This PR was merged into the 3.3-dev branch.
Discussion
----------
[lock] Rename Quorum into Strategy
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes (not consistent naming)
| New feature? | no
| BC breaks? | yes (but version 3.4 not yet released)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
The term `Quorum` in Interface is confusing an not consistent with the Symfony project.
This PR switch to naming `Strategy\StrategyInterface` (like in adapter i `Cache` and `Ldap` component)
Commits
-------
1e9671b993 Rename Quorum into Strategy
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Lock] Don't call blindly the redis client
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Actual code rely on controls on the constructor. This PR add an assertion to avoid futur bugs
Commits
-------
e4db018b6d Don't call blindly the redis client
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fixed roles serialization on token from user object
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #14274 |
| License | MIT |
| Doc PR | - |
This PR fixes the serialization of tokens when using `Role` objects provided from the user. Indeed, there were actually a reference issue that can causes fatal errors like the following one:
```
FatalErrorException in RoleHierarchy.php line 43:
Error: Call to a member function getRole() on string
```
Here is a small code example to reproduce and its output:
``` php
$user = new Symfony\Component\Security\Core\User\User('name', 'password', [
new Symfony\Component\Security\Core\Role\Role('name')
]);
$token = new Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
$serialized = serialize($token);
$unserialized = unserialize($serialized);
var_dump($unserialized->getRoles());
```
Before:
```
array(1) { [0]=> bool(true) }
```
After:
```
array(1) { [0]=> object(Symfony\Component\Security\Core\Role\Role)#15 (1) {["role":"Symfony\Component\Security\Core\Role\Role":private]=> string(4) "name" } }
```
Thank you
Commits
-------
dfa7f5020e [Security] Fixed roles serialization on token from user object
* 3.2:
Fixed pathinfo calculation for requests starting with a question mark.
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
[Validator] Add object handling of invalid constraints in Composite
[WebProfilerBundle] Remove uneeded directive in the form collector styles
removed usage of $that
HttpCache: New test for revalidating responses with an expired TTL
[Serializer] [XML] Ignore Process Instruction
[Security] simplify the SwitchUserListenerTest
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security][SecurityBundle] Enhance automatic logout url generation
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This should help whenever:
- [the token does not implement the `getProviderKey` method](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Logout/LogoutUrlGenerator.php#L89-L99)
- you've got multiple firewalls sharing a same context but a logout listener only define on one of them.
##### Behavior:
> When not providing the firewall key:
>
>- Try to find the key from the token (unless it's an anonymous token)
>- If found, try to get the listener from the key. If the listener is found, stop there.
>- Try from the injected firewall key. If the listener is found, stop there.
>- Try from the injected firewall context. If the listener is found, stop there.
>
>The behavior remains unchanged when providing explicitly the firewall key. No fallback.
Commits
-------
5b7fe852aa [Security][SecurityBundle] Enhance automatic logout url generation
This PR was squashed before being merged into the 3.3-dev branch (closes#22112).
Discussion
----------
Minor PR fixes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
cc @fabpot my bad :)
Commits
-------
0728fb91b8 typo
036b0414d6 Minor PR fixes
This PR was merged into the 3.3-dev branch.
Discussion
----------
[WebProfilerBundle] Improved cookie traffic
| Q | A
| ------------- | ---
| Branch? | "master"
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Relates to #20569 in terms of getting _all_ the cookies.
Commits
-------
171c6d100e [WebProfilerBundle] Improved cookie traffic
This PR was squashed before being merged into the 2.8 branch (closes#22036).
Discussion
----------
Set Date header in Response constructor already
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Setting the `Date` header in the `Response` constructor has been removed in #14912 and changed to a more lazy approach in `getDate()`.
That way, methods like `getAge()`, `getTtl()` or `isFresh()` cause side effects as they eventually call `getDate()` and the Request "starts to age" once you call them.
I don't know if this would be a nice test, but current behaviour is
```php
$response = new Response();
$response->setSharedMaxAge(10);
sleep(20);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertFalse($response->isFresh());
```
A particular weird case is the `isCacheable()` method, because it calls `isFresh()` only under certain conditions, like particular status codes, no `ETag` present etc. This symptom is also described under "Cause of the problem" in #19390, however the problem is worked around there in other ways.
So, this PR suggests to effectively revert #14912.
Additionally, I'd like to suggest to move this special handling of the `Date` header into the `ResponseHeaderBag`. If the `ResponseHeaderBag` guards that we always have the `Date`, we would not need special logic in `sendHeaders()` and could also take care of https://github.com/symfony/symfony/pull/14912#issuecomment-110105215.
Commits
-------
3a7fa7ede2 Set Date header in Response constructor already
This PR was squashed before being merged into the 3.3-dev branch (closes#19887).
