This PR was merged into the 4.3 branch.
Discussion
----------
[4.3] Minor Travis configuration cosmetic patch
| Q | A
| ------------- | ---
| Branch? | 4.3 (Does not appear in previous versions)
| Bug fix? | no
| New feature? | no
| Deprecations? | no
The Travis configuration is organized in steps: each step begins with a comment followed by the commands to run.
The ` # List all PHP extensions with versions` is empty, its content has been put in the next section, without comment title.
This patch fixes this minor issue
Commits
-------
3918f23307 Minor Travis cosmetic patch
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Use supportsClass in addition to UnsupportedUserException
| Q | A
| ------------- | ---
| Branch? | 3.4+
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35045
| License | MIT
| Doc PR | ~
This PR fixes the issue where user providers rely on just the UnsupportedUserException from `refreshUser()`, causing a flow where users are wrongfully re-authenticated.
There's one issue where `refreshUser()` can do far more sophisticated checks on the user class, which it will never reach if the class is not supported. As far as I know it was never intended to support instances that are rejected by `supportsClass()`, though people could've implemented this (by accident). So the question is more if we should add a BC layer for this; for example:
```php
try {
$refreshedUser = $provider->refreshUser($user);
$newToken = clone $token;
$newToken->setUser($refreshedUser);
if (!$provider->supportsClass($userClass)) {
if ($this->shouldCheckSupportsClass) {
continue;
}
// have to think of a proper deprecation here for 6.0
@trigger_error('Provider %s does not support user class %s via supportsClass() while it does support it via refreshUser .. please set option X and fix %s::supportsUser() ', E_USER_DEPRECATED);
}
```
This would prevent behavior from breaking but also means we can't fix this on anything less than 5.1.
Commits
-------
d3942cbe17 Use supportsClass where possible
This PR was submitted for the 4.4 branch but it was merged into the 4.3 branch instead.
Discussion
----------
[Messenger] Add missing documentation link in README
| Q | A
| ------------- | ---
| Branch? | 4.4 (lower was experimental)
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
5714eaa0de Add link to messenger documentation in its README
* 3.4:
chown and chgrp should also accept int as owner and group
Fix RememberMe with null password
[Validator] Fix plurals for sr_Latn (Serbian language written in latin script) validation messages
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove some unneeded code
fix PHP const mapping keys using the inline notation
Fix that no-cache requires positive validation with the origin, even for fresh responses
This PR was merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove some unneeded code
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Risky errors when there are no assertions are added before the test end listeners are called (ie, before the code in endTest is executed) so forcing beStrictAboutTestsThatDoNotTestAnything to false when there is a expectedDeprecation annotation is enough.
If the goal is to reset the value to the original value, then I think we should not do it since we basically "lie" to the next listeners. Let's assume that when a test expect a deprecation, it can have 0 assertions. Also this flag is not used anymore by PHPUnit after we reset it.
Ref https://github.com/symfony/symfony/pull/21786 btw
Commits
-------
fb48bbc05b [PhpUnitBridge][SymfonyTestsListenerTrait] Remove some unneeded code
This PR was merged into the 3.4 branch.
Discussion
----------
[Filesystem] chown and chgrp should also accept int as owner and group (3.4)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Reference: https://github.com/symfony/symfony/pull/35356#issuecomment-575526299
Commits
-------
6b811e6b4c chown and chgrp should also accept int as owner and group
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fix plurals for sr_Latn validation messages
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35276
| License | MIT
validators.sr_Latn.xlf (Serbian, written with latin script) has wrong plurals for all validation message translations that require them (only two where there should be three). This commit fixes that by adding the missing third plural-translation.
Commits
-------
207cdafd54 [Validator] Fix plurals for sr_Latn (Serbian language written in latin script) validation messages
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fix RememberMe with null password
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets | NA
| License | MIT
| Doc PR | NA
From `UserInterface` the method getPassword may return null, while generateCookieHash requires a string.
This PR changes the signature of the methods to allows null password
Similar to #35335 for branch 3.4
Commits
-------
820eb357c8 Fix RememberMe with null password
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] Suggest typed argument when binding fails with untyped argument
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #33470
| License | MIT
I've added a condition that looks for arguments and if the typehint doesn’t match, throws an `InvalidArgumentException`
Commits
-------
0e92399daa [DI] Suggest typed argument when binding fails with untyped argument
This PR was merged into the 4.3 branch.
Discussion
----------
[FrameworkBundle] remove messenger cache if not enabled
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
I noticed on one of my apps that I have a cache pool related to the symfony messenger integration although I'm not using the messenger at all.
