestCase to avoid confusion
ignore not existing translator service
[FrameworkBundle] [SecurityBundle] Rename internal WebTestCase to avoid confusion
revert private properties handling
[HttpFoundation] Fix URLs
[VarDumper] finish PHP 7.4 support and add tests
[VarDumper] Use \ReflectionReference for determining if a key is a reference (php >= 7.4)
Ignore missing translation dependency in FrameworkBundle
Remove dead tests fixtures
Remove more dead tests fixtures
Remove dead tests fixtures
[Debug][ExceptionHandler] Add tests for custom handlers
* 4.3: (26 commits)
Fix Twig 1.x compatibility
[Translator] Improve farsi(persian) translations for Form
Improve fa translations
Spell "triggering" properly
Added tests to cover the possibility of having scalars as services.
fixed tests on old PHP versions
[FrameworkBundle] Inform the user when save_path will be ignored
fixed CS
[SecurityBundle] Fix profiler dump for non-invokable security listeners
fixed CS
[Messenger] Doctrine Transport: Support setting auto_setup from DSN
[Translator] Load plurals from po files properly
[Serializer]: AbstractObjectNormalizer ignores the property types of discriminated classes
[EventDispatcher] Add tag kernel.rest on 'debug.event_dispatcher' service
[Console] Update to inherit and add licence
Add missing test for workflow dump description
[Intl] Remove --dev from intl compile autoloader
[Messenger] fix publishing headers set on AmqpStamp
Remove call to deprecated method
[Intl] Init compile tmp volume
...
This PR was merged into the 4.4 branch.
Discussion
----------
[SECURITY] AbstractAuthenticationListener.php error instead info. Rebase of #28462
| Q | A
| ------------- | ---
| Branch? | 4.4
| -- | --
| Bug fix? | yes
| New feature? | no
| BC breaks? | no I think
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ...
| License | MIT
Rebase of #28462. Origin description:
> ```
> [2018-09-13 20:43:38] security.INFO: Authentication request failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationServiceException(code: 0): An exception occurred while executing
> ...
> Doctrine\\DBAL\\Driver\\PDOException(code: 42S22): SQLSTATE[42S22]: Column not found: 1054 Unknown column 't0.phone' in 'field list' at
> ```
>
> Definitely I think this is NOT info, but error.
> And since it's info, it's not logged in production because of `fingers_crossed` with `action_level: error` - so to actually see the real error behind `Authentication request could not be processed due to a system problem.` I had to debug on production. Very bad practice IMHO.
Commits
-------
867eb78cfe [SECURITY] AbstractAuthenticationListener.php error instead info. Rebase of #28462
* 4.3:
[Mailer] fixed tests on Windows
[PhpUnitBridge] fix tests
[Mailer] fixed error message when connecting to a stream raises an error before connect()
[Mailer] fixed timeout type hint
improve error messages in the event dispatcher
[Security/Core] work around sodium_compat issue
bumped Symfony version to 4.3.3
updated VERSION for 4.3.2
updated CHANGELOG for 4.3.2
bumped Symfony version to 4.2.11
updated VERSION for 4.2.10
updated CHANGELOG for 4.2.10
bumped Symfony version to 3.4.30
updated VERSION for 3.4.29
update CONTRIBUTORS for 3.4.29
updated CHANGELOG for 3.4.29
Fixed type annotation.
* 4.2:
[Security/Core] work around sodium_compat issue
bumped Symfony version to 4.2.11
updated VERSION for 4.2.10
updated CHANGELOG for 4.2.10
bumped Symfony version to 3.4.30
updated VERSION for 3.4.29
update CONTRIBUTORS for 3.4.29
updated CHANGELOG for 3.4.29
* 3.4:
[Security/Core] work around sodium_compat issue
bumped Symfony version to 3.4.30
updated VERSION for 3.4.29
update CONTRIBUTORS for 3.4.29
updated CHANGELOG for 3.4.29
* 4.3: (34 commits)
[PhpunitBridge] Read environment variable from superglobals
[Bridge/PhpUnit] Fix PHP5.5 compat
[PhpUnitBridge] More accurate grouping
fixed CS
Extract unrecoverable exception to interface
[FrameworkBundle] Fix calling Client::getProfile() before sending a request
Fix type error
[Security/Core] require libsodium >= 1.0.14
[Workflow] re-add workflow.definition tag to workflow services
[Security/Core] Don't use ParagonIE_Sodium_Compat
revert #30525 due to performance penalty
collect called listeners information only once
[Lock] fix missing inherit docs in RedisStore
[Messenger] fix retrying handlers using DoctrineTransactionMiddleware
[Mailgun Mailer] fixed issue when using html body
[HttpClient] fix timing measurements with NativeHttpClient
[HttpClient] fix dealing with 1xx informational responses
add test to avoid regressions
fix mirroring directory into parent directory
fix typos
...
