This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#5738).
Commits
-------
894377f Fix incorrect variable in FileProfilerStorage
Discussion
----------
[HttpKernel] [Profiler] Fix incorrect variable use in FileProfilerStorage
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: ~
Todo: ~
License of the code: MIT
Documentation PR: ~
---------------------------------------------------------------------------
by pborreli at 2012-10-13T06:58:57Z
👍
---------------------------------------------------------------------------
by sstok at 2012-10-13T09:20:33Z
This should be done 2.1 as the bug also existing there.
This has been done for several reasons:
* for consistency with the way we already manage the WDT icons;
* it makes the WebProfiler independant from the location of the assets (and from the asset() function)
* this is the very first step to make the WebProfiler useable outside the full-stack framework (more commits soon)
There is still one asset() call though, which will be removed later on.
This PR was merged into the 2.1 branch.
Commits
-------
86503db [Console] added a unit test
3b2eeb6 [Console] fixed#5384
Discussion
----------
[Console] Simplified find method
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #5384
It simplifies the way command or command suggestions are found, also fixing issue #5384.
It's a WIP I had, my plan was to also remove the original methods findAlternatives, etc... but some other methods are relying on them, so I'm sending it as it instead of running into more refactoring.
---------------------------------------------------------------------------
by bamarni at 2012-10-06T20:35:59Z
I've refactored some code, as you can see in the tests I've changed, the exception messages have slightly changed.
---------------------------------------------------------------------------
by fabpot at 2012-10-08T13:04:36Z
I don't see the point fo this big refactoring, especially if it also changes the behavior. I think a better approach would be to do only one thing at a time. But as is, this is not mergeable.
---------------------------------------------------------------------------
by bamarni at 2012-10-08T14:01:41Z
I'll try to fix this PR to keep the same behavior and error messages as it is currently.
---------------------------------------------------------------------------
by bamarni at 2012-10-08T14:07:43Z
Well if in fact there is only one bug, it would be better to patch the current code instead of doing this refactoring, even though I think the current code which finds commands is overcomplicated.
---------------------------------------------------------------------------
by stof at 2012-10-08T14:09:18Z
Well, in this case, please submit only a bug report for the 2.1 branch (or 2.0 if it is also affected), and then you can refactor the logic in master to simplify it if needed. But a refactoring should not happen in a maintenance branch
---------------------------------------------------------------------------
by bamarni at 2012-10-09T07:32:47Z
I've patched the code.
---------------------------------------------------------------------------
by fabpot at 2012-10-09T07:37:53Z
Can you add a test for the bug fix?
---------------------------------------------------------------------------
by bamarni at 2012-10-09T21:30:21Z
here you go
This PR was merged into the master branch.
Commits
-------
74e2c5e Fix incorrect inheritdoc blocks
Discussion
----------
Fix incorrect inheritdoc blocks
Also add a docblock to stopwatch member variable.
This PR was merged into the 2.1 branch.
Commits
-------
8c6b7a4 Fixed the handling of the intl locale when setting the default locale
Discussion
----------
Fixed the handling of the intl locale when setting the default locale
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: none
Calling setDefaultLocale was replacing the intl locale even if the locale
was already set in the Request, thus leading to a different value than the
request locale.
Calling setDefaultLocale was replacing the intl locale even if the locale
was already set in the Request, thus leading to a different value than the
request locale.
This PR was merged into the master branch.
Commits
-------
e65ff0b [Form] Removed unused method ChoiceView::isSelected()
Discussion
----------
[Form] Removed unused method ChoiceView::isSelected()
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #5722
Todo: -
License of the code: MIT
Documentation PR: -
This PR was merged into the 2.1 branch.
Commits
-------
5c895c8 [Form][Tests] Make *TestCase files abstract
Discussion
----------
[Form][Tests] Make FormIntegrationTestCase abstract
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: no - but failing tests are unrelated (not in the Form component)
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
Depending on PHPUnit configuration extending this class in a test makes PHPUnit fail throwing a warning: `No tests found in class "Symfony\Component\Form\Tests\FormIntegrationTestCase"`.
This class should not be run as a test and thus it can be safely converted to abstract. There's also an incoherence between other TestCases, some of them being abstract and others concrete (eg. compare with *TypeTestCase* inheriting from *FormIntegrationTestCase*). Shouldn't all the TestCases be marked as abstract?