Discussion
----------
Sort alternatives alphabetically when a command is not found
| Q | A |
| --- | --- |
| Branch? | master |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #10893 |
| License | MIT |
| Doc PR | - |
Commits
-------
ba6c9464ea Sort commands like a human would do
f04b1bd72f Sort alternatives alphabetically when a command is not found
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] json auth listener should not produce a 500 response on bad request format
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
To me, it looks wrong to simply throw a `BadCredentialsException` in the wild, which produces a 500 (unless an entrypoint handles it, which you probably don't have on a json login firewall). There isn't any server error, the client request originated the error due to a wrong format.
Instead, the listener should give a chance to the failure handler to resolve it, and return a proper 4XX response. (BTW, the `UsernamePasswordFormAuthenticationListener` also throws a similar `BadCredentialsException` on a too long submitted username, which is caught and forwarded to the failure handler)
Better diff: https://github.com/symfony/symfony/pull/22034/files?w=1
BTW, should we have another exception type like `BadCredentialsFormatException` or whatever in order to distinct a proper `BadCredentialsException` from a format issue in a failure listener?
Commits
-------
cb175a41c3 [Security] json auth listener should not produce a 500 response on bad request format
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] simplify the SwitchUserListenerTest
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While working on #22048 I noticed that the `SwitchUserListenerTest` was more complicated than necessary by mocking a lot of stuff that didn't need to be mocked.
Commits
-------
923bbdbf9f [Security] simplify the SwitchUserListenerTest
This PR was squashed before being merged into the 3.3-dev branch (closes#20885).
Discussion
----------
[Console] Option to disable stty
| Q | A
| ------------- | ---
| Branch? |
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR | reference to the documentation PR, if any
Shall fix problems in Windows based environments if e.g. git is installed and stty is therefore found but writes only cryptic rubbish into the cmd. In the case of console questions it is also possible that input can't be read properly by console component.
Commits
-------
a189a6c52e [Console] Option to disable stty
* 2.8:
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
[Validator] Add object handling of invalid constraints in Composite
[WebProfilerBundle] Remove uneeded directive in the form collector styles
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We're missing handling of for/host/proto info embedded in the `Forwarded` header, as eg in:
`Forwarded: for=1.1.1.1:443, host=foo.example.com:1234, proto=https, for=2.2.2.2, host=real.example.com:8080`
Commits
-------
04caacb757 [HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
This PR was squashed before being merged into the 2.7 branch (closes#21968).
Discussion
----------
Fixed pathinfo calculation for requests starting with a question mark.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21967
| License | MIT
| Doc PR |
With improper `strpos` result check calculated pathinfo for requests starting with '?' equals to request itself.
Correct pathinfo for those requests should be '/'.
Commits
-------
43297b45de Fixed pathinfo calculation for requests starting with a question mark.
This PR was merged into the 2.8 branch.
Discussion
----------
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21953, https://github.com/symfony/symfony/issues/22050
| License | MIT
| Doc PR | n/a
A bit frustrated to revert this change since the BC break report lacks of information, making us unable to reproduce nor to look at improving the situation.
I'm going to re-propose this on master, covering the BC break that is identified, fixed and tested using the changes made in #21953. That will let the choice for the reporter to upgrade using the 1 required LOC.
Commits
-------
5af47c40dc Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
* 2.7:
[Validator] Add object handling of invalid constraints in Composite
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The first "host" in the list provided by `X_FORWARDED_HOST` should be the one, not the last.
Already the case for "port" and "scheme".
Commits
-------
9a2b2de64f [HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was squashed before being merged into the 3.3-dev branch (closes#21926).
Discussion
----------
[Routing] Optimised dumped matcher
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
TL;DR: I've optimised the PhpMatcherDumper output for a <del>60x</del> 4.4x performance improvement on a collection of ~800 routes by inducing cyclomatic complexity.
[EDIT] The 60x performance boost was only visible when profiling with blackfire, which is quite possibly a result of the cost of profiling playing a part. After doing some more profiling the realistic benefit of the optimisation is more likely to be in the ranges is 1.3x to 4.4x.
After the previous optimisation I began looking at how the PrefixCollection was adding its performance boost. I spotted another way to do this, which has the same theory behind it (excluding groups based on prefixes). The current implementation only groups when one prefix resides in the other. In this new implementation I've created a way to detect common prefixes, which allows for much more efficient grouping. Every time a route is added to the group it'll either merge into an existing group, merge into a new group with a route that has a common prefix, or merge into a new group with an existing group that has a common prefix.
However, when a parameter is present grouping must only be done AFTER that route, this case is accounted for. In all other cases, where there's no collision routes can be grouped freely because if a group was matched other groups wouldn't have matched.
After all the groups are created the groups are optimised. Groups with fewer than 3 children are inlined into the parent group. This is because a group with 2 children would potentially result in 3 prefix checks while if they are inlines it's 2 checks.