* 4.2:
[FrameworkBundle] Fix calling Client::getProfile() before sending a request
Fix type error
[Security/Core] Don't use ParagonIE_Sodium_Compat
collect called listeners information only once
add test to avoid regressions
fix typos
Turkish translation added to Form Component
* 3.4:
[FrameworkBundle] Fix calling Client::getProfile() before sending a request
Fix type error
[Security/Core] Don't use ParagonIE_Sodium_Compat
collect called listeners information only once
add test to avoid regressions
fix typos
Turkish translation added to Form Component
This PR was merged into the 4.4 branch.
Discussion
----------
[Ldap] Add users extraFields in ldap component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #28873, #19329 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo when validated, before merge <!-- required for new features -->
As I'm using ldap too in some personal project, It seems that this feature is a really good nice to have IMHO.
Adding the wanted field in the `user_metadata` array transform them as field -> value in the `metadata` field of the user.
Commits
-------
bcfff04797 [Ldap] Add users extra_fields in ldap component
* 4.3:
fix translation domain
tag the FileType service as a form type
don't validate IP addresses from env var placeholders
[Validator] Fix GroupSequenceProvider annotation
[Messenger] fix delay exchange recreation after disconnect
Update ajax security cheat sheet link
Fix AuthenticationException::getToken typehint
* 4.2:
fix translation domain
tag the FileType service as a form type
[Validator] Fix GroupSequenceProvider annotation
Update ajax security cheat sheet link
Fix AuthenticationException::getToken typehint
* 3.4:
fix translation domain
tag the FileType service as a form type
[Validator] Fix GroupSequenceProvider annotation
Update ajax security cheat sheet link
Fix AuthenticationException::getToken typehint
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fix AuthenticationException::getToken typehint
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
The token may be not set when throwing AuthenticationException.
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
a9705a0143 Fix AuthenticationException::getToken typehint
* 4.3:
fixed CS
fixed CS
fixed CS
Do not log or call the proxy function when the locale is the same
Added missing required dependencies on psr/cache and psr/container in symfony/cache-contracts and symfony/service-contracts respectively.
[HttpClient] fix closing debug stream prematurely
[Mailer] made code more robust
Restore compatibility with php 5.5
fixed sender/recipients in SMTP Envelope
collect called listeners information only once
[HttpKernel] Remove TestEventDispatcher.
* 4.3:
[Cache] Fixed undefined variable in ArrayTrait
[HttpClient] revert bad logic around JSON_THROW_ON_ERROR
[HttpKernel] Fix handling non-catchable fatal errors
Fix json-encoding when JSON_THROW_ON_ERROR is used
[HttpFoundation] work around PHP 7.3 bug related to json_encode()
[HttpClient] add $response->cancel()
[Security] added support for updated \"distinguished name\" format in x509 authentication
* 4.2:
[HttpKernel] Fix handling non-catchable fatal errors
Fix json-encoding when JSON_THROW_ON_ERROR is used
[HttpFoundation] work around PHP 7.3 bug related to json_encode()
[Security] added support for updated \"distinguished name\" format in x509 authentication
* 3.4:
Fix json-encoding when JSON_THROW_ON_ERROR is used
[HttpFoundation] work around PHP 7.3 bug related to json_encode()
[Security] added support for updated \"distinguished name\" format in x509 authentication
* 4.3:
[Translation] Fixed case sensitivity of lint:xliff command
fix type hint for salt in PasswordEncoderInterface
Simplify code - catch \Throwable capture all exceptions
Collect locale details earlier in the process in TranslationDataCollector
fix typo in PR #31802
update italian validator translation
Add missing translations
[TwigBridge] suggest Translation Component when TranslationExtension is used
* 4.2:
[Translation] Fixed case sensitivity of lint:xliff command
fix type hint for salt in PasswordEncoderInterface
Simplify code - catch \Throwable capture all exceptions
fix typo in PR #31802
update italian validator translation
Add missing translations
* 4.3:
[Security\Core] Make SodiumPasswordEncoder validate BCrypt-ed passwords
[Validator] Fix TimezoneValidator default option
[Messenger] Inject RoutableMessageBus instead of bus locator
[DomCrawler] Fix type error with null Form::$currentUri
[Contracts] Fixed typos
do not enable validator auto mapping by default
[HttpClient] remove unused argument
* 4.3:
[github] Implement the new security policy.
