* 2.6:
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
Changed visibility of setUp() and tearDown to protected
[WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
Added default button class
used HTML5 meta charset tag and removed hardcoded ones
Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
.travis.yml
* 2.3:
Changed visibility of setUp() and tearDown to protected
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Config/Util/XmlUtils.php
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/OptionsResolver/Options.php
src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
src/Symfony/Component/Yaml/Inline.php
Reduce couple count calls in [Yaml]
Modernize type casting, fix several strict comparisons
Unsets merged
Elvis operator usage
Short syntax for applied operations
* 2.7: (26 commits)
removed Propel bridge from Symfony Core
[2.7] Added deprecation warning for get request service in controller
[Serializer] Normalizers can serialize collections and scalars
[FrameworkBundle] Fix title and placeholder rendering in php form templates.
[Process] added a deprecation notice
[TwigBridge] Removed duplicated code from TwigRenderer
[Translator][Logging] implement TranslatorBagInterface.
RequestDataCollector - small fix
renamed composer.phar to composer to be consistent with the Symfony docs
[FrameworkBundle] bumped min version of Routing to 2.3
removed composer --dev option everywhere
fixed a test
[Console] Fixed output bug, if escaped string in a formatted string.
“console help” ignores --raw option
Fix form icon position in web profiler
[Security] Remove ContextListener's onKernelResponse listener as it is used
Revert "minor #12652 [HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value (skler)"
Revert "fixed assertion"
fixed assertion
[HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value
...
Conflicts:
composer.json
src/Symfony/Bridge/Propel1/composer.json
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Component/Console/Tests/Helper/LegacyTableHelperTest.php
* 2.6: (21 commits)
[FrameworkBundle] Fix title and placeholder rendering in php form templates.
[TwigBridge] Removed duplicated code from TwigRenderer
[Translator][Logging] implement TranslatorBagInterface.
RequestDataCollector - small fix
renamed composer.phar to composer to be consistent with the Symfony docs
[FrameworkBundle] bumped min version of Routing to 2.3
removed composer --dev option everywhere
fixed a test
[Console] Fixed output bug, if escaped string in a formatted string.
“console help” ignores --raw option
Fix form icon position in web profiler
[Security] Remove ContextListener's onKernelResponse listener as it is used
Revert "minor #12652 [HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value (skler)"
Revert "fixed assertion"
fixed assertion
[HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value
fixed URL
Add reference to documentation in FormEvents phpdocs
[YAML] Fix one-liners to work with multiple new lines
Keep "pre" meaning for var_dump quick-and-dirty debug
...
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
* 2.3:
[FrameworkBundle] Fix title and placeholder rendering in php form templates.
RequestDataCollector - small fix
renamed composer.phar to composer to be consistent with the Symfony docs
[FrameworkBundle] bumped min version of Routing to 2.3
removed composer --dev option everywhere
fixed a test
[Console] Fixed output bug, if escaped string in a formatted string.
[Security] Remove ContextListener's onKernelResponse listener as it is used
Revert "minor #12652 [HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value (skler)"
Revert "fixed assertion"
fixed assertion
[HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value
fixed URL
Add reference to documentation in FormEvents phpdocs
[YAML] Fix one-liners to work with multiple new lines
Keep "pre" meaning for var_dump quick-and-dirty debug
[Console][Table] Fix cell padding with multi-byte
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/widget_attributes.html.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Console/Helper/TableHelper.php
* 2.7:
fixed deprecation notice
removed usage of the deprecated forms of asset() in the core framework
renamed asset_path() to asset() and added a BC layer
[Asset] added a NullContext class
[Asset] added the component
Added new Forwarded header support for Request::getClientIps
Optimize EntityType by only loading choices for values in the same way that EntityLoader customization does (if you provide a query_builder).
[Security] added string representation for core Users
Add Twig loader priority
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
This PR was squashed before being merged into the 2.3 branch (closes#13466).
Discussion
----------
[Security] Remove ContextListener's onKernelResponse listener as it is used
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The context listeners are specific to a particular firewall, and as such, should not be applied if the current request doesn't match that context listener. To avoid this, the context listener can remove itself from the dispatcher as it is called.
This comes in to affect when two or more firewalls are setup and using the same kernel for multiple requests. Assuming there are two firewalls 'site' and 'admin'
- Request comes in matching 'site' firewall, 'site' ContextListener adds it's onKernelResponse method to the dispatcher
- Succesful auth for 'site'
- ContextListener writes token to session
- Request comes in matching 'admin' firewall, 'admin' ContextListener can't find anything in the session, so nulls the token in the security context
- 'site' ContextListener listens for response, can't find a token in the security context so removes the 'site' token from the session
Commits
-------
380d805 [Security] Remove ContextListener's onKernelResponse listener as it is used
* 2.7: (61 commits)
fixxed order of usage
[2.7] [Form] Replaced calls to array_search() by in_array() where is no need to get the index
removed the last deprecation notice
[Serializer] Silent deprecation notice
removed deprecation notice
[PropertyAccess] Show property path in all exception messages
added deprecation notice for HttpCache::createEsi()
added missing deprecation notice when using the form_enctype function
[Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
removed non-sense example
Fixes small typo.
[Validator] Remove unnecessary include in tests
[HttpFoundation] minor: clarify Request::getUrlencodedPrefix() regex
fixed typo
[Serializer] Use Serializer's LogicException when applicable
[Serializer] Use autoloader for annotations in tests
[Validator] fix DOS-style line endings
Drop useless execution bit
bumped Symfony version to 2.6.5
[Serializer] update changelog
...
Conflicts:
CHANGELOG-2.3.md
CHANGELOG-2.5.md
CHANGELOG-2.6.md
src/Symfony/Bridge/Twig/Node/FormEnctypeNode.php
src/Symfony/Bundle/FrameworkBundle/HttpCache/HttpCache.php
src/Symfony/Component/HttpFoundation/Session/Storage/Handler/NativeSessionHandler.php
* 2.6: (46 commits)
fixxed order of usage
[2.7] [Form] Replaced calls to array_search() by in_array() where is no need to get the index
[Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
removed non-sense example
Fixes small typo.
[Validator] Remove unnecessary include in tests
[HttpFoundation] minor: clarify Request::getUrlencodedPrefix() regex
fixed typo
[Validator] fix DOS-style line endings
Drop useless execution bit
bumped Symfony version to 2.6.5
[Serializer] update changelog
updated VERSION for 2.6.4
updated CHANGELOG for 2.6.4
bumped Symfony version to 2.5.11
[HttpKernel] Added use of provided by #12022 method to instantiate controller class in bundle's controller resolver
updated VERSION for 2.5.10
updated CHANGELOG for 2.5.10
[Validator] Add a Russian translation for invalid charset message
[2.3] [Validator] spanish translation for invalid charset message
...
Conflicts:
src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntityValidator.php
src/Symfony/Component/HttpKernel/Exception/FatalErrorException.php
src/Symfony/Component/HttpKernel/Exception/FlattenException.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Tests/Generator/UrlGeneratorTest.php
src/Symfony/Component/Validator/Resources/translations/validators.de.xlf
src/Symfony/Component/Validator/Resources/translations/validators.en.xlf
src/Symfony/Component/Validator/Resources/translations/validators.es.xlf
src/Symfony/Component/Validator/Resources/translations/validators.fr.xlf
src/Symfony/Component/Validator/Resources/translations/validators.pl.xlf
src/Symfony/Component/Validator/Resources/translations/validators.ru.xlf
src/Symfony/Component/Validator/Resources/translations/validators.sl.xlf
* 2.7:
fixed tests
[OptionsResolver] replaced some exception messages
Added i18n support to ConfirmationQuestion
[HttpKernel] [WebProfilerBundle] added HTTP status to profiler search result
[Form] fixed form tests when using 2.7 deps
[2.3] [HttpFoundation] [MimeTypeGuesser]
[Routing] merge instead of replace class and method scheme/method annotations
[TwigBridge] Fix bootstrap rendering when user explicitly use form_label
Removed dead code and various cleaning
Removed dead code and various cleaning
Fixed HtmlDumper with long string
Removed dead code and various cleaning
[FrameworkBundle][xsd] added missing logging attribute.
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Component/HttpKernel/CHANGELOG.md
src/Symfony/Component/Process/Process.php
* 2.6:
[2.3] [HttpFoundation] [MimeTypeGuesser]
Removed dead code and various cleaning
Removed dead code and various cleaning
[FrameworkBundle][xsd] added missing logging attribute.
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
* 2.5:
[2.3] [HttpFoundation] [MimeTypeGuesser]
Removed dead code and various cleaning
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
* 2.3:
[2.3] [HttpFoundation] [MimeTypeGuesser]
Removed dead code and various cleaning
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bridge/Twig/Resources/views/Form/form_table_layout.html.twig
src/Symfony/Component/Console/Tests/ApplicationTest.php
src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
* 2.7:
[TwigBridge] fixed AppVariable compat with older Symfony versions
[Validator] re-added support for 2.4 API version in tests
fixed typos
fixed typo
fixed typo
fixed BC layer
[SecurityBundle] decouple the logout PHP helper and Twig extension
[Validator] added Japanese translation for unresolvable host (id: 79)
[Serializer] Fix PHPDoc
Conflicts:
src/Symfony/Bridge/Twig/AppVariable.php
* 2.7:
added type-hint
[Security] removed usage of the deprecated SecurityContextInterface
[Form] fixed deprecation triggers, removed usage of deprecated features
[EventDispatcher] fixed deprecation notices in the EventDispatcher Component
[HttpFoundation] maked a test as being for deprecated feature
added missing error_reporting
[Yaml] maked a test as being for deprecated feature
[Yaml] removed deprecation notices on internal constant
[Security] moved test files into the right place
[HttpKernel] fixed deprecation notices for ESI classes
[Form] moved a deprecation notice
[Form] fixed the CSRF extension to allow using only the new interfaces
[Form] tweaked a deprecation message
[Validator] Add a Russian translation for the checkDNS option in the URL validator
[Validator] Add a Slovenian translation for the checkDNS option in the URL validator
[Validator] Add a Polish translation for the checkDNS option in the URL validator.
fixed typo
added missing support for factories in console descriptions
[FrameworkBundle] fixed missing information in some descriptors
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/Form/Extension/HttpFoundation/EventListener/BindRequestListener.php
src/Symfony/Component/Yaml/Tests/YamlTest.php
* 2.7: (24 commits)
bumped Symfony version to 2.6.4
updated VERSION for 2.6.3
updated CHANGELOG for 2.6.3
bumped Symfony version to 2.6.3
updated VERSION for 2.6.2
updated CHANGELOG for 2.6.2
bumped Symfony version to 2.5.10
updated VERSION for 2.5.9
updated CHANGELOG for 2.5.9
[FrameworkBundle] Use security.token_storage service in Controller::getUser()
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
added missing E_USER_DEPRECATED argument to trigger_error() calls
Removed unneeded version requirements
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
Enhance deprecation summary at end of tests
[2.7] silence deprecations for getFactory*() BC layer
...
Conflicts:
CHANGELOG-2.3.md
CHANGELOG-2.5.md
CHANGELOG-2.6.md
src/Symfony/Component/Form/Tests/ResolvedFormTypeTest.php
* 2.6:
bumped Symfony version to 2.6.4
updated VERSION for 2.6.3
updated CHANGELOG for 2.6.3
bumped Symfony version to 2.6.3
updated VERSION for 2.6.2
updated CHANGELOG for 2.6.2
bumped Symfony version to 2.5.10
updated VERSION for 2.5.9
updated CHANGELOG for 2.5.9
[FrameworkBundle] Use security.token_storage service in Controller::getUser()
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
Removed unneeded version requirements
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
[Process] Fix input reset in WindowsPipes
add back model_timezone and view_timezone options
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.5:
bumped Symfony version to 2.5.10
updated VERSION for 2.5.9
updated CHANGELOG for 2.5.9
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
Removed unneeded version requirements
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
Conflicts:
src/Symfony/Component/Console/Tests/Fixtures/application_2.json
src/Symfony/Component/HttpKernel/Kernel.php
* 2.7: (23 commits)
[FrameworkBundle] Removed the use of TableHelper
Spanish translation for the ```checkDNS``` option introduced in #12956.
use Table instead of the deprecated TableHelper
[2.3] fix failing test
Fixes more deprecation notices as per @stof review.
Fixed some deprecations according to @stof feedbacks.
Normalizes deprecation notice messages.
[Validator] fixes UuidValidator deprecated class namespace.
[Form] adds more deprecation notices.
[Validator] adds more deprecation notices.
[Form] Adds a way to trigger deprecation notice on demand for VirtualFormAwareIterator class.
Fixes more deprecation notices.
Normalized @deprecated annotations.
Removed deprecation notices from test files.
Fixes deprecation notices.
Reverted trigger_error() function calls on deprecated interfaces to prevent breaking third party projects implementing them.
Adds deprecation notices for structures to be removed in 3.0.
fixed typo
Escape annotations in comments, refs #13089.
[2.3] missing cleanup for legacy test
...
Conflicts:
.travis.yml
src/Symfony/Bridge/Monolog/Logger.php
src/Symfony/Bridge/Swiftmailer/DataCollector/MessageDataCollector.php
src/Symfony/Bridge/Twig/Node/FormEnctypeNode.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php
src/Symfony/Bundle/FrameworkBundle/Console/Descriptor/Descriptor.php
src/Symfony/Bundle/FrameworkBundle/Console/Descriptor/TextDescriptor.php
src/Symfony/Bundle/FrameworkBundle/Controller/Controller.php
src/Symfony/Bundle/FrameworkBundle/HttpCache/HttpCache.php
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_public.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_services.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_tag1.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/parameters_1.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/route_collection_1.txt
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Config/Definition/ReferenceDumper.php
src/Symfony/Component/Console/Helper/DialogHelper.php
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/Form/Deprecated/FormEvents.php
src/Symfony/Component/Form/Extension/HttpFoundation/EventListener/BindRequestListener.php
src/Symfony/Component/Form/FormEvents.php
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/Debug/ExceptionHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/KernelInterface.php
src/Symfony/Component/OptionsResolver/Tests/LegacyOptionsTest.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Routing/Matcher/ApacheUrlMatcher.php
src/Symfony/Component/Routing/Matcher/Dumper/ApacheMatcherDumper.php
src/Symfony/Component/Yaml/Yaml.php
* 2.6:
use Table instead of the deprecated TableHelper
[2.3] fix failing test
fixed typo
Escape annotations in comments, refs #13089.
[2.3] missing cleanup for legacy test
add missing param names to @param annotation
Improve the composer root version setting on Travis
use Table instead of the deprecated TableHelper
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
* 2.5:
[2.3] fix failing test
fixed typo
Escape annotations in comments, refs #13089.
[2.3] missing cleanup for legacy test
add missing param names to @param annotation
Improve the composer root version setting on Travis
use Table instead of the deprecated TableHelper
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Console/Descriptor/TextDescriptor.php
* 2.3:
[2.3] fix failing test
fixed typo
Escape annotations in comments, refs #13089.
[2.3] missing cleanup for legacy test
add missing param names to @param annotation
Improve the composer root version setting on Travis
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] adds deprecation notices.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #12608, #12672, #12675#12684, #12686
| License | MIT
| Doc PR | ~
Commits
-------
f9fbb4f Fixes more deprecation notices as per @stof review.
fd47c07 Fixed some deprecations according to @stof feedbacks.
2a3e7d2 Normalizes deprecation notice messages.
738b9be [Validator] fixes UuidValidator deprecated class namespace.
e608ba6 [Form] adds more deprecation notices.
cd9617a [Validator] adds more deprecation notices.
a7f841e [Form] Adds a way to trigger deprecation notice on demand for VirtualFormAwareIterator class.
97efd2c Fixes more deprecation notices.
fd9c7bb Normalized @deprecated annotations.
39cfd47 Removed deprecation notices from test files.
2a9749d Fixes deprecation notices.
6f57b7b Reverted trigger_error() function calls on deprecated interfaces to prevent breaking third party projects implementing them.
86b9f6b Adds deprecation notices for structures to be removed in 3.0.
* 2.7:
[2.6] fix deprecation silencing...
[Form] fix Context\ExecutionContextInterface mock
add german translation for checkDNS option
[Validator] marks TraversalStrategy::STOP_RECURSION constant internal as it has been introduced for the BC layer and will be removed in 3.0.
* 2.6:
[2.6] fix deprecation silencing...
[Form] fix Context\ExecutionContextInterface mock
[Validator] marks TraversalStrategy::STOP_RECURSION constant internal as it has been introduced for the BC layer and will be removed in 3.0.
* 2.5:
[Form] fix Context\ExecutionContextInterface mock
[Validator] marks TraversalStrategy::STOP_RECURSION constant internal as it has been introduced for the BC layer and will be removed in 3.0.
* 2.7:
[TwigBundle] always load the exception listener if the templating.engines is not present
[TwigBundle] removed the Container dependency on ActionsExtension
[Filesystem] keep exec perms when copying
fixed typo
Fixed minor typo - override
[Filesystem] enforce umask while testing
[TwigBridge] moved fixtures into their own directory
[2.3] Fix lowest deps
[TwigBundle] added missing @deprecated tags
Use $this->iniSet() in tests
Conflicts:
src/Symfony/Bundle/TwigBundle/composer.json
* 2.6:
fixed typo
Fixed minor typo - override
[Filesystem] enforce umask while testing
[TwigBridge] moved fixtures into their own directory
Use $this->iniSet() in tests
* 2.5:
[2.3] Remove useless tests skips
[ClassLoader] removes deprecated classes from documentation.
[ClassLoader] added missing deprecation notice.
[HttpFoundation] Fix an issue caused by php's Bug #66606.
[Yaml] Update README.md
Don't add Accept-Range header on unsafe HTTP requests
simplify hasScheme method
adapted merge to 2.5
adapted previous commit for 2.3
[Security] Don't send remember cookie for sub request
[Security] fixed wrong phpdoc
[HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri
[2.3] Cleanup deprecations
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/logger.html.twig
src/Symfony/Component/HttpKernel/composer.json
* 2.3:
adapted previous commit for 2.3
[Security] Don't send remember cookie for sub request
[HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri
Conflicts:
src/Symfony/Component/Security/Http/Tests/RememberMe/ResponseListenerTest.php
* 2.7:
Use PHPUnit ini_set wrapper in tests
[Process] Added a test skip check for Windows
[Process] Removed unused variable assignment
Fixes various phpdoc and coding standards.
Fixes Issue #13184 - incremental output getters now return empty strings
Updated copyright to 2015
Updated copyright to 2015
Updated copyright to 2015
[VarDumper] increase debug.max_items to 2500
[Debug] Update exception messages.
use value of DIRECTORY_SEPARATOR to detect Windows
force ExpressionLanguage version >= 2.6
[Debug] fixes ClassNotFoundFatalErrorHandler to correctly handle class not found errors with Symfony ClassLoader component autoloaders.
Clarify a comment.
use PHP_WINDOWS_VERSION_BUILD to detect Windows
Check if a field type_class is defined before using it.
Currently if you want to use inline bootstrap form rendering, this is usually enough:
Add deprecation warning to LegacyPdoSessionHandler
Conflicts:
src/Symfony/Bridge/Monolog/Logger.php
src/Symfony/Bridge/Swiftmailer/LICENSE
src/Symfony/Component/Debug/composer.json
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php
* 2.6:
Use PHPUnit ini_set wrapper in tests
[Process] Added a test skip check for Windows
[Process] Removed unused variable assignment
Fixes various phpdoc and coding standards.
Fixes Issue #13184 - incremental output getters now return empty strings
Updated copyright to 2015
Updated copyright to 2015
Updated copyright to 2015
[VarDumper] increase debug.max_items to 2500
[Debug] Update exception messages.
use value of DIRECTORY_SEPARATOR to detect Windows
force ExpressionLanguage version >= 2.6
[Debug] fixes ClassNotFoundFatalErrorHandler to correctly handle class not found errors with Symfony ClassLoader component autoloaders.
Clarify a comment.
use PHP_WINDOWS_VERSION_BUILD to detect Windows
Check if a field type_class is defined before using it.
Currently if you want to use inline bootstrap form rendering, this is usually enough:
Conflicts:
src/Symfony/Component/Debug/composer.json
* 2.5:
Use PHPUnit ini_set wrapper in tests
[Process] Added a test skip check for Windows
[Process] Removed unused variable assignment
Fixes various phpdoc and coding standards.
Fixes Issue #13184 - incremental output getters now return empty strings
Updated copyright to 2015
Updated copyright to 2015
Clarify a comment.
Conflicts:
src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
* 2.3:
Use PHPUnit ini_set wrapper in tests
[Process] Added a test skip check for Windows
[Process] Removed unused variable assignment
Fixes various phpdoc and coding standards.
Fixes Issue #13184 - incremental output getters now return empty strings
Updated copyright to 2015
Conflicts:
src/Symfony/Bridge/Doctrine/Form/ChoiceList/EntityChoiceList.php
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.7:
[Debug] track and report deprecated classes and interfaces
[Form] Remove a redundant test.
use value of DIRECTORY_SEPARATOR to detect Windows
Conflicts:
src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityRoutingIntegrationTest.php
src/Symfony/Component/Security/Core/Util/SecureRandom.php
* 2.3:
[Form] Remove a redundant test.
use value of DIRECTORY_SEPARATOR to detect Windows
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
src/Symfony/Component/Process/Process.php
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] for consistency, use value of DIRECTORY_SEPARATOR to detect Windows
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This commit unifies the detection of Windows builds across the Symfony
codebase.
Commits
-------
20a427d use value of DIRECTORY_SEPARATOR to detect Windows
* 2.7: (26 commits)
Updated generateSql tool
Fix grammar
Fix the implementation of deprecated Locale classes
Fix phpdoc and coding standards
Replace usages of the deprecated TypeTestCase by the new one
Remove usages of deprecated constants
Update functional tests to use the PSR NullLogger
Updated the SQL data generated from the generateSql tool
Updated generateSql tool
fix regression in form tests after pr #13027 | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | -
[FrameworkBundle] added a test router for the buil-in web server
Make fabbot happy
Clean up testing
No global state for isolated tests and other fixes
No global state for isolated tests and other fixes
fix#10054 - form data collector with dynamic fields
[TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
[Debug] fix checkip6
[HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP header contains a port
[2.7] Allow 3.0 requirements
...
* 2.6: (21 commits)
Updated generateSql tool
Fix grammar
Fix the implementation of deprecated Locale classes
Fix phpdoc and coding standards
Replace usages of the deprecated TypeTestCase by the new one
Remove usages of deprecated constants
Update functional tests to use the PSR NullLogger
fix regression in form tests after pr #13027 | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | -
Make fabbot happy
Clean up testing
No global state for isolated tests and other fixes
No global state for isolated tests and other fixes
fix#10054 - form data collector with dynamic fields
[TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
[Debug] fix checkip6
[HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP header contains a port
Update the note about origins of the CssSelector component.
Use the correct cssselect library name in docblocks.
Fix wrong DateTransformer timezone param for non-UTC configuration. #12808
[Form] Add further timezone tests for date type
...
Conflicts:
src/Symfony/Component/Locale/Locale.php
src/Symfony/Component/Locale/composer.json
* 2.5:
Updated generateSql tool
Fix the implementation of deprecated Locale classes
Fix phpdoc and coding standards
Replace usages of the deprecated TypeTestCase by the new one
Remove usages of deprecated constants
Update functional tests to use the PSR NullLogger
fix regression in form tests after pr #13027 | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | -
Make fabbot happy
Clean up testing
No global state for isolated tests and other fixes
No global state for isolated tests and other fixes
fix#10054 - form data collector with dynamic fields
[TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
[Debug] fix checkip6
[HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP header contains a port
Update the note about origins of the CssSelector component.
Use the correct cssselect library name in docblocks.
[DomCrawler] fixed bug #12143
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Templating/GlobalVariables.php
src/Symfony/Component/Serializer/Normalizer/DenormalizableInterface.php
* 2.3:
Updated generateSql tool
Fix the implementation of deprecated Locale classes
Fix phpdoc and coding standards
Replace usages of the deprecated TypeTestCase by the new one
Remove usages of deprecated constants
Update functional tests to use the PSR NullLogger
Make fabbot happy
Clean up testing
[DomCrawler] fixed bug #12143
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Validator/Constraints/UniqueEntityValidatorTest.php
src/Symfony/Bundle/FrameworkBundle/Tests/Templating/TimedPhpEngineTest.php
src/Symfony/Bundle/TwigBundle/Tests/Loader/FilesystemLoaderTest.php
src/Symfony/Component/Console/Application.php
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
src/Symfony/Component/HttpKernel/Tests/Bundle/BundleTest.php
src/Symfony/Component/Serializer/Encoder/EncoderInterface.php
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
src/Symfony/Component/Validator/Tests/Mapping/ClassMetadataFactoryTest.php
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] Allow 3.0 requirements
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | lets see
| Fixed tickets | -
| License | MIT
| Doc PR | -
2.7 is going to provide almost the same interfaces as 3.0 but also a BC layer for previous releases.
This means that 2.7 is going to be mostly compatible with 3.0.
Lets continuously test this assumption and see when and were we break compat with 2.7 (and try to avoid it as much as possible to smoothen the transition to 3.0).
Commits
-------
b369bb6 [2.7] Allow 3.0 requirements
This removes the unused use statements which were not catched by
PHP-CS-Fixer because of string occurences. It also fixes some invalid
phpdoc (scalar is not recognized as a valid type for instance).
* 2.7:
[Security/Http] fix mock logger in test
[Serializer] Fix XmlFileLoader test
[2.6] silence deprecation notices in new components
[2.5] silence deprecation notices in new components
[VarDumper] Minor fix for the uniformity
[TwigBundle] added missing absolute URL in Twig exceptions
* 2.7:
[2.3] CS And DocBlock Fixes
[Serializer] Serialization groups support
[2.3] CS Fixes
Fixed the issue 11116
[Security] Fixed tests
[Debug] use ternary operator to simplify the getClassLoader() method in DebugClassLoader class.