Like with the previous optimisation I've profiled this using blackfire. But the match function didn't show up anymore. I've added `usleep` calls in the dumped matcher during profiling, which made it show up again. I've verified with @simensen that this is because the wall time of the function was too small for it to be of any interest. When it DID get detected, because of more tasks running, it would show up with around 250 nanoseconds. In comparison, the previous speed improvement brought the wall time down from 7ms to ~2.5ms on a set of ~800 routes.
Because of the altered grouping behaviour I've not modified the PrefixCollection but I've created a new StaticPrefixCollection and updated the PhpMatcherDumper to use that instead.
Commits
-------
449b6912dc [Routing] Optimised dumped matcher
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Yaml] ParseException: pcre.backtrack_limit reached
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
while merging 3.2 into master, I noticed that `testCanParseVeryLongValue` is triggering this error on master, due to this regexp that we added for handling yaml tags. This regexp needs to be fixed so that we can merge the test case.
ping @GuilhemN
Commits
-------
f0256f1aa5 [Yaml] Fix pcre.backtrack_limit reached
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Deprecate Container::isFrozen and introduce isCompiled
| Q | A |
| --- | --- |
| Branch? | "master" |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
This deprecates the concept of freezing a container, implied by `Container::isFrozen`. However, freezing happens due compilation (`Container::compile`). So having just `isCompiled` instead seems more intuitive, and plays along well with `ContainerBuilder`.
Before/After;
- `Container::isFrozen`
- Checks if the parameter bag is frozen, but is deprecated in 3.2
- In 4.0 this methods does not exists and can be replaced with `getParameterBag() instanceof FrozenParameterBag` _or_ `isCompiled()`. Depending on what you want (to clarify; the behavior is different when passing a frozen bag to the constructor)
- `Container::isCompiled`
- Truly checks if `compile()` has ran, and is a new feature
- `ContainerBuilder::merge` etc.
- Now uses `isCompiled` instead of `isFrozen`, ie. we allow for it till compilation regarding the state of the paramater bag
Commits
-------
6abd312800 [DI] Deprecate Container::isFrozen and introduce isCompiled
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Exclude empty namespaces in text descriptor
| Q | A |
| --- | --- |
| Branch? | "master" |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
Before:
```
$ bin/console
doctrine
doctrine:mapping:convert [orm:convert:mapping] Convert mapping information between supported formats.
orm <----
router
router:match Helps debug routes by simulating a path info match
$ bin/console list orm
[Symfony\Component\Debug\Exception\ContextErrorException]
Warning: max(): Array must contain at least one element
$ bin/console list generate
Available commands for the "generate" namespace:
generate:bundle Generates a bundle
generate:command Generates a console command
generate:controller Generates a controller
```
After:
```
$ bin/console
doctrine
doctrine:mapping:convert [orm:convert:mapping] Convert mapping information between supported formats.
router
router:match Helps debug routes by simulating a path info match
$ bin/console list orm
Available commands for the "orm" namespace:
orm:convert:mapping Convert mapping information between supported formats.
$ bin/console list generate
Available commands for the "generate" namespace:
generate:bundle Generates a bundle
generate:command Generates a console command
generate:controller Generates a controller
generate:doctrine:crud Generates a CRUD based on a Doctrine entity
generate:doctrine:entities Generates entity classes and method stubs from your mapping information
generate:doctrine:entity Generates a new Doctrine entity inside a bundle
generate:doctrine:form Generates a form type class based on a Doctrine entity
```
Overrules #19776 but also includes other fixes related to aliases that popped up when writing tests 👍
Commits
-------
d5a7608036 [Console] Exclude empty namespaces in text descriptor
This PR was squashed before being merged into the 3.3-dev branch (closes#21093).
Discussion
----------
[Lock] Create a lock component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | they will
| Fixed tickets | #20382
| License | MIT
| Doc PR | symfony/symfony-docs#7364
This PR aim to add a new component Lock going further than the FileSystem\LockHandler by allowing remote backend (like Redis, memcache, etc)
Inspired by
## Usage
The simplest way to use lock is to inject an instance of a Lock in your service
```php
class MyService
{
private $lock;
public function __construct(LockInterface $lock)
{
$this->lock = $lock;
}
public function run()
{
$this->lock->acquire(true);
// If I'm here, no exception had been raised. Lock is acquired
try {
// do my job
} finally {
$this->lock->release();
}
}
}
```
Configured with something like
```yaml
services:
app.my_service:
class: AppBundle\MyService
arguments:
- app.lock.my_service
app.lock.my_service:
class: Symfony\Component\Lock\Lock
factory: ['@locker', createLock]
arguments: ['my_service']
```
If you need to lock serveral resource on runtime, wou'll nneed to inject the LockFactory.