[Finder] fix wrong method call casing
Make tempfile path unique
minor: fix phpdocs in the ldap component
[Process] Fix infinite waiting for stopped process
Use absolute URL for when the profiler's domain differs from the controller's domain which initialises the profiler.
fix phpdoc
[DI] fix using bindings with locators of service subscribers
* 4.2:
[github] Implement the new security policy.
[Finder] fix wrong method call casing
Make tempfile path unique
minor: fix phpdocs in the ldap component
[Process] Fix infinite waiting for stopped process
Use absolute URL for when the profiler's domain differs from the controller's domain which initialises the profiler.
fix phpdoc
[DI] fix using bindings with locators of service subscribers
* 3.4:
[github] Implement the new security policy.
[Finder] fix wrong method call casing
Make tempfile path unique
minor: fix phpdocs in the ldap component
[Process] Fix infinite waiting for stopped process
Use absolute URL for when the profiler's domain differs from the controller's domain which initialises the profiler.
fix phpdoc
[DI] fix using bindings with locators of service subscribers
* 4.3: (22 commits)
[Messenger] Fix incorrect error when symfony/serializer is missing
Allow WrappedListener to describe uncallable listeners.
[HttpClient] fix handling exceptions thrown before first mock chunk
[Filesystem] fix wrong method call casing
[HttpClient] fix test
[Translation] Fixed issue with new vs old TranslatorInterface in TranslationDataCollector
Don't reference symfony/security
[HttpClient] display proper error message on TransportException when curl is used
[FrameworkBundle] fix named autowiring aliases for TagAwareCacheInterface
[Cache] improve logged messages
[FrameworkBundle] improve cs
[Mime][HttpFoundation] Added mime type audio/x-hx-aac-adts
bumped Symfony version to 4.3.0
updated VERSION for 4.3.0-BETA2
updated CHANGELOG for 4.3.0-BETA2
[HttpClient] Only use CURLMOPT_MAX_HOST_CONNECTIONS & CURL_VERSION_HTTP2 if defined
[Security] fixed a fatal error when upgrading from 4.2
[HttpClient] Allow arrays as query parameters
Throws UnrecoverableMessageHandlingException when passed invalid entity manager name for Doctrine middlewares
[Messenger] Make redis Connection::get() non blocking by default
...
* 4.2:
[Console] Fix auto-complete for ChoiceQuestion (multi-select answers)
Translated form, security, validators resources into Belarusian (be)
[WebProfilerBundle] Don't filter submitted IP values
[Intl] Cleanup
bumped Symfony version to 4.2.9
updated VERSION for 4.2.8
updated CHANGELOG for 4.2.8
bumped Symfony version to 3.4.28
updated VERSION for 3.4.27
update CONTRIBUTORS for 3.4.27
updated CHANGELOG for 3.4.27
* 3.4:
[Console] Fix auto-complete for ChoiceQuestion (multi-select answers)
Translated form, security, validators resources into Belarusian (be)
[WebProfilerBundle] Don't filter submitted IP values
bumped Symfony version to 3.4.28
updated VERSION for 3.4.27
update CONTRIBUTORS for 3.4.27
updated CHANGELOG for 3.4.27
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Security] Dispatch an event when "logout user on change" steps in
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #26902 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/11450 <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
This adds a new event when the user has been changed and has been log out from the apps, it allow someone to register to this event and do something with either to token or the refreshedUser.