---------------------------------------------------------------------------
by fabpot at 2012-10-10T06:24:53Z
ping @bschussek
---------------------------------------------------------------------------
by bschussek at 2012-10-10T07:52:32Z
No objections. 👍
---------------------------------------------------------------------------
by marekkalnik at 2012-10-10T07:58:46Z
If so - would you accept other pull requests just adding abstract to various *TestCase files? Or I could do it all at once in this PR.
---------------------------------------------------------------------------
by bschussek at 2012-10-10T08:17:17Z
Sure. Tests that shouldn't be run should be abstract.
---------------------------------------------------------------------------
by bschussek at 2012-10-10T08:18:40Z
To answer your question completely: You can add all these changes to this PR. Please do also squash the commits when you're done.
Thanks! :)
---------------------------------------------------------------------------
by marekkalnik at 2012-10-10T11:34:45Z
[](http://travis-ci.org/marekkalnik/symfony)
Done.
This PR was merged into the 2.1 branch.
Commits
-------
673f74b [HttpFoundation] Fixed#5697 - Request::createFromGlobals, Request::getContentType Changed checking CONTENT_TYPE from server to headers variable
Discussion
----------
[HttpFoundation] Fixed#5697 - Request::createFromGlobals, Request::getContentType
Changed checking CONTENT_TYPE from server to headers variable
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #5697
Todo: -
License of the code: MIT
Changed checking CONTENT_TYPE from server to headers variable
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #5697
Todo: -
License of the code: MIT
This PR was merged into the 2.1 branch.
Commits
-------
1566f9f [Routing] fix handling of whitespace and synch between collection prefix and route pattern
90145d2 [Routing] fix handling of two starting slashes in the pattern
Discussion
----------
[Routing] fix handling of slashes and whitespace in pattern/prefix
BC break: no
feature addition: no
The first commit fixes the handling of two starting slashes in the pattern. It would be confused with a network path e.g. `//domain/path` when generating a path, so should be prevented.
The second commit fixes the handling of whitespace in RouteCollection::addPrefix. It wasn't trimmed there but it is trimmed in Route::setPattern. So it can be out-of-synch between RouteCollection::getPrefix <-> Route::getPattern.
This PR was merged into the master branch.
Commits
-------
f66f110 FIX [2.1][ClassLoader]UniversalClassLoader not working with AnnotationRegistry::registerLoader
Discussion
----------
[2.1][ClassLoader]UniversalClassLoader not working with AnnotationRe...
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: ~
Todo: ~
License of the code: MIT
Documentation PR: ~
The Doctrine\Common\Annotations\AnnotationRegistry::loadAnnotationClass examines the returning value of the loader and the load is successful only if the loader returns with "TRUE" value.
This is how method Symfony\Component\ClassLoader\ClassLoader::loadClass works, but it is not true for Symfony\Component\ClassLoader\UniversalClassLoader::loadClass.
---------------------------------------------------------------------------
by sstok at 2012-10-08T09:25:39Z
As this is a bug fix it should be done on 2.0
---------------------------------------------------------------------------
by stof at 2012-10-08T12:49:42Z
It is not a bugfix. Nothing enforces an autoloader to return a boolean in PHP.
And Symfony works with the annotation registry since 1.5 year (when it was introduced): https://github.com/symfony/symfony-standard/blob/2.0/app/autoload.php#L34-38
Btw, if you are using 2.1, I would recommend you to use the new ClassLoader instead of the UniversalClassLoader to autoload PSR-0 libraries. It has a simpler API (and returns the boolean needed by Doctrine) while supporting the same classes than the UniversalClasssLoader (both of them are supporting PSR-0 and nothing else)
This PR was merged into the 2.0 branch.
Commits
-------
b439d13 fixed DomCrwaler/Form to handle <button> when submitted
Discussion
----------
[DomCrawler] fixed Form to handle <button> when submitted
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
Issue appears when submitting form with <button> form element.
Name-value of this button wasn`t passed to the request.
This PR was merged into the master branch.
Commits
-------
bf9d2be [Console] Fixes in ProgressHelper
Discussion
----------
[Console] Fixes in ProgressHelper
Bug fix: yes
Feature addition: no
Backwards compatibility break: ?
