* 2.7:
Changed visibility of setUp() and tearDown to protected
Changed visibility of setUp() and tearDown to protected
[2.7] Fix travis file
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
[Debug] reintroduce charset param to ExceptionHandler
Changed visibility of setUp() and tearDown to protected
[WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
[Debug] deprecate ExceptionHandler::utf8Htmlize
Added default button class
used HTML5 meta charset tag and removed hardcoded ones
Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
[FrameworkBundle] Read config/validation/*.(xml|yml) files
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Compiler/LegacyTemplatingAssetHelperPassTest.php
src/Symfony/Bundle/TwigBundle/Tests/Extension/LegacyAssetsExtensionTest.php
src/Symfony/Bundle/TwigBundle/Tests/TokenParser/LegacyRenderTokenParserTest.php
src/Symfony/Component/ClassLoader/Tests/LegacyUniversalClassLoaderTest.php
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/Console/Tests/Helper/LegacyDialogHelperTest.php
src/Symfony/Component/Console/Tests/Helper/LegacyProgressHelperTest.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
src/Symfony/Component/Routing/Tests/Matcher/Dumper/LegacyApacheMatcherDumperTest.php
src/Symfony/Component/Templating/Tests/Helper/LegacyAssetsHelperTest.php
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] Changed visibility of setUp() and tearDown to protected
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
a818ab2 Changed visibility of setUp() and tearDown to protected
This PR was merged into the 2.6 branch.
Discussion
----------
[2.6] Changed visibility of setUp() and tearDown to protected
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
48d5e20 Changed visibility of setUp() and tearDown to protected
This PR was merged into the 2.6 branch.
Discussion
----------
[Debug] reintroduce charset param to ExceptionHandler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
For some reason, we removed the charset arg of the constructor in 2.5, then used the same position to add fileLinkFormat in 2.6. This is a BC break with 2.3.
This PR reintroduces charset at second position, with some heuristic to keep compat with 2.6
Commits
-------
c8bd867 [Debug] reintroduce charset param to ExceptionHandler
* 2.6:
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
Changed visibility of setUp() and tearDown to protected
[WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
Added default button class
used HTML5 meta charset tag and removed hardcoded ones
Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
.travis.yml
* 2.3:
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
[WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
used HTML5 meta charset tag and removed hardcoded ones
Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
Conflicts:
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php
src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Bundle] Fix charset config
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13715, #7617, #7532
| License | MIT
| Doc PR | -
This reverts #13715 and resurrects #7532, which was fine.
Commits
-------
ef41059 [WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
cbd0525 used HTML5 meta charset tag and removed hardcoded ones
6ca7fc9 Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
This PR was squashed before being merged into the 2.3 branch (closes#13911).
Discussion
----------
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
This PR is a follow-up to #12516 and replaces the old one.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
As discussed there: Sessions which are older than GC age should never be read.
This PR adds the expiry-datetime on session-write and changes session-read and session-gc accordingly.
We still need to update the documentation with some clarifications, as described here:
- https://github.com/symfony/symfony/pull/12516#issuecomment-65028144
- https://github.com/symfony/symfony/pull/12516#issuecomment-69087996
My experience with the Symfony Docs from a developer perspective is very limited, so help would be very appreciated.
Commits
-------
8289ec3 [HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
* 2.3:
Changed visibility of setUp() and tearDown to protected
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Config/Util/XmlUtils.php
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/OptionsResolver/Options.php
src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
src/Symfony/Component/Yaml/Inline.php
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Changed visibility of setUp() and tearDown to protected
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
1e64220 Changed visibility of setUp() and tearDown to protected
This PR was submitted for the 2.7 branch but it was merged into the 2.6 branch instead (closes#13883).
Discussion
----------
#13857 Added default button class
[Bridge\Twig] Added default-btn class to Twig button block.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | #13857
| License | MIT
| Doc PR | n/a
Commits
-------
c07a902 Added default button class
This PR was merged into the 2.3 branch.
Discussion
----------
Fix XSS in Debug exception handler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This XSS issue has been reported to security@symfony.com but after discussing this issue, we decided to treat it as a regular bug as the debug mode **must** never be enabled on production servers (as it can leak many sensitive information coming from arguments displayed in the stack trace for instance -- even more information is leaked when used with the Symfony full-stack framework).
Commits
-------
1af6a9e fixed XSS in the exception handler
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Test with local components instead of waiting for the subtree-splitter when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should be ready - a first step that allows testing PR with the proposed patch. Works only when deps are resolved to the same branch. But this opens the way for further improvements.