Commits
-------
40e42183b8 [Security] Dispatch an event when "logout user on change" steps in
* 4.2:
[TwigBridge] Require twig ^1.40|^2.9
[Serializer] Fix tests
Use the apply tag instead of the filter tag
Updated some translation files
[Translator] Preserve default domain when extracting strings from php files
* 3.4:
[TwigBridge] Require twig ^1.40|^2.9
[Serializer] Fix tests
Use the apply tag instead of the filter tag
Updated some translation files
[Translator] Preserve default domain when extracting strings from php files
* 4.2:
Fix url matcher edge cases with trailing slash
[Form] Fix author tag + exception messages
[TwigBridge] Fix deprecation on twig 2.9
Fix left-associative ternary deprecation warnings for PHP 7.4
[Validator] Fixed imprecise translations
[Validator] Add Dutch translations
[Security] Cleanup "Digest nonce has expired." translation
Intercept redirections only for HTML format
[PhpUnitBridge] fix reading phpunit.xml on bootstrap
resolve class name parameters
Fix name and phpdoc of ContainerBuilder::removeBindings
[Intl] Update the ICU data to 64.2
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Security] Add NativePasswordEncoder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR adds a new `NativePasswordEncoder` that defaults to the best available hashing algo to `password_hash()`. Best is determined by "us" or "php", the goal being that this will change in the future as new algos are published.
This provides a native encoder that we should recommend using by default.
Commits
-------
28f7961c55 [Security] Add NativePasswordEncoder
* 4.2:
Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
[FrameworkBundle] minor: remove a typo from changelog
[VarDumper] fix tests with ICU 64.1
[VarDumper][Ldap] relax some locally failing tests
[Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
Make MimeTypeExtensionGuesser case insensitive
Fix get session when the request stack is empty
[Routing] fix trailing slash redirection with non-greedy trailing vars
[FrameworkBundle] decorate the ValidatorBuilder's translator with LegacyTranslatorProxy
* 3.4:
Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
[FrameworkBundle] minor: remove a typo from changelog
[VarDumper][Ldap] relax some locally failing tests
[Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
Make MimeTypeExtensionGuesser case insensitive
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Add a separator in the remember me cookie hash
Based on #89
Commits
-------
a29ce2817c [Security] Add a separator in the remember me cookie hash
* 4.2:
fixed bad merge
Show more accurate message in profiler when missing stopwatch
CS Fixes: Not double split with one array argument
[Serializer] Add default object class resolver
Remove redundant animation prefixes
Remove redundant `box-sizing` prefixes
[VarExporter] support PHP7.4 __serialize & __unserialize
Rework firewall access denied rule
MetadataAwareNameConverter: Do not assume that property names are strings
[VarExporter] fix exporting classes with private constructors
fixed CS
Fix missing $extraDirs when open_basedir returns
* 3.4:
Show more accurate message in profiler when missing stopwatch
CS Fixes: Not double split with one array argument
Remove redundant animation prefixes
Remove redundant `box-sizing` prefixes
Rework firewall access denied rule
fixed CS
Fix missing $extraDirs when open_basedir returns
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Rework firewall's access denied rule
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~~#30099~~, #28229
| License | MIT
| Doc PR |
Follow tickets provided above to reproduce bugs. (there are also some project examples)
~~In addition, I'm looking for someone who knows an answer to [this](https://github.com/symfony/symfony/issues/30099#issuecomment-468693492) regarding rework in this PR.~~
Commits
-------
5790859275 Rework firewall access denied rule
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Security] Add Argon2idPasswordEncoder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #28093
| License | MIT
| Doc PR | TODO
Currently we have a `Argon2iPasswordEncoder` that may hash passwords using `argon2id` instead of `argon2i` (platform-dependent) which is not good.
This deprecates producing/validating `argon2id` hashed passwords using the `Argon2iPasswordEncoder`, and adds a `Argon2idPasswordEncoder` able to produce/validate `argon2id` hashed passwords only.
#EUFOSSA
Commits
-------
0c82173b24 [Security] Add Argon2idPasswordEncoder
* 4.2: (45 commits)
[Form] various minor fixes
Ensure the parent process is always killed
bugfix: the terminal state was wrong and not reseted
[Console] Fix inconsistent result for choice questions in non-interactive mode
Define null return type for Constraint::getDefaultOption()
[Routing] Fix: annotation loader ignores method's default values
[HttpKernel] Fix DebugHandlersListener constructor docblock
Skip Glob brace test when GLOB_BRACE is unavailable
bumped Symfony version to 4.2.6
updated VERSION for 4.2.5
updated CHANGELOG for 4.2.5
bumped Symfony version to 3.4.25
updated VERSION for 3.4.24
update CONTRIBUTORS for 3.4.24
updated CHANGELOG for 3.4.24
[EventDispatcher] cleanup
fix testIgnoredAttributesInContext
Re-generate icu 64.1 data
Improve PHPdoc / IDE autocomplete for config tree builder
[Bridge][Twig] DebugCommand - fix escaping and filter
...
