This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpKernel] Handle multi-attribute controller arguments
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | todo
Currently, the `ArgumentMetadata` class used for controller argument value resolution can only hold one attribute per controller argument, while a method argument can take multiple attributes.
This allows accessing all attributes for a given argument, and deprecates the `ArgumentInterface` because it is not needed.
Spotted by @nicolas-grekas.
Commits
-------
d771e449ec [HttpKernel] Handle multi-attribute controller arguments
This PR was merged into the 4.4 branch.
Discussion
----------
improve exception message if symfony/security-csrf is missing
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37452
| License | MIT
| Doc PR |
Commits
-------
1a26ed43e7 improve exception message if symfony/security-csrf is missing
This PR was merged into the 4.4 branch.
Discussion
----------
MockResponse total_time should not be simulated when provided
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When you provide a `total_time` to a MockResponse, it is overriden. It should be simulated only when it is not provided I guess.
Ex: `new MockResponse('{"foo":"bar"}', ['total_time' => 0.4])`
Commits
-------
8dada95cbf fix: MockResponse total_time should not be simulated when provided
This PR was merged into the 5.3-dev branch.
Discussion
----------
[RateLimiter][Security] Allow to use no lock in the rate limiter/login throttling
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix -
| License | MIT
| Doc PR | tbd
This PR adds support for disabling lock in rate limiters. This was brought up by @Seldaek. In most cases (e.g. login throttling), it's not critical to strictly avoid even a single overflow of the window/token. At least, it's probably not always worth the extra load on the lock storage (e.g. redis).
It also directly disables locking by default for login throttling. I'm not sure about this, but I feel like this fits the 80% case where it's definitely not needed (and it's easier to use if you don't need to set-up locking first).
Commits
-------
45be875e84 [Security][RateLimiter] Allow to use no lock in the rate limiter/login throttling
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Messenger] Add `rediss://` DSN scheme support for TLS to Redis transport
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR |
This adds a support for `rediss://` DSN (as discussed in https://github.com/symfony/symfony/pull/39599) and deprecates the use of `tls` parameter introduced in https://github.com/symfony/symfony/pull/35503 so it can be standardized to single format.
Commits
-------
28e7b74b47 [Messenger] Add `rediss://` DSN scheme support for TLS to Redis transport
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Add server-commands support for Predis Replication Environments
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35867
| License | MIT
| Doc PR |
This fix is for predis MasterSlaveConnections which don't allow to run server commands.
Due to that it's not possible to e.g. clear a cache with cache:pool:clear.
PhpRedis and Predis do not have the same interface, so have to check which implementation is used.
Furthermore, the getClientFor('master') works only for replicated redis instances.
Commits
-------
2ae5c33c80 [Cache] Add server-commands support for Predis Replication Environments
This PR was merged into the 4.4 branch.
Discussion
----------
Speedup psalm
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
My try at #40310
Commits
-------
3fb74abe62 Speedup psalm
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
Fix deprecation messages
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
The wrong namespace is used in the deprecation messages
Commits
-------
4aca3edb9e Fix deprecation messages
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpClient] Add `HttpClientInterface::withOptions()`
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I've been thinking about this method for a few months already.
We miss a way to configure an HTTP client in a generic way.
This is useful when eg building an API client as this allows configuring default options once for a consumer, eg in the constructor.
```php
$this->client = $client->withOptions(['base_uri' => 'https://...']);
// [...]
$response = $this->client->request('GET', '/relative-url');
```
Commits
-------
439742ff33 [HttpClient] Add `HttpClientInterface::withOptions()`
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Configure `session.cookie_secure` earlier
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40221
| License | MIT
| Doc PR | N/A
This PR does what @stof had suggested in #40221, allow me to quote him directly:
> 1. avoid setting auto as a value for the ini setting in the NativeSessionStorage initialization
> 2. ensuring that SessionListener resolves the auto value by the time the SessionListener runs, and not by the time the getSession() method is called in the Request session factory callback
Commits
-------
e82918cd60 [HttpKernel] Configure `session.cookie_secure` earlier
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Make sure the Psalm review CI job is working
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This PR is just a test to make sure psalm works as expected.
EDIT: It also fixes issues..
