* 3.4:
[DI] Fix missing use + minor tweaks
[Routing] Enhance PHP DSL traits docblocks
Fix AclSchemaListener deprecation
Set a NullLogger in ApcuAdapter when Apcu is disabled in CLI
Minor reword
[HttpKernel] Make array vs "::" controller definitions consistent
Fix tests
[TwigBundle] Remove profiler related scripting
[TwigBundle][WebProfilerBundle] Switch to DOMContentLoaded event
[WebProfilerBundle] Hide inactive tabs from CSS
[TwigBundle] Make deprecations scream in logs
[TwigBundle] Hide logs if unavailable, i.e. webprofiler
[TwigBundle] Break long lines in exceptions
[WebProfilerBundle] Added missing link to profile token
[DI] Fix decorated service merge in ResolveInstanceofConditionalsPass
Preserve URI fragment in HttpUtils::generateUri()
[PhpUnitBridge] do not require an error context
* 3.3:
Set a NullLogger in ApcuAdapter when Apcu is disabled in CLI
Minor reword
[HttpKernel] Make array vs "::" controller definitions consistent
Fix tests
[TwigBundle] Remove profiler related scripting
[TwigBundle][WebProfilerBundle] Switch to DOMContentLoaded event
[WebProfilerBundle] Hide inactive tabs from CSS
[TwigBundle] Make deprecations scream in logs
[TwigBundle] Hide logs if unavailable, i.e. webprofiler
[TwigBundle] Break long lines in exceptions
[WebProfilerBundle] Added missing link to profile token
[DI] Fix decorated service merge in ResolveInstanceofConditionalsPass
Preserve URI fragment in HttpUtils::generateUri()
[PhpUnitBridge] do not require an error context
* 3.4:
fixed CS
[Serializer] Add Support for in CustomNormalizer
Remove Validator\TypeTestCase and add validator logic to base TypeTestCase
[Lock] Include lock component in framework bundle
[WebProfilerBundle] Render file links for twig templates
CsvEncoder handling variable structures and custom header order
Saltless Encoder Interface
[Serializer] throw more specific exceptions
# Conflicts:
# src/Symfony/Bundle/FrameworkBundle/composer.json
# src/Symfony/Bundle/SecurityBundle/Command/UserPasswordEncoderCommand.php
# src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
# src/Symfony/Component/Serializer/Normalizer/AbstractNormalizer.php
# src/Symfony/Component/Serializer/Serializer.php
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Saltless Encoder Interface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
A new interface for encoders that do not require a user-generated salt (generate their own built-in) as suggested by @stof ([comment](https://github.com/symfony/symfony/pull/21604/files#r101225470)), this will become useful as more password encoders are added in the future (such as symfony/symfony#21604).
Commits
-------
7c4aa0bccb Saltless Encoder Interface
* 3.4:
Passing the newly generated security token to the event during user switching.
Fix changelog and minor tweak for #23485
[Config] extracted the xml parsing from XmlUtils::loadFile into XmlUtils::parse
[Security][SecurityBundle] Deprecate the HTTP digest auth
add ability to configure catching exceptions
Extract method refactoring for ResourceCheckerConfigCache
This PR was merged into the 3.4 branch.
Discussion
----------
[Security][Firewall] Passing the newly generated security token to the event during user switching
Event allows listeners to easily switch out the token if custom token updates are required
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Updated SwitchUserEvent to include the generated security Token. Allows the listeners to replace the token with their own (in case an application has some custom logic for token generation). The SwitchUserListener will now use the token returned by the event, so if token was not changed the self generated token will be used. If token was changed in the event then the new token would get used.
Reasons for this feature
--------------------------
In our current project users can have different Role sets depending on which organization they switch to. Our `User->getRoles()` always returns ["ROLE_USER"] and after login user is presented with choice of organizations they want to work in. Based on selected organization roles get updated with then stored token.
Without the change proposed in this PR. The only way we can setup the proper roles during user switch is by replacing `security.authentication.switchuser_listener` service with our own implementation of the listener.
With the proposed change, we can replace the security token with the one having all the roles we require directly inside our listener for `security.switch_user` event that gets thrown by Symfony's `SwitchUserListener`
Commits
-------
4205f1b Passing the newly generated security token to the event during user switching.
This PR was merged into the 3.3 branch.
Discussion
----------
[Security] Preserve URI fragment in HttpUtils::generateUri()
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/23675
| License | MIT
| Doc PR | n/a
Commits
-------
4dd2e3e Preserve URI fragment in HttpUtils::generateUri()
* 2.8:
[CS][2.7] yoda_style, no_unneeded_curly_braces, no_unneeded_final_method, semicolon_after_instruction
[Filesystem] mirror - fix copying content with same name as source/target.
.php_cs.dist - simplify config
[WebProfilerBundle] fixed TemplateManager when using Twig 2 without compat interfaces
* 3.4:
[CS] Apply phpdoc_annotation_without_dot
bumped Symfony version to 3.3.10
updated VERSION for 3.3.9
updated CHANGELOG for 3.3.9
[DomCrawler] Fix conversion to int on GetPhpFiles
Remove `protected_to_private` rule.