Instead of deprecating the interface it is sufficient to deprecate its
getReachableRoles() method and add a new getReachableRoleNames() method
in Symfony 5.
* 4.2:
[Phpunit] fixed support for PHP 5.3
Response prepare method update
[Workflow] Added missing license header
Fix case when multiple loaders are providing paths for the same namespace
Check if Client exists when test.client does not exist, to provide clearer exception message
throw TypeErrors to prepare for type hints in 5.0
[Form] Preventing validation of children if parent with Valid constraint has no validation groups
[Form] Added ResetInterface to CachingFactoryDecorator
Remove deprecated usage
[Tests] fixed compatbility of assertEquals(): void
Fixed usage of TranslatorInterface in form extension (fixes#30591)
[Intl][4.2] Fix test
[Intl] Fix test
[Validator] Add the missing translations for the Arabic (ar) locale
[Intl] Add compile binary
Fix DebugCommand when chain loader is involved
[Form] Fixed some phpdocs
This PR was merged into the 4.3-dev branch.
Discussion
----------
[EventDispatcher] swap arguments of dispatch() to allow registering events by FQCN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
PR green and ready. From UPGRADE files:
EventDispatcher
---------------
* The signature of the `EventDispatcherInterface::dispatch()` method should be updated to `dispatch($event, string $eventName = null)`, not doing so is deprecated
HttpKernel
----------
* Renamed `FilterControllerArgumentsEvent` to `ControllerArgumentsEvent`
* Renamed `FilterControllerEvent` to `ControllerEvent`
* Renamed `FilterResponseEvent` to `ResponseEvent`
* Renamed `GetResponseEvent` to `RequestEvent`
* Renamed `GetResponseForControllerResultEvent` to `ViewEvent`
* Renamed `GetResponseForExceptionEvent` to `ExceptionEvent`
* Renamed `PostResponseEvent` to `TerminateEvent`
Security
---------
* The `ListenerInterface` is deprecated, turn your listeners into callables instead.
* The `Firewall::handleRequest()` method is deprecated, use `Firewall::callListeners()` instead.
Commits
-------
75369dabb8 [EventDispatcher] swap arguments of dispatch() to allow registering events by FQCN
* 4.2:
Fix Cache error while using anonymous class
[Cache] fix LockRegistry
Update validators.cs.xlf
Make translations consistent with other translations.
Correct language code for ukrainian language in security translations.
Fix return type of Request::getRequestFormat
[Cache] Fix perf when using RedisCluster by reducing roundtrips to the servers
* 3.4:
Make translations consistent with other translations.
Correct language code for ukrainian language in security translations.
Fix return type of Request::getRequestFormat
[Cache] Fix perf when using RedisCluster by reducing roundtrips to the servers
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Security] deprecate the Role and SwitchUserRole classes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #20824
| License | MIT
| Doc PR | symfony/symfony-docs#11047
In #20801, we deprecated the `RoleInterface`. The next logical step would be to also deprecate the `Role` class. However, we currently have the `SwitchUserRole` class (a sub-class of `Role`) that acts as an indicator to check whether or not the authenticated user switched to another user.
This PR proposes an alternative solution to the usage of the special `SwitchUserRole` class by storing the original token inside the `UsernamePasswordToken`. This PR is not complete, but rather acts as a proof of concept of how we could get rid of the `Role` and the `SwitchUserRole` classes.
Please share your opinions whether you think this is a valid approach and I will be happy to finalise the PR.
Commits
-------
d7aaa615b9 deprecate the Role and SwitchUserRole classes
* 4.2: (26 commits)
Apply php-cs-fixer rule for array_key_exists()
[Cache] fix warming up cache.system and apcu
[Security] Change FormAuthenticator if condition
handles multi-byte characters in autocomplete
speed up tests running them without debug flag
[Translations] added missing Croatian validators
Fix getItems() performance issue with RedisCluster (php-redis)
[VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
IntegerType: reject submitted non-integer numbers
be keen to newcomers
[HttpKernel] Fix possible infinite loop of exceptions
fixed CS
[Validator] Added missing translations for Afrikaans
do not validate non-submitted form fields in PATCH requests
Update usage example in ArrayInput doc block.
[Console] Prevent ArgvInput::getFirstArgument() from returning an option value
[Validator] Fixed duplicate UUID
fixed CS
[EventDispatcher] Fix unknown priority
Avoid mutating the Finder when building the iterator
...
