This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fix mssql compatibility for doctrine transport.
Add logic for locking row for update when the doctrine dbal connection is sqlsrv. This is a quick and dirty solution, but it prevents the need to rewrite the logic due to doctrine dbal limitations.
See issue https://github.com/symfony/symfony/issues/39117
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39117
| License | MIT
| Doc PR |
Commits
-------
37be094992 [Messenger] Fix mssql compatibility for doctrine transport.
Add logic for locking row for update when the doctrine dbal connection is sqlsrv. This is a quick and dirty solution, but it prevents the need to rewrite the logic due to doctrine dbal limitations.
See issue https://github.com/symfony/symfony/issues/39117
This PR was merged into the 5.2 branch.
Discussion
----------
[DoctrineBridge] Fix form EntityType with filter on UID
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39207
| License | MIT
| Doc PR | -
Convert UUID and ULID to the right format in ORMQueryBuilder
/cc @nicolas-grekas
Commits
-------
9e83bb7634 Fix form EntotyType with uid
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix binding to network interfaces
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38979
| License | MIT
| Doc PR | -
Fixes support for binding to local interfaces by adding support for [curl's `if!` prefix](https://curl.se/libcurl/c/CURLOPT_INTERFACE.html).
Commits
-------
faa1fd32f9 [HttpClient] fix binding to network interfaces
This PR was merged into the 5.1 branch.
Discussion
----------
[FrameworkBundle] [minor] adjust KernelBrowser::getProfile() typehint
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
`Profiler::loadProfileFromResponse()` can return `null`. Obviously having a return of `null|false` is unfortunate. Not sure what we can do about that...
Commits
-------
ce046fd120 adjust KernelBrowser::getProfile() typehint
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] Fix circular in DI with lazy + byContruct loop
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39120
| License | MIT
| Doc PR | -
This fix another issue lazy service.
It partially revert #38980 and #39021
Initially, we trusted lazy services to be lazy and not beeing called while building the services graph
=> bug #38970 when lazy deps is injected in a factory, it may be consumed directly to build the object before the graph is fully built
Fixed by #38980 => lazy service are considered as "normal service"
=> bug #39015 some loop are not resolvable with "normal service", but it shouldn't be an issue when servie proxifyied
Fixed by #39021 => lazy service are considered as "normal service" except when proxyfied
=> bug #39120 some loop are not resolvable with "normal service", but it shouldn't be an issue because the lazy service is injected in the constructor and user
Fixed by this PR => that revert to the initial state. lazy service are trusted.
But now, The IterratorArgument injected in a factory (single exception) is not more considered as lazy
Commits
-------
54af139a4e [DependencyInjection] Fix circular in DI with lazy + byContruct loop
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Security] Automatically register custom authenticator as entry_point (if supported)
| Q | A
| ------------- | ---
| Branch? | 5.2 (hopefully?)
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#37068
| License | MIT
| Doc PR | -
@weaverryan came up with exactly the same issue as proposed by a contributor before (see referenced ticket). Back then, it was decided impossible to fix: see https://github.com/symfony/symfony/pull/37075. However, after some thinking we came up with a way to fix the issue and improve the DX for custom authenticators.
The new authenticators are no longer required to implement `AuthenticationEntryPointInterface` (required for internal authenticators like the `RememberMeAuthenticator` and pre authenticated ones). This PR uses a compiler pass to check if a custom authenticator is supported:
```yaml
security:
firewalls:
main:
# in any case, if an entry_point is already configured it'll not be overriden
# (http_basic remains the entry point here)
http_basic: ~
custom_authenticator: App\Security\CustomAuthenticator
entry_point: http_basic
# if only one custom authenticator implements AuthenticationEntryPointInterface,
# it's automatically configured as the entry point
custom_authenticator: App\Security\CustomAuthenticator
custom_authenticators: [App\Security\CustomAuthenticator, App\Security\NoEntryPointAuthenticator]
# if no custom authenticator implements AuthenticationEntryPointInterface,
# an error is thrown
custom_authenticator: App\Security\NoEntryPointAuthenticator
# if more than one authenticator implements AuthenticationEntryPointInterface,
# the entry point must be configured explicitly (or an error is thrown)
custom_authenticators: [App\Security\CustomAuthenticator, App\Security\AnotherCustomAuthenticator]
entry_point: App\Security\CustomAuthenticator
```
---
I know this is very late for Symfony 5.2. It would be good to decide whether this can be included in the release, in order to smooth out the biggest struggle for people using custom authenticators for the first time.