[FrameworkBundle] Fixed Translation loader and update translation command.
[Console] remove « use » statement for PHP built-in exception classes.
[SecurityBundle] replaced deprecated SecurityContextInterface dependency by new TokenStorageInterface instance in SecurityDataCollector. Also added unit tests suite for SecurityDataCollector class.
[SecurityBundle] use TokenStorageInterface instead of deprecated SecurityContextInterface in SecurityDataCollector and added unit tests suite.
[SecurityBundle] adds unit tests suite for SecurityDataCollector class.
[Serializer] Add xml_format_output context option. Close#12517.
[WebProfilerBundle] Fixed IE8 support
* 2.7: (32 commits)
[Config] adds missing « use » statement for InvalidTypeException type hint in documentation.
[Config] fixes broken unit test on ArrayNode class.
fixed CS
[Security] Delete old session on auth strategy migrate
skip if param "translator.logging" doesn't exist.
[SecurityBundle] fixes SecurityDataCollector::getInheritedRoles() documentation.
update required minimum TwigBridge version
Very minor grammar fix in error message
Added the function providers as container resources
[Tests] Silenced all deprecations in tests for 2.3
BinaryFileResponse - add missing newline
fixed CS
add a limit and a test to FlattenExceptionTest.
[DebugBundle] enable the DumpDataCollectorPass
[FrameworkBundle] Use debug namespace.
[FrameworkBundle] update debug commands references
skip compiler pass if interface doesn't exist
Unify the way to provide expression functions for the DI container
CS: There should be no empty lines following phpdocs
[Security] Added the triggering of the security.interactive_login event after set of token
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.6: (23 commits)
[Config] adds missing « use » statement for InvalidTypeException type hint in documentation.
[Config] fixes broken unit test on ArrayNode class.
fixed CS
[Security] Delete old session on auth strategy migrate
skip if param "translator.logging" doesn't exist.
update required minimum TwigBridge version
Very minor grammar fix in error message
Added the function providers as container resources
[Tests] Silenced all deprecations in tests for 2.3
BinaryFileResponse - add missing newline
fixed CS
add a limit and a test to FlattenExceptionTest.
[DebugBundle] enable the DumpDataCollectorPass
[FrameworkBundle] Use debug namespace.
[FrameworkBundle] update debug commands references
skip compiler pass if interface doesn't exist
Unify the way to provide expression functions for the DI container
CS: There should be no empty lines following phpdocs
fix link format handling with disabled templating
[FrameworkBundle] fix cache:clear command
...
Conflicts:
src/Symfony/Bridge/Doctrine/phpunit.xml.dist
src/Symfony/Bridge/Monolog/phpunit.xml.dist
src/Symfony/Bridge/Propel1/phpunit.xml.dist
src/Symfony/Bridge/ProxyManager/phpunit.xml.dist
src/Symfony/Bridge/Twig/phpunit.xml.dist
src/Symfony/Bundle/FrameworkBundle/phpunit.xml.dist
src/Symfony/Bundle/SecurityBundle/phpunit.xml.dist
src/Symfony/Bundle/TwigBundle/phpunit.xml.dist
src/Symfony/Bundle/WebProfilerBundle/phpunit.xml.dist
src/Symfony/Component/BrowserKit/phpunit.xml.dist
src/Symfony/Component/ClassLoader/phpunit.xml.dist
src/Symfony/Component/Config/phpunit.xml.dist
src/Symfony/Component/Console/phpunit.xml.dist
src/Symfony/Component/CssSelector/phpunit.xml.dist
src/Symfony/Component/Debug/phpunit.xml.dist
src/Symfony/Component/DependencyInjection/phpunit.xml.dist
src/Symfony/Component/DomCrawler/phpunit.xml.dist
src/Symfony/Component/EventDispatcher/phpunit.xml.dist
src/Symfony/Component/Filesystem/phpunit.xml.dist
src/Symfony/Component/Finder/phpunit.xml.dist
src/Symfony/Component/Form/phpunit.xml.dist
src/Symfony/Component/HttpFoundation/phpunit.xml.dist
src/Symfony/Component/HttpKernel/phpunit.xml.dist
src/Symfony/Component/Intl/phpunit.xml.dist
src/Symfony/Component/Locale/phpunit.xml.dist
src/Symfony/Component/OptionsResolver/phpunit.xml.dist
src/Symfony/Component/Process/phpunit.xml.dist
src/Symfony/Component/PropertyAccess/phpunit.xml.dist
src/Symfony/Component/Routing/phpunit.xml.dist
src/Symfony/Component/Security/phpunit.xml.dist
src/Symfony/Component/Serializer/phpunit.xml.dist
src/Symfony/Component/Stopwatch/phpunit.xml.dist
src/Symfony/Component/Templating/phpunit.xml.dist
src/Symfony/Component/Translation/phpunit.xml.dist
src/Symfony/Component/Validator/phpunit.xml.dist
src/Symfony/Component/Yaml/phpunit.xml.dist
* 2.5:
[Config] adds missing « use » statement for InvalidTypeException type hint in documentation.
[Config] fixes broken unit test on ArrayNode class.
fixed CS
[Security] Delete old session on auth strategy migrate
update required minimum TwigBridge version
Very minor grammar fix in error message
[Tests] Silenced all deprecations in tests for 2.3
BinaryFileResponse - add missing newline
fixed CS
add a limit and a test to FlattenExceptionTest.
CS: There should be no empty lines following phpdocs
[FrameworkBundle] fix cache:clear command
[2.3] Docblocks should not be followed by a blank line
Fix return phpdoc
[PropertyAccess] Added test to verify #5775 is fixed
* 2.3:
[Config] adds missing « use » statement for InvalidTypeException type hint in documentation.
[Config] fixes broken unit test on ArrayNode class.
fixed CS
[Security] Delete old session on auth strategy migrate
update required minimum TwigBridge version
Very minor grammar fix in error message
[Tests] Silenced all deprecations in tests for 2.3
BinaryFileResponse - add missing newline
fixed CS
add a limit and a test to FlattenExceptionTest.
CS: There should be no empty lines following phpdocs
[FrameworkBundle] fix cache:clear command
[2.3] Docblocks should not be followed by a blank line
Fix return phpdoc
[PropertyAccess] Added test to verify #5775 is fixed
Conflicts:
src/Symfony/Bundle/TwigBundle/composer.json
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php
src/Symfony/Component/Security/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Delete old session on auth strategy migrate
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13026
| License | MIT
| Doc PR |
As identified by @austinh in #13026 there are two sessions after authentication, since the previous session is migrated to a new one by ``session_regenerate_id``. This PR ensures the old session is been deleted immediately on migration.
I can't see any drawbacks, but if the change would break BC, another approach would be to add a new strategy like ``switch`` to enable instant deletion of the old session.
Commits
-------
5dd11e6 [Security] Delete old session on auth strategy migrate
* 2.7:
[2.6] Test lowest versions of dependencies
Test lowest versions of dependencies
Fix placeholder date format
Test components using their lowest possible deps
* 2.6:
[2.6] Test lowest versions of dependencies
Test lowest versions of dependencies
Fix placeholder date format
Test components using their lowest possible deps
* symfony/2.5:
Test lowest versions of dependencies
Test components using their lowest possible deps
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/EventDispatcher/composer.json
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Security/composer.json
* 2.7: (26 commits)
[Form] fixed a maxlength overring on a guessing
[Debug] Show only unique class candidates
[FrameworkBundle] make GetSetMethodNormalizer available by default
[SecurityBundle] Firewall providers building - code cleaning
[Filesystem] symlink use RealPath instead LinkTarget
[DependencyInjection] Remove duplicate declaration in PhpDumper
terminals are not interactive on Travis
Revert "[DependencyInjection] backport perf optim"
[WebProfiler] Tweaked ajax requests toolbar css reset
[WebProfilerBundle] replaced pattern to path attribute in routes definitions.
fix phpdoc's alignment
Fixed deprecation version
Fix missing addExpressionLanguageProvider (used by service container to add expression providers)
Fixed the AuthenticationProviderInterface alignment
Fixed the proxy-manager version constraint
Fix missing space in label_attr
fix DumpDataCollectorTest after CS changes
avoid risky tests
Fixed typo in SecurityContext PHPDoc
[FrameworkBundle][Template name] avoid error message for the shortcut notation.
...
* 2.6: (24 commits)
[Form] fixed a maxlength overring on a guessing
[Debug] Show only unique class candidates
[SecurityBundle] Firewall providers building - code cleaning
[Filesystem] symlink use RealPath instead LinkTarget
[DependencyInjection] Remove duplicate declaration in PhpDumper
terminals are not interactive on Travis
Revert "[DependencyInjection] backport perf optim"
[WebProfiler] Tweaked ajax requests toolbar css reset
[WebProfilerBundle] replaced pattern to path attribute in routes definitions.
fix phpdoc's alignment
Fix missing addExpressionLanguageProvider (used by service container to add expression providers)
Fixed the AuthenticationProviderInterface alignment
Fixed the proxy-manager version constraint
Fix missing space in label_attr
fix DumpDataCollectorTest after CS changes
avoid risky tests
Fixed typo in SecurityContext PHPDoc
[FrameworkBundle][Template name] avoid error message for the shortcut notation.
[DependencyInjection] perf optim: call dirname() at most 5x
[DependencyInjection] backport perf optim
...
* 2.5:
[Form] fixed a maxlength overring on a guessing
[Debug] Show only unique class candidates
[SecurityBundle] Firewall providers building - code cleaning
[Filesystem] symlink use RealPath instead LinkTarget
[DependencyInjection] Remove duplicate declaration in PhpDumper
terminals are not interactive on Travis
Revert "[DependencyInjection] backport perf optim"
[WebProfilerBundle] replaced pattern to path attribute in routes definitions.
fix phpdoc's alignment
Fixed the AuthenticationProviderInterface alignment
Fixed the proxy-manager version constraint
[FrameworkBundle][Template name] avoid error message for the shortcut notation.
[DependencyInjection] perf optim: call dirname() at most 5x
[DependencyInjection] backport perf optim
Fixed#12845 adding a listener to an event that is currently being dispatched will not result into a fatal error in TraceableEventDispatcher [EventDispatcher]
[2.5] Remove possible call_user_func()
[2.3] Remove possible call_user_func()
Conflicts:
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services1-1.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services1.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services11.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services12.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services8.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services9.php
* 2.7: (27 commits)
Added information when an error occured during validation of an answer of a question
Adding note about known BC issues
Adding note about the PdoSessionHandler BC break
[Console] fixes some typos and phpdoc.
[HttpKernel] Add deprecation log for Kernel::isClassInActiveBundle()
fix phpdoc's alignment
[2.6] CS Fixes And Removed An Unused Import
Minor phpcs fixes
[ClassLoader] Fix undefined index in ClassCollectionLoader
CS fixes
Revert "minor #12821 Remove deprecated class (MasterB)"
[2.3] More cs fixes
Removed unused imports
CS fixes
bumped Symfony version to 2.6.2
updated VERSION for 2.6.1
updated CHANGELOG for 2.6.1
bumped Symfony version to 2.5.9
updated VERSION for 2.5.8
update CONTRIBUTORS for 2.5.8
...
* 2.6: (25 commits)
Added information when an error occured during validation of an answer of a question
Adding note about known BC issues
Adding note about the PdoSessionHandler BC break
[Console] fixes some typos and phpdoc.
fix phpdoc's alignment
[2.6] CS Fixes And Removed An Unused Import
Minor phpcs fixes
[ClassLoader] Fix undefined index in ClassCollectionLoader
CS fixes
Revert "minor #12821 Remove deprecated class (MasterB)"
[2.3] More cs fixes
Removed unused imports
CS fixes
bumped Symfony version to 2.6.2
updated VERSION for 2.6.1
updated CHANGELOG for 2.6.1
bumped Symfony version to 2.5.9
updated VERSION for 2.5.8
update CONTRIBUTORS for 2.5.8
updated CHANGELOG for 2.5.8
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.5:
Added information when an error occured during validation of an answer of a question
[Console] fixes some typos and phpdoc.
fix phpdoc's alignment
Minor phpcs fixes
[ClassLoader] Fix undefined index in ClassCollectionLoader
* 2.5:
CS fixes
[2.3] More cs fixes
Removed unused imports
CS fixes
bumped Symfony version to 2.5.9
updated VERSION for 2.5.8
update CONTRIBUTORS for 2.5.8
updated CHANGELOG for 2.5.8
bumped Symfony version to 2.3.24
updated VERSION for 2.3.23
update CONTRIBUTORS for 2.3.23
updated CHANGELOG for 2.3.23
Conflicts:
src/Symfony/Component/Console/Helper/ProgressBar.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Http/HttpUtils.php
src/Symfony/Component/Validator/Mapping/Factory/LazyLoadingMetadataFactory.php
* 2.3:
[2.3] More cs fixes
Removed unused imports
CS fixes
bumped Symfony version to 2.3.24
updated VERSION for 2.3.23
update CONTRIBUTORS for 2.3.23
updated CHANGELOG for 2.3.23
Conflicts:
src/Symfony/Bundle/FrameworkBundle/EventListener/SessionListener.php
src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/Tests/Bundle/BundleTest.php
src/Symfony/Component/Routing/Matcher/Dumper/PhpMatcherDumper.php
* 2.7: (65 commits)
Configure firewall's kernel exception listener with configured entry point or a default entry point
PSR-2 fixes
[DependencyInjection] make paths relative to __DIR__ in the generated container
[FrameworkBundle][Router Cmd] use debug namespace.
[FrameworkBundle] Update deprecated service call
Fix PHP Fatal error: Cannot call constructor in symfony/console/Symfony/Component/Console/Helper/DialogHelper.php on line 37
Removed a dev annotation from a version constraint
Fixed the syntax of a composer.json file
Fixed the symfony/config version constraint
Tweaked the password-compat version constraint
Docblock fixes
Append to PR #12737 referring Ticket #12704
Issue #12658 Add a deprecation note about Translator's setFallbackLocale...
Issue #12606 Adding warning logs about the deprecation of [...]/Tests/FormIntegration...
Hackday deprecated 12621
Added deprecation log for validate and validateValue on ExecutionContext...
[Console] [Hackday] [2.7] Add a deprecation note about ProgressHelper
[Hackday][2.7] Add a deprecation note about MetadataInterface's accept() method
[Validator] Added a deprecation note about setPropertyAccessor #12698
[Locale] Adding a deprecation note about the Locale component
...
* 2.6:
Configure firewall's kernel exception listener with configured entry point or a default entry point
PSR-2 fixes
[DependencyInjection] make paths relative to __DIR__ in the generated container
[FrameworkBundle][Router Cmd] use debug namespace.
[FrameworkBundle] Update deprecated service call
Removed a dev annotation from a version constraint
Fixed the syntax of a composer.json file
Fixed the symfony/config version constraint
Tweaked the password-compat version constraint
Docblock fixes
[Filesystem] fix lock file permissions
Remove dialog usage
define constant only if it wasn't defined before
Fix incorrect spanish translation
Fixed typos
Fixed a docblock
bumped Symfony version to 2.6.1
updated VERSION for 2.6.0
updated CHANGELOG for 2.6.0
removed unneeded check
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.5:
Configure firewall's kernel exception listener with configured entry point or a default entry point
PSR-2 fixes
[DependencyInjection] make paths relative to __DIR__ in the generated container
Fixed the syntax of a composer.json file
Fixed the symfony/config version constraint
Tweaked the password-compat version constraint
Docblock fixes
Remove dialog usage
define constant only if it wasn't defined before
Fix incorrect spanish translation
Fixed typos
Conflicts:
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/OptionsResolver/Options.php
src/Symfony/Component/OptionsResolver/OptionsResolverInterface.php
src/Symfony/Component/Process/ProcessPipes.php
src/Symfony/Component/Security/Http/Tests/Firewall/RememberMeListenerTest.php
src/Symfony/Component/Serializer/Normalizer/DenormalizableInterface.php
src/Symfony/Component/Validator/ConstraintViolation.php
src/Symfony/Component/Yaml/Inline.php
src/Symfony/Component/Yaml/Parser.php
* 2.3:
Configure firewall's kernel exception listener with configured entry point or a default entry point
PSR-2 fixes
[DependencyInjection] make paths relative to __DIR__ in the generated container
Fixed the syntax of a composer.json file
Fixed the symfony/config version constraint
Tweaked the password-compat version constraint
Docblock fixes
define constant only if it wasn't defined before
Fix incorrect spanish translation
Fixed typos
Conflicts:
composer.json
src/Symfony/Bridge/Twig/TwigEngine.php
src/Symfony/Bundle/FrameworkBundle/Controller/Controller.php
src/Symfony/Bundle/FrameworkBundle/Templating/Loader/FilesystemLoader.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Console/Descriptor/MarkdownDescriptor.php
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/Console/Tests/Helper/HelperSetTest.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/Finder/Tests/Iterator/RecursiveDirectoryIteratorTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataMapper/PropertyPathMapperTest.php
src/Symfony/Component/HttpFoundation/Response.php
src/Symfony/Component/HttpFoundation/StreamedResponse.php
src/Symfony/Component/HttpKernel/Controller/ControllerResolver.php
src/Symfony/Component/HttpKernel/Controller/ControllerResolverInterface.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Tests/DataCollector/RequestDataCollectorTest.php
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
src/Symfony/Component/PropertyAccess/PropertyAccessorBuilder.php
src/Symfony/Component/Routing/Tests/Fixtures/validpattern.php
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
src/Symfony/Component/Serializer/Normalizer/GetSetMethodNormalizer.php
src/Symfony/Component/Stopwatch/StopwatchEvent.php
src/Symfony/Component/Stopwatch/StopwatchPeriod.php
src/Symfony/Component/Templating/PhpEngine.php
src/Symfony/Component/Templating/TemplateReference.php
src/Symfony/Component/Templating/TemplateReferenceInterface.php
src/Symfony/Component/Translation/TranslatorInterface.php
src/Symfony/Component/Validator/ConstraintViolation.php
src/Symfony/Component/Validator/ExecutionContextInterface.php
src/Symfony/Component/Validator/Mapping/ClassMetadata.php
src/Symfony/Component/Validator/MetadataFactoryInterface.php
This PR was merged into the 2.3 branch.
Discussion
----------
Docblock Fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
##### This pull request fixes the docblock alignment as requested in #12760.
It was also necessary for me to ensure the `@return` annotations were correctly separated in order to accurately align the `@param` annotations.
Commits
-------
443307e Docblock fixes
* 2.7: (36 commits)
[Debug] fix error message on double exception
[Validator] make DateTime objects represented as strings in the violation message.
[RFC] [DebugBundle] [HttpKernel] Avoid using container as dependency for DumpListener
Upgrade information for the Translation component regarding the new LoggingTranslator class.
[WebProfilerBundle] Remove usage of app.request in search bar template
Fix initialized() with aliased services
fix data type in docblock
Rename Symfony2 to Symfony
bumped Symfony version to 2.6.0
updated VERSION for 2.6.0-BETA2
updated CHANGELOG for 2.6.0-BETA2
[Debug] fix ENT_SUBSTITUTE usage
compare version using PHP_VERSION_ID
backport #12489
remove an unneeded check
Remove block submit_widget
reformat code as suggested by @fabpot
Fix typo
Make `\Request::get` more performant.
properly set request attributes in controller test
...
* 2.6: (36 commits)
[Debug] fix error message on double exception
[Validator] make DateTime objects represented as strings in the violation message.
[RFC] [DebugBundle] [HttpKernel] Avoid using container as dependency for DumpListener
Upgrade information for the Translation component regarding the new LoggingTranslator class.
[WebProfilerBundle] Remove usage of app.request in search bar template
Fix initialized() with aliased services
fix data type in docblock
Rename Symfony2 to Symfony
bumped Symfony version to 2.6.0
updated VERSION for 2.6.0-BETA2
updated CHANGELOG for 2.6.0-BETA2
[Debug] fix ENT_SUBSTITUTE usage
compare version using PHP_VERSION_ID
backport #12489
remove an unneeded check
Remove block submit_widget
reformat code as suggested by @fabpot
Fix typo
Make `\Request::get` more performant.
properly set request attributes in controller test
...
* 2.5:
[Debug] fix error message on double exception
Fix initialized() with aliased services
Rename Symfony2 to Symfony
compare version using PHP_VERSION_ID
backport #12489
remove an unneeded check
* 2.7:
Extract an AbstractEventDispatcherTest from EventDispatcherTest and also use it in ContainerAwareEventDispatcherTest
[SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners
be smarter when guessing the document root
Azerbaijani locale
Fixed grammar error in docblock
[HttpKernel] fix parse error in DumpDataCollector
[TwigBundle/DebugBundle] move dump extension & cleanups
Adjust upgrade file rendering
[Bridge/Propel1] Changed deps to accepts all upcoming propel1 versions
compare version using PHP_VERSION_ID
[Form] Add doc for FormEvents
*_timezone changes also affect the BirthdayType
don't override internal PHP constants
Drop support for model_timezone and view_timezone options in TimeType and DateType.
[DomCrawler] Added support for link tags in the Link class
[Session] Fix parameter names in WriteCheckSessionHandler
Add consistency with request type checking
[FrameworkBundle] Fix server run in case the router script does not exist
* 2.6:
Extract an AbstractEventDispatcherTest from EventDispatcherTest and also use it in ContainerAwareEventDispatcherTest
[SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners
be smarter when guessing the document root
Azerbaijani locale
Fixed grammar error in docblock
[HttpKernel] fix parse error in DumpDataCollector
[TwigBundle/DebugBundle] move dump extension & cleanups
Adjust upgrade file rendering
[Bridge/Propel1] Changed deps to accepts all upcoming propel1 versions
compare version using PHP_VERSION_ID
[Form] Add doc for FormEvents
*_timezone changes also affect the BirthdayType
don't override internal PHP constants
Drop support for model_timezone and view_timezone options in TimeType and DateType.
[DomCrawler] Added support for link tags in the Link class
[Session] Fix parameter names in WriteCheckSessionHandler
Add consistency with request type checking
[FrameworkBundle] Fix server run in case the router script does not exist
* 2.5:
[SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners
be smarter when guessing the document root
Azerbaijani locale
Fixed grammar error in docblock
Adjust upgrade file rendering
[Bridge/Propel1] Changed deps to accepts all upcoming propel1 versions
compare version using PHP_VERSION_ID
[Form] Add doc for FormEvents
don't override internal PHP constants
[Session] Fix parameter names in WriteCheckSessionHandler
Add consistency with request type checking
[FrameworkBundle] Fix server run in case the router script does not exist
Conflicts:
composer.json
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/Debug/ExceptionHandler.php
* 2.3:
[SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners
be smarter when guessing the document root
Azerbaijani locale
Fixed grammar error in docblock
Adjust upgrade file rendering
[Bridge/Propel1] Changed deps to accepts all upcoming propel1 versions
compare version using PHP_VERSION_ID
[Form] Add doc for FormEvents
don't override internal PHP constants
Conflicts:
UPGRADE-3.0.md
src/Symfony/Bundle/FrameworkBundle/Command/ServerRunCommand.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/HttpFoundation/Response.php
To let opcode caches optimize cached code, the `PHP_VERSION_ID`
constant is used to detect the current PHP version instead of calling
`version_compare()` with `PHP_VERSION`.
* 2.7:
Update filesystem readme.md to include exists method
Add machine readable events
Fixed minor typo
[FrameworkBundle] Fix server start in case the PHP binary is not found
Update UPGRADE-2.6.md
[HttpKernel][2.6] Adding support for invokable controllers in the RequestDataCollector
fixed typo
[Translations] Added missing Hebrew language trans-unit sources
[DependencyInjection] inlined factory not referenced
Fixed case for empty folder
Fixed whitespace control for password form widget
[Routing] correctly initialize condition as string
* 2.6:
Update filesystem readme.md to include exists method
Add machine readable events
Fixed minor typo
[FrameworkBundle] Fix server start in case the PHP binary is not found
Update UPGRADE-2.6.md
[HttpKernel][2.6] Adding support for invokable controllers in the RequestDataCollector
fixed typo
[Translations] Added missing Hebrew language trans-unit sources
[DependencyInjection] inlined factory not referenced
Fixed case for empty folder
Fixed whitespace control for password form widget
[Routing] correctly initialize condition as string
* 2.5:
Update filesystem readme.md to include exists method
Add machine readable events
[HttpKernel][2.6] Adding support for invokable controllers in the RequestDataCollector
fixed typo
[Translations] Added missing Hebrew language trans-unit sources
[DependencyInjection] inlined factory not referenced
Fixed case for empty folder
Fixed whitespace control for password form widget
[Routing] correctly initialize condition as string
* 2.5:
added missing files
[TwigBundle] added a test
Indicate which file was being parsed if an exception is thrown while running translation:debug
[ClassLoader] Cast $useIncludePath property to boolean
[HttpFoundation] Minor spelling fix in PHPDocs
improve error message for multiple documents
Remove aligned '=>' and '='
[Session] remove invalid workaround in session regenerate
[Kernel] ensure session is saved before sending response
[Routing] serialize the compiled route to speed things up
[Form] Fixed usage of "name" variable in form_start block
[Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
[DependencyInjection] use inheritdoc for loaders
[Config] fix filelocator with empty name
[Form] fix form handling with unconventional request methods like OPTIONS
CSRF warning docs on Request::enableHttpMethodParameterOverride()
Conflicts:
src/Symfony/Component/Console/Helper/ProgressBar.php
* 2.5:
Remove aligned '=>' and '='
Break infinite loop while resolving aliases
[Security][listener] change priority of switchuser
Improved the phpdoc for security token classes
bumped Symfony version to 2.5.7
updated VERSION for 2.5.6
updated CHANGELOG for 2.5.6
bumped Symfony version to 2.3.22
updated VERSION for 2.3.21
update CONTRIBUTORS for 2.3.21
updated CHANGELOG for 2.3.21
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Form/Extension/Core/Type/BaseType.php
src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php
src/Symfony/Component/Form/Extension/Core/Type/DateTimeType.php
src/Symfony/Component/Form/Extension/Core/Type/DateType.php
src/Symfony/Component/Form/Extension/Core/Type/TimeType.php
src/Symfony/Component/Form/Extension/Validator/Type/FormTypeValidatorExtension.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php
src/Symfony/Component/HttpFoundation/Session/Storage/Handler/PdoSessionHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/SecurityContextInterface.php
src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php
src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php
src/Symfony/Component/Serializer/Serializer.php
src/Symfony/Component/Validator/Constraints/File.php
This PR was squashed before being merged into the 2.3 branch (closes#12293).