Filtering empty uuids in ORMQueryBuilderLoader.
* 3.3:
[CS] Apply phpdoc_annotation_without_dot
bumped Symfony version to 3.3.10
updated VERSION for 3.3.9
updated CHANGELOG for 3.3.9
[DomCrawler] Fix conversion to int on GetPhpFiles
Remove `protected_to_private` rule.
Filtering empty uuids in ORMQueryBuilderLoader.
* 3.4:
[SecurityBundle] Fix valid provider considered undefined
Revert "bug #24105 [Filesystem] check permissions if dump target dir is missing (xabbuh)"
[Filesystem] skip tests if not applicable
[Fabbot] Do not run php-cs-fixer if there are no change in src/
[ExpressionLanguage] make a proposal in SyntaxError message
[Security] Fix exception when use_referer option is true and referer is not set or empty
[HttpKernel] "controller.service_arguments" services should be public
Get KERNEL_DIR through $_ENV too for KernelTestCase
Get KERNEL_CLASS through $_ENV too
check permissions if dump target dir is missing
* 3.3:
Revert "bug #24105 [Filesystem] check permissions if dump target dir is missing (xabbuh)"
[Filesystem] skip tests if not applicable
[Fabbot] Do not run php-cs-fixer if there are no change in src/
[Security] Fix exception when use_referer option is true and referer is not set or empty
[HttpKernel] "controller.service_arguments" services should be public
Get KERNEL_DIR through $_ENV too for KernelTestCase
Get KERNEL_CLASS through $_ENV too
check permissions if dump target dir is missing
* 2.8:
Revert "bug #24105 [Filesystem] check permissions if dump target dir is missing (xabbuh)"
[Filesystem] skip tests if not applicable
[Fabbot] Do not run php-cs-fixer if there are no change in src/
[Security] Fix exception when use_referer option is true and referer is not set or empty
Get KERNEL_DIR through $_ENV too for KernelTestCase
check permissions if dump target dir is missing
* 2.7:
Revert "bug #24105 [Filesystem] check permissions if dump target dir is missing (xabbuh)"
[Filesystem] skip tests if not applicable
[Fabbot] Do not run php-cs-fixer if there are no change in src/
[Security] Fix exception when use_referer option is true and referer is not set or empty
Get KERNEL_DIR through $_ENV too for KernelTestCase
check permissions if dump target dir is missing
This PR was merged into the 4.0-dev branch.
Discussion
----------
Add scalar typehints/return types
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (final, already breaks if doc not respected)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23242#issuecomment-310327150
| License | MIT
| Doc PR | n/a
Commits
-------
7b1715b078 [Yaml] use scalar type hints where possible
6ce70e4bf9 Add scalar typehints/return types on final/internal/private code
* 3.4:
Improved the design of the redirection method in the web toolbar
Mark SemaphoreStore::isSupported() as internal
[DI] Add ContainerInterface::IGNORE_ON_UNINITIALIZED_REFERENCE
[FrameworkBundle] Fix form conflict rule
[Security] add impersonator_user to "User was reloaded" log message
[DI] Add upgrade note about case insenstive params
add (pdo|chain) cache (adapter|simple) prune method
Update NoSuchPropertyException message for writeProperty
[Routing] added the possibility to define a prefix for all routes of a controller
[DI] Don't track merged configs when the extension doesn't expose it
[Cache] Use namespace versioning for backends that dont support clearing by keys
[VarDumper] add force-collapse/expand + use it for traces
* 3.4:
[Bridge\ProxyManager] Dont call __destruct() on non-instantiated services
Consistently use 7 chars of sha256 for hash-based id generation
Docblock improvement
bumped Symfony version to 2.8.27
updated VERSION for 2.8.26
updated CHANGELOG for 2.8.26
bumped Symfony version to 2.7.34
updated VERSION for 2.7.33
update CONTRIBUTORS for 2.7.33
updated CHANGELOG for 2.7.33
* 3.3:
[Bridge\ProxyManager] Dont call __destruct() on non-instantiated services
Docblock improvement
bumped Symfony version to 2.8.27
updated VERSION for 2.8.26
updated CHANGELOG for 2.8.26
bumped Symfony version to 2.7.34
updated VERSION for 2.7.33
update CONTRIBUTORS for 2.7.33
updated CHANGELOG for 2.7.33
* 2.8:
[Bridge\ProxyManager] Dont call __destruct() on non-instantiated services
Docblock improvement
bumped Symfony version to 2.8.27
updated VERSION for 2.8.26
updated CHANGELOG for 2.8.26
bumped Symfony version to 2.7.34
updated VERSION for 2.7.33
update CONTRIBUTORS for 2.7.33
updated CHANGELOG for 2.7.33
* 3.3:
Removed useless argument $definition
Fix comment
[Config] Fix checking class existence freshness
bumped Symfony version to 3.3.7
updated VERSION for 3.3.6
updated CHANGELOG for 3.3.6
Bump minimal PHP version to ^5.5.9|>=7.0.8