Commits
-------
f885b9b Test with local components instead of waiting for the subtree-splitter when possible
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Remove most refs uses
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13813
| License | MIT
| Doc PR | -
Removes some references usages. They are error prone, and trigger too many copies-on-writes.
Commits
-------
8862705 [2.3] Remove most refs uses
This PR was merged into the 2.7 branch.
Discussion
----------
Read validation contraints from Resources/config/validation/ sub-dir
When a bundle contains many entities/documents and it uses YAML or XML format instead of annotations, it is convenient to split the validation constraints into several small files.
With this simple PR, every files in the `validation` sub-directory will be loaded by the validator like it's done for doctrine mapping.
```
Resources/
config/
doctrine/
Author.orm.yml
Post.orm.yml
validation/
Author.yml
Post.yml
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | [How to split validation yaml files](http://stackoverflow.com/questions/24064813/how-to-split-validation-yaml-files-in-symfony-2-5/24210501#24210501)
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/5060
Read more: http://blog.kevingomez.fr/2013/10/14/split-symfony2-yaml-validation-configuration-file/
Commits
-------
e41dcb3 [FrameworkBundle] Read config/validation/*.(xml|yml) files
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] static code analysis across codebase
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with <a href="https://plugins.jetbrains.com/plugin/7622?pr=phpStorm">Php Inspections (EA Extended)</a>, no functional changes:
- Reduce couple count calls in a array dump function [Yaml]
- Modernize type casting, fix several strict comparisons on the way
- Unsets merged
- Elvis operator usage (couple more cases)
- Short syntax for applied operations
PS: I didn't try merging these changes into 2.6, expecting conflicts in the case.
Commits
-------
9682756 Php Inspections (EA Extended) - static code analysis includes:
Reduce couple count calls in [Yaml]
Modernize type casting, fix several strict comparisons
Unsets merged
Elvis operator usage
Short syntax for applied operations
This PR was submitted for the 2.7 branch but it was merged into the 2.6 branch instead (closes#13863).
Discussion
----------
[2.6] [Console] [OptionsResolver] static code analysis, code cleanup
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Split <a href="https://github.com/symfony/symfony/pull/13813">PR 13813</a>: part 2 - targeting v2.6
Following is included (no functional changes, found with <a href="https://plugins.jetbrains.com/plugin/7622?pr=phpStorm">Php Inspections (EA Extended)</a>):
- Unset calls can be merged inspection fixes
- Alias functions usage inspection fixes
Commits
-------
1530c35 Php Inspections (EA Extended): squash all PR-13813 commits
This PR was merged into the 2.6 branch.
Discussion
----------
[FrameworkBundle] simplify dep declaration
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm not sure this will work, travis will tell.
Commits
-------
37035b0 [FrameworkBundle] simplify dep declaration
This PR was merged into the 2.6 branch.
Discussion
----------
[VarDumper] Fix "next element is already occupied"
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13859
| License | MIT
| Doc PR | -
<3 PHP
Commits
-------
32a81f7 [VarDumper] Fix "next element is already occupied"
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] ObjectNormalizer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR | not yet
`PropertyAccessNormalizer` is a new normalizer leveraging the PropertyAccess Component. It is able to handle classes containing both public properties and properties only accessibles trough getters / setters / issers / hassers...
As it extends `AbstractNormalizer`, it supports circular reference handling, name converters and existing object population.
What do you think about making this new normalizer the default one as it's the most convenient to use and the most consistent with the behavior of other components.
#13120, #13252 and #13255 need to be merged to make this PR working.
Commits
-------
0050bbb [Serializer] Introduce ObjectNormalizer
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Refactoring of metadata
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (the metadata system will be introduced in 2.7)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* Add an interface for `ClassMetadata` and `ClassMetadataFactory`
* Add a new `AttributeMetadata` and the corresponding interface to ease add of future features (e.g. type support for deserialization) and to allow custom metadata implementations (e.g. description of an attribute for an hypermedia normalizer - my use case)
* Add tests for news features
* Add new tests for exsiting features
Commits
-------
8534505 [Serializer] Refactoring of metadata
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Replace BadMethodCallException by MappingException
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no (`AnnotationLoader` will be introduced in 2.7)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
469b8e7 [Serializer] Replace BadMethodCallException by UnexpectedValueException