Discussion
----------
Remove aligned '=>' and '='
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | [https://github.com/symfony/symfony/issues/12284]
| License | MIT
Could you said to me if i should make an other PR for 2.5 branch.
Commits
-------
51312d3 Remove aligned '=>' and '='
* 2.5:
enforce memcached version to be 2.1.0
[PropertyAccess] Simplified code
[FrameworkBundle] improve server:run feedback
[Form] no need to add the url listener when it does not do anything
[Form] Fix#11694 - Enforce options value type check in some form types
Lithuanian security translations
[SecurityBundle] Add trust_resolver variable into expression | Q | A | ------------- | --- | Bug fix? | [yes] | New feature? | [no] | BC breaks? | [no] | Deprecations? | [no] | Tests pass? | [yes] | Fixed tickets | [#12224] | License | MIT | Doc PR | [-]
[Router] Cleanup
Fixed UPGRADE-3.0.md markup
[FrameworkBundle] Fixed ide links
Add missing argument
[TwigBundle] do not pass a template reference to twig
[TwigBundle] show correct fallback exception template in debug mode
[TwigBundle] remove unused email placeholder from error page
use meta charset in layouts without legacy http-equiv
Conflicts:
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
* 2.3:
enforce memcached version to be 2.1.0
[FrameworkBundle] improve server:run feedback
[Form] no need to add the url listener when it does not do anything
[Form] Fix#11694 - Enforce options value type check in some form types
Lithuanian security translations
[Router] Cleanup
[FrameworkBundle] Fixed ide links
Add missing argument
[TwigBundle] do not pass a template reference to twig
[TwigBundle] show correct fallback exception template in debug mode
[TwigBundle] remove unused email placeholder from error page
use meta charset in layouts without legacy http-equiv
Conflicts:
src/Symfony/Bundle/TwigBundle/Loader/FilesystemLoader.php
src/Symfony/Bundle/TwigBundle/Resources/views/layout.html.twig
* 2.5:
[Doc] Use Markdown syntax highlighting
[Finder] tweaked docs
[Finder] Add info about possibilities offered by SplFileInfo
fixed CS
[Security][Http][Authentication] Make a test pass on HHVM
fix components tests
[Intl] FIxed failing test
[Intl] Generated the data for ICU version 54-rc
[EventDispatcher] fix doc bloc on EventDispatcherInterface
[Validator] Update validators.zh_CN.xlf, fix translation error
bumped Symfony version to 2.5.6
updated VERSION for 2.5.5
updated CHANGELOG for 2.5.5
bumped Symfony version to 2.3.21
updated VERSION for 2.3.20
update CONTRIBUTORS for 2.3.20
updated CHANGELOG for 2.3.20
[Intl] Integrated ICU data into Intl component
Conflicts:
src/Symfony/Component/Debug/README.md
src/Symfony/Component/DependencyInjection/README.md
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/OptionsResolver/README.md
* 2.5:
fixed deps
[Debug] fixed class lookup when using PSR-0 with a target dir
fixed standalone tests
fixed standalone tests
[Validator] fixed component standalone tests
fixed standalone component tests depending on Validator and Form
fixed some composer.json to make standalone component tests pass
[SecurityBundle] fixed tests when used in standalone
* 2.4:
[Debug] fixed class lookup when using PSR-0 with a target dir
fixed standalone tests
fixed standalone tests
[Validator] fixed component standalone tests
fixed standalone component tests depending on Validator and Form
fixed some composer.json to make standalone component tests pass
[SecurityBundle] fixed tests when used in standalone
Conflicts:
src/Symfony/Component/HttpKernel/Tests/Bundle/BundleTest.php
src/Symfony/Component/Validator/composer.json
This PR was merged into the 2.6-dev branch.
Discussion
----------
Expression language extensibility
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10512
| License | MIT
| Doc PR | not yet
The way we can add functions to an ExpressionLanguage instance is by using inheritance. #10512 tries to make the expression language in the routing flexible but using inheritance won't work when several bundles want to add functions.
So, this PR takes another approach to solve the problem globally.
Todo:
* [x] add some more tests
* [ ] add some docs
Commits
-------
7c24188 [FrameworkBundle] added a compiler pass for expression language providers
4195a91 [Routing] added support for custom expression language functions
1a39046 [Security] added support for custom expression language functions
79bcd52b [DependencyInjection] added support for custom expression language functions
184742c [ExpressionLanguage] added ExpressionFunction and ExpressionFunctionProviderInterface
* 2.5:
[Validator] Added ConstraintValidator::buildViolation() helper for BC with 2.4 API
[Validator] Fixed LegacyValidator when only a constraint is validated
Conflicts:
src/Symfony/Component/Form/Extension/Validator/Constraints/FormValidator.php
src/Symfony/Component/Validator/Constraints/AbstractComparisonValidator.php
src/Symfony/Component/Validator/Constraints/RangeValidator.php
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Security] make it possible to override the default success/failure handler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5432, #9272, #10417, #11926
| License | MIT
| Doc PR | symfony/symfony-docs#4258
Overriding the default success/failure handler of the security firewalls is possible via the `success_handler` and `failure_handler` setting but this approach is not flexible as it does not allow you to get the options/provider key.
To sum up the problem:
* Overriding the default success/failure handler is possible via a service;
* When not overridden, the default success/failure handler gets options and the provider key;
* Those options and the provider key are injected by the factory as they are dynamic (they depend on the firewall and the provider key), so getting those options/provider key is not possible for a custom service that is only configured via the container configuration;
* Extending the default handler does not help as the injection mechanism is only triggered when no custom provider is set;
* Wrapping the default handler is not possible as the service id is dynamic.
... and of course we need to keep BC and make it work for people extending the default handler but also for people just using the interface.
Instead of the current PR, I propose this slightly different approach. It's not perfect, but given the above constraint, I think this is an acceptable trade-of.
So, several use cases:
* Using the default handler (no change);
* Using a custom handler that implements `AuthenticationSuccessHandlerInterface` directly and does not need any options (no change);
* Using a custom handler that needs the options/provider key (that's the new use case this PR supports).
This PR introduces 2 new classes that wrap custom handlers. If those classes define the `setOptions()` and/or `setProviderKey()` methods, they are automatically called with the correct arguments. Yours handler does not need to extend the default handler `DefaultAuthentication*Handler`, but doing so helps as the setters are already defined there.
Commits
-------
810eeaf [Security] made it possible to override the default success/failure handler (take 2)
36116fc [Security] made it possible to override the default success/failure handler
* 2.5:
[Command] Set the process title as late as possible
[Form] Removed constructor argument from FormTypeHttpFoundationExtension for forward compatibility with 2.5
[Validator] Simplified testing of violations
remove obsolete test file
[FrameworkBundle] output failed matched path for clarification
bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider
[Validator] Fixed StaticMethodLoaderTest to actually test something
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
Use request format from request in twig ExceptionController
fixed bug
added the possibility to return null from SimplePreAuthenticationListener
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
[Form] Add a form error if post_max_size has been reached.
Response::isNotModified returns true when If-Modified-Since is later than Last-Modified
[WebProfilerBundle] turbolinks compatibility
Conflicts:
src/Symfony/Component/Form/Tests/Extension/Validator/Constraints/FormValidatorTest.php
* 2.4:
[Form] Removed constructor argument from FormTypeHttpFoundationExtension for forward compatibility with 2.5
[Validator] Simplified testing of violations
remove obsolete test file
[FrameworkBundle] output failed matched path for clarification
bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider
[Validator] Fixed StaticMethodLoaderTest to actually test something
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
Use request format from request in twig ExceptionController
fixed bug
added the possibility to return null from SimplePreAuthenticationListener
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
[Form] Add a form error if post_max_size has been reached.
Response::isNotModified returns true when If-Modified-Since is later than Last-Modified
[WebProfilerBundle] turbolinks compatibility
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/FormType.php
src/Symfony/Component/Form/Extension/Validator/Constraints/FormValidator.php
src/Symfony/Component/Form/Extension/Validator/Util/ServerParams.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
src/Symfony/Component/Validator/Tests/Constraints/AbstractConstraintValidatorTest.php
* 2.3:
remove obsolete test file
[FrameworkBundle] output failed matched path for clarification
bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider
[Validator] Fixed StaticMethodLoaderTest to actually test something
[Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required
Use request format from request in twig ExceptionController
[Form] Moved POST_MAX_SIZE validation from FormValidator to request handler
[Form] Add a form error if post_max_size has been reached.
Response::isNotModified returns true when If-Modified-Since is later than Last-Modified
[WebProfilerBundle] turbolinks compatibility
Conflicts:
src/Symfony/Component/Form/CHANGELOG.md
src/Symfony/Component/HttpFoundation/Tests/ResponseTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
This PR was squashed before being merged into the 2.6-dev branch (closes#10698).
Discussion
----------
[Security] Added a REMOTE_USER based listener to security firewalls
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | /
| License | MIT
| Doc PR | symfony/symfony-docs#3912
TODO
- [x] submit changes to the documentation
I've seen myself implementing a few times a REMOTE_USER based authentication listener, as a large part of security modules for Apache (Kerberos, CAS, and more) are providing the username via an environment variable.
So I thought this could benefit the whole community if directly included in the framework. It is very similar to the X509AuthenticationListener, and basing the RemoteUserAuthenticationListener on the AbstractPreAuthenticatedListener is relevant and very convenient.
Using the X509AuthenticationListener could be possible, but it is confusing to use it directly when your authentication is not certificate based.
Please let me know if I need to update anything.
Regards
Commits
-------
a2872f2 [Security] Added a REMOTE_USER based listener to security firewalls
* 2.5: (43 commits)
[Form] Fix PHPDoc for builder setData methods The underlying data variable is typed as mixed whereas the methods paramers where typed as array.
fixed CS
[Intl] Improved bundle reader implementations
[Console] guarded against invalid aliases
switch before_script to before_install and script to install
fixed typo
[HttpFoundation] Request - URI - comment improvements
[Validator] The ratio of the ImageValidator is rounded to two decimals now
[Security] Added more tests
remove `service` parameter type from XSD
[Intl] Added exception handler to command line scripts
[Intl] Fixed a few bugs in TextBundleWriter
[Intl] Updated icu.ini up to ICU 53
[Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle
Use separated function to resolve command and related arguments
[SwiftmailerBridge] Bump allowed versions of swiftmailer
[FrameworkBundle] Remove invalid markup
[Intl] Added "internal" tag to all classes under Symfony\Component\Intl\ResourceBundle
Remove routes for removed WebProfiler actions
[Security] Fix usage of unexistent method in DoctrineAclCache.
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ServerRunCommand.php
src/Symfony/Component/HttpKernel/HttpCache/Esi.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Translation/Tests/Dumper/XliffFileDumperTest.php
src/Symfony/Component/Yaml/Parser.php
src/Symfony/Component/Yaml/Tests/InlineTest.php
* 2.4: (39 commits)
[Form] Fix PHPDoc for builder setData methods The underlying data variable is typed as mixed whereas the methods paramers where typed as array.
fixed CS
[Intl] Improved bundle reader implementations
[Console] guarded against invalid aliases
switch before_script to before_install and script to install
fixed typo
[HttpFoundation] Request - URI - comment improvements
[Validator] The ratio of the ImageValidator is rounded to two decimals now
[Security] Added more tests
remove `service` parameter type from XSD
[Intl] Added exception handler to command line scripts
[Intl] Fixed a few bugs in TextBundleWriter
[Intl] Updated icu.ini up to ICU 53
[Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle
Use separated function to resolve command and related arguments
[SwiftmailerBridge] Bump allowed versions of swiftmailer
[FrameworkBundle] Remove invalid markup
[Intl] Added "internal" tag to all classes under Symfony\Component\Intl\ResourceBundle
Remove routes for removed WebProfiler actions
[Security] Fix usage of unexistent method in DoctrineAclCache.
...
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/Command/ServerRunCommand.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/PhpExecutableFinder.php
* 2.3: (35 commits)
[Form] Fix PHPDoc for builder setData methods The underlying data variable is typed as mixed whereas the methods paramers where typed as array.
fixed CS
[Intl] Improved bundle reader implementations
[Console] guarded against invalid aliases
switch before_script to before_install and script to install
fixed typo
[HttpFoundation] Request - URI - comment improvements
[Security] Added more tests
remove `service` parameter type from XSD
[Intl] Added exception handler to command line scripts
[Intl] Fixed a few bugs in TextBundleWriter
[Intl] Updated icu.ini up to ICU 53
[Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle
Use separated function to resolve command and related arguments
[SwiftmailerBridge] Bump allowed versions of swiftmailer
[FrameworkBundle] Remove invalid markup
[Intl] Added "internal" tag to all classes under Symfony\Component\Intl\ResourceBundle
Remove routes for removed WebProfiler actions
[Security] Fix usage of unexistent method in DoctrineAclCache.
backport more error information from 2.6 to 2.3
...
Conflicts:
.travis.yml
src/Symfony/Component/DependencyInjection/Loader/YamlFileLoader.php
src/Symfony/Component/DependencyInjection/Tests/Loader/XmlFileLoaderTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/PhpExecutableFinder.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Use hash_equals for constant-time string comparison (again)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Use the `hash_equals` function (introduced in PHP 5.6) for timing attack safe string comparison when available.
Add in the DocBlock that length will leak (https://github.com/symfony/symfony/pull/11797#issuecomment-53990712).
Commits
-------
3071557 [Security] Add more tests for StringUtils::equals
03bd74b [Security] Use hash_equals for constant-time string comparison
* 2.5: (23 commits)
[HttpKernel] fixed some unit tests for 2.4 (signature now uses SHA256 instead of MD5)
[HttpKernel] simplified code
[HttpKernel] fixed internal fragment handling
fixing yaml indentation
Unexpexted ));"
[WebProfiler] replaced the import/export feature from the web interface to a CLI tool
Forced all fragment uris to be signed, even for ESI
Add tests and more assertions
[FrameworkBundle][Translator] Validate locales.
[HttpFoundation] added some missing tests
[HttpFoundation] Improve string values in test codes
[Security] Add more tests for StringUtils::equals
fix comment: not fourth but sixth argument
fixing typo in a comment
[FrameworkBundle] fixed CS
[FrameworkBundle] PhpExtractor bugfix and improvements
[Finder] Fix findertest readability
[Filesystem] Add FTP stream wrapper context option to enable overwrite (override)
fix parsing of Authorization header
Test examples from Drupal SA-CORE-2014-003
...
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/admin.html.twig
src/Symfony/Component/Filesystem/Filesystem.php
src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
* 2.4: (21 commits)
[HttpKernel] fixed some unit tests for 2.4 (signature now uses SHA256 instead of MD5)
[HttpKernel] simplified code
[HttpKernel] fixed internal fragment handling
fixing yaml indentation
[WebProfiler] replaced the import/export feature from the web interface to a CLI tool
Forced all fragment uris to be signed, even for ESI
Add tests and more assertions
[FrameworkBundle][Translator] Validate locales.
[HttpFoundation] added some missing tests
[HttpFoundation] Improve string values in test codes
[Security] Add more tests for StringUtils::equals
fix comment: not fourth but sixth argument
fixing typo in a comment
[FrameworkBundle] fixed CS
[FrameworkBundle] PhpExtractor bugfix and improvements
[Finder] Fix findertest readability
[Filesystem] Add FTP stream wrapper context option to enable overwrite (override)
fix parsing of Authorization header
Test examples from Drupal SA-CORE-2014-003
Fix potential DoS when parsing HOST
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/Translation/TranslatorTest.php
src/Symfony/Bundle/FrameworkBundle/Translation/Translator.php
* 2.3:
[HttpKernel] fixed internal fragment handling
fixing yaml indentation
[WebProfiler] replaced the import/export feature from the web interface to a CLI tool
Forced all fragment uris to be signed, even for ESI
Add tests and more assertions
[FrameworkBundle][Translator] Validate locales.
[HttpFoundation] added some missing tests
[HttpFoundation] Improve string values in test codes
fix comment: not fourth but sixth argument
fixing typo in a comment
[FrameworkBundle] fixed CS
[FrameworkBundle] PhpExtractor bugfix and improvements
[Finder] Fix findertest readability
[Filesystem] Add FTP stream wrapper context option to enable overwrite (override)
fix parsing of Authorization header
Test examples from Drupal SA-CORE-2014-003
Fix potential DoS when parsing HOST
Made optimization deprecating modulus operator
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/config/esi.xml
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Made optimization on constant-time algorithm removing modulus operator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This fix improves the constant-time algorithm used to compare strings, as it removes the `%` operator inside the loop.
Commits
-------
000bd0d Made optimization deprecating modulus operator
* 2.5:
[DependencyInjection] fix @return anno created by PhpDumper
Fixed the phpdoc of the VoterInterface
[DoctrineBridge] Fix empty parameter logging in the dbal logger
[Validator] remove duplicate interface implementations
[Validator] fix return doc of ClassMetadata::getCascadingStrategy
Fixed#11675 ValueToDuplicatesTransformer accept "0" value
check for the correct field type
fix handling of nullable XML attributes
[DomCrawler] fix the axes handling in a bc way
* 2.4:
[DependencyInjection] fix @return anno created by PhpDumper
Fixed the phpdoc of the VoterInterface
[DoctrineBridge] Fix empty parameter logging in the dbal logger
Fixed#11675 ValueToDuplicatesTransformer accept "0" value
check for the correct field type
fix handling of nullable XML attributes
[DomCrawler] fix the axes handling in a bc way
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services9.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services9_compiled.php
* 2.3:
[DependencyInjection] fix @return anno created by PhpDumper
Fixed the phpdoc of the VoterInterface
[DoctrineBridge] Fix empty parameter logging in the dbal logger
Fixed#11675 ValueToDuplicatesTransformer accept "0" value
check for the correct field type
fix handling of nullable XML attributes
[DomCrawler] fix the axes handling in a bc way
Conflicts:
src/Symfony/Component/DomCrawler/Tests/CrawlerTest.php
* 2.5: (37 commits)
[Validator] Backported constraint validator tests from 2.5
[Validator] Backported constraint validator tests from 2.5
[DIC] Fixed: anonymous services are always private
Fix toolbar vertical alignment.
[HttpFoundation] MongoDbSessionHandler supports auto expiry via configurable expiry_field
[Validator] Fix little typo in ExecutionContextInterface::buildViolation() method comments
fix dependencies on HttpFoundation component
[FrameworkBundle] add missing attribute to XSD
Allow basic auth in url. Improve regex. Add tests.
fix typos and syntax in Profiler controller method comments
resolve parameters before the configs are processed
add symfony/yaml suggestion to composer.json
[HttpKernel] added an analyze of environment parameters for built-in server.
remove volatile tests
[Console] fixed style creation when providing an unknown tag option
change command to which available under most unix systems
add way to test command under windows
fix shell command injection
[Form] allowed CallbackTransformer to use callable
[Process] Added process synchronization to the incremental output tests
...
Conflicts:
src/Symfony/Component/Form/Extension/Validator/Constraints/FormValidator.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Validator/Constraints/AllValidator.php
src/Symfony/Component/Validator/Constraints/CollectionValidator.php
src/Symfony/Component/Validator/Constraints/LegacyAllValidator.php
src/Symfony/Component/Validator/Constraints/LegacyCollectionValidator.php
src/Symfony/Component/Validator/Tests/Constraints/FileValidatorTest.php
* 2.5: (33 commits)
[Validator] Added Swedish translations
[Validator] Fixed ExpressionValidator when the validation root is not an object
[Validator] Fixed: Made it possible (again) to pass a class name to Validator::validatePropertyValue()
Fix incorrect romanian plural translations
fix axes handling in Crawler::filterXPath()
fix some docblocks
Fixed self-reference in 'service_container' service breaks garbage collection (and clone).
[Process] Fix tests when pcntl is not available.
[DependencyInjection] Roll back changes made to generated files.
[Console] Roll back changes made to fixture files.
Issue #11489 Added some CA and ES translations
[Validator] Added more detailed inline documentation
[Validator] Removed information from the violation output if the value is an array, object or resource
partially reverted previous commit
fixed CS
Add point about ConsoleLogger to Console 2.5 changelog
[Validator] Fixed failing tests
[Validator] CS fixes
[FrameworkBundle] Made ConstraintValidatorFactory aware of the legacy validators
[Validator] Added extensive test coverage for the constraint validators for the different APIs
...
Conflicts:
src/Symfony/Component/Validator/Resources/translations/validators.ca.xlf
* 2.4: (24 commits)
[Validator] Added Swedish translations
Fix incorrect romanian plural translations
fix axes handling in Crawler::filterXPath()
fix some docblocks
Fixed self-reference in 'service_container' service breaks garbage collection (and clone).
[Process] Fix tests when pcntl is not available.
[DependencyInjection] Roll back changes made to generated files.
[Console] Roll back changes made to fixture files.
Issue #11489 Added some CA and ES translations
[Validator] Added more detailed inline documentation
[Validator] Removed information from the violation output if the value is an array, object or resource
partially reverted previous commit
fixed CS
properly handle null data when denormalizing
[Validator] Renamed valueToString() to formatValue(); added missing formatValue() calls
[Validator] Fixed CS
[Validator] Fixed date-to-string conversion tests to match ICU 51
[Validator] Added "{{ value }}" parameters where they were missing
[Validator] Simplified and explained the LuhnValidator
[Validator] Simplified IssnValidator
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php
src/Symfony/Component/Validator/Constraints/ChoiceValidator.php
src/Symfony/Component/Validator/Constraints/CollectionValidator.php
src/Symfony/Component/Validator/Constraints/FileValidator.php
src/Symfony/Component/Validator/Constraints/Isbn.php
src/Symfony/Component/Validator/Constraints/IsbnValidator.php
src/Symfony/Component/Validator/Constraints/LengthValidator.php
src/Symfony/Component/Validator/Tests/Constraints/AbstractComparisonValidatorTestCase.php
src/Symfony/Component/Validator/Tests/Constraints/BlankValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/ChoiceValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/CollectionValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/DateTimeValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/DateValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/EmailValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/FalseValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/FileValidatorPathTest.php
src/Symfony/Component/Validator/Tests/Constraints/FileValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/IbanValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/IpValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/IsbnValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/LengthValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/NullValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/RegexValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/TimeValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/TrueValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php
* 2.3: (22 commits)
Fix incorrect romanian plural translations
fix axes handling in Crawler::filterXPath()
fix some docblocks
Fixed self-reference in 'service_container' service breaks garbage collection (and clone).
[Process] Fix tests when pcntl is not available.
[DependencyInjection] Roll back changes made to generated files.
[Console] Roll back changes made to fixture files.
[Validator] Added more detailed inline documentation
[Validator] Removed information from the violation output if the value is an array, object or resource
partially reverted previous commit
fixed CS
properly handle null data when denormalizing
[Validator] Renamed valueToString() to formatValue(); added missing formatValue() calls
[Validator] Fixed CS
[Validator] Fixed date-to-string conversion tests to match ICU 51
[Validator] Added "{{ value }}" parameters where they were missing
[Validator] Simplified and explained the LuhnValidator
[Validator] Simplified IssnValidator
[Validator] Fixed and simplified IsbnValidator
[Validator] Simplified IBAN validation algorithm
...
Conflicts:
src/Symfony/Component/Console/Helper/DescriptorHelper.php
src/Symfony/Component/DependencyInjection/Container.php
src/Symfony/Component/DomCrawler/Tests/CrawlerTest.php
src/Symfony/Component/HttpFoundation/File/UploadedFile.php
src/Symfony/Component/HttpKernel/Fragment/FragmentHandler.php
src/Symfony/Component/Validator/Constraints/AbstractComparisonValidator.php
src/Symfony/Component/Validator/Constraints/CollectionValidator.php
src/Symfony/Component/Validator/Tests/Constraints/EqualToValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/GreaterThanValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/IdenticalToValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/LessThanOrEqualValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/LessThanValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/NotEqualToValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/NotIdenticalToValidatorTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
fix some docblocks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
1775da5 fix some docblocks
* 2.5:
Update validators.eu.xlf
fixed CS
remove unused imports
[Validator] Added markObjectAsInitialized() and isObjectInitialized() to ExecutionContextInterface
[Validator] Fixed doc block
[Routing] simplify the XML schema file
Unify null comparisons
[EventDispatcher] don't count empty listeners
[Process] Fix unit tests in sigchild environment
[Process] fix signal handling in wait()
[BrowserKit] refactor code and fix unquoted regex
Fixed server HTTP_HOST port uri conversion
[HttpFoundation] moved test file to the right directory
[Validator] Made sure that context changes don't leak out of (Contextual)ValidatorInterface
[MonologBridge] fixed Console handler priorities
Bring code into standard
[Process] Add test to verify fix for issue #11421
[Process] Fixes issue #11421
[DependencyInjection] Pass a Scope instance instead of a scope name.