Commits
-------
d5a05f1b30 Make sure the Psalm review CI job is working
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Uid] Add Generate and Inspect commands
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
After some time using the component, I realized I often needed to quickly generate new ulids or to convert them from one format to another so I thought having those commands would be useful.
# Usage
## Generate a ULID - outputs N ULID(s) separated by new lines in base 32, base 58 or RFC 4122 format
### Generate 1 ULID now
`php bin/console ulid:generate`
### Generate 1 ULID with a specific timestamp
`php bin/console ulid:generate --time="2021-02-02 14:00:00"`
### Generate 2 ULIDs and ouput the RFC4122 format
`php bin/console ulid:generate --count=2 --format=rfc4122`
## Generate a UUID - outputs N UUID(s) separated by new lines in RFC 4122, base 58 or base 32 format
### Generate 1 UUID (defaults from the underlying factory)
`php bin/console uuid:generate`
### Generate 1 time-based UUID now
`php bin/console uuid:generate --time-based=now`
### Generate 1 time-based UUID with a specific timestamp
`php bin/console uuid:generate --time-based="2021-02-02 14:00:00"`
### Generate 1 time-based UUID with a specific node
`php bin/console uuid:generate --time-based=now --node=fb3502dc-137e-4849-8886-ac90d07f64a7`
### Generate 1 name-based UUID (there must be a default namespace in the underlying factory)
`php bin/console uuid:generate --name-based=foo`
### Generate 1 name-based UUID with a specific namespace (overrides the default namespace from the underlying factory)
`php bin/console uuid:generate --name-based=foo --namespace=fb3502dc-137e-4849-8886-ac90d07f64a7`
### Generate 1 random-based UUID
`php bin/console uuid:generate --random-based`
### Generate 2 UUIDs and output their base 58 format
`php bin/console uuid:generate --count=2 --format=base58`
## Inspect a ULID - outputs base32, base58 and RFC 4122 formats of a ULID and its humand readable timestamp if it is time-based
`php bin/console ulid:inspect 01EWAKBCMWQ2C94EXNN60ZBS0Q`
`php bin/console ulid:inspect 1BVdfLn3ERmbjYBLCdaaLW`
`php bin/console ulid:inspect 01771535-b29c-b898-923b-b5a981f5e417`
## Inspect a UUID - outputs RFC 4122, base 58 and base 32 formats of a UUID and its human readable timestamp
`php bin/console uuid:inspect a7613e0a-5986-11eb-a861-2bf05af69e52`
`php bin/console uuid:inspect MfnmaUvvQ1h8B14vTwt6dX`
`php bin/console uuid:inspect 57C4Z0MPC627NTGR9BY1DFD7JJ`
# Register the commands
## YAML
```yaml
# services.yaml
services:
Symfony\Component\Uid\Command\GenerateUlidCommand: ~
Symfony\Component\Uid\Command\GenerateUuidCommand: ~
Symfony\Component\Uid\Command\InspectUlidCommand: ~
Symfony\Component\Uid\Command\InspectUuidCommand: ~
```
## PHP
```php
<?php
// services.php
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\Uid\Command\GenerateUlidCommand;
use Symfony\Component\Uid\Command\GenerateUuidCommand;
use Symfony\Component\Uid\Command\InspectUlidCommand;
use Symfony\Component\Uid\Command\InspectUuidCommand;
return static function (ContainerConfigurator $configurator): void {
$services = $configurator->services()
->defaults()
->autowire()
->autoconfigure();
$services
->set(GenerateUlidCommand::class)
->set(GenerateUuidCommand::class)
->set(InspectUlidCommand::class)
->set(InspectUuidCommand::class);
};
```
Commits
-------
223421b6ca [Uid] Add Generate and Inspect commands
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Adding a Github action to run Psalm
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/15024
I've seen sometimes that we've forgotten to add `\` before `Throwable` or that we refer to a class that does not exist. One could argue that the code is not properly tested, but somehow these PRs still get merged. (And quickly fixed in a follow up PR).
I suggest to add psalm to check every PR for some errors that can be found with a static analyser. This is to help/automate the PR review process. All psalm errors found should be reviewed and discussed. The maintainers can decide to ignore some warnings if they want to. (Ie false positives)
This PR is about “Psalm PR review”. It does not try to fix “Psalm compatibility”. Psalm compatibility is a separate issue that should be discussed separate from the "Psalm PR review".