Symfony2 tests pass: yes
Changed from true to false the default "newline" parameter of the method "overwrite" (to stick with the default value of OutputInterface).
This PR was merged into the master branch.
Commits
-------
4534960 [Security] Added Pbkdf2PasswordEncoder
Discussion
----------
[2.2] [Security] Added Pbkdf2PasswordEncoder
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
This adds the PBKDF2 derived key mechanism (as defined in http://www.ietf.org/rfc/rfc2898.txt) for the Password encoder.
The original implementation comes from http://www.itnewb.com/tutorial/Encrypting-Passwords-with-PHP-for-Storage-Using-the-RSA-PBKDF2-Standard and does not contain any restrictive copyright. I have included the original author.
---------------------------------------------------------------------------
by mvrhov at 2012-06-26T10:33:59Z
This also warrants a waring that the function is extra slow. Calculation of hash with the default 5000 iterations on small ec2 instance takes approximately 800ms.
---------------------------------------------------------------------------
by sstok at 2012-06-26T11:17:25Z
@mvrhov What do you mean exactly? Should I reduce the default number of Iterations?
Edit: Oops, my own class in rollerworks/Crypt also uses 1000, not 5000.
I used the MessageDigestPasswordEncoder as my template and forgot to change that.
Fixed.
---------------------------------------------------------------------------
by mvrhov at 2012-06-26T12:04:28Z
@sstok: What I meant was that it would be nice to include that info into the PhpDoc block or inside a changelog.
Between the plain salted sha512, sha512 based Pbkdf2 and sha512 based bcrypt, bcrypt was slower than sha512, but way faster than Pbkdf2. I've measured all of them on small ec2 instance.
Oh, and BTW it was 1000 iterations in Pbkdf2 that took 800ms.
---------------------------------------------------------------------------
by sstok at 2012-06-26T12:39:46Z
```
* Pbkdf2PasswordEncoder uses the PBKDF2 (Password-Based Key Derivation Function 2).
*
* Providing a high level of Cryptographic security,
* PBKDF2 is recommended by the National Institute of Standards and Technology (NIST).
*
* But also warrants a warning, using PBKDF2 (with a high number of iterations) slows down the process.
* PBKDF2 should be used with caution and care.
```
Something like this, any suggestions are welcome ;)
PS: Should I also add this to the SecurityBundle?, but 'algorithm' always passes it to MessageDigestPasswordEncoder when it not plain. So I wonder what to do for that, using something as pbkdf2_[algorithm] like: pbkdf2_sha512
---------------------------------------------------------------------------
by jalliot at 2012-07-06T22:27:22Z
@sstok That would be a really valuable addition to Symfony :)
And I think indeed that you should modify SecurityBundle by adding a simple way to switch from the basic encoder to this one (and surely set it as the default!).
Another nice thing you could do is provide a bcrypt implementation. @elnur's [ElnurBlowfishPasswordEncoderBundle](https://github.com/elnur/ElnurBlowfishPasswordEncoderBundle) might give you some inspiration.
---------------------------------------------------------------------------
by sstok at 2012-07-08T12:25:29Z
@jalliot Thanks for the tip, changing the default is not a good idea as PBKDF2 pretty heavy when compared to Digit.
The only difference between PBKDF2 and Digit is that PBKDF2 uses HMAC and does some extra things, so they are both very secure. But the second is more secure then the other ;)
Implementing bcrypt should be no problem, I will open an new pull request for that one when ready.
Edit: I think I have an idea, setting algorithm to pbkdf2 with hash_algorithm as parameter.
---------------------------------------------------------------------------
by sstok at 2012-07-18T09:54:15Z
@schmittjoh As this is a simple change should it go for 2.1 or 2.2?
---------------------------------------------------------------------------
by jalliot at 2012-07-18T11:02:40Z
IIUC 2.1 is feature frozen so that will surely not be merged before 2.2.
---------------------------------------------------------------------------
by fabpot at 2012-07-23T14:26:30Z
This is indeed scheduled for 2.2.
---------------------------------------------------------------------------
by sstok at 2012-10-02T13:51:59Z
@fabpot ping
---------------------------------------------------------------------------
by fabpot at 2012-10-02T16:20:23Z
Before I merge this PR, can you:
* add an entry in the CHANGELOG of the component and the bundle
* squash your commits
* create a PR on the docs to mention the new encoder (its usage and the limitations as you mentioned them here)
Thanks.
