This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Renamed key to secret Part 2
Anonymous and RememberMe were already changed in https://github.com/symfony/symfony/pull/15141 This PR renames 2 more occurences of key in the Security: AnonymousAuthenticationListener and the Digest entry point.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
55f59d5 Renamed key to secret
* 2.7:
[ci] Phpunit tests wont run if composer is installed in a wrapper
[ci] Add version tag in phpunit wrapper to trigger cache-reset on demand
fix race condition at mkdir (#16258)
[VarDumper] Fix PHP7 type-hints compat
[Bridge] [PhpUnit] fixes documentation markup.
[PropertyAccess] Port of the performance optimization from 2.3
trigger deprecation warning when using empty_value
[PropertyAccess] Test access to dynamic properties
[PropertyAccess] Fix dynamic property accessing.
[Serializer] GetSetNormalizer shouldn't set/get static methods
[Serializer] PropertyNormalizer shouldn't set static properties
JsonDescriptor - encode container params only once
Conflicts:
src/Symfony/Component/VarDumper/Tests/Caster/ReflectionCasterTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[DependencyInjection] [FrameworkBundle] Enhance autowiring DX
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* Dump autowiring data when using the container
* Add autowiring data to the `debug:container` command
Commits
-------
9c3b910 [FrameworkBundle] Autowiring support for debug:container
18913e1 [DependencyInjection] Add autowiring support to dumpers
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] JsonDescriptor - encode container params only once
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16379
| License | MIT
| Doc PR |
Commits
-------
dd9d076 JsonDescriptor - encode container params only once
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle][Form] Better exception message for private form tagged services
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Similar to what is done in [RegisterListenerPass](https://github.com/symfony/symfony/blob/2.8/src/Symfony/Component/EventDispatcher/DependencyInjection/RegisterListenersPass.php#L61-L63), those changes allow to have a better exception message when defining a private `form.type`, `form.type_extension` or `form.form_guesser` tagged service, and at container compilation instead of runtime:
> The service "my.form.type" must be public as form types are lazy-loaded.
instead of:
> You have requested a non-existent service "my.form.type"
If I'm right, similar cases were considered as new features in the past, so this targets 2.8.
Commits
-------
11d675f [FrameworkBundle][Form] Better exception message for private form tagged services
* 2.7:
added the new Composer exclude-from-classmap option
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
* 2.3:
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
This PR was merged into the 2.3 branch.
Discussion
----------
added the new Composer exclude-from-classmap option
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
65bef75 added the new Composer exclude-from-classmap option
This PR was merged into the 2.8 branch.
Discussion
----------
Add the PHP 7 polyfill for the random_bytes function
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Some classes (like the `SecureRandom` class) currently depends on the `random_bytes` function, which is only available in the PHP 7 polyfill
Commits
-------
8ab8ca0 Add the PHP 7 polyfill for the random_bytes function
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Filter links in search results
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14110
| License | MIT
| Doc PR |
Quite often I find myself copy/pasting the results from the search results in the profiler search form. Adding links for this allows developers to narrow down to the proper profiler result fast.
Commits
-------
4bffacc [WebProfilerBundle] Filter links in search results
This PR was merged into the 2.8 branch.
Discussion
----------
Fixed Ajax panel loading in the toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16349
| License | MIT
| Doc PR | -
Commits
-------
862daf2 Fixed Ajax panel loading in the toolbar
* 2.7:
fixed YAML files missing quotes when a string starts with @
[VarDumper] Fix anonymous class dumping
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
* 2.3:
fixed YAML files missing quotes when a string starts with @
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Fix ClassCacheWarme when classes.php is already warmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Autoreloading was previously set to `false`, but actually we want to force it.
This could even lead to a fatal error when warming where it was already warmed as the previous `classes.php` is directly required.
Commits
-------
d31350f [FrameworkBundle] Fix ClassCacheWarme when classes.php is already warmed
This PR was squashed before being merged into the 2.8 branch (closes#15966).
Discussion
----------
[FrameworkBundle] PropertyInfo support
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
Commits
-------
f84a92a [FrameworkBundle] PropertyInfo support
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Add a new ClassCache cache warmer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This new cache warmer allows to remove the known slowness of the first hit of a Symfony application (even when cache has been warmed up). This also allows to make a Symfony application runnable on a read-only filesystem (like in a Docker container for example)
Commits
-------
b570d6c [FrameworkBundle] Add a new ClassCache cache warmer
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBundle] added a Twig templates warmer when templating is disabled
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When disabling the templating component, Twig templates are not warmed up as the warmer depends on the template finder which needs the templating component. This PR adds a new cache warmer that covers this case.
see #16262
Commits
-------
bd3701b [TwigBundle] added a Twig templates warmer when templating is disabled
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Fix Twig cache is not properly warmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15982
| License | MIT
| Doc PR | -
Alternative to #15034
Commits
-------
e704ee4 [TwigBundle] Fix Twig cache is not properly warmed
This PR was merged into the 2.8 branch.