* 2.4:
Update validators.eu.xlf
fixed CS
remove unused imports
[Routing] simplify the XML schema file
Unify null comparisons
[EventDispatcher] don't count empty listeners
[Process] Fix unit tests in sigchild environment
[Process] fix signal handling in wait()
[BrowserKit] refactor code and fix unquoted regex
Fixed server HTTP_HOST port uri conversion
[MonologBridge] fixed Console handler priorities
Bring code into standard
[Process] Add test to verify fix for issue #11421
[Process] Fixes issue #11421
[DependencyInjection] Pass a Scope instance instead of a scope name.
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Test/WebTestCase.php
src/Symfony/Component/DependencyInjection/Tests/Dumper/GraphvizDumperTest.php
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorCollectionTest.php
* 2.3:
Update validators.eu.xlf
fixed CS
remove unused imports
Unify null comparisons
[EventDispatcher] don't count empty listeners
[Process] Fix unit tests in sigchild environment
[Process] fix signal handling in wait()
[BrowserKit] refactor code and fix unquoted regex
Fixed server HTTP_HOST port uri conversion
Bring code into standard
[Process] Add test to verify fix for issue #11421
[Process] Fixes issue #11421
[DependencyInjection] Pass a Scope instance instead of a scope name.
Conflicts:
src/Symfony/Component/EventDispatcher/Tests/EventDispatcherTest.php
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Security] Add missing dot at the end of an exception message
| Q | A
| ------------- | ---
| Fixed tickets | -
| License | MIT
Commits
-------
8e1f978 Add missing dot at the end of an exception message
This PR was merged into the 2.6-dev branch.
Discussion
----------
[DX] New service to simplify password encoding
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11299
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/3995
This new service siplifies the way to encode a password. Just get the `security.password_encoder` service and encode the `User` password.
```php
$encoded = $this->container->get('security.password_encoder')
->encodePassword($user, $plainPassword);
$user->setPassword($encoded);
```
Commits
-------
7bc190a New service to simplify password encoding
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Security] Allow exception bubbling in RememberMeListener
- Allow optional exception bubbling so that the exception listener has a chance to handle those exceptions
#### While at it
- Test for dispatching the InteractiveLogin event
- Smaller cleanups in the test
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ye
| Fixed tickets | n.A.
| License | MIT
| Doc PR | n.A.
Commits
-------
fcb7f74 Allow exception bubbling in RememberMeListener
* 2.5:
added missing test
fixed CS
[HttpFoundation] Remove content-related headers if content is empty
bumped Symfony version to 2.5.2
bumped Symfony version to 2.4.8
updated VERSION for 2.5.1
updated CHANGELOG for 2.5.1
removed defaults from PHPUnit configuration
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.4:
added missing test
fixed CS
[HttpFoundation] Remove content-related headers if content is empty
bumped Symfony version to 2.4.8
removed defaults from PHPUnit configuration
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.5:
updated VERSION for 2.4.7
updated CHANGELOG for 2.4.7
bumped Symfony version to 2.3.18
updated VERSION for 2.3.17
update CONTRIBUTORS for 2.3.17
updated CHANGELOG for 2.3.17
added XSD to PHPUnit configuration
fix the return types
add missing docblock for ProcessBuilder::addEnvironmentVariables()
bug #11319 [HttpKernel] Ensure the storage exists before purging it in ProfilerTest
[Translation] Added unescaping of ids in PoFileLoader
updated italian translation for validation messages
[DomCrawler] Fix docblocks and formatting.
[DomCrawler] Remove the query string and the anchor of the uri of a link
Simplified the Travis test command
Remove Expression Language services when the component is unavailable
Added SK translations
[Console] Make sure formatter is the same
* 2.4:
updated VERSION for 2.4.7
updated CHANGELOG for 2.4.7
bumped Symfony version to 2.3.18
updated VERSION for 2.3.17
update CONTRIBUTORS for 2.3.17
updated CHANGELOG for 2.3.17
added XSD to PHPUnit configuration
add missing docblock for ProcessBuilder::addEnvironmentVariables()
bug #11319 [HttpKernel] Ensure the storage exists before purging it in ProfilerTest
[Translation] Added unescaping of ids in PoFileLoader
updated italian translation for validation messages
[DomCrawler] Fix docblocks and formatting.
[DomCrawler] Remove the query string and the anchor of the uri of a link
Simplified the Travis test command
Remove Expression Language services when the component is unavailable
[Console] Make sure formatter is the same
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
bumped Symfony version to 2.3.18
updated VERSION for 2.3.17
update CONTRIBUTORS for 2.3.17
updated CHANGELOG for 2.3.17
added XSD to PHPUnit configuration
bug #11319 [HttpKernel] Ensure the storage exists before purging it in ProfilerTest
[Translation] Added unescaping of ids in PoFileLoader
updated italian translation for validation messages
[DomCrawler] Fix docblocks and formatting.
[DomCrawler] Remove the query string and the anchor of the uri of a link
Simplified the Travis test command
[Console] Make sure formatter is the same
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.5:
[Validator] Add missing ru translations
don't disable constructor calls to mockups of classes that extend internal PHP classes
special handling for the JsonDescriptor to work around changes in PHP's JSON pretty printer
* 2.4:
[Validator] Add missing ru translations
don't disable constructor calls to mockups of classes that extend internal PHP classes
special handling for the JsonDescriptor to work around changes in PHP's JSON pretty printer
Conflicts:
src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationProviderManagerTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/DaoAuthenticationProviderTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php
This PR was squashed before being merged into the 2.6-dev branch (closes#10427).
Discussion
----------
Username in UsernameNotFoundException message data
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Added username in UsernameNotFoundException message data
Commits
-------
3dfaa19 Username in UsernameNotFoundException message data
This PR was merged into the 2.6-dev branch.
Discussion
----------
[Security] Allow overloading ContextListener::refreshUser()
Allow overloading refreshUser() for the use case of doing something special with user providers.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n.A.
| License | MIT
| Doc PR | n.A.
Commits
-------
b67ed43 Allow overloading ContextListener::refreshUser()
* 2.4:
Lower mbstring dependency
[Console]Improve formatter for double-width character
Lower mbstring dep, remove it for Yaml and CssSelector components
[Security] Add check for supported attributes in AclVoter
[Form] Fixed TrimListenerTest as of PHP 5.5
Added more IDE links
[DependencyInjection] Fix parameter description in ConfigurationExtensionInterface
[Security] fixed wrong PHPDoc of the TokenGeneratorInterface
[Finder] fixed typehint of the Finder::addAdapter() method
[TwigBridge][Transchoice] set %count% from the current context.
[DependencyInjection] Fix travis unit tests
Update PHPUnit before run
[Validator] fixed wrong test
[WebProfilerBundle] added test case for #10773
[WebProfilerBundle] fixed profiler homepage, fixed#10806
[WebProfilerBundle] Added test case for #10806
changed travis to run on the nightly builds of HHVM until everything gets stable
Fixed issue #5427
Allow URLs that don't contain a path
Conflicts:
.travis.yml
src/Symfony/Component/Console/Application.php
* 2.3:
[Console]Improve formatter for double-width character
Lower mbstring dep, remove it for Yaml and CssSelector components
[Security] Add check for supported attributes in AclVoter
[Form] Fixed TrimListenerTest as of PHP 5.5
Added more IDE links
[DependencyInjection] Fix parameter description in ConfigurationExtensionInterface
[Finder] fixed typehint of the Finder::addAdapter() method
[TwigBridge][Transchoice] set %count% from the current context.
[DependencyInjection] Fix travis unit tests
Update PHPUnit before run
[Validator] fixed wrong test
[WebProfilerBundle] added test case for #10773
[WebProfilerBundle] fixed profiler homepage, fixed#10806
[WebProfilerBundle] Added test case for #10806
changed travis to run on the nightly builds of HHVM until everything gets stable
Fixed issue #5427
Allow URLs that don't contain a path
Conflicts:
.travis.yml
* 2.4:
bumped Symfony version to 2.4.5
updated VERSION for 2.4.4
updated CHANGELOG for 2.4.4
bumped Symfony version to 2.3.14
updated VERSION for 2.3.13
update CONTRIBUTORS for 2.3.13
updated CHANGELOG for 2.3.13
Updated Serbian validation translation
[Console] Fixed the rendering of exceptions on HHVM with a terminal width
[WebProfilerBundle ] Fixed an edge case on WDT loading
[Security] removed $csrfTokenManager type hint from SimpleFormAuthenticationListener constructor argument
fixed typo
[Process] Disable TTY mode on Windows platform
[Validator] added missing ANNOTATION config to @Target annotation
[Finder] Fix ignoring of unreadable dirs in the RecursiveDirectoryIterator.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.4:
fix docblock
Fixed incompatibility of x509 auth with nginx
[Process] Setting STDIN while running should not be possible
[Validator] slovenian translation updated
[FrameworkBundle] improve English in RouterMatchCommand
[Validator] Updated Hungarian translations
[Doctrine Bridge] simplify session handler by using main connection
[Validator] Fixed typos in German translation
[Validator] Completed French translations
[Validator] Completed German translations
[Validator] Completed Luxembourgish translations
* 2.3:
fix docblock
Fixed incompatibility of x509 auth with nginx
[Process] Setting STDIN while running should not be possible
[FrameworkBundle] improve English in RouterMatchCommand
[Doctrine Bridge] simplify session handler by using main connection
Conflicts:
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.4:
Little correction for case 'ar'
No need to use mb functions here
Fix doc-blocks
Fix doc blocks
[HttpFoundation] update phpdoc of SessionHandlerInterface and unify parameters of all handlers according to interface
[Doctrine Bridge] fix DbalSessionHandler for high concurrency, interface compliance, compatibility with all drivers (oci8, mysqli, pdo with mysql, sqlsrv, sqlite)
[Finder] Marked test skipped when ftp stream wrapper is not available
Conflicts:
src/Symfony/Component/Security/Core/Authorization/Voter/ExpressionVoter.php
This PR was merged into the 2.4 branch.
Discussion
----------
[2.4] Fix doc blocks
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
this follows #10737
Commits
-------
c01915d Fix doc blocks
* 2.4:
unified return null usages
[Validator] added Japanese translation
Textarea value should default to empty string instead of null.
Fix doc blocks
[Process] Fix#10681, process are failing on Windows Server 2003
updated doc
[Security] fix DBAL connection typehint
[HttpFoundation] status 201 is allowed to have a body
unified return null usages
Conflicts:
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
* 2.3:
Textarea value should default to empty string instead of null.
Fix doc blocks
[Process] Fix#10681, process are failing on Windows Server 2003
[Security] fix DBAL connection typehint
[HttpFoundation] status 201 is allowed to have a body
unified return null usages
Conflicts:
src/Symfony/Component/Console/Helper/DescriptorHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/Finder/Tests/Iterator/RecursiveDirectoryIteratorTest.php
src/Symfony/Component/Form/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformer.php
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
This PR was merged into the 2.3 branch.
Discussion
----------
unified return null usages
| Q | A
| ------------- | ---
| License | MIT
This PR unifies the way we return `null` from a function or method:
* always use `return;` instead of `return null;` (the current code base uses both);
* never use `return;` at the end of a function/method.
Commits
-------
d1d569b unified return null usages
* 2.4:
made types consistent with those defined in Hack
made {@inheritdoc} annotations consistent across the board
made {@inheritdoc} annotations consistent across the board
fixed types in phpdocs
[Debug] Fixed ClassNotFoundFatalErrorHandler on windows.
made phpdoc types consistent with those defined in Hack
Add support Thai translations
[Validator] Add missing czech translations
made types consistent with those defined in Hack
removed extra/unsupported arguments
[HttpKernel] fixed an error message
[TwigBundle] removed undefined argument
[Translation] Make IcuDatFileLoader/IcuResFileLoader::load invalid resource compatible with HHVM.
Conflicts:
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
src/Symfony/Component/Form/FormError.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
src/Symfony/Component/Process/ProcessPipes.php
src/Symfony/Component/PropertyAccess/PropertyAccessor.php
src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
src/Symfony/Component/Translation/Dumper/FileDumper.php
src/Symfony/Component/Validator/ConstraintViolation.php
src/Symfony/Component/Validator/Constraints/EmailValidator.php
src/Symfony/Component/Validator/ExecutionContextInterface.php
src/Symfony/Component/Validator/Mapping/BlackholeMetadataFactory.php
* 2.3:
made {@inheritdoc} annotations consistent across the board
fixed types in phpdocs
made phpdoc types consistent with those defined in Hack
Add support Thai translations
made types consistent with those defined in Hack
removed extra/unsupported arguments
[HttpKernel] fixed an error message
[TwigBundle] removed undefined argument
[Translation] Make IcuDatFileLoader/IcuResFileLoader::load invalid resource compatible with HHVM.
Conflicts:
src/Symfony/Bridge/ProxyManager/Tests/LazyProxy/Fixtures/php/lazy_service.php
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Templating/Loader/FilesystemLoader.php
src/Symfony/Bundle/WebProfilerBundle/EventListener/WebDebugToolbarListener.php
src/Symfony/Component/Config/Definition/ReferenceDumper.php
src/Symfony/Component/Console/Helper/DescriptorHelper.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/Finder/Tests/Iterator/RecursiveDirectoryIteratorTest.php
src/Symfony/Component/Form/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformer.php
src/Symfony/Component/Form/Tests/Extension/Core/DataMapper/PropertyPathMapperTest.php
src/Symfony/Component/HttpFoundation/Response.php
src/Symfony/Component/HttpFoundation/StreamedResponse.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
src/Symfony/Component/HttpKernel/EventListener/ProfilerListener.php
src/Symfony/Component/HttpKernel/Fragment/FragmentHandler.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/Tests/Fixtures/KernelForTest.php
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
src/Symfony/Component/Stopwatch/StopwatchPeriod.php
src/Symfony/Component/Translation/TranslatorInterface.php
src/Symfony/Component/Validator/ConstraintValidatorFactory.php
This PR was merged into the 2.3 branch.
Discussion
----------
made {@inheritdoc} annotations consistent across the board
| Q | A
| ------------- | ---
| License | MIT
Commits
-------
810b9ed made {@inheritdoc} annotations consistent across the board
This PR was merged into the 2.3 branch.
Discussion
----------
Made types used by Symfony compatible with the ones of Hack
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
PHP supports several ways to express types: like Boolean/bool or integer/int. Hack only supports one of them, so this PR proposes to use the Hack type to make Symfony a bit more "compatible" with Hack (gradual upgrade ;)).
Commits
-------
3c9c10f made phpdoc types consistent with those defined in Hack
0555b7f made types consistent with those defined in Hack
This PR was squashed before being merged into the 2.3 branch (closes#10708).
Discussion
----------
Add support Thai translations
Add [Thai](http://www.thai-language.com/) translations to:
+ Symfony/Component/Validator/Resources/translations/
+ Symfony/Component/Security/Resources/translations/
Commits
-------
4bc2951 Add support Thai translations
* 2.3:
Revert PHPUnit version, revert APC configuration
removed APC on the CLI for Travis as it does not work well with PHPUnit and Composer anyway
[Security] Replace exception mocks with actual exception instances.
Remove an unused argument.
Use `Filesystem::chmod` instead of `chmod` when dumping file
[Form] Added test for disabling buttons
[Form] Added check for parent disabled status in Button form elements
Fixes URL validator to accept single part urls
tweaked Travis configuration to get more tests running
fixed float comparison in unit tests for HHVM
upgraded PHPUnit to version 4 for better HHVM support
[Process] fixed HHVM usage on the CLI
Fix class names in ApcUniversalClassLoader tests.
fixed the profiler when an uncalled listener throws an exception when instantiated
fixed CS
Added test case for 4c6a2d15095c13b2a35751b2b2712b183be489c4
Fixed bug in ChoiceType triggering a warning when not using utf-8
fixed CS
Avoid levenshtein comparison when using ContainerBuilder.
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
It is done for two reasons:
* consistency - we use real exception objects in most of the code
* latest phpunit does not like the way we were creating mocks for exceptions (it could be also fixed by letting phpunit to call the original constructor)
* 2.4: (52 commits)
Fix#8205 : Deprecate file mode update when calling dumpFile
Fix#10437: Catch exceptions when reloading a no-cache request
Fix libxml_use_internal_errors and libxml_disable_entity_loader usage
removed ini check to make uploadedfile work on gae
Update OptionsResolver.php
fixed comment in forms.xml file
Clean KernelInterface docblocks
Cast the group name as a string
Fixed doc of InitAclCommand
[Form] Fix "Array was modified outside object" in ResizeFormListener.
Fix IBAN validator
[Process] Remove unreachable code + avoid skipping tests in sigchild environment
Fixed bug that incorrectly causes the "required" attribute to be omitted from select even though it contains the "multiple" attribute
Added travis_retry to .travis.yml
[Process] fix some typos and refactor some code
[Process] Fix unit tests in sigchild disabled environment
[Process] Trow exceptions in case a Process method is supposed to be called after termination
fixed typo
[Process] fixed fatal errors in getOutput and getErrorOutput when process was not started
[Process] Fix escaping on Windows
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ServerRunCommand.php
src/Symfony/Component/Form/Extension/Core/EventListener/ResizeFormListener.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/ProcessPipes.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.3: (34 commits)
Fix#8205 : Deprecate file mode update when calling dumpFile
Fix#10437: Catch exceptions when reloading a no-cache request
Fix libxml_use_internal_errors and libxml_disable_entity_loader usage
removed ini check to make uploadedfile work on gae
Update OptionsResolver.php
fixed comment in forms.xml file
Clean KernelInterface docblocks
Cast the group name as a string
Fixed doc of InitAclCommand
[Form] Fix "Array was modified outside object" in ResizeFormListener.
Fix IBAN validator
[Process] Remove unreachable code + avoid skipping tests in sigchild environment
Fixed bug that incorrectly causes the "required" attribute to be omitted from select even though it contains the "multiple" attribute
Added travis_retry to .travis.yml
[Process] fix some typos and refactor some code
[Process] Fix unit tests in sigchild disabled environment
[Process] Trow exceptions in case a Process method is supposed to be called after termination
fixed typo
[Process] fixed fatal errors in getOutput and getErrorOutput when process was not started
[Process] Fix escaping on Windows
...
Conflicts:
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/Filesystem/Filesystem.php
src/Symfony/Component/Process/Process.php
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Security] Add constants for access decision strategies
I suggest adding constants for the three access decision strategies (affirmative, consensus, unanimous).
They are difficult to spell, and without constants they are difficult to identify when reading the code.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
5d6ef00 Add class constants for access decision strategies.
* 2.4:
[Process] minor fixes
Improve performance of getNextEmbedBlock by removing unnecessary preg_match and function calls.
Avoid unnecessary line indentation calculation.
Optimise Inline::evaluateScalar() for parsing strings.
fixed CS
fixed parsing Mongo DSN and added Test for it
() is also a valid delimiter
Adding PHP 5.6 to travis-ci tests
Update BCryptPasswordEncoder.php
[Validator] Removed PHP <5.3.3 specific code which is not officially supported.
Fixed wrong redirect url if path contains some query parameters
* 2.3:
[Process] minor fixes
Improve performance of getNextEmbedBlock by removing unnecessary preg_match and function calls.
Avoid unnecessary line indentation calculation.
Optimise Inline::evaluateScalar() for parsing strings.
fixed CS
fixed parsing Mongo DSN and added Test for it
() is also a valid delimiter
Adding PHP 5.6 to travis-ci tests
Update BCryptPasswordEncoder.php
[Validator] Removed PHP <5.3.3 specific code which is not officially supported.
Fixed wrong redirect url if path contains some query parameters
* 2.4:
fixed various inconsistencies
reduced recursion when building DumperPrefixCollection
renamed variables - making next change more readable
removing dead code.
[ExpressionLanguage] added some tests for the built-in constant() function
[ExpressionLanguage] added some documentation about functions
[DomCrawler] Fixed filterXPath() chaining
[DomCrawler] Fixed incorrect handling of image inputs
* 2.3:
fixed various inconsistencies
reduced recursion when building DumperPrefixCollection
renamed variables - making next change more readable
removing dead code.
[DomCrawler] Fixed filterXPath() chaining
[DomCrawler] Fixed incorrect handling of image inputs
Conflicts:
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/EventDispatcher/Tests/EventDispatcherTest.php
src/Symfony/Component/Form/Extension/DependencyInjection/DependencyInjectionExtension.php
src/Symfony/Component/Serializer/Tests/Normalizer/CustomNormalizerTest.php
src/Symfony/Component/Templating/Tests/Loader/CacheLoaderTest.php
src/Symfony/Component/Templating/Tests/Loader/LoaderTest.php
* 2.4:
$default can be string
Fix wording for Process class documentation
Option can be bool too (eg. --force)
[Form] Update DateTime objects only if the actual value has changed
Revert "bug #10091 [Translation] Update PluralizationRules.php (guilhermeblanco)"
[HttpFoundation] fixed typo
Added delta for Request comparison
add zh_TW validator translations
Added Bulgarian translation for security component
* 2.3:
$default can be string
Fix wording for Process class documentation
Option can be bool too (eg. --force)
[Form] Update DateTime objects only if the actual value has changed
Revert "bug #10091 [Translation] Update PluralizationRules.php (guilhermeblanco)"
[HttpFoundation] fixed typo
Added delta for Request comparison
add zh_TW validator translations
Added Bulgarian translation for security component
* 2.4:
fixed CS
allow the TextAreaFormField to be used with valid/invalid HTML
Create security.id.xlf
[DependencyInjection] Remove unneeded file
[Twig] removed obsolete conditions on Twig versions
added lines to exceptions for the trans and transchoice tags
[FrameworkBundle] Merged multiple line input into one line to fix the tests.
[Form] Make FormInterface::add docblock more explicit
[Security] Add zh_CN translations
Routing condition bugfix
[Validator][Translation]update zh_CN translations
[Validator] Minor fix in XmlLoader
* 2.3:
fixed CS
allow the TextAreaFormField to be used with valid/invalid HTML
Create security.id.xlf
[DependencyInjection] Remove unneeded file
[Twig] removed obsolete conditions on Twig versions
added lines to exceptions for the trans and transchoice tags
[Form] Make FormInterface::add docblock more explicit
[Security] Add zh_CN translations
[Validator][Translation]update zh_CN translations
[Validator] Minor fix in XmlLoader
This PR was squashed before being merged into the 2.5-dev branch (closes#10005).
Discussion
----------
[Security] Added named encoders to EncoderFactory
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9743
| License | MIT
| Doc PR | -
This PR is basically merging FOSAdvancedEncoder. I think it's better than having a separate bundle that most of it's code is a copy of the core.
A use case is: having a different encoders or bcrypt cost based on the user's roles.
Commits
-------
c69e2ca [Security] Added named encoders to EncoderFactory
* 2.4:
udpated LICENSE year
update year on licenses
rundown and typo fix
[Process] Fix#9861 : Revert TTY mode
[Form] Update minimal requirement in composer.json
Fix Empty translations with Qt files
[Console] Fixed command name guessing if an alternative is an alias.
Update UPGRADE-2.3.md to account for #9388
[WebProfilerBundle] Fixed profiler toolbar icons for XHTML.
[BrowserKit] Throw exception on invalid cookie expiration timestamp
[Propel1Bridge][ModelChoiceList] add exception message for invalid classes
* 2.4:
removed unneeded use statements
[DoctrineBridge] Fixed an issue with DoctrineParserCache
removed unneeded use statements
Prepend Child Bundle paths before the parent
[Routing] add unit tests for Symfony\Component\Routing\RequestContext class
* 2.3:
removed unneeded use statements
Prepend Child Bundle paths before the parent
[Routing] add unit tests for Symfony\Component\Routing\RequestContext class
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/CsrfExtension.php
src/Symfony/Component/HttpKernel/DataCollector/TimeDataCollector.php
src/Symfony/Component/Validator/ConstraintValidatorFactory.php
This PR was merged into the 2.3 branch.
Discussion
----------
removed unneeded use statements
| Q | A
| ------------- | ---
| License | MIT
Commits
-------
7f9a366 removed unneeded use statements
* 2.4:
[Security] fixed pre/post authentication checks
fixed missing use statements
Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term.
Fixed CSS
[Intl] Added round support for ROUND_CEILING, ROUND_FLOOR, ROUND_DOWN, ROUND_UP
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
addressed == -> === suggestion
Fixed#9020 - Added support for collections in service#parameters
fixes PSR-0 issues in tests
adjusted behavior to always copy override on url files
Skips test that need full lib-intl.
* 2.3:
[Security] fixed pre/post authentication checks
Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term.
Fixed CSS
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
addressed == -> === suggestion
Fixed#9020 - Added support for collections in service#parameters
fixes PSR-0 issues in tests
adjusted behavior to always copy override on url files
Skips test that need full lib-intl.
Conflicts:
src/Symfony/Component/Security/Acl/Tests/Permission/MaskBuilderTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememerMeTokenTest.php
src/Symfony/Component/Security/Core/Tests/User/AccountCheckerTest.php
src/Symfony/Component/Security/Core/Tests/User/InMemoryProviderTest.php
src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php
src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php
src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememberMeTokenTest.php
src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememerMeTokenTest.php
src/Symfony/Component/Security/Tests/Core/User/AccountCheckerTest.php
src/Symfony/Component/Security/Tests/Core/User/InMemoryProviderTest.php
src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php
src/Symfony/Component/Security/Tests/Core/User/UserCheckerTest.php
When overriding the Symfony RoleHierarchy it would be great to be able to get access to the buildRoleMap-method and map-variable for more advanced usage.