---------------------------------------------------------------------------
by stof at 2012-10-02T16:27:03Z
The XSD also need to be updated
---------------------------------------------------------------------------
by fabpot at 2012-10-02T16:37:53Z
@stof: AFAIR, there is unfortunately no XSD for the Security bundle.... yet
---------------------------------------------------------------------------
by mvrhov at 2012-10-02T16:56:39Z
BTW: http://php.net/manual/en/function.hash-pbkdf2.php
---------------------------------------------------------------------------
by fabpot at 2012-10-02T17:17:57Z
@mvrhov Indeed, it's going to be included in PHP as of PHP 5.5. We need to use it if available.
---------------------------------------------------------------------------
by stof at 2012-10-02T17:28:17Z
@fabpot ah true. and I don't want to try creating an XSD in this bundle as the config tree can be expanded dynamically by any bundle :)
---------------------------------------------------------------------------
by sstok at 2012-10-03T09:29:53Z
@fabpot ping
---------------------------------------------------------------------------
by sstok at 2012-10-08T09:21:09Z
@fabpot ping
[Security] changed default iterations of Pbkdf2PasswordEncoder to 1000 instead of 5000
[Security] Improved description of PBKDF2 encoder
[SecurityBundle] added PBKDF2 PasswordEncoder
updated CHANGELOG.md
[Security] Use the build-in hash_pbkdf2() when available
[SecurityBundle] added information about hash_algorithm for configuration
[Security] always check algorithm and fixed CS
* 2.1:
fixed CS
added doc comments
added doc comments
[Validator] Updated swedish translation
Update src/Symfony/Component/Validator/Resources/translations/validators.de.xlf
[2.1] Exclude tests from zips via gitattributes
[HttpKernel][Translator] Fixed type-hints
Updated lithuanian validation translation
[DomCrawler] Allows using multiselect through Form::setValues().
[Translation] forced the catalogue to be regenerated when a resource is added (closes symfony/Translation#1)
Unit test for patched method OptionsResolver::validateOptionValues().
validateOptionValues throw a notice if an allowed value is set and the corresponding option isn't.
[Form] Hardened code of ViolationMapper against errors
[HttpFoundation] Fixed#5611 - Request::splitHttpAcceptHeader incorrect result order.
[Form] Fixed negative index access in PropertyPathBuilder
Update src/Symfony/Component/Validator/Resources/translations/validators.ro.xlf
Conflicts:
src/Symfony/Component/DomCrawler/Form.php
src/Symfony/Component/Process/Process.php
This PR was merged into the 2.1 branch.
Commits
-------
65cf3a0 added doc comments
Discussion
----------
added doc comments
---------------------------------------------------------------------------
by stof at 2012-10-06T11:27:23Z
closing in favor of #5686 which targets 2.0
---------------------------------------------------------------------------
by fabpot at 2012-10-06T12:38:17Z
This one cannot be closed as it contains more phpdocs than in the 2.0 branch.
* 2.0:
fixed CS
added doc comments
[HttpKernel][Translator] Fixed type-hints
[Translation] forced the catalogue to be regenerated when a resource is added (closes symfony/Translation#1)
[HttpFoundation] Fixed#5611 - Request::splitHttpAcceptHeader incorrect result order.
Conflicts:
src/Symfony/Component/Process/Process.php
tests/Symfony/Tests/Component/HttpFoundation/RequestTest.php
This PR was merged into the master branch.
Commits
-------
36bbaf3 added entry to changelog
0187a1a adds two convenience methods for optional configuration sections
Discussion
----------
adds two convenience methods for optional configuration sections
This adds two convenience methods which safes some typing for optional configuration.
I have updated the FrameworkConfiguration to use these methods; the behavior is equivalent.
---------------------------------------------------------------------------
by sstok at 2012-10-06T12:21:09Z
👍
---------------------------------------------------------------------------
by fabpot at 2012-10-06T12:32:10Z
Looks good. Can you update the documentation as well and add a note in the component CHANGELOG? Thanks.
---------------------------------------------------------------------------
by schmittjoh at 2012-10-06T14:22:35Z
done