```
bin/console debug:container cache.messenger.restart_workers_signal
Information for Service "cache.messenger.restart_workers_signal"
================================================================
An adapter that collects data about all cache calls.
---------------- --------------------------------------------------
Option Value
---------------- --------------------------------------------------
Service ID cache.messenger.restart_workers_signal
Class Symfony\Component\Cache\Adapter\TraceableAdapter
Tags cache.pool
kernel.reset (method: reset)
Public no
Synthetic no
Lazy no
Shared yes
Abstract no
Autowired no
Autoconfigured no
---------------- -----------------------------------------
```
So this PR removes the definition of the service in case the messenger integration is disabled.
Commits
-------
f81161df8d [FrameworkBundle] remove messenger cache if not enabled
This PR was submitted for the master branch but it was squashed and merged into the 4.3 branch instead.
Discussion
----------
[HttpClient] Fix strict parsing of response status codes
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | No ticket opened
| License | MIT
| Doc PR | No new feature
If you wait a strict Http code response by the server were you request, but the server response isn't strict and only return HTTP/1.1 200 we have a problem without sense to be strict on regular expression.
Commits
-------
4aa953600f [HttpClient] Fix strict parsing of response status codes
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix that no-cache MUST revalidate with the origin
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
From [RFC 7234 Section 5.2.2](https://tools.ietf.org/html/rfc7234#section-5.2.2)
> The "no-cache" response directive indicates that the response MUST NOT be used to satisfy a subsequent request without successful validation on the origin server. This allows an origin server to prevent a cache from using it to satisfy a request without contacting it, even by caches that have been configured to send stale responses.
This is unconditional – the response must be revalidated right away.
(`must-revalidate`, to the contrary, requires revalidation only once the response has become stale.)
Commits
-------
c8bdcb3408 Fix that no-cache requires positive validation with the origin, even for fresh responses
* 3.4:
Avoid stale-if-error if kernel.debug = true, because it hides errors
[Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
This PR was merged into the 4.3 branch.
Discussion
----------
[Workflow] Fix configuration node reference for "initial_marking"
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Related to | #30890
| License | MIT
Commits
-------
452f92540b [Workflow] Fix configuration node reference for "initial_marking"
This PR was merged into the 3.4 branch.
Discussion
----------
Avoid `stale-if-error` in FrameworkBundle's HttpCache if kernel.debug = true
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#24248 (maybe?)
| License | MIT
| Doc PR |
When working with the `HttpCache` in development, error messages may not become visible if a `public` response has been successfully generated for the same URL before.
This is because the `HttpCache` from the `HttpKernel` component by default sets `stale_if_error` to 60 seconds.
At least when using the `HttpCache` subclass from the `FrameworkBundle`, we know about the `kernel.debug` setting and its intention to support local development. In that case, we could set the *default* `stale-if-error` value to 0.
Commits
-------
3a23ec89c3 Avoid stale-if-error if kernel.debug = true, because it hides errors
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30428
| License | MIT
| Doc PR | n/a
fixes case #30428
implemented as in AutowiringPass
Commits
-------
b3a2173c8e [DI] deferred exceptions in ResolveParameterPlaceHoldersPass
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/35035
| License | MIT
| Doc PR | -
The test uses heredoc for the expected part. Expected line returns are `"\n"` because that's how they are written in the source code file.
However, on Windows, the console outputs `"\r\n"` (`PHP_EOL`) for new lines.
`"qqq:\r\n"` does not contain `"qqq:\n"`.
I'm still wondering why this test is not *always* failing...
Commits
-------
474f3bef08 [Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
This PR was merged into the 4.3 branch.
Discussion
----------
[EventDispatcher] expand listener in place
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35259
| License | MIT
| Doc PR |
Commits
-------
f5d407318d expand listener in place
This PR was merged into the 3.4 branch.
Discussion
----------
Added more tests for WebProfilerBundle
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | - <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | -
Thanks to @jpauli Code Coverage info about Symfony (http://cov.jpauli.tech/) I found that WebProfiler's controllers are pretty badly covered:
This PR focuses on testing the main controller class:
Commits
-------
2f7a820edd Added more tests for WebProfilerBundle
Fabien Potencier
Romain Neutron
Nicolas Grekas
Loïck Piera
Thomas Calvet
Filippo Tessarotto
Robin Chalas
Jérémy Derussé
knezmilos13
David Maicher
Armando
Christian Flothmann
Matthias Pigulla
Javier Spagnoletti