* 2.4:
fix some cs
use restore_error_handler instead of set_error_handler($previous)
fix#9321 Crawler::addHtmlContent add gbk encoding support
[Console] fixed column width when using the Table helper with some decoration in cells
[Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
Fix for cache-key conflict when having a \Traversable as choices
[Security] removed obsolete comment
* 2.3:
fix some cs
use restore_error_handler instead of set_error_handler($previous)
fix#9321 Crawler::addHtmlContent add gbk encoding support
[Console] fixed column width when using the Table helper with some decoration in cells
[Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
Fix for cache-key conflict when having a \Traversable as choices
[Security] removed obsolete comment
Conflicts:
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/Security/Tests/Http/Firewall/ExceptionListenerTest.php
This PR was squashed before being merged into the 2.3 branch (closes#8997).
Discussion
----------
[Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
<table>
<tr>
<td><b>Q</b></td>
<td><b>A</b></td>
</tr>
<tr>
<td>Bug fix?</td>
<td>yes</td>
</tr>
<tr>
<td>New feature</td>
<td>no</td>
</tr>
<tr>
<td>BC breaks?</td>
<td>no</td>
</tr>
<tr>
<td>Deprecations?</td>
<td>no</td>
</tr>
<tr>
<td>Tests pass?</td>
<td>yes</td>
</tr>
<tr>
<td>Fixed tickets</td>
<td>#3085, #8974</td>
</tr>
<tr>
<td>License</td>
<td>MIT</td>
</tr>
<tr>
<td>Doc PR</td>
<td>n/a</td>
</tr>
</table>
Problem occurs while user is impersonated. Authentication process generates new token and doeas not preserve role ```ROLE_PREVIOUS_ADMIN```. Ex. when parameter ```security.always_authenticate_before_granting``` is enabled.
Commits
-------
a7baa3b [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
* 2.4:
[Security] simplified some unit tests
[Security] made code easier to understand, added some missing unit tests
[DependencyInjection] fixed InlineServiceDefinitionsPass to not inline a service if it's part of the current definition (to avoid an infinite loop)
[DomCrawler] Fixed creating form objects from form nodes.
disabled php.ini changes when using HHVM in .travis.yml
[Process] fixed HHVM support
Add support for HHVM in the getting of the PHP executable
[Security] fixed error 500 instead of 403 if previous exception is provided to AccessDeniedException
* 2.3:
[Security] made code easier to understand, added some missing unit tests
[DependencyInjection] fixed InlineServiceDefinitionsPass to not inline a service if it's part of the current definition (to avoid an infinite loop)
[DomCrawler] Fixed creating form objects from form nodes.
disabled php.ini changes when using HHVM in .travis.yml
[Process] fixed HHVM support
Add support for HHVM in the getting of the PHP executable
[Security] fixed error 500 instead of 403 if previous exception is provided to AccessDeniedException
* 2.4:
fixed CS
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
avoid tables to have apparently long blank line breaks and be too far appart for long nested array params
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
* 2.3:
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/ContainerAwareHttpKernelTest.php
This PR was merged into the 2.5-dev branch.
Discussion
----------
Added MutableAclProvider::deleteSecurityIdentity
This provides a very simple function to enable the deletion of a SecurityIdentity.
Developers can add a listener on the delete of a user and remove all the related ACLs.
Foreign keys already ensure that the ACEs are properly deleted.
Among the problems of not deleting the SecurityIdentity:
* Inconsistent database, referring to a non-existent user.
* If a user is deleted and another is created with the same name, it will inherit all the old user’s ACEs
Not addressed by this PR: Changing a user’s username breaks the related ACLs. See #5787
See also: https://groups.google.com/forum/#!topic/symfony2/mGTXlTWiMs8/discussion
Commits
-------
bdbbe58 [Security][Acl] Issue #5787 : Added MutableAclProvider::deleteSecurityIdentity
This PR was merged into the 2.3 branch.
Discussion
----------
fixed various typos
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
2f15ac7 fixed various typos
* 2.4: (44 commits)
[FrameworkBundle] Add missing license headers
Fix parent serialization of user object
[DependencyInjection] fixed typo
added condition to avoid skipping tests on JSON_PRETTY support
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[FrameworkBundle] Added extra details in XMLDescriptor to improve container description
fixed CS
Crawler default namespace fix
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
fix deprecated usage and clarify constructor defaults for number formatter
Bumping dependency to ProxyManager to allow testing against the new 0.5.x branch changes
Do normalization on tag options
bumped Symfony version to 2.3.9
...
* 2.3: (31 commits)
Fix parent serialization of user object
[DependencyInjection] fixed typo
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
Do normalization on tag options
bumped Symfony version to 2.3.9
updated VERSION for 2.3.8
update CONTRIBUTORS for 2.3.8
updated CHANGELOG for 2.3.8
[Filesystem] Changed the mode for a target file in copy() to be write only.
[Console] fixed CS
fixed TableHelper when cell value has new line
Improved and fixed grammar mistakes. Added pluralized messages
...
Conflicts:
src/Symfony/Component/BrowserKit/Cookie.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Matcher/UrlMatcher.php
This PR was merged into the 2.5-dev branch.
Discussion
----------
[Security] [Acl] [MaskBuilder] Refactor common code and reduce nesting
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Refactored some common code and moved a comparison to an earlier statement.
Commits
-------
7d85809 Refactor common code and reduce nesting
* 2.4:
[HttpKernel] fixed regression introduced in 2.4 in the base DataCollector class. Added more unit tests coverage for the RequestDataCollector object.
Fixed mistake in upgrade docu
bumped Symfony version to 2.4.0
updated VERSION for 2.4.0-RC1
updated CHANGELOG for 2.4.0-RC1
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
Fix an issue when overriding Client::setServerParameters() and using the getContainer() method in it.
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3:
Fixed mistake in upgrade docu
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3: (24 commits)
Add german translation for several validators (Greater/Equal/Less)
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Removed useless check if self::$trustProxies is set
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
[Intl] fixed datetime test as described in #9455
bumped Symfony version to 2.3.8
updated VERSION for 2.3.7
updated CHANGELOG for 2.3.7
re-factor Propel1 ModelChoiceList
[Form] Added method Form::getClickedButton() to remove memory leak in FormValidator
[Locale] fixed the failing test described in #9455
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bridge/Propel1/Tests/Fixtures/ItemQuery.php
src/Symfony/Bridge/Propel1/Tests/Form/ChoiceList/ModelChoiceListTest.php
src/Symfony/Bridge/Propel1/Tests/Propel1TestCase.php
src/Symfony/Component/Form/Tests/CompoundFormTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/Process.php
* 2.2:
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
re-factor Propel1 ModelChoiceList
[Locale] fixed the failing test described in #9455
[Process] fix phpdoc and timeout of 0
bug #9445 [BrowserKit] fixed protocol-relative url redirection
Conflicts:
src/Symfony/Component/BrowserKit/Tests/ClientTest.php
src/Symfony/Component/Locale/Tests/Stub/StubIntlDateFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
unify constructor initialization style throughout symfony
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
In almost all classes symfony uses property initialization when the value is static. Constructor initialization is only used for things that actually have logic, like passed parameters or dynamic values. IMHO it makes the code much more readable because property definition, phpdoc and default value is in one place. Also one can easily see what the constructor implements for logic like overridden default value of a parent class. Otherwise the real deal is just hidden behind 10 property initializations. One more advantage is that it requires less code. As you can see, the code was almost cut in half (210 additions and 395 deletions).
I unified it accordingly across symfony. Sometimes it was [not even consistent within one class](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Config/Definition/BaseNode.php#L32). At the same time I recognized some errors like missing parent constructor call, or undefined properties or private properties that are not even used.
I then realized that a few Kernel tests were not passing because they were deeply implementation specific like modifying booted flag with a custom `KernelForTest->setIsBooted();`. I improved and refactored the kernel tests in the __second commit__.
__Third commit__ unifies short ternary operator, e.g. `$foo ?: new Foo()`. __Forth commit__ unifies missing parentheses, e.g. `new Foo()`.
Commits
-------
077a089 unify missing parentheses
2888594 unify short ternary operator
2a9daff [HttpKernel] better written kernel tests
111ac18 unify constructor initialization style throughout symfony
This PR was squashed before being merged into the 2.2 branch (closes#9485).
Discussion
----------
[Acl] Fix for issue #9433
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9433
| License | MIT
| Doc PR |
Two new test for issue #9433 :
`testUpdateAclInsertingMultipleObjectFieldAcesThrowsDBConstraintViolations()`
`testUpdateAclDeletingObjectFieldAcesThrowsDBConstraintViolations()`
The change to `updateAces()` line 857 is enough to make the first test succeed. When changing the `order` field value to a higher value, we must first change the value of the next entry (and all the next entries recursively) to preserve uniqueness of the `order` field in the database.
All the other changes are for the second test. In the former `updateAcl()` method, we commit the changes of the existing ACEs to the database before deleting or adding the new ones. We must delete the old ACEs before changing the existing ACEs in order to preserve uniqueness of the `order` field in the database.
Commits
-------
a38fab9 [Acl] Fix for issue #9433
This PR was merged into the master branch.
Discussion
----------
adjust doctrine dependencies
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9384, #9385
| License | MIT
| Doc PR | -
I went through all components/bundles/bridges in symfony and searched for doctrine dependencies. Then looked if it only requires a subset (annotations instead of common for example).
Commits
-------
7366901 adjust doctrine dependencies
* 2.3:
fixed CS
fixed CS
[HttpKernel] fixed memory limit display in MemoryDataCollector
Fixed the error handling when decoding invalid XML to avoid a Warning
[Form] Fixed: The "data" option is taken into account even if it is NULL
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/Templating/TimedPhpEngineTest.php
* 2.2:
fixed CS
Fixed the error handling when decoding invalid XML to avoid a Warning
[Form] Fixed: The "data" option is taken into account even if it is NULL
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/FormType.php
* 2.3:
Fixed English usage for existing users.
Clean up of WebProfiler Controller classes:
[Process] Fix#9343 : revert file handle usage on Windows platform
* 2.3:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
* 2.2:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php
* 2.3:
Improve documentation of X-Forwarded-For header handling
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
Replaced the @inheritdoc with an actual list of params since the original method has a different signature.
fix typo : StdClass should be stdClass with little "s"
Remove unnecessary continue from Request
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
* 2.2:
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
* 2.3:
bumped Symfony version to 2.3.7
updated VERSION for 2.3.6
updated CHANGELOG for 2.3.6
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
[HttpKernel] Fixed a test (compiler pass class name has been changed).
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/Pbkdf2PasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
src/Symfony/Component/Security/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
* 2.2:
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
* 2.3:
Fix: duplicate usage of Symfony\Component\HttpFoundation\Response
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
Revert "merged branch Tobion/flattenexception (PR #9111)"
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation] added a way to override the Request class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7461, #7453
| License | MIT
| Doc PR | symfony/symfony-docs#3021
This is an alternative implementation for #7461.
I've also reverted #7381 and #7390 as these changes are not needed anymore.
Todo:
- [ ] add some tests
Commits
-------
464439d [HttpFoundation] added a way to override the Request class
This PR was merged into the master branch.
Discussion
----------
[Security] Added Security\Csrf sub-component with better token generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
**Update September 27, 2013**
This PR simplifies the CSRF mechanism to generate completely random tokens. A random token is generated once per ~~intention~~ token ID and then stored in the session. Tokens are valid until the session expires.
Since the CSRF token generator depends on `StringUtils` and `SecureRandom` from Security\Core, and since Security\Http currently depends on the Form component for token generation, I decided to add a new Security\Csrf sub-component that contains the improved CSRF token generator. Consequences:
* Security\Http now depends on Security\Csrf instead of Form
* Form now optionally depends on Security\Csrf
* The configuration for the "security.secure_random" service and the "security.csrf.*" services was moved to FrameworkBundle to guarantee BC
In the new Security\Csrf sub-component, I tried to improve the naming where I could do so without breaking BC:
* CSRF "providers" are now called "token generators"
* CSRF "intentions" are now called "token IDs", because that's really what they are
##### TODO
- [ ] The documentation needs to be checked for references to the configuration of the application secret. Remarks that the secret is used for CSRF protection need to be removed.
- [ ] Add aliases "csrf_token_generator" and "csrf_token_id" for "csrf_provider" and "intention" in the SecurityBundle configuration
- [x] Make sure `SecureRandom` never blocks for `CsrfTokenGenerator`
Commits
-------
7f02304 [Security] Added missing PHPDoc tag
2e04e32 Updated Composer dependencies to require the Security\Csrf component where necessary
bf85e83 [FrameworkBundle][SecurityBundle] Added service configuration for the new Security CSRF sub-component
2048cf6 [Form] Deprecated the CSRF implementation and added an optional dependency to the Security CSRF sub-component instead
85d4959 [Security] Changed Security HTTP sub-component to depend on CSRF sub-component instead of Form
1bf1640 [Security] Added CSRF sub-component
* 2.3:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[DependencyInjection] Prevented inlining of lazy loaded private service definitions.
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/Routing/Router.php
src/Symfony/Component/Security/Http/Firewall.php
* 2.2:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
* 2.3:
bumped Symfony version to 2.3.6
updated VERSION for 2.3.5
updated CHANGELOG for 2.3.5
Set cost type to integer
bumped Symfony version to 2.2.9
updated VERSION for 2.2.8
updated CHANGELOG for 2.2.8
bumped the version
fixed typo
updated VERSION for 2.2.7
update CONTRIBUTORS for 2.2.7
updated CHANGELOG for 2.2.7
bugix: CookieJar returns cookies with domain "domain.com" for domain "foodomain.com"
fixed HTML5 form attribute handling XPath query
Removed old way of building icu data.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This seems to be a remnant of when the code dealt with crypt() directly. The password_hash() function expects the cost option to be an LVAL (it does a type conversion for strings).
* 2.3:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
* 2.2:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
Conflicts:
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/Locale/Stub/StubNumberFormatter.php
src/Symfony/Component/Locale/Tests/Stub/StubNumberFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
New Component: Expression Language
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8850, #7352
| License | MIT
| Doc PR | not yet
TODO:
- [ ] write documentation
- [x] add tests for the new component
- [x] implement expression support for access rules in the security component
- [x] find a better character/convention for expressions in the YAML format
- [x] check the performance of the evaluation mode
- [x] better error messages in the evaluation mode
- [x] add support in the Routing
- [x] add support in the Validator
The ExpressionLanguage component provides an engine that can compile and
evaluate expressions.
An expression is a one-liner that returns a value (mostly, but not limited to, Booleans).
It is a strip-down version of Twig (only the expression part of it is
implemented.) Like Twig, the expression is lexed, parsed, and
compiled/evaluated. So, it is immune to external injections by design.
If we compare it to Twig, here are the main big differences:
* only support for Twig expressions
* no ambiguity for calls (foo.bar is only valid for properties, foo['bar'] is only valid for array calls, and foo.bar() is required for method calls)
* no support for naming conventions in method calls (if the method is named getFoo(), you must use getFoo() and not foo())
* no notion of a line for errors, but a cursor (we are mostly talking about one-liners here)
* removed everything specific to the templating engine (like output escaping or filters)
* no support for named arguments in method calls
* only one extension point with functions (no possibility to define new operators, ...)
* and probably even more I don't remember right now
* there is no need for a runtime environment, the compiled PHP string is self-sufficient
An open question is whether we keep the difference betweens arrays and hashes.
The other big difference with Twig is that it can work in two modes (possible
because of the restrictions described above):
* compilation: the expression is compiled to PHP and is self-sufficient
* evaluation: the expression is evaluated without being compiled to PHP (the node tree produced by the parser can be serialized and evaluated afterwards -- so it can be saved on disk or in a database to speed up things when needed)
Let's see a simple example:
```php
$language = new ExpressionLanguage();
echo $language->evaluate('1 + 1');
// will echo 2
echo $language->compile('1 + 2');
// will echo "(1 + 2)"
```
The language supports:
* all basic math operators (with precedence rules):
* unary: not, !, -, +
* binary: or, ||, and, &&, b-or, b-xor, b-and, ==, ===, !=, !==, <, >, >=, <=, not in, in, .., +, -, ~, *, /, %, **
* all literals supported by Twig: strings, numbers, arrays (`[1, 2]`), hashes
(`{a: "b"}`), Booleans, and null.
* simple variables (`foo`), array accesses (`foo[1]`), property accesses
(`foo.bar`), and method calls (`foo.bar(1, 2)`).
* the ternary operator: `true ? true : false` (and all the shortcuts
implemented in Twig).
* function calls (`constant('FOO')` -- `constant` is the only built-in
functions).
* and of course, any combination of the above.
The compilation is better for performances as the end result is just a plain PHP string without any runtime. For the evaluation, we need to tokenize, parse, and evaluate the nodes on the fly. This can be optimized by using a `ParsedExpression` or a `SerializedParsedExpression` instead:
```php
$nodes = $language->parse($expr, $names);
$expression = new SerializedParsedExpression($expr, serialize($nodes));
// You can now store the expression in a DB for later reuse
// a SerializedParsedExpression can be evaluated like any other expressions,
// but under the hood, the lexer and the parser won't be used at all, so it''s much faster.
$language->evaluate($expression);
```
That's all folks!
I can see many use cases for this new component, and we have two use cases in
Symfony that we can implement right away.
## Using Expressions in the Service Container
The first one is expression support in the service container (it would replace
#8850) -- anywhere you can pass an argument in the service container, you can
use an expression:
```php
$c->register('foo', 'Foo')->addArgument(new Expression('bar.getvalue()'));
```
You have access to the service container via `this`:
container.get("bar").getvalue(container.getParameter("value"))
The implementation comes with two functions that simplifies expressions
(`service()` to get a service, and `parameter` to get a parameter value). The
previous example can be simplified to:
service("bar").getvalue(parameter("value"))
Here is how to use it in XML:
```xml
<parameters>
<parameter key="value">foobar</parameter>
</parameters>
<services>
<service id="foo" class="Foo">
<argument type="expression">service('bar').getvalue(parameter('value'))</argument>
</service>
<service id="bar" class="Bar" />
</services>
```
and in YAML (I chose the syntax randomly ;)):
```yaml
parameters:
value: foobar
services:
bar:
class: Bar
foo:
class: Foo
arguments: [@=service("bar").getvalue(parameter("value"))]
```
When using the container builder, Symfony uses the evaluator, but with the PHP
dumper, the compiler is used, and there is no overhead as the expression
engine is not needed at runtime. The expression above would be compiled to:
```php
$this->get("bar")->getvalue($this->getParameter("value"))
```
## Using Expression for Security Access Control Rules
The second use case in Symfony is for access rules.
As we all know, the way to configure the security access control rules is confusing, which might lead to insecure applications (see http://symfony.com/blog/security-access-control-documentation-issue for more information).
Here is how the new `allow_if` works:
```yaml
access_control:
- { path: ^/_internal/secure, allow_if: "'127.0.0.1' == request.getClientIp() or has_role('ROLE_ADMIN')" }
```
This one restricts the URLs starting with `/_internal/secure` to people browsing from the localhost. Here, `request` is the current Request instance. In the expression, there is access to the following variables:
* `request`
* `token`
* `user`
And to the following functions:
* `is_anonymous`
* `is_authenticated`
* `is_fully_authenticated`
* `is_rememberme`
* `has_role`
You can also use expressions in Twig, which works well with the `is_granted` function:
```jinja
{% if is_granted(expression('has_role("FOO")')) %}
...
{% endif %}
```
## Using Expressions in the Routing
Out of the box, Symfony can only match an incoming request based on some pre-determined variables (like the path info, the method, the scheme, ...). But some people want to be able to match on more complex logic, based on other information of the Request object. That's why we introduced `RequestMatcherInterface` recently (but we no default implementation in Symfony itself).
The first change I've made (not related to expression support) is implement this interface for the default `UrlMatcher`. It was simple enough.
Then, I've added a new `condition` configuration for Route objects, which allow you to add any valid expression. An expression has access to the `request` and to the routing `context`.
Here is how one would configure it in a YAML file:
```yaml
hello:
path: /hello/{name}
condition: "context.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
Why do I keep the context as all the data are also available in the request? Because you can also use the condition without using the RequestMatcherInterface, in which case, you don't have access to the request. So, the previous example is equivalent to:
```yaml
hello:
path: /hello/{name}
condition: "request.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
When using the PHP dumper, there is no overhead as the condition is compiled. Here is how it looks like:
```php
// hello
if (0 === strpos($pathinfo, '/hello') && preg_match('#^/hello/(?P<name>[^/]++)$#s', $pathinfo, $matches) && (in_array($context->getMethod(), array(0 => "GET", 1 => "HEAD")) && preg_match("/firefox/i", $request->headers->get("User-Agent")))) {
return $this->mergeDefaults(array_replace($matches, array('_route' => 'hello')), array ());
}
```
Be warned that conditions are not taken into account when generating a URL.
## Using Expressions in the Validator
There is a new Expression constraint that you can put on a class. The expression is then evaluated for validation:
```php
use Symfony\Component\Validator\Constraints as Assert;
/**
* @Assert\Condition(condition="this.getFoo() == 'fo'", message="Not good!")
*/
class Obj
{
public function getFoo()
{
return 'foo';
}
}
```
In the expression, you get access to the current object via the `this` variable.
## Dynamic annotations
The expression language component is also very useful in annotations. the SensoLabs FrameworkExtraBundle leverages this possibility to implement HTTP validation caching in the `@Cache` annotation and to add a new `@Security` annotation (see sensiolabs/SensioFrameworkExtraBundle#238.)
Commits
-------
d4ebbfd [Validator] Renamed Condition to Expression and added possibility to set it onto properties
a3b3a78 [Validator] added a constraint that runs an expression
1bcfb40 added optimized versions of expressions
984bd38 mades things more consistent for the end user
d477f15 [Routing] added support for expression conditions in routes
86ac8d7 [ExpressionLanguage] improved performance
e369d14 added a Twig extension to create Expression instances
38b7fde added support for expression in control access rules
2777ac7 [HttpFoundation] added ExpressionRequestMatcher
c25abd9 [DependencyInjection] added support for expressions in the service container
3a41781 [ExpressionLanguage] added support for regexes
9d98fa2 [ExpressionLanguage] added the component
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fix typo and remove unused logger
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
a33cc51 [Security] remove unused logger
62de9c1 [Security] fix typo
This PR was merged into the master branch.
Discussion
----------
[Security] Remove unused use statement
Commits
-------
6981669 Remove unused use statement
* 2.3:
fixed phpdoc
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
* 2.2:
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Command/Command.php
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php
src/Symfony/Component/Locale/Locale.php
src/Symfony/Component/Locale/README.md
src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
* 2.3:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
* 2.2:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
* 2.3:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
Removed duplicate annotation
[HttpKernel] made code more reliable
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/GenericEntityChoiceListTest.php
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypeTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php
* 2.2:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[HttpKernel] made code more reliable
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/EntityChoiceListTest.php
src/Symfony/Component/Form/Extension/Core/ChoiceList/ChoiceListInterface.php
src/Symfony/Component/Form/Extension/Core/EventListener/FixRadioInputListener.php
src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/ChoiceTypeTest.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.3:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
removed unused variable
[Form] fix iterator typehint
typos
Button missing getErrorsAsString() fixes#8084 Debug: Not calling undefined method anymore. If the form contained a submit button the call would fail and the debug of the form wasn't possible. Now it will work in all cases. This fixes#8084
Use isset() instead of array_key_exists() in DIC
Fixed annotation
[BrowserKit] fixed method/files/content when redirecting a request
[BrowserKit] removed some headers when redirecting a request
[BrowserKit] fixed headers when redirecting if history is set to false (refs #8697)
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
[BrowserKit] Pass headers when `followRedirect()` is called
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
* 2.2:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
typos
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Component/Console/Application.php
* 2.2:
[Security] fixed some phpdoc
Fixed PHPDoc Blocks
optimized circular reference checker
[HttpKernel] changed fragment URLs to be relative by default (closes#8458)
This PR was merged into the master branch.
Discussion
----------
[Security] Keep other query string parameters when switching users
| Q | A
| ---------------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| Doc PR | n/a
When switching users, the whole query string gets dropped when redirecting after the switch.
I think only the switch user parameter should be dropped from the query string.
Commits
-------
0a338f5 [Security] Keep other query string parameters when switching users
* 2.3:
Clear lazy loading initializer after the service is successfully initialized
[FrameworkBundle] added support for double-quoted strings in the extractor (closes#8797)
[SecurityBundle] Move format-dependent tests from SecurityExtensionTest
bumped Symfony version to 2.3.5-DEV
updated VERSION for 2.3.4
updated CHANGELOG for 2.3.4
bumped Symfony version to 2.2.7
updated VERSION for 2.2.6
update CONTRIBUTORS for 2.2.6
updated CHANGELOG for 2.2.6
clearToken exception is thrown at wrong place.
fix typo in test skipped message
[Form] Fixed Form::all() signature for PHP 5.3.3
[Form] Fixed Form::all() signature for PHP 5.3.3
[Locale] Fixed: Locale::setDefault() throws no exception when "en" is passed
[Locale] Fixed: StubLocale::setDefault() throws no exception when "en" is passed
[Translation] Grammar fix
[Yaml] fixed embedded folded string parsing
[Validator] fixed Boolean handling in XML constraint mappings (closes#5603)
[Translation] Fixed regression: When only one rule is passed to transChoice(), this rule should be used
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
bumped Symfony version to 2.2.7
updated VERSION for 2.2.6
update CONTRIBUTORS for 2.2.6
updated CHANGELOG for 2.2.6
clearToken exception is thrown at wrong place.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
removed deps checks in unit tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As Composer is now widely used in the PHP world, having to run composer install before running the test suite is expected. This also has the nice benefit of removing a bunch of code, making things easier to maintain (there is only one place to declare a dev dependency), and probably more.
see fabpot/Silex#626 where we did the same a while ago for Silex.