Discussion
----------
[EventDispatcher] added EventDispatcher::getListenerPriority()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14563, #15825
| License | MIT
| Doc PR | n/a
In #14563, we added a way to get the priorities of listeners, but as noted by @Tobion in #15825, the implementation is sub-optimal because of two main reasons: the change is not part of the interface but more importantly, the added boolean changes the return value of `getListeners()`.
This PR reverts most of #14563 to add a `getListenerPriority()` method. This method is quite slow, but as it should only be used for debugging purposes (on the CLI or the WDT), I think it's not really a problem.
In 3.0, this method should probably be added to `EventDispatcherInterface`.
ping @Tobion
Commits
-------
068e955 [EventDispatcher] added EventDispatcher::getListenerPriority()
This PR was merged into the 2.8 branch.
Discussion
----------
Fix the BC layer for the key->secret renaming for remember_me
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/5765
| License | MIT
| Doc PR | n/a
There was a mistake in https://github.com/symfony/symfony/pull/15141 removing the configuration entirely.
Commits
-------
f52b3a0 Fix the BC layer for the key->secret renaming for remember_me
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b028aea [tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [yes|no]
| BC breaks? | [yes|no]
Since cache is now required, it makes no sense to suggest it
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The new feature is in the DI component and it enlighten a deprecation from Doctrine that we ignored in FrameworkBundle, that is also fixed in this PR.
See https://github.com/symfony/symfony/pull/16001/files?w=1
Commits
-------
ca69fa3 [DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
The FrameworkBundle in version 2.3 can be used with recent versions of
the Security component. However, after the Security component has been
split with Symfony 2.4, translations resources have been moved to the
`symfony/security-core` package. Thus, the changed location must be
taken into account.
* 2.7:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Fix PropertyAccessor modifying array in object when array key does not exist
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
* 2.3:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was squashed before being merged into the 2.8 branch (closes#14721).
Discussion
----------
[Security] Configuring a user checker per firewall
_Changed my base branch to avoid issues, closed old PR_
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed ticket | #11090 and helps #14673
| License | MIT
| Doc PR | symfony/symfony-docs/pull/5530
This pull request adds support for a configurable user checker per firewall. An example could be:
```yml
services:
app.user_checker:
class: App\Security\UserChecker
arguments:
- "@request_stack"
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
basic_auth: ~
user_checker: app.user_checker
```
The above example will use the `UserChecker` defined as `app.user_checker`. If the `user_checker` option is left empty, `security.user_checker` will be used. If the `user_checkers` option is not defined, it will fall back to the original behavior to not break backwards compatibility and will validate using the existing `UserChecker`: `security.user_checker`.
I left the default argument in the service definitions to be `security.user_checker` to include backwards compatibility for people who for some reason don't have the extension executed. You can obtain the checker for a specific firewall by appending the firewall name to it. For the firewall `secured_area`, this would be `security.user_checker.secured_area`.
Commits
-------
76bc662 [Security] Configuring a user checker per firewall
This PR was squashed before being merged into the 2.8 branch (closes#15742).
Discussion
----------
Using a service as a router resource
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | almost
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet...
Hi guys!
This adds the ability to use a service as a routing resource. In other words, instead of loading `routing.yml`, you could load `my_route_loader`, and then a method would be called on your service to return a RouteCollection.
Specifically, I'm interested in this because it would allow a user to point their main router resource to the kernel itself, making it possible to load routes inside the kernel (making a single-file full-stack app more possible).
Thanks!
Commits
-------
79e210f Using a service as a router resource
This PR was squashed before being merged into the 2.8 branch (closes#15926).
Discussion
----------
[2.8][Form] Deprecate alias tag option
FQCN should be used since 2.8 instead, so a deprecation error should be triggered when the `alias` setting is used.
Furthermore, the name of the option doesn't make much sense for form types (as it's the alias of the field it applies to), so I renamed it to `extended_type`. I'm open to any other suggestions.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e3aa522 [2.8][Form] Deprecate alias tag option