I currently plan to follow up with the more controversial topic of "Should we make Symfony more compatible with Psalm or not".
Commits
-------
c5ed24d8cb Adding a Github action to run Psalm
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Add ContainerBuilder::willBeAvailable() to help with conditional configuration
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#40136, fix#39356
| License | MIT
| Doc PR | no need to
Leverages https://github.com/composer/composer/pull/9682 to ignore dev-packages when configuring the container.
Commits
-------
47c471e2c4 [DependencyInjection] Add ContainerBuilder::willBeAvailable() to help with conditional configuration
* 5.2:
[TwigBridge] Install symfony/intl to run tests on Travis
[Translation] Make `name` attribute optional in xliff2
[Security] #[CurrentUser] argument should resolve to null when it is anonymous
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBridge] Install symfony/intl to run tests on Travis
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | bi
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The hard dependency on `symfony/intl` was removed from the Form component in 5.3-dev (#40298). I suggest to add the explicit dev dependency on TwigBridge on 4.4 already.
Commits
-------
b2970456bf [TwigBridge] Install symfony/intl to run tests on Travis
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Routing] Construct Route annotations using named arguments
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | N/A
| License | MIT
| Doc PR | Not needed
This PR proposes to bump the `doctrine/annotations` library to 1.12 to gain access to its emulation layer for named arguments. Furthermore, constructing a `Route` annotation the old way by passing an array of parameters is deprecated.
### Reasons for this change
The constructors of our annotation classes have become unnecessarily complicated because we have to support two ways of calling them:
* An array of parameters, passed as first argument, because that's the default behavior `doctrine/annotations`.
* A set of named arguments because that's how PHP 8 attributes work.
Since we can now tell the Doctrine annotation reader to use named arguments as well, we can simplify the constructors of our annotations significantly.
### Drawback
After this change, there is no easy way anymore to construct instances of the `Route` annotation class directly on PHP 7. The PR has been built under the assumption that instances of this class are usually created using either Doctrine annotations or a PHP 8 attribute. Thus, most applications should be unaffected by this change.
Commits
-------
29b0f96046 [Routing] Construct Route annotations using named arguments
This PR was merged into the 5.3-dev branch.
Discussion
----------
Deprecate passing null as $message or $code to exceptions
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Follow-up to #40271.
Following the example of the PHP core, this PR introduces deprecation warnings that are triggered if a developer attempts to pass null as `$code` or `$message` to an exception constructor.
Commits
-------
8e3058d95a Deprecate passing null as $message or $code to exceptions
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Form] Remove hard dependency on symfony/intl
| Q | A
| ------------- | ---
| Branch? | 5.x (or 6.0)
| Bug fix? |
| New feature? | no
| Deprecations? | yes
| Tickets | Fix#39596
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/15026
This was voted down in 2018 (#29229) and will revert #29720 by @chalasr. I reopen it because the Form component is way less dependent on Intl component now.
Im hesitant if we should do this in 5.x or 6.0. If a user don't have `symfony/intl` installed, they will get an error in runtime. That is something that speaks for doing it in 6.0.
Could I get some opinions?
### TODO
- [x] Update `UPGRADE-x.x.md`
Commits
-------
f90d3ec203 [Form] Remove hard dependency on symfony/intl
This PR was submitted for the 5.2 branch but it was merged into the 4.4 branch instead.
Discussion
----------
[Translation] Make `name` attribute optional in xliff2
Do not set a fake `name` attribute on `unit` element from xliff2 to allow using `source` attribute and avoid missing translation error
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37055
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
When `xlf` translations are loaded, if a name exists on `unit` element, the segment's source is ignored:
```foreach ($xml->xpath('//xliff:unit') as $unit) {
foreach ($unit->segment as $segment) {
$attributes = $unit->attributes();
$source = $attributes['name'] ?? $segment->source;
```
At the same time, when dumping translations, the segment's source is copied into the unit's name attribute, unless it's longer than 80 characters. In that case, `substr(md5($source), -7)` is set into the name attribute.
This results in a missing translation error, because the source is ignored and the name is a random string.
Suggested solution: only set the name attribute if the string is less than 80 characters.
Commits
-------
97058559cc [Translation] Make `name` attribute optional in xliff2