Commits
-------
de50621 removed deps checks in unit tests
* 2.3:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Include untrusted host in the exception message
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
* 2.2:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Conflicts:
UPGRADE-3.0.md
src/Symfony/Component/Locale/Resources/data/build-data.php
As Composer is now widely used in the PHP world, having to run composer
install before running the test suite is expected. This also has the
nice benefit of removing a bunch of code, making things easier to
maintain (there is only one place to declare a dev dependency), and
probably more.
* 2.3:
[Process] Revert change
[Process] Fix#8746 : slowness added in unit tests since #8741
[Process] Fix#8742 : Signal-terminated processes are not successful
corrected English grammar (s/does not exists/does not exist)
[Process] Add more precision to Process::stop timeout
[Process] Avoid zombie process in case of unit tests failure
[Process] Fix#8739
[Process] Add failing test for #8739
[Process] Fix CS
[TwigBridge] removed superflous ; when rendering form_enctype() (closes#8660)
Fixed documentation grammar for AuthenticationManagerInterface::authenticate()
[Validator] fixed the wrong isAbstract() check against the class (fixed#8589)
[TwigBridge] Prevent code extension to display warning
Fix internal sub-request creation
[FrameworkBundle] made code more generic
[Form] Moved auto_initialize option to the BaseType
Use strstr instead of strpos
Make sure ContextErrorException is loaded during compile time errors
Fix empty process argument escaping on Windows
Ignore null value in comparison validators
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
src/Symfony/Component/Process/Process.php
* 2.2:
corrected English grammar (s/does not exists/does not exist)
[Process] Add more precision to Process::stop timeout
[Process] Avoid zombie process in case of unit tests failure
[Process] Fix#8739
[Process] Add failing test for #8739
[Process] Fix CS
Fixed documentation grammar for AuthenticationManagerInterface::authenticate()
[Validator] fixed the wrong isAbstract() check against the class (fixed#8589)
[TwigBridge] Prevent code extension to display warning
Use strstr instead of strpos
Conflicts:
src/Symfony/Component/Finder/Shell/Command.php
src/Symfony/Component/Process/Process.php
* 2.3:
moved some fixed dep versions from 2.2.* to ~2.2 (refs #8613)
[HttpKernel] added a missing dep for dev
[Form] fixed wrong call to setTimeZone() (closes#8644)
Fix issue with \DateTimeZone::UTC / 'UTC' for PHP 5.4
[Form] Fixed patched forms to be valid even if children are not submitted
Revert "[Form] Fix of "PATCH'ed forms are never valid""
[Form] Fixed: If a form is not present in a request, it is not automatically submitted
Fixes link indices
[Form] Removed the "disabled" attribute from the placeholder option in select fields due to problems with the BlackBerry 10 browser
Revert "[Form] Remove "value" attribute on empty_value option"
[routing] added ability for apache matcher to handle array values
removed dead code and fixed CS
[Validator] fixed StaticMethodLoader trying to invoke methods of abstract classes (closes#8589)
* 2.2:
[HttpKernel] added a missing dep for dev
[Form] fixed wrong call to setTimeZone() (closes#8644)
Fix issue with \DateTimeZone::UTC / 'UTC' for PHP 5.4
[Form] Removed the "disabled" attribute from the placeholder option in select fields due to problems with the BlackBerry 10 browser
[routing] added ability for apache matcher to handle array values
removed dead code and fixed CS
[Validator] fixed StaticMethodLoader trying to invoke methods of abstract classes (closes#8589)
Conflicts:
src/Symfony/Bundle/TwigBundle/TokenParser/RenderTokenParser.php
src/Symfony/Component/Form/FormConfigBuilder.php
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Validator/Tests/GraphWalkerTest.php
* 2.3:
[Validator] fixed ConstraintViolation:: incorrect when nested
handle Optional and Required constraints from XML or YAML sources correctly
added missing comments to WebTestCase
Fixed#8455: PhpExecutableFinder::find() does not always return the correct binary
Added missing files .gitignore
[DependencyInjection] Fix Container::camelize to convert beginning and ending chars
[Validator] Fixed groups argument misplace for validateValue method from validator class
[Form] Fix of "PATCH'ed forms are never valid"
* 2.3:
[PropertyAccess] added moves to pluralMap
[Security] fixed issue where authentication listeners clear unrelated tokens
added greek translation
[DependencyInjection] Add exception for service name not dumpable in PHP
bumped Symfony version to 2.3.3-DEV
fix issue #8499 modelChoiceList call getPrimaryKey on a non object
updated VERSION for 2.3.2
updated CHANGELOG for 2.3.2
[DependencyInjection] Add exception for service name not dumpable in PHP
fixed typo
bumped Symfony version to 2.2.5
updated VERSION for 2.2.4
update CONTRIBUTORS for 2.2.4
updated CHANGELOG for 2.2.4
Fixed NativeSessionStorage:regenerate when does not exists
removed extraneous whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
[PropertyAccess] added moves to pluralMap
[Security] fixed issue where authentication listeners clear unrelated tokens
fix issue #8499 modelChoiceList call getPrimaryKey on a non object
[DependencyInjection] Add exception for service name not dumpable in PHP
Conflicts:
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/DependencyInjection/Tests/Dumper/PhpDumperTest.php
src/Symfony/Component/Security/Tests/Http/Firewall/BasicAuthenticationListenerTest.php
This commit fixes an issue where authentication listeners clear all security tokens in case of authentication failure.
This behavior makes it impossible to combine certain authentication mechanisms, notably x509 with form-based login.
* 2.3:
Reverts JSON_NUMERIC_CHECK
Just a Typo
[Yaml] removed wrong comment removal inside a string block
Fixing configuration validation error messages.
[HtppKernel] fixed inline fragment renderer
fixed inline fragment renderer
ProgressHelper shows percentage complete.
Comment fixed: RedrawFrequency is measured in steps.
fix handling of a default 'template' as a string
Conflicts:
src/Symfony/Component/Console/Tests/Helper/ProgressHelperTest.php
* 2.2:
Reverts JSON_NUMERIC_CHECK
Just a Typo
[Yaml] removed wrong comment removal inside a string block
Fixing configuration validation error messages.
[HtppKernel] fixed inline fragment renderer
fixed inline fragment renderer
ProgressHelper shows percentage complete.
Comment fixed: RedrawFrequency is measured in steps.
fix handling of a default 'template' as a string
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/Console/Tests/Helper/ProgressHelperTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
* 2.3:
Update JsonResponse.php
[HttpKernel] fixed the inline renderer when passing objects as attributes (closes#7124)
CookieJar remove unneeded var, Client remove unneeded else
[DI] Fixed bug requesting non existing service from dumped frozen container
Update validators.sk.xlf
[WebProfiler] fix content-type parameter
Replace romaji period characters with Japanese style zenkaku period characters
fixed CS
fixed CS
[Console] Avoided an unnecessary check.
Added missing French validator translations
typo first->second
Passed the config when building the Configuration in ConfigurableExtension
removed unused code
Fixed variable name used in translation cache
Conflicts:
src/Symfony/Component/Console/Event/ConsoleCommandEvent.php
* 2.3: (33 commits)
[Form] fixed INF usage which does not work on Solaris (closes#8246)
Fix grammar
Removed PHP 5.5 from the allowed failures.
[Intl] Fixed tests failing on PHP 5.5
bumped Symfony version to 2.2.4
updated VERSION for 2.2.3
update CONTRIBUTORS for 2.2.3
updated CHANGELOG for 2.2.3
[DependencyInjection] Replaced try/catch block with an @expectedException annotation in a test.
[CssSelector] tweaked README file (closes#8287)
added a node about HTML extension in readme
[Console] Fixed the table rendering with multi-byte strings.
Feature/fix unit tests
[Process] Disable exception on stream_select timeout
[HttpFoundation] fixed issue with session_regenerate_id (closes#7380)
[DomCrawler] added a note about the default charset
Throw exception if value is passed to VALUE_NONE input, long syntax
fixed date type format pattern regex
[Security] fixed usage of the salt for the bcrypt encoder (refs #8210)
[FrameworkBundle] tweaked previous merge (refs #8242)
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
[Security] Add simpler customization options
The goal of this is to provide a simpler extension point for people that don't have the time to dive into the whole security factory + authentication provider + user provider + authentication listener + token mess. As it stands, it gives you a way to just create one class that is handling all the security stuff in one (by implementing SimpleFormAuthenticatorInterface and UserProviderInterface) + one or more token classes.
I would like feedback on whether people think this makes sense or not before continuing and doing a SimpleHttpAuthenticatorInterface for non-form based stuff.
Just FYI that's how it would look in security.yml:
```yaml
security:
providers:
simple:
id: simple_authenticator
firewalls:
foo:
pattern: ^/
simple_form:
provider: simple
authenticator: simple_authenticator
```
/cc @atrauzzi (who posted a long rant on the ML about how hard this all is, and I can't agree more - I hope it's the right account on github?)
Commits
-------
74cfc84 marked some classes as being experimental in 2.3
471e5bc [Security] allowed simple pre-auth to be optional if another auth mechanism already authenticated the user
01c913b moved the simple HTTP authenticator to a pre-auth one
887d9b8 fixed wrong Logger interface
65335ea [Security] Renamed simple_token to simple_http, added support for failure and success handler to both simple firewalls
f7a11a1 [Security] Add simple_token auth method
1fe2ed6 [Security] Add SimpleForm authentication
* 2.3: (33 commits)
Revert "[Console] ensure exit code between 0-254"
Added missing galician (gl) translations
fix many-to-many Propel1 ModelChoiceList
[Console] ensure exit code between 0-254
Added Greek translation
[DomCrawler] Fixed a fatal error when setting a value in a malformed field name.
[FrameworkBundle] Fixed OutOfBoundException when session handler_id is null
[DependencyInjection] Add support for aliases of aliases + regression test
[Console] fix status code when Exception::getCode returns something like 0.1
Fixed doc block on Filesystem::rename
Fixed exit code for exceptions with error code 0
[DependencyInjection] Rename ContainerBuilder::$aliases to avoid conflicting with the parent class
[DependencyInjection] Remove get*Alias*Service methods from compiled containers
[DependencyInjection] Fix aliased access of shared services, fixes#8096
instantiate valid commands only
bumped Symfony version to -DEV
updated VERSION for 2.3.0
updated CHANGELOG for 2.3.0
[Config] Added tests for the FileResource and DirectoryResource.
[Config] Fixed @covers annotation which ignored some of the methods from the code coverage.
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3: (37 commits)
[Console] renamed ConsoleForExceptionEvent into ConsoleExceptionEvent
Fix several instances of doubled words
[Security] Fixed the check if an interface exists.
Added missing slovak translations
[FrameworkBundle] removed HttpFoundation classes from HttpKernel cache
[Finder] Fix iteration fails with non-rewindable streams
[Finder] Fix unexpected duplicate sub path related AppendIterator issue
[Security] Added tests for the DefaultLogoutSuccessHandler.
[Security] Added tests for the DefaultAuthenticationSuccessHandler.
[ClassLoader] tiny refactoring
[Security] Added tests for the DefaultAuthenticationFailureHandler.
[Security] Added tests for the remember me ReponseListener.
[Security] Added tests for the SessionAuthenticationStrategy.
[Security] Added tests for the AccessMap.
[FrameworkBundle] removed deprecated method from cache:clear command
[WebProfiler] remove deprecated verbose option
fix logger in regards to DebugLoggerInterface
[Form] [2.3] removed old option
Added type of return value in VoterInterface.
[Console] Add namespace support back in to list command
...
* 2.2:
Fix several instances of doubled words
[Finder] Fix iteration fails with non-rewindable streams
[Finder] Fix unexpected duplicate sub path related AppendIterator issue
Added type of return value in VoterInterface.
Fixed two bugs in HttpCache
Conflicts:
src/Symfony/Component/Finder/Iterator/RecursiveDirectoryIterator.php
* 2.1:
Fix several instances of doubled words
[Finder] Fix iteration fails with non-rewindable streams
[Finder] Fix unexpected duplicate sub path related AppendIterator issue
Added type of return value in VoterInterface.
Fixed two bugs in HttpCache
Conflicts:
src/Symfony/Component/Finder/Tests/FinderTest.php
* 2.2:
added additional tests to cover invalid argument exceptions in OutputFormatterStyle component
added a missing check for the provider key
[Validator] fixed wrong URL for XSD
[Validator] Fixed: $traverse and $deep is passed to the visitor from Validator::validate()
[Form] Fixed transform()/reverseTransform() to always throw TransformationFailedExceptions
[Form] Fixed: String validation groups are never interpreted as callbacks
if the repository method returns an array ensure that it's internal poin...
[Form] Improved multi-byte handling of NumberToLocalizedStringTransformer
Fix wrong method in findTaggedServiceIds(), add example to docblock.
Conflicts:
src/Symfony/Component/Form/Extension/Core/DataTransformer/ChoicesToBooleanArrayTransformer.php
src/Symfony/Component/Form/Extension/Validator/Constraints/FormValidator.php
* 2.1:
added additional tests to cover invalid argument exceptions in OutputFormatterStyle component
added a missing check for the provider key
[Validator] fixed wrong URL for XSD
[Form] Fixed transform()/reverseTransform() to always throw TransformationFailedExceptions
[Form] Fixed: String validation groups are never interpreted as callbacks
if the repository method returns an array ensure that it's internal poin...
Fix wrong method in findTaggedServiceIds(), add example to docblock.
Conflicts:
src/Symfony/Bridge/Doctrine/Form/DataTransformer/CollectionToArrayTransformer.php
src/Symfony/Component/Form/Extension/Core/DataTransformer/DataTransformerChain.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/ArrayToPartsTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/ChoiceToValueTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/ChoicesToValuesTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/DateTimeToArrayTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/DateTimeToRfc3339TransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/ValueToDuplicatesTransformerTest.php
The current constraint will not match 2.3.x-dev and cause edge cases
where either:
* composer falls back to symfony/symfony because it cannot find a match
* composer installs 2.2 versions of http-kernel and http-foundation
* 2.2:
Fix default value handling for multi-value options
[HttpKernel] truncate profiler token to 6 chars (see #7665)
Disabled APC on Travis for PHP 5.5+ as it is not available
[HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
Fix download over SSL using IE < 8 and binary file response
[Console] Fix merging of application definition, fixes#7068, replaces #7158
[HttpKernel] fixed the Kernel when the ClassLoader component is not available (closes#7406)
fixed output of bag values
[Yaml] improved boolean naming ($notEOF -> !$EOF)
[Yaml] fixed handling an empty value
[Routing][XML Loader] Add a possibility to set a default value to null
[Console] fixed handling of "0" input on ask
The /e modifier for preg_replace() is deprecated in PHP 5.5; replace with preg_replace_callback()
fixed handling of "0" input on ask
[HttpFoundation] Fixed bug in key searching for NamespacedAttributeBag
[Form] DateTimeToRfc3339Transformer use proper transformation exteption in reverse transformation
Update PhpEngine.php
[PropertyAccess] Add objectives to pluralMap
[Security] Removed unused var
[HttpFoundation] getClientIp is fixed.
Conflicts:
src/Symfony/Component/Console/Tests/Command/CommandTest.php
src/Symfony/Component/Console/Tests/Input/ArgvInputTest.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
[Security] [Acl] [BasicPermissionMap] Made $map protected and moved it to __construct
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
By making $map protected and moving it to the construct, you can simply extend the BasicPermissionMap class if you want to simply add some extra permissions. In it's current form, you have to copy/paste the entire array AND the getMasks and contains functions.
Commits
-------
1369d54 Made $map protected and moved it to construct.
This PR was merged into the master branch.
Discussion
----------
[2.3] [Security] Add a getter for providers to the ChainUserProvider class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
I've got a use case where I need to check if any of the chained user providers implement a particular interface. This getter would really help with that.
Commits
-------
0a82d73 Add a getter for providers to the ChainUserProvider class
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] Removed unused var
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | I guess
| Fixed tickets | -
Commits
-------
bd26419 [Security] Removed unused var
By making $map protected and moving it to the construct, you can simply extend the BasicPermissionMap class if you want to simply add some extra permissions. In it's current form, you have to copy/paste the entire array AND the getMasks and contains functions.
* 2.2:
Fix finding ACLs from ObjectIdentity's with different types
[HttpKernel] tweaked previous merge
#7531: [HttpKernel][Config] FileLocator adds NULL as global resource path
Fix autocompletion of command names when namespaces conflict
Fix timeout in Process::stop method
fixed CS
Round stream_select fifth argument up.
Fix Process timeout
[HttpKernel] Remove args from 5.3 stack traces to avoid filling log files, fixes#7259
bumped Symfony version to 2.2.2-DEV
updated VERSION for 2.2.1
updated CHANGELOG for 2.2.1
Fixed phpdoc blocks to show that $uri can be passed as a string or ControllerReference (rather than just as a string)
[HttpFoundation] Fixed copy pasted comment from FlashBag in AttributeBag
[FrameworkBundle] fixed the discovery of the PHPUnit configuration file when using aggregate options like in -vc app/ (closes#7562)
[WebProfilerBundle] removed next pointer class in a template
fix overwriting of request's locale if attribute _locale is missing
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/EventListener/LocaleListener.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2: (22 commits)
fixed doc references (closes#7515)
fixed doc references (closes#7515)
On OS X, sys_get_tmp_dir() returns /var/private/..., which really is below /private/var.
Doctrine cannot handle bare random non-utf8 strings
small changes
[SecurityBundle] Fixed configuration exemple
idAsIndex should be true with a smallint or bigint id field.
[PropertyAccess] Remove trailing periods from doc blocks
Fix param docs for PropertyAccessor read method
Fixed long multibyte parameter logging in DbalLogger:startQuery
Keep the file extension in the temporary copy and test that it exists (closes#7482)
bumped Symfony version to 2.1.10-DEV
[Validator][translation][japanese]replaced period to japanese one [Validator][translation][japanese]fixed japanese translation to more practical one [Validator][translation][japanese]fixed message ordering to be consistent with other languages [Validator][translation][japanese]added new validation messages in japanese translation
updated VERSION for 2.1.9
update CONTRIBUTORS for 2.1.9
updated CHANGELOG for 2.1.9
[Security] fixed wrong interface
Remove already defined arguments
Add missing use
[FrameworkBundle] Reuse definition variable in FormPass
...
Conflicts:
src/Symfony/Bridge/Doctrine/Logger/DbalLogger.php
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/config.html.twig
* 2.1:
fixed doc references (closes#7515)
small changes
[SecurityBundle] Fixed configuration exemple
idAsIndex should be true with a smallint or bigint id field.
Fixed long multibyte parameter logging in DbalLogger:startQuery
Keep the file extension in the temporary copy and test that it exists (closes#7482)
[Validator][translation][japanese]replaced period to japanese one [Validator][translation][japanese]fixed japanese translation to more practical one [Validator][translation][japanese]fixed message ordering to be consistent with other languages [Validator][translation][japanese]added new validation messages in japanese translation
Conflicts:
src/Symfony/Component/Validator/Resources/translations/validators.ja.xlf
This PR was merged into the master branch.
Discussion
----------
[2.2] [Security] Add an option to disable the hasPreviousSession() check in AbstractAuthenticationListener
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: [![Build Status](https://secure.travis-ci.org/adrienbrault/symfony.png?branch=security-feature)](http://travis-ci.org/adrienbrault/symfony)
Fixes the following tickets: #3703
Todo: Add this option to the symfony doc security configuration reference
License of the code: MIT
Documentation PR: N/A
As stated in #3703, all authentication listeners that inherit from AbstractAuthenticationListener, only work when a previous session has been created.
This PR allows to change the default behavior in the security.yml file.
Example:
```yml
security:
firewalls:
secured_area:
pattern: ^/demo/secured/
form_login:
check_path: /demo/secured/login_check
login_path: /demo/secured/login
require_previous_session: false # The default value is true
logout:
path: /demo/secured/logout
target: /demo/
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
```
PS: While removing my old commit, it closed the #4774 PR ...
Commits
-------
0562463 [Security] Add an option to disable the hasPreviousSession() check in AbstractAuthenticationListener
* 2.2: (70 commits)
change wrapped exception message to be more usefull
updated VERSION for 2.0.23
update CONTRIBUTORS for 2.0.23
updated CHANGELOG for 2.0.23
[Form] fixed failing test
[DomCrawler] added support for query string with slash
Fixed invalid file path for hiddeninput.exe on Windows.
fix xsd definition for strict-requirements
[WebProfilerBundle] Fixed the toolbar styles to apply them in IE8
[ClassLoader] fixed heredocs handling
fixed handling of heredocs
Add a public modifier to an interface method
removing xdebug extension
[HttpRequest] fixes Request::getLanguages() bug
[HttpCache] added a test (cached content should be kept after purging)
[DoctrineBridge] Fixed non-utf-8 recognition
[Security] fixed HttpUtils class tests
replaced new occurences of 'Request::create()' with '::create()'
changed sub-requests creation to '::create()'
fixed merge issue
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/TranslationUpdateCommand.php
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar.html.twig
src/Symfony/Component/DomCrawler/Link.php
src/Symfony/Component/Translation/Translator.php
* 2.1:
Add a public modifier to an interface method
[HttpRequest] fixes Request::getLanguages() bug
[HttpCache] added a test (cached content should be kept after purging)
[DoctrineBridge] Fixed non-utf-8 recognition
[Security] fixed HttpUtils class tests
* 2.1:
sub-requests are now created with the same class as their parent
[FrameworkBundle] removed BC break
[FrameworkBundle] changed temp kernel name in cache:clear
[DoctrineBridge] Avoids blob values to be logged by doctrine
[Security] use current request attributes to generate redirect url?
[Validator] fix showing wrong max file size for upload errors
[TwigBridge] removed double var initialization (refs #7344)
[2.1][TwigBridge] Fixes Issue #7342 in TwigBridge
[FrameworkBundle] fixed cahe:clear command's warmup
[TwigBridge] now enter/leave scope on Twig_Node_Module
[TwigBridge] fixed fixed scope & trans_default_domain node visitor
[TwigBridge] fixed non probant tests & added new one
[BrowserKit] added ability to ignored malformed set-cookie header
[Translation] removed wriong 'use'
[Translation] added xliff loader/dumper with resname support
[TwigBridge] fixes
Conflicts:
src/Symfony/Bundle/FrameworkBundle/HttpKernel.php
src/Symfony/Component/Security/Http/HttpUtils.php
src/Symfony/Component/Translation/Loader/XliffFileLoader.php
src/Symfony/Component/Translation/Tests/Loader/XliffFileLoaderTest.php
* 2.2: (26 commits)
[FrameworkBundle] Fixes invalid serialized objects in cache
remove dead code in yaml component
Fixed typo in UPGRADE-2.2
fixed typo
RedisProfilerStorage wrong db-number/index-number selected
[DependencyInjection] added a test for the previous merge (refs #7261)
Unset loading[$id] in ContainerBuilder on exception
Default validation message translation fix.
remove() should not use deprecated getParent() so it does not trigger deprecation internally
adjust routing tests to not use prefix in addCollection
add test for uniqueness of resources
added tests for addDefaults, addRequirements, addOptions
adjust RouteCollectionTest for the addCollection change and refactor the tests to only skip the part that really needs the config component
added tests for remove() that wasnt covered yet and special route name
refactor interator test that was still assuming a tree
adjust tests to no use addPrefix with options
adjusted tests to not use RouteCollection::getPrefix
[Routing] trigger deprecation warning for deprecated features that will be removed in 2.3
[Console] fixed StringInput binding
[Console] added string input test
...
* 2.2:
fixed CS
Add persian translation to Components/Security
bumped Symfony version to 2.2.1-DEV-DEV
updated VERSION for 2.2.0
updated CHANGELOG for 2.2.0
* 2.2:
Defined stable version point of Doctrine.
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Update composer.json
[Form] Fixed TimeType not to render a "size" attribute in select tags
[Form] Added test for "label" option to accept the value "0"
Expanded fault-tolerance for unusual cookie dates
Fix docblock type
[Form] Fixed "label" option to accept the value "0"
Added greek translation
merged branch jfcixmedia/2.1 (PR #5838)
added a note about a BC break for the path info of sub-request (closes#7138)
[DomCrawler] lowered parsed protocol string (fixes#6986)
[FrameworkBundle] Fix a BC for Hinclude global template
[HttpKernel] fixed locale management when exiting sub-requests
fixed HInclude renderer (closes#7113)
Removed some leaking deprecation warning in the Form component
[HttpKernel] hinclude fragment renderer must escape URIs properly to return valid html
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Security/composer.json
* 2.1:
Defined stable version point of Doctrine.
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Update composer.json
[Form] Fixed TimeType not to render a "size" attribute in select tags
[Form] Added test for "label" option to accept the value "0"
Expanded fault-tolerance for unusual cookie dates
Fix docblock type
[Form] Fixed "label" option to accept the value "0"
merged branch jfcixmedia/2.1 (PR #5838)
[DomCrawler] lowered parsed protocol string (fixes#6986)
Conflicts:
composer.json
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/time_widget.html.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
src/Symfony/Component/Routing/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Validator/composer.json
* 2.2:
Fixed XmlFileLoaderTest::testLoadThrowsExceptionWithInvalidFileEvenWithoutSchemaValidation
moved file hash calculation to own method
[Validator] Add check for existing metadata on property
added support for the X-Forwarded-For header (closes#6982, closes#7000)
fixed the IP address in HttpCache when calling the backend
[EventDispatcher] Added assertion.
[EventDispathcer] Fix removeListener
[DependencyInjection] Add clone for resources which were introduced in 2.1
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Fix 'undefined index' error, when entering scope recursively
[Security] fixed session creation on login (closes#7011)
replaced usage of the deprecated pattern routing key (replaced with path)
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
* 2.1:
added support for the X-Forwarded-For header (closes#6982, closes#7000)
fixed the IP address in HttpCache when calling the backend
[EventDispatcher] Added assertion.