Commits
-------
cab0672248 [Security] Automatically register custom authenticator as entry_point (if supported)
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Add Romanian missing translations
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | kinda
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38758
| License | MIT
| Doc PR | n/a
Commits
-------
6aa31a13c7 Add Romanian missing translations
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][Translator] Silent deprecation triggered by libxml_disable_entity_loader
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39040
| License | MIT
| Doc PR | -
The XML entity loader is disabled by default since libxml 2.9
But, since PHP 8.0, calling the method `libxml_disable_entity_loader` triggers a deprecation which has been solved in symfony by calling `libxml_disable_entity_loader` only for libxml < 2.9
The issue is, some dependencies, enable the entity loader and does not restore the initial state afterward, leading to exceptions triggered by Symfony iteself.
In previous versions symfony was resilient by disabling the flag before working, which is not the case anymore to avoid the deprecation.
This PR restore the resiliency of Symfony for PHP < 8.0, which is not yet deprecated.
But we have no way to check the status of the entity loader without triggering a deprecation with Symfony 8.
Commits
-------
114b7a543a [DependencyInjection][Translator] Silent deprecation triggered by libxml_disable_entity_loader
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] ignore the pattern attribute for textareas
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39066
| License | MIT
| Doc PR |
Commits
-------
e7698e7434 ignore the pattern attribute for textareas
This PR was merged into the 5.2 branch.
Discussion
----------
[DoctrineBridge] Require doctrine/persistence 2
| Q | A
| ------------- | ---
| Branch | 5.x
| Bug fix | no
| New feature | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This allows us to remove autoload calls that are necessary for the
persistence 1 backwards-compatibility layer to work.
This is a follow up of #35728
Commits
-------
574a184b9a Require doctrine/persistence 2
This PR was merged into the 5.2 branch.
Discussion
----------
[HttpFoundation] Deprecate BinaryFileResponse::create()
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Follows #34771. We've deprecated the static `::create()` methods on all response classes but `BinaryFileResponse`. This PR proposes to fix this inconsistency.
Commits
-------
9ce2e86207 [HttpFoundation] Deprecate BinaryFileResponse::create().
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] Support for SwitchUserToken instances serialized with 4.4/5.1
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39177
| License | MIT
| Doc PR | N/A
This PR enables `SwitchUserToken` to unserialize earlier versions of itself.
I've executed the following script on the 4.4 branch with php 7.2 to create the fixture included with this PR:
```php
$token = new SwitchUserToken(
new User('john', null, ['ROLE_USER']),
['foo' => 'bar'],
'main',
['ROLE_USER'],
new UsernamePasswordToken(new User('jane', null, ['ROLE_USER']), ['foo' => 'bar'], 'main', ['ROLE_USER'])
);
file_put_contents(__DIR__.'/switch-user-token-4.4.txt', serialize($token));
```
Commits
-------
01bea3c085 Support for SwitchUserToken instances serialized with 4.4/5.1.
This PR was merged into the 5.1 branch.
Discussion
----------
[Serializer] Fix denormalizing scalar with UnwrappingDenormalizer
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38983
| License | MIT
| Doc PR | none
In order to work the `UnwrappingDenormlizer` needs to be called first to unwrap the data so that it can be handled by other denormalizers.
To not introduce any BC break this PR does not move the logic into it's own class, instead it checks if a denormalizer supports the data and only denormalize scalar values if there is none.
Commits
-------
98cf389fb9 fix denormalizing scalar with UnwrappingDenormalizer
* 5.1:
Fix test.
[PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
Improve return phpdoc for Normalizer
Use a partial buffer in SymfonyStyle
Fix console closing tag
Fix typo in comment
[VarDumper] fix casting resources turned into objects on PHP 8
* 4.4:
[PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
Improve return phpdoc for Normalizer
Use a partial buffer in SymfonyStyle
Fix console closing tag
Fix typo in comment
[VarDumper] fix casting resources turned into objects on PHP 8