[EventDispathcer] Fix removeListener
[DependencyInjection] Add clone for resources which were introduced in 2.1
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Fix 'undefined index' error, when entering scope recursively
[Security] fixed session creation on login (closes#7011)
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
* 2.2: (30 commits)
[HttpFoundation] Added support for partial ranges in the BinaryFileResponse.
[HttpFoundation] Fixed byte ranges in the BinaryFileResponse.
updated required versions when depending on the HttpFoundation component
updated required versions when depending on the HttpKernel component
updated required versions when depending on the Config component
updated required versions when depending on the Form component
updated required versions when depending on the DependencyInjection component
updated required versions when depending on the Validator component
updated required versions when depending on the Translation component
updated required versions when depending on the Routing component
updated required versions when depending on the EventDispatcher component
updated required versions when depending on the OptionsResolver component
updated required versions when depending on the PropertyAccess component
updated required versions when depending on the Security component
updated required versions when depending on the Templating component
updated required versions when depending on the Stopwatch component
updated required versions when depending on the Process component
updated required versions when depending on the Finder component
updated required versions when depending on the Dom Crawler component
use ~2.0 when depending on the Dom Crawler component
...
* 2.2:
[HttpFoundation] fixed Request::create() method
[HttpKernel] fixed the creation of the Profiler directory
[HttpKernel] fixed the hinclude fragment renderer when the template is empty
bumped Symfony version to 2.2.0-RC2-DEV
[DependencyInjection] enhanced some error messages
[FrameworkBundle] fixed typo
fixed typo
tweaked previous merge
[Security] fixed interface implementation (closes#6974)
Add "'property_path' => false" deprecation message for forms
fixed CS
Added BCrypt password encoder.
updated VERSION for 2.2.0-RC1
Removed underscores from test method names to be consistent with other components.
[Security] fixed session creation when none is needed (closes#6917)
[FrameworkBundle] removed obsolete comment (see 2e356c1)
Micro-optimization
[FrameworkBundle] removed extra whitespaces
[Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API.
[FrameworkBundle] fixed wrong indentation on route debug output
* 2.1:
[HttpKernel] fixed the creation of the Profiler directory
[Security] fixed session creation when none is needed (closes#6917)
[FrameworkBundle] removed obsolete comment (see 2e356c1)
This PR was merged into the 2.2 branch.
Commits
-------
35b62ac [Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API.
Discussion
----------
[Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes (for people already using the ``UserPassword`` constraint class in their code)
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
* 2.2:
fixed regression in the Finder component (it was possible to use it without using exec before, closes#6357)
fixed a circular call (closes#6864)
typo
[Security] [Tests] added unit tests for the UserPasswordValidator class and made the validator service for the UserPassword constraint configurable.
fixed wrong indentation
tweaked previous commit
[HttpKernel] Fix the URI signer (closes#6801)
Add Arabic translations.
[HttpKernel] fixed regression when rendering an inline controller and passing some objects (closes#6822)
[FrameworkBundle] fixed typo
renamed some classes and Twig functions to more descriptive names (refs #6871)
Classcollectionloader: fix traits + enhancements
Fix a deprecated method call in the tests
Update `composer.json` files: - to allow versions ~2.2 (>=2.2,<3.0) of Doctrine DBAL, ORM & Common - fixed Propel1 versions difference between main and bridge files - fixed Twig versions difference between main and bridge files - to allow versions ~1.11 (>=1.11,<2.0) of Twig - fixed Locale ext-intl version to accept all, not non-existing version
Correct comment in NativeSessionStorage regarding session.save_handler
[Security] Add PHPDoc to AuthenticationEvents
This PR was merged into the 2.1 branch.
Commits
-------
e7624b6 [Security] Add PHPDoc to AuthenticationEvents
Discussion
----------
[Security] Added PHPDoc to AuthenticationEvents
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
* 2.1:
[DependencyInjection] fixed the creation of synthetic services in ContainerBuilder
[Security] PHPDoc in SecurityEvents
Fix typos in README
Added an error message in the DebugClassLoader when using / instead of \.
KNOWN_ISSUES with php 5.3.16
[FrameworkBundle] fixed Client::doRequest that must call its parent method (closes#6737)
[Yaml] fixed ignored text when parsing an inlined mapping or sequence (closes#6786)
[Yaml] fixed#6773
[Yaml] fixed#6770
bumped Symfony version to 2.1.8-DEV
bumped Symfony version to 2.0.23-DEV
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Client.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.0:
[DependencyInjection] fixed the creation of synthetic services in ContainerBuilder
[Security] PHPDoc in SecurityEvents
[FrameworkBundle] fixed Client::doRequest that must call its parent method (closes#6737)
[Yaml] fixed ignored text when parsing an inlined mapping or sequence (closes#6786)
[Yaml] fixed#6773
[Yaml] fixed#6770
bumped Symfony version to 2.0.23-DEV
Conflicts:
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Yaml/Inline.php
src/Symfony/Component/Yaml/Tests/InlineTest.php
This PR was squashed before being merged into the 2.0 branch (closes#6818).
Commits
-------
598ae9d [Security] PHPDoc in SecurityEvents
Discussion
----------
[Security] PHPDoc in SecurityEvents
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I'm not sure about the description given.
* 2.1:
[Yaml] fixed default value
Added Yaml\Dumper::setIndentation() method to allow a custom indentation level of nested nodes.
added a way to enable/disable object support when parsing/dumping
added a way to enable/disable PHP support when parsing a YAML input via Yaml::parse()
fixed CS
[Process] Fix docblocks, remove `return` from `PhpProcess#start()` as parent returns nothing, cleaned up `ExecutableFinder`
fixes a bug when output/error output contains a % character
[Console] fixed input bug when the value of an option is empty (closes#6649, closes#6689)
[Profiler] [Redis] Fix sort of profiler rows.
Fix version_compare() calls for PHP 5.5.
Removed underscores from test method names to be consistent with other components.
[Process] In edge cases `getcwd()` can return `false`, then `proc_open()` should get `null` to use default value (the working dir of the current PHP process)
Fix version_compare() calls for PHP 5.5.
Handle the deprecation of IntlDateFormatter::setTimeZoneId() in PHP 5.5.
removed the .gitattributes files (closes#6605, reverts #5674)
[HttpKernel] Clarify misleading comment in ExceptionListener
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_style.html.twig
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/TimeTypeTest.php
src/Symfony/Component/Form/Tests/Util/PropertyPathTest.php
src/Symfony/Component/HttpKernel/Profiler/RedisProfilerStorage.php
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Commits
-------
68ac23f [Security] Added Danish translation
Discussion
----------
[Security] Added Danish translation
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Deprecations: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
This PR was merged into the master branch.
Commits
-------
fb52d94 Update src/Symfony/Component/Security/Resources/translations/security.es_CA.xlf
Discussion
----------
Update src/Symfony/Component/Security/Resources/translations/security.es...
..._CA.xlf
This PR was merged into the master branch.
Commits
-------
0a060ca Fix Russian and Ukrainian translations for Security component
Discussion
----------
[Security] Fix Russian and Ukrainian translations
This PR was merged into the master branch.
Commits
-------
6b669fb Update src/Symfony/Component/Security/Resources/translations/security.nl.xlf
Discussion
----------
Update src/Symfony/Component/Security/Resources/translations/security.nl.xlf
see #6668
Some more minor tweaks
This PR was merged into the master branch.
Commits
-------
83d0469 Create security.no.xlf
Discussion
----------
Norwegian Translation for Security
Norwegian Translation
This PR was merged into the master branch.
Commits
-------
1edf302 Fixed some translation typos
Discussion
----------
Fixed translation typos on the Security componente
Hi,
In my last PR I've introduced some translation typos on the Security component messages for the Spanish translation.
So sorry.
Christian.
This PR was merged into the master branch.
Commits
-------
77545a2 Update src/Symfony/Component/Security/Resources/translations/security.es.xlf
Discussion
----------
Update src/Symfony/Component/Security/Resources/translations/security.es...
....xlf
---------------------------------------------------------------------------
by mweimerskirch at 2013-01-10T17:43:38Z
Duplicate of #6684?
This PR was merged into the master branch.
Commits
-------
a1ef9d8 Fixed 2 typos in French translation
Discussion
----------
Fixed 2 typos in French translation
This PR was merged into the master branch.
Commits
-------
b92973c Fixed German translations for security component
Discussion
----------
Fixed German translations for security component
authentication != authorisation
plus a few other minor things
This PR was merged into the master branch.
Commits
-------
9471a1c Added Luxembourgish translation for security component
Discussion
----------
Added Luxembourgish translation for security component
This PR was merged into the master branch.
Commits
-------
67d7423 Remove use of deprecated HttpKernel LoggerInterface
dca4528 [HttpKernel] Extend psr/log's NullLogger class
1e5a890 [Monolog] Mark old non-PSR3 methods as deprecated
91a86f8 [HttpKernel][Monolog] Add PSR-3 support to the LoggerInterface
Discussion
----------
[HttpKernel][MonologBridge] PSR-3 support
This enables PSR-3 support and monolog 1.3+. The first commit is the main part. The rest deals with deprecation of short-hand methods (warn/err/crit/emerg) that are fully expanded in PSR-3 (warning/error/critical/emergency).
The downside of deprecating them is that for bundles it's a bit harder to support older and newer versions. If that is too much of a hassle you can drop that for now and cherry pick the first commit.
The upside is that it forces people to move towards PSR-3 compatible stuff, which means eventually we could completely drop the LoggerInterface from the framework. In any case I think the documentation should only mention the `Psr\Log\LoggerInterface` and people should start hinting against that. The change should be done in core as well I suppose.
Anyway I wanted to throw this out there as it is to get feedback.
---------------------------------------------------------------------------
by stof at 2013-01-09T09:15:15Z
@Seldaek I also think you should change the typehint to use the PSR LoggerInterface in all classes using the logger
---------------------------------------------------------------------------
by Seldaek at 2013-01-09T09:54:55Z
OK updated according to all the feedback. I tested it in an app and it still seems to work so there shouldn't be any major issues.
---------------------------------------------------------------------------
by Seldaek at 2013-01-09T09:59:55Z
@fabpot if you merge please merge also the bundle PR, otherwise it won't be possible to update without conflict.
---------------------------------------------------------------------------
by frosas at 2013-01-10T14:59:20Z
I'm trying to understand why a `composer update` of a Symfony 2.1.* resulted in a fatal error. Shouldn't a stable version don't break like this?
As @olaurendeau points, why Symfony depends 1.* instead of 1.2.*? Or why Monolog 1.3 breaks its public interface (EDIT: I'm not sure about it)? Or why isn't this PR being merged (into branch 2.1) at the same time Monolog 1.3 is released?
Please, understand I'm not looking for who to blame, it's just I want to know if this situation is unexpected or if otherwise a `composer update` on a stable branch is not as innocent as it seems.
---------------------------------------------------------------------------
by stof at 2013-01-10T15:06:51Z
@frosas it cannot be merged into 2.1 as it is a BC break. The 2.1 branch has been updated to forbid Monolog 1.3 already
---------------------------------------------------------------------------
by Seldaek at 2013-01-10T15:11:58Z
@frosas you can blame me for releasing as 1.3.0 and not 2.0, but technically for monolog this isn't really a BC break, I just added an interface. The problem is due to the way it's used in symfony, it ended up as a fatal error. In any case the situation is now sorted out I think.
---------------------------------------------------------------------------
by frosas at 2013-01-10T15:26:43Z
@stof now I see this `>=1.0,<1.3-dev` change in the 2.1 branch. Now, shouldn't a new (2.1.7) version be released for all of us not in the dev minimum-stability?
@Seldaek then do you see feasible to rely only in X.Y.* versions to avoid this kind of errors?
---------------------------------------------------------------------------
by Seldaek at 2013-01-10T15:45:22Z
@frosas relying on X.Y.* is painful because you always need to wait until someone updates the constraint to get the new version. Of course using ~1.3 like in this PR means if I fuck up and break BC people will update to it, but that's a less likely occurrence than the alternative I think, so I would rather not use X.Y.*
---------------------------------------------------------------------------
by frosas at 2013-01-10T15:50:50Z
@Seldaek you are right about this, but I was thinking more in changing it only for the stable versions. EDIT: I mean, how often do you need a new feature in a branch you only apply fixes to?
---------------------------------------------------------------------------
by stof at 2013-01-10T15:57:32Z
@frosas Monolog and Symfony have separate release cycles. Foorcing Symfony users to use an old version of Monolog until they update to a new version of Symfony whereas the newer Monolog is compatible is a bad idea. Thus, as Monolog keeps BC, it does not maintain bugfix releases for all older versions (just like Twig does too). So it would also forbid you to get the fixes done in newer Monolog versions.
The incompatibility between Symfony 2.1 LoggerInterface and PSR-3 (whereas they expect exactly the same behavior and signature for methods with the same name) is unfortunate and is the reason why we get some issues here.
---------------------------------------------------------------------------
by frosas at 2013-01-10T16:21:06Z
@stof I appreciate you prefer to allow newer versions at the price of having to be constantly monitoring its changes to avoid breaks.
Another similar but safer strategy would be to stick to X.Y.* versions and upgrade to X.Y+1.* once the new version integration is tested, but I understand this is discutible in projects as close to Symfony as Monolog.
Returning to the issue, what do you say to release this 2.1.7 version? Or is it only me who is having issues here?
---------------------------------------------------------------------------
by stof at 2013-01-10T16:26:20Z
@frosas a minor release should not break BC when following smeantic versionning (Symfony warned about the fact it is not strictly followed for the first releases of 2.x). But as far as monolog is concerned, 1.3 is BC with 1.2.
---------------------------------------------------------------------------
by Seldaek at 2013-01-10T16:49:55Z
@frosas sorry I didn't get you still had the problem. I tagged a 2.1.7 of monologbundle which hopefully fixes your issue.
This PR was merged into the master branch.
Commits
-------
0b75f67 Security component Polish message translations
Discussion
----------
[Security] Polish message translations
Security component messages translated from English to Polish.
This PR was merged into the master branch.
Commits
-------
c06e627 Fixed some typos
Discussion
----------
FIxed some typos in the Spainsh translation of the Security component messages
Hi,
In order to show the most clear and less _"robotic"_ messages in Spanish, I've fixed some typos and some incorrect translations in the Spanish translation file of the Security component.
Christian.
This PR was merged into the master branch.
Commits
-------
e84a8d0 fixed some small issues with grammar and used terminology
Discussion
----------
fixed some small issues with grammar and used terminology
This PR was merged into the master branch.
Commits
-------
d5825aa slovenian translations of security component added
Discussion
----------
Slovenian translations of security component added
This PR was merged into the master branch.
Commits
-------
d6f972b Created Slovak translation to Security
Discussion
----------
[security][tranlation] Created Slovak translation to Security
This PR was merged into the master branch.
Commits
-------
6ae8ca8 Update src/Symfony/Component/Security/Resources/translations/security.es.xlf
Discussion
----------
Update src/Symfony/Component/Security/Resources/translations/security.es...
....xlf
This PR was merged into the master branch.
Commits
-------
9b8428d [security][tranlation]Fixed spanish translation
Discussion
----------
[security][tranlation]Fixed spanish translation
This PR was merged into the master branch.
Commits
-------
0b5177b added italian translations
Discussion
----------
added italian translations for the security component
---------------------------------------------------------------------------
by matteosister at 2013-01-10T14:22:54Z
not sure if the file should be named **security.it_IT.xlf** or **security.it.xlf**
---------------------------------------------------------------------------
by fabpot at 2013-01-10T14:25:49Z
security.it.xlf
---------------------------------------------------------------------------
by matteosister at 2013-01-10T14:31:14Z
ok, renamed the files, and squashed the pr to a single commit!
Thanks @fabpot!
This PR was squashed before being merged into the master branch (closes#6660).
Commits
-------
45c8682 [Security][Translation]Created fr translation for Security
Discussion
----------
[Security][Translation]Created fr translation for Security
adds french translations for the security component
This PR was merged into the master branch.
Commits
-------
c3a6659 [Security] added Hungarian translations for exception messages
Discussion
----------
[Security] added Hungarian translations for exception messages
This PR was merged into the master branch.
Commits
-------
2f51961 Created de translation for Security
Discussion
----------
[Security][Translation]Created de translation for Security
This PR was merged into the master branch.
Commits
-------
e35998f Translated to Romanian
Discussion
----------
[Security] Translated to Romanian
Added Romanian version for Security messages.
Thanks!
This PR was merged into the master branch.
Commits
-------
73db84f [Security] Move translations file to 'security' domain
324703a [Security] Switch to English messages as message keys
aa74769 [Security] Fix CS + unreachable code
2d7a7ba [Security] Fix `AuthenticationException` serialization
50d5724 [Security] Introduced `UsernameNotFoundException#get/setUsername`
39da27a [Security] Removed `get/setExtraInformation`, added `get/set(Token|User)`
837ae15 [Security] Add note about changed constructor to changelog
d6c57cf [FrameworkBundle] Register security exception translations
d7129b9 [Security] Fix exception constructors called in `UserChecker`
0038fbb [Security] Add initial translations for AccountStatusException childs
50e2cfc [Security] Add custom `getMessageKey` AccountStatusException childs
1147977 [Security] Fix InsufficientAuthenticationException constructor calls
79430b8 [Security] Fix AuthenticationServiceException constructor calls
42cced4 [Security] Fix AuthenticationException constructor calls
963a1d7 [Security] Add initial translations for the exceptions
ed6eed4 [Security] Add `getMessageKey` and `getMessageData` to auth exceptions
694c47c [Security] Change signature of `AuthenticationException` to match `\Exception`
Discussion
----------
[2.2][Security] AuthenticationException enhancements
Bug fix: semi
Feature addition: yes
Backwards compatibility break: yes
Symfony2 tests pass: [![Build Status](https://secure.travis-ci.org/asm89/symfony.png?branch=issue-837)](http://travis-ci.org/asm89/symfony)
Fixes the following tickets: #837
License of the code: MIT
This PR adds the functionality discussed in #837 and changes the constructor of the `AuthenticationException` to match that of `\Exception`. This PR will allow developers to show a translated (save) authentication exception message to the user. :)
*Todo:*
- Add some functional test to check that the exceptions can indeed be translated?
- Get feedback on the current English messages
---------------------------------------------------------------------------
by asm89 at 2012-07-15T14:04:11Z
ping @schmittjoh
---------------------------------------------------------------------------
by schmittjoh at 2012-07-15T14:57:32Z
Looks good to me.
While you are at the exceptions, I think we can also get rid of the "extra information" thing and replace it by explicit getters/setters. Mostly that will mean adding set/getToken, set/getUser, set/getUsername. Bundles might add custom exceptions which have other data. This will make it a bit more useful and predictable.
---------------------------------------------------------------------------
by asm89 at 2012-07-15T15:40:45Z
@schmittjoh I removed the `get/setExtraInformation` and added the more explicit getters/setters as you suggested.
---------------------------------------------------------------------------
by asm89 at 2012-07-15T19:33:15Z
@fabpot Did you reschedule this for 2.2? Why? It was originally a 2.1 ticket. I think it is an important one because at the moment there is no reliable way to show users the cause of an `AuthenticationException` without the threat of exposing sensitive information. This issue has been around for a while, see the original issue this PR refers to, or for example [this TODO comment in FOSUB](https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Controller/SecurityController.php#L37).
The PR itself is ready to merge now. My only question that remains is about whether the actual translations should be functional tested?
---------------------------------------------------------------------------
by fabpot at 2012-07-15T19:43:19Z
We need to stop at some point. If not, we never release anything. beta3 was scheduled for today and I don't plan any other one before the first RC and I won't have time to review this PR next week. So, if you, @schmittjoh, @vicb, @stof, and a few other core devs "validate" this PR, I might consider merging it before 2.1.
---------------------------------------------------------------------------
by asm89 at 2012-07-15T19:46:09Z
@fabpot I totally agree with your point of view. I just have been trying to pickup some security issues that were still open. :)
---------------------------------------------------------------------------
by stof at 2012-07-15T19:50:29Z
This looks good to me
---------------------------------------------------------------------------
by asm89 at 2012-08-12T09:06:24Z
Since the beta period is over I assume the window was missed to get this security related PR in 2.1. If I have feedback from @fabpot I'll still try to make it mergeable asap though.
---------------------------------------------------------------------------
by fabpot at 2012-08-13T10:10:32Z
@asm89 This would indeed be considered for merging in 2.2.
---------------------------------------------------------------------------
by Antek88 at 2012-10-03T10:30:46Z
+1
---------------------------------------------------------------------------
by stof at 2012-10-04T21:27:15Z
@asm89 could you rebase this PR ? It conflicts with master
---------------------------------------------------------------------------
by fabpot at 2012-10-05T17:16:44Z
What's the status of this PR? @asm89 Have you taken all the feedback into account?
---------------------------------------------------------------------------
by stof at 2012-10-13T17:48:48Z
@asm89 ping
---------------------------------------------------------------------------
by fabpot at 2012-10-29T09:48:40Z
@asm89 If you don't have time, I can finish the work on this PR, but can you just tell me what's left?
---------------------------------------------------------------------------
by asm89 at 2012-10-29T10:02:22Z
I can pick this up, but I have two outstanding questions:
- One about adding `::create()`? https://github.com/symfony/symfony/pull/4935#discussion_r1358297
- And what is the final verdict on the messages? https://github.com/symfony/symfony/pull/4935#discussion_r1165701 The initial idea was that the exception itself have an exception message which is plain english and informative for the developer. If you want to display the 'safe' user messages you have the optional dependency on the translator. There is a comparison made with the Validator component, but in my opinion that's a different case because the violations always contain the message directed at the user and have no plain english message for the developer. Apart from that the Validator component contains it's own code for replacing `{{ }}` variables in messages (duplication? not as flexible as the translator). Concluding I'd opt for: optional dependency on translator component if you want to show 'safe' user messages + message keys.
@schmittjoh Any things to add?
---------------------------------------------------------------------------
by schmittjoh at 2012-10-29T10:14:09Z
Message keys sound good to me. I wouldn't add the ``create`` method for now.
On Mon, Oct 29, 2012 at 11:02 AM, Alexander <notifications@github.com>wrote:
> I can pick this up, but I have two outstanding questions:
>
> - One about adding ::create()? symfony/symfony#4935<https://github.com/symfony/symfony/issues/4935#discussion_r1358297>
> - And what is the final verdict on the messages? symfony/symfony#4935<https://github.com/symfony/symfony/issues/4935#discussion_r1165701>The initial idea was that the exception itself have an exception message
> which is plain english and informative for the developer. If you want to
> display the 'safe' user messages you have the optional dependency on the
> translator. There is a comparison made with the Validator component, but in
> my opinion that's a different case because the violations always contain
> the message directed at the user and have no plain english message for the
> developer. Apart from that the Validator component contains it's own code
> for replacing {{ }} variables in messages (duplication? not as
> flexible as the translator). Concluding I'd opt for: optional dependency on
> translator component if you want to show 'safe' user messages + message
> keys.
>
> @schmittjoh <https://github.com/schmittjoh> Any things to add?
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/4935#issuecomment-9861016>.
>
>
---------------------------------------------------------------------------
by fabpot at 2012-10-29T10:27:37Z
As I said in the discussion about the translations, I'm -1 for the message keys to be consistent with how we manage translations everywhere else in the framework.
---------------------------------------------------------------------------
by stof at 2012-10-29T10:30:50Z
@fabpot When we changed the English translation for the validation errors in 2.1, we had to tag the commit as a BC rbeak as it was changing the source for all other translations. And if you look at the state of the files now, you will see that we are *not* using the English as source anymore in some places as some validation errors have a pluralized translation but the source has not been changed.
So I think using a key is more future-proof.
---------------------------------------------------------------------------
by asm89 at 2012-10-30T19:44:49Z
Any final decision on this? On one hand I have @stof and @schmittjoh +1 on message keys, on the other @fabpot -1. I guess it's your call @fabpot.
Edit: also @vicb seemed to be +1 on message keys earlier on.
---------------------------------------------------------------------------
by drak at 2012-11-01T20:19:00Z
I am also -1, I agree with @fabpot
---------------------------------------------------------------------------
by asm89 at 2012-11-12T09:38:51Z
@fabpot Can you please give a definite answer on this? I personally think @stof and @vicb have good points to do message keys, but with all these different people +1 and -1'ing the PR I'm lost on what it should actually do.
---------------------------------------------------------------------------
by asm89 at 2012-11-14T09:59:06Z
ping @fabpot
---------------------------------------------------------------------------
by asm89 at 2012-11-26T10:01:27Z
ping @fabpot We talked about this in Berlin. Any final thoughts on the PR? :) One idea was to do message keys + opt depend on the translator component if you want to use them, or use your own implementation.
---------------------------------------------------------------------------
by fabpot at 2012-11-26T14:01:37Z
The conclusion is: keep using plain English.
On Mon, Nov 26, 2012 at 11:01 AM, Alexander <notifications@github.com>wrote:
> ping @fabpot <https://github.com/fabpot> We talked about this in Berlin.
> Any final thoughts on the PR? :) One idea was to do message keys + opt
> depend on the translator component if you want to use them, or use your own
> implementation.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/4935#issuecomment-10709997>.
>
>
---------------------------------------------------------------------------
by Inori at 2012-11-26T15:00:22Z
is this final? if not, then +1 for message keys
---------------------------------------------------------------------------
by vicb at 2012-11-27T22:33:47Z
@fabpot I can't understand why we keep discussing this for months as this implementation use *both* keys and plain Englis, ie using keys is optional ( if it was not it would not be an issue according to #6129)
---------------------------------------------------------------------------
by asm89 at 2013-01-02T21:43:46Z
@fabpot @vicb I'll rebase this PR, fix the comments and refactor the message keys to use plain English + {{ }} syntax for the placeholders.
---------------------------------------------------------------------------
by asm89 at 2013-01-07T15:00:58Z
@fabpot If I fix this tonight, will it make the beta?
---------------------------------------------------------------------------
by fabpot at 2013-01-07T15:53:00Z
yes, definitely.
---------------------------------------------------------------------------
by asm89 at 2013-01-07T20:13:38Z
@fabpot I switched the implementation to English messages instead of message keys and fixed the final comments + rebased. Anything you want me to do after this?
Still happy with `getMessageKey()`?
This PR was merged into the master branch.
Commits
-------
6703fb5 added changelog entries
1997e2e fix phpdoc of UrlGeneratorInterface that missed some exceptions and improve language of exception message
f0415ed [Routing] made reference type fully BC and improved phpdoc considerably
7db07d9 [Routing] added tests for generating relative paths and network paths
75f59eb [Routing] add support for path-relative and scheme-relative URL generation
Discussion
----------
[2.2] [Routing] add support for path-relative URL generation
Tests pass: yes
Feature addition: yes
BC break: <del>tiny (see below)</del> NO
deprecations: NO
At the moment the Routing component only supports absolute and domain-relative URLs, e.g.
`http://example.org/user-slug/article-slug/comments` and
`/user-slug/article-slug/comments`.
But there are two link types missing: schema-relative URLs and path-relative URLs.
schema-relative: e.g. `//example.org/user-slug/article-slug/comments`
path-relative: e.g. `comments`.
Both of them would now be possible with this PR. I think it closes a huge gap in the Routing component.
Use cases are pretty common. Schema-relative URLs are for example used when you want to include assets (scripts, images etc) in a secured website with HTTPS. Path-relative URLs are the only option when you want to generate static files (e.g. documentation) that can be downloaded as an HTML archive. Such use-cases are currently not possible with symfony.
The calculation of the relative path based on the request path and target path is hightly unit tested. So it is really equivalent. I found several implemenations on the internet but none of them worked in all cases. Mine is pretty short and works.
I also added an optional parameter to the twig `path` function, so this feature can also be used in twig templates.
Ref: This implements path-relative URLs as suggested in #3908.
<del>[BC BREAK] The signature of UrlGeneratorInterface::generate changed to support scheme-relative and path-relative URLs. The core UrlGenerator is BC and does not break anything, but users who implemented their own UrlGenerator need to be aware of this change. See UrlGenerator::convertReferenceType.</del>
---------------------------------------------------------------------------
by jalliot at 2012-04-16T09:56:56Z
@Tobion For completeness, you should add the option to the `url` and `asset` twig functions/template helpers.
---------------------------------------------------------------------------
by stof at 2012-04-16T10:46:06Z
@jalliot adding the option to ``url`` does not make any sense. The difference between ``path`` and ``url`` is that ``path`` generates a path and ``url`` generates an absolute url (thus including the scheme and the hostname)
---------------------------------------------------------------------------
by Tobion at 2012-04-16T12:27:49Z
@stof I guess jalliot meant we could then generate scheme-relative URLs with `url`. Otherwise this would have no equivalent in twig.
---------------------------------------------------------------------------
by jalliot at 2012-04-16T12:34:08Z
@stof Yep I meant what @Tobion said :)
---------------------------------------------------------------------------
by Tobion at 2012-04-18T11:57:04Z
The $relative parameter I added besides the existing $absolute parameter of the `->generate` method was not clear enough. So I merged those into a different parameter `referenceType`. I adjusted all parts of symfony to use the new signature. And also made the default `UrlGenerator` implementation BC with the old style. So almost nobody will recognize a change. The only BC break would be for somebody who implemented his own `UrlGenerator` and did not call the parent default generator.
Using `referenceType` instead of a simple Boolean is much more flexible. It will for example allow a custom generator to support a new reference type like http://en.wikipedia.org/wiki/CURIE
---------------------------------------------------------------------------
by Tobion at 2012-04-18T13:34:58Z
ping @schmittjoh considering your https://github.com/schmittjoh/JMSI18nRoutingBundle/blob/master/Router/I18nRouter.php would need a tiny change
---------------------------------------------------------------------------
by schmittjoh at 2012-04-18T13:37:39Z
Can you elaborate the necessary change?
---------------------------------------------------------------------------
by Tobion at 2012-04-18T13:51:10Z
This PR changes the signature of `generate` to be able to generate path-relative and scheme-relative URLs. So it needs to be
`public function generate($name, $parameters = array(), $referenceType = self::ABSOLUTE_PATH)` and your implementation would need to change `if ($absolute && $this->hostMap) {` to `if (self::ABSOLUTE_URL === $referenceType && $this->hostMap) {`
I can do a PR if this gets merged.
---------------------------------------------------------------------------
by schmittjoh at 2012-04-18T13:52:14Z
If I understand correctly, the old parameter still works, no?
edit: Ah, ok I see what you mean now.
---------------------------------------------------------------------------
by Tobion at 2012-04-18T13:56:33Z
Yeah the old parameter still works but $absolute would also evaluate to true (a string) in your case for non-absolute URLs, i.e. paths.
---------------------------------------------------------------------------
by Tobion at 2012-04-19T21:09:46Z
ping @fabpot
---------------------------------------------------------------------------
by fabpot at 2012-04-20T04:30:18Z
Let's discuss that feature for 2.2.
---------------------------------------------------------------------------
by Tobion at 2012-04-20T10:40:59Z
What are your objections against it? It's already implemented, it works and it adds support for things that are part of a web standard. The BC break is tiny at the moment (almost nobody is affected) because the core UrlGenerator works as before. But if we waited for 2.2 it will be much harder to make the transition because 2.1 is LTS. So I think is makes sense to add it now. Furthermore it makes it much more future-proof as custom generators can more easiliy add support for other link types like CURIE. At the moment a Boolean for absolute URLs is simply too limited and also somehow inconsistent because $absolute = false stands for an absolute path. You see the awkwardness in this naming.
Btw, I added a note in the changelog. And I will add documentation of this feature in symfony-docs once this is merged.
---------------------------------------------------------------------------
by fabpot at 2012-04-20T12:14:32Z
nobody has ever said that 2.1 would be LTS. Actually, I think we are going to wait for 2.3 for LTS.
---------------------------------------------------------------------------
by Tobion at 2012-04-20T12:27:18Z
Well what I meant is, the longer we wait with this, the harder to apply it.
In 04ac1fdba2 you modified `generate` signature for better extensibility that is not even made use of. I think changing `$abolute` param goes in the same direction and has direct use.
I'd like to know your reason to wait for 2.2. Not enough time to review it, or afraid of breaking something, or marketing for 2.2?
---------------------------------------------------------------------------
by stof at 2012-04-20T16:28:27Z
@Tobion the issue is that merging new features forces to postpone the release so that it is tested by enough devs first to be sure there is no blocking bug in it. Big changes cannot be merged when we are hunting the remaining bugs to be able to release.
---------------------------------------------------------------------------
by schmittjoh at 2012-04-20T16:42:11Z
Considering the changes that have been made to the Form component, and are still being made, I think this is in comparison to that a fairly minor change.
Maybe a clearer guideline on the release process, or the direction would help, and avoid confusion, or wrong expectations on contributors' part.
---------------------------------------------------------------------------
by Tobion at 2012-10-05T13:52:11Z
@fabpot this is ready. So if you agree with it, I would create a documentation PR.
---------------------------------------------------------------------------
by stof at 2012-10-13T16:09:47Z
@fabpot what do you think about this PR ?
---------------------------------------------------------------------------
by Crell at 2012-11-01T16:05:01Z
This feels like it's overloading the generate() method to do double duty: One, make a URl based on a route. Two, make a URI based on a URI snippet. Those are two separate operations. Why not just add a second method that does the second operation and avoid the conditionals? (We're likely to do that in Drupal for our own generator as well.)
---------------------------------------------------------------------------
by Tobion at 2012-11-01T16:38:39Z
@crell: No, you must have misunderstood something. The generate method still only generates a URI based on a route. The returned URI reference can now also be a relative path and a network path. Thats all.
---------------------------------------------------------------------------
by Tobion at 2012-12-13T18:30:28Z
@fabpot this is ready. It is fully BC! I also improved phpdoc considerably.
---------------------------------------------------------------------------
by Tobion at 2012-12-14T20:51:38Z
@fabpot Do you want me to write documentation for it? I would also be interested to write about the new features of the routing component in general. I wanted to do that anyway and it would probably be a good fit for your "new in symfony" articles.
---------------------------------------------------------------------------
by fabpot at 2012-12-14T20:58:16Z
Im' going to review this PR in the next coming days. And to answer your second question, more documentation or better documentation is always a good thing, so go for it.
---------------------------------------------------------------------------
by Tobion at 2013-01-02T21:50:20Z
@fabpot ping. I added changelog entries.
* 2.1:
[Console] Fix style escaping parsing
[Console] Make style formatter matching less greedy to avoid having to escape when not needed
[Bundle] [FrameworkBundle] fixed indentation in esi.xml services file.
[Component] [Security] fixed PSR-2 coding violation in ClassUtilsTest class.
[Form] Fixed EntityChoiceList when loading objects with negative integer IDs
[TwigBundle] There is no CSS visibility of display, should be visible instead
[Form] corrected source node for a Danish translation
[DependencyInjection] fixed a bug where the strict flag on references were lost (closes#6607)
[HttpFoundation] Check if required shell functions for `FileBinaryMimeTypeGuesser` are not disabled
[CssSelector] added css selector with empty string
[HttpFoundation] Docblock for Request::isXmlHttpRequest() now points to Wikipedia
[DependencyInjection] refactored code to avoid logic duplication
[Form] Deleted references in FormBuilder::getFormConfig() to improve performance
[HttpFoundation] Update docblock for non-working method
Conflicts:
src/Symfony/Bundle/TwigBundle/Resources/views/Exception/trace.html.twig
src/Symfony/Bundle/TwigBundle/Resources/views/Exception/traces.html.twig
This PR was merged into the master branch.
Commits
-------
184c8e5 Fixed @expectedException definitions to reference absolute exception paths
Discussion
----------
Added leading slashes to @expectedException definitions
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
This PR adds leading backslashes `\` to `@expectedException` declarations.
The current version is inconsistent with other class references in doc blocks, which default to *relative* class names unless class name has a leading backslash.
```php
/**
* @param RelativeNs\Class $param1
* @param \AbsoluteNs\Class $param2
*/
but
/**
* @expectedException AbsoluteNs\Class
*/
```
Consequently, PHPStorm does not understand the current statements and marks them as erroneous (and correctly so IMO, even though PHPUnit's interpretation is more relaxed).
* 2.1:
Restrict Monolog version to be in version <1.3
[Console] Make getTerminalWith & getTerminalHeight public
[DependencyInjection] fixed PhpDumper optimizations when an inlined service depends on the current one indirectly
[DependencyInjection] fixed PhpDumper when an inlined service definition has some properties
[DependencyInjection] added some tests for PhpDumper when the container is compiled
[DependencyInjection] fixed CS
[Process] Do not reset stdout/stderr pipes on Interrupted system call
[Locale] Adjust `StubIntlDateFormatter` to have new methods added in PHP 5.5
use the right RequestMatcherInterface
[Locale] Fix failing `StubIntlDateFormatter` tests in PHP 5.5
[Locale] Fix failing `StubIntlDateFormatter` in PHP 5.5
[Form] Fix failing `MonthChoiceList` in PHP 5.5
Update .travis.yml
Conflicts:
src/Symfony/Bridge/Monolog/composer.json
src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services9.php
This PR was merged into the 2.1 branch.
Commits
-------
d601b13 use the right RequestMatcherInterface
Discussion
----------
use the right RequestMatcherInterface
this fixes#6470 by using the right interface
* 2.1: (24 commits)
updated license year
Update src/Symfony/Component/HttpFoundation/Response.php
[Form] Fixed inheritance of "error_bubbling" in RepeatedType
[Form] Fixed DateType when used with the intl extension disabled.
[HttpFoundation] fix return types and handling of zero in Response
[HttpFoundation] better fix for non-parseable Expires header date
Fixed missing plural message in portuguese validator
Fix Expires when the header is -1
[DoctrineBridge] Allowing memcache port to be 0 to support memcache unix domain sockets.
[Console] fixed unitialized properties (closes#5935)
[Process] Prevented test from failing when pcntl extension is not enabled.
Revert "[DoctrineBridge] Improved performance of the EntityType when used with the "query_builder" option"
[Form] Fixed failing tests for DateTimeToStringTransformer.
[Locale] Fixed the StubLocaleTest for ICU versions lower than 4.8.
[Bundle] [FrameworkBundle] fixed typo in phpdoc of the SessionListener.
[Form] Fixed test regression introduced in #6440
[Tests] Fix namespaces
Fixed php doc of GenericEvent::__construct
HttpUtils must handle RequestMatcher too
use preferred_choices in favor of preferred_query
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
* 2.0:
updated license year
Update src/Symfony/Component/HttpFoundation/Response.php
[Console] fixed unitialized properties (closes#5935)
[Bundle] [FrameworkBundle] fixed typo in phpdoc of the SessionListener.
bumped Symfony version to 2.0.21-DEV
updated VERSION for 2.0.21
updated CHANGELOG for 2.0.21
Conflicts:
src/Symfony/Bundle/SwiftmailerBundle/LICENSE
src/Symfony/Component/Filesystem/LICENSE
src/Symfony/Component/HttpFoundation/Response.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.1 branch.
Commits
-------
bfccd28 HttpUtils must handle RequestMatcher too
Discussion
----------
HttpUtils must handle RequestMatcher too
2.1 introduced the RequestMatcher as alternative to UrlMatcher. but HttpUtils was not adjusted.
---------------------------------------------------------------------------
by lsmith77 at 2013-01-01T18:15:13Z
@fabpot could you have a look at this PR? would like to know if this will be addressed in core or if we need to find another solution inside the CMF routing.
Improve the timing safe comparison function to better handle cases where input is of different length.
Note that it is now important to always pass any string that the user can directly control to the second parameter of the function. Otherwise, length information may be leaked.
This PR was merged into the 2.0 branch.
Commits
-------
8b2c17f fix double-decoding in the routing system
Discussion
----------
fix double-decoding in the routing system
@fabpot @vicb This should fix it. You know what ;) Don't want to leak more information.
And the good thing, it's no hack nor does it break BC.
* 2.1:
fixed CS
fixed CS
[Security] fixed path info encoding (closes#6040, closes#5695)
[HttpFoundation] added some tests for the previous merge and removed dead code (closes#6037)
Improved Cache-Control header when no-cache is sent
removed unneeded comment
Fix to allow null values in labels array
fix date in changelog
removed the Travis icon (as this is not stable enough -- many false positive, closes#6186)
Revert "merged branch gajdaw/finder_splfileinfo_fpassthu (PR #4751)" (closes#6224)
Fixed a typo
Fixed: HeaderBag::parseCacheControl() not parsing quoted zero correctly
[Form] Fix const inside an anonymous function
[Config] Loader::import must return imported data
[DoctrineBridge] Fixed caching in DoctrineType when "choices" or "preferred_choices" is passed
[Form] Fixed the default value of "format" in DateType to DateType::DEFAULT_FORMAT if "widget" is not "single_text"
[HttpFoundation] fixed a small regression
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
* 2.0:
fixed CS
removed the Travis icon (as this is not stable enough -- many false positive, closes#6186)
[Config] Loader::import must return imported data
[HttpFoundation] fixed a small regression
Conflicts:
README.md
src/Symfony/Bridge/Twig/Extension/FormExtension.php
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/attributes.html.php
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/form_widget.html.php
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/SessionStorage/PdoSessionStorage.php
tests/Symfony/Tests/Bridge/Doctrine/Logger/DbalLoggerTest.php
This PR was squashed before being merged into the master branch (closes#5860).
Commits
-------
d0057d0 Added failure_path_parameter to mirror target_path_parameter
Discussion
----------
Added failure_path_parameter to mirror target_path_parameter
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
Enable login failure redirect path can be assigned in a form field just like target path.
---------------------------------------------------------------------------
by stof at 2012-10-29T09:40:17Z
Please also open a PR to the doc repo to document this new feature
---------------------------------------------------------------------------
by leevigraham at 2012-10-29T09:56:29Z
@stof @fabpot Done.
* 2.1: (29 commits)
[DependencyInjection] fixed composer.json
[Validator] Fix typos in validators.ru.xlf
Edited some minor grammar and style errors in russian validation file
Updated Bulgarian translation
[Form] improve error message with a "hasser" hint for PropertyAccessDeniedException
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
[Form] simplified a test from previous merge
Update src/Symfony/Component/Form/Extension/Core/Type/FileType.php
fixed CS
Xliff with other node than source or target are ignored
small fix of #5984 when the container param is not set
Filesystem Component mirror symlinked directory fix
[Process][Tests] fixed chainedCommandsOutput tests
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
info about session namespace
fix upgrade info about locale
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
...
* 2.0:
[DependencyInjection] fixed composer.json
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
fixed CS
small fix of #5984 when the container param is not set
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
[Security] remove escape charters from username provided by Digest DigestAuthenticationListener
[Security] added test extra for digest authentication
fixed CS
[Security] Fixed digest authentication
[Security] Fixed digest authentication
[SecurityBundle] Convert Http method to uppercase in the config
Use Norm Data instead of Data
Conflicts:
src/Symfony/Bridge/Doctrine/Form/EventListener/MergeCollectionListener.php
src/Symfony/Bundle/FrameworkBundle/Controller/RedirectController.php
src/Symfony/Component/DependencyInjection/composer.json
This PR was squashed before being merged into the master branch (closes#5888).
Commits
-------
2379d86 CS Fixes - Replaced "array of type" by "Type[]" in PHPDoc block
Discussion
----------
CS Fixes - Replaced "array of type" by "Type[]" in PHPDoc block
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: no (but tests doesn't pass on master too). See Travis.
License of the code: MIT
Documentation PR: Not Applicable
Status: Finished
To improve support of the eclipse PDT pluggin (for autocompletion), I propose to change the array notation in PHPDoc blocks to match the phpDocumentor notation for "array of type".
Modifications are made for the following components:
- BrowserKit
- ClassLoader
- Config
- Console
- CssSelector
- DependencyInjection
- DomCrawler
- EventDispatcher (no changes)
- Filesystem (no changes)
- Finder
- Form
- HttpFoundation
- HttpKernel
- Locale
- OptionResolver (no changes)
- Process (no changes)
- Routing (no changes)
- Serializer (no changes)
- Templating
- Translation
- Validator
- Yaml (no changes)
- Security
- Stopwatch (no changes)
See Proposal https://github.com/symfony/symfony/pull/5852
---------------------------------------------------------------------------
by pborreli at 2012-11-01T15:19:27Z
will you make a PR for each component ? why not only one PR with one commit for each component instead ?
---------------------------------------------------------------------------
by raziel057 at 2012-11-01T15:32:39Z
Ok, I'm going try to do it.
---------------------------------------------------------------------------
by raziel057 at 2012-11-01T16:12:56Z
I would like to rename my branch from COMPONENT_Form to changes-phpdoc (as all modifications would be commited in only one branch), so I tried to execute the following command but I have an error.
git remote rename COMPONENT_Form changes-phpdoc
error: Could not rename config section 'remote.COMPONENT_Form' to 'remote.changes-phpdoc'
Do you know how to do it?
---------------------------------------------------------------------------
by pborreli at 2012-11-01T16:14:26Z
don't rename it, you will have to close and make another PR which is useless here, just edit the title.
---------------------------------------------------------------------------
by stof at 2012-11-01T16:16:17Z
and ``git remote rename`` is about renaming a remote repo, not a branch
---------------------------------------------------------------------------
by raziel057 at 2012-11-03T11:36:02Z
Is it normal that all my commit are duplicated? I would like just update my master and merge with my branch.
---------------------------------------------------------------------------
by fabpot at 2012-11-06T10:22:55Z
@raziel057 Can you rebase on master? That should fix your problem.
---------------------------------------------------------------------------
by fabpot at 2012-11-09T13:28:53Z
@raziel057 Can you finish this PR?
---------------------------------------------------------------------------
by Tobion at 2012-11-09T13:34:45Z
I'll do it for the routing component this evening because I know it by heart. ^^
---------------------------------------------------------------------------
by raziel057 at 2012-11-09T15:06:26Z
@Tobion ok Thanks!
@fabpot Yes, I will try to finish it this week end.
---------------------------------------------------------------------------
by raziel057 at 2012-11-11T13:04:07Z
@Tobion Did you already change PHPDoc in the Routing component?
---------------------------------------------------------------------------
by Tobion at 2012-11-11T15:21:18Z
@raziel057 Yes I'm working on it.
---------------------------------------------------------------------------
by Tobion at 2012-11-12T15:16:31Z
@raziel057 Done. See #5994
* 2.1:
fixed comment. The parent ACL is not accessed in this method.
[HttpFoundation] Make host & methods really case insensitive in the RequestMacther
[Validator] fixed Ukrainian language code (closes#5972)
Fixed case of php function
* 2.0:
fixed comment. The parent ACL is not accessed in this method.
[HttpFoundation] Make host & methods really case insensitive in the RequestMacther
[Validator] fixed Ukrainian language code (closes#5972)
Fixed case of php function
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/translations/validators.uk.xliff
src/Symfony/Component/HttpFoundation/RequestMatcher.php
* 2.1: (24 commits)
forced Travis to use source to workaround their not-up-to-date Composer on PHP 5.3.3
[Routing] removed irrelevant string cast in Route
Fixed typo
Make YamlFileLoader and XmlFileLoader file loading extensible
[HttpKernel] fix typo
Fixed singularization of "prices"
[Form] Removed an exception that prevented valid formats from being passed, e.g. "h" for the hour, "L" for the month etc.
[HttpKernel] fixed Client when using StreamedResponses (closes#5370)
fixed PDO session handler for Oracle (closes#5829)
[HttpFoundation] fixed PDO session handler for Oracle (closes#5829)
[Locale] removed a check that is done too early (and it is done twice anyways)
Update src/Symfony/Component/Validator/Resources/translations/validators.fa.xlf
Adding new localized strings for farsi validation.
[HttpFoundation] moved the HTTP protocol check from StreamedResponse to Response (closes#5937)
[Form] Fixed forms not to be marked invalid if their children are already marked invalid
[Form] Excluded some tests in NumberToLocalizedStringTransformerTest which fail on ICU 4.4, but work on ICU 4.8
added missing tests from previous merge
[Form] Fixed NumberToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
Fix export-ignore on Windows
Show correct class name InputArgument in error message
...
Conflicts:
.travis.yml
src/Symfony/Component/Form/Extension/Core/DataTransformer/NumberToLocalizedStringTransformer.php
This PR was squashed before being merged into the master branch (closes#5879).
Commits
-------
07bd5c6 Make non-instantiable utils classes consistent with each other
Discussion
----------
Make non-instantiable utils classes consistent with each other
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
As per discussion in #5875 turned out that we don't have a consistent way to define non-instantiatable classes.
I don't like `final` as it removes flexibility with no visible gain.
I don't like `abstract` since it's not specifically clear what is meant by that. Is this class not complete? Should it be extended?
This PR was merged into the master branch.
Commits
-------
af87c2b changed the Firewall to be a proper subscriber
02bd359 changed the remember-me listener to be a proper subscriber
Discussion
----------
Changed some security classes to implement the EventSubscriberInterface interface
---------------------------------------------------------------------------
by fabpot at 2012-11-06T10:11:28Z
That could also be done in 2.1. What do you think?
This PR was merged into the master branch.
Commits
-------
e193590 [Security] removed the 401 error custom status message
Discussion
----------
[Security] removed the 401 error custom status message
see fabpot/Silex#496
---------------------------------------------------------------------------
by pborreli at 2012-10-31T17:29:24Z
@fabpot please fix the test suite, if you don't know how to do it, read http://symfony.com/doc/current/contributing/code/tests.html, thx 😸
This PR was merged into the master branch.
Commits
-------
3e58893 [Security] Tweak UsernamePasswordFormAuthenticationListener
Discussion
----------
[Security] Tweak UsernamePasswordFormAuthenticationListener
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: [![Build Status](https://secure.travis-ci.org/acasademont/symfony.png)](http://travis-ci.org/acasademont/symfony)
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
Improvements:
- Do not check twice for the ```only_post``` condition. The condition in the ```attemptAuthentication``` method is useless as this method will never be called if the previous ```requiresAuthentication``` call returns false.
- If the expected request is ```only_post```, check only the POST variables for the username and password parameters. Otherwise, query params and attributes are checked before.
- Use POST instead of post for correctness
- Do not check twice for the only_post condition
- If the expected request is only_post, check only the post variables for the username and password parameters
* 2.1: (28 commits)
Delete use of CreationExeption
[Form] Fixed error message in PropertyPath to not advice to use a non-existing feature
[Form] Fixed creation of multiple money fields with different currencies
[Form] Fixed setting the "data" option to an object in "choice" and "entity" type
Fixed Serbian plural translations.
Fixed IPv6 Check in RequestMatcher
Fix typo
change what I think is a typo
[Console] Fix error when mode is not in PATH
[WebProfilerBundle] fixed macro usage (to be forward compatible with Twig 2.x)
Change monolog require-dev to use the branch alias instead of dev-master
[FrameworkBundle] partially reverted previous merge
[2.1] Added missing error return codes in commands
Made the router lazy when setting the context
[WebProfilerBundle] fixed typos
Fix incorrect variable in FileProfilerStorage
UnitTest fix
UnitTest fix
added a unit test
fixed#5384
...