```php
class MyService
{
private $lockFactory;
public function __construct(LockFactoryInterface $lockFactory)
{
$this->lockFactory = $lockFactory;
}
public function run()
{
foreach ($this->items as $item) {
$lock = $this->lockFactory->createLock((string) $item);
try {
$lock->acquire();
} catch (LockConflictedException $e) {
continue;
}
// When I'm here, no exception had been, raised. Lock is acquired
try {
// do my job
} finally {
$lock->release();
}
}
}
}
```
Configured with something like
```yaml
services:
app.my_service:
class: AppBundle\MyService
arguments:
- '@locker'
```
This component allow you to refresh an expirable lock.
This is usefull, if you run a long operation split in several small parts.
If you lock with a ttl for the overall operatoin time and your process crash, the lock will block everybody for the defined TTL.
But thank to the refresh method, you're able to lock for a small TTL, and refresh it between each parts.
```php
class MyService
{
private $lock;
public function __construct(LockInterface $lock)
{
$this->lock = $lock;
}
public function run()
{
$this->lock->acquire(true);
try {
do {
$finished = $this->performLongTask();
// Increase the expire date by 300 more seconds
$this->lock->refresh();
} while (!$finished)
// do my job
} finally {
$this->lock->release();
}
}
}
```
## Naming anc implementation choise
```
$lock->acquire()
vs
$lock->lock()
```
Choose to use acquire, because this component is full of `lock` Symfony\Component\Lock\Lock::Lock` raised a E_TOO_MANY_LOCK in my head.
```
$lock->acquire(false);
$lock->acquire(true);
vs
$lock->aquire()
$lock->waitAndAquire()
```
Not a big fan of flag feature and 2. But I choose to use the blocking flag to offer a simple (and common usecase) implementation
```
$lock = $factory->createLock($key);
$lock->acquire();
vs
$lock->aquire($key)
```
I choose to a the pool of locks implementation. It allow the user to create 2 instances and use cross lock even in the same process.
```
interface LockInterface
final class Lock implements LockInterface
vs
final class Lock
```
I choose to use a Interface even if there is only one implementaiton to offer an extension point here
# TODO
## In this PR
* [x] tests
* [x] add logs
* [x] offer several redis connectors
* [x] try other store implementation to validate the architecture/interface
## In other PR
* documentation
* add configuration in framework bundle
* add stop watch in the debug bar
* improve the combined store (takes the drift into account and elapsed time between each store)
* implement other stores (memcache, ...)
* use this component in session manipulation (fixes#4976)
Commits
-------
018e0fc330 [Lock] Create a lock component
This PR was squashed before being merged into the 2.7 branch (closes#22099).
Discussion
----------
HttpCache: New test for revalidating responses with an expired TTL
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
See #22035, in particular [this and the following comments](https://github.com/symfony/symfony/pull/22035#issuecomment-287572234).
Commits
-------
067ab52ba0 HttpCache: New test for revalidating responses with an expired TTL
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] [XML] Ignore Process Instruction
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22005
| License | MIT
| Doc PR | N/A
This Pull request ignores Process instruction data in XML for decoding the data.
Commits
-------
0c741f5704 [Serializer] [XML] Ignore Process Instruction
This PR was merged into the 3.3-dev branch.
Discussion
----------
[*Bundle] Add autowiring aliases for common services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As spotted while working on #22060, we're missing many aliases to prevent any autowiring ambiguities.
I also removed the "Symfony\Component\EventDispatcher\EventDispatcher" and "Symfony\Component\DependencyInjection\Container" aliases: we'd better encourage using the corresponding interfaces instead.
On ControllerTrait, we need to type hint against SessionInterface, because otherwise, when session support is disabled, autowiring still auto-registers an "autowired.Session" service, which defeats the purpose of being able to enable/disable it.
Commits
-------
08c2ee32f1 [*Bundle] Add autowiring aliases for common services
* 3.2:
Fixes a typo in the form collector styles
[WebProfilerBundle] Fix content-security-policy compatibility
[WebProfilerBundle] Drop dead code
[HttpKernel] Fixed bug with purging of HTTPS URLs
fix some risky tests
[DI] [YamlFileLoader] change error message of a non existing file
[WebProfilerBundle] Handle Content-Security-Policy-Report-Only header correctly
[Security] Added option to return true in the method isRememberMeRequested
* 2.8:
Fixes a typo in the form collector styles
[HttpKernel] Fixed bug with purging of HTTPS URLs
fix some risky tests
[DI] [YamlFileLoader] change error message of a non existing file
[Security] Added option to return true in the method isRememberMeRequested
* 2.7:
[HttpKernel] Fixed bug with purging of HTTPS URLs
fix some risky tests
[DI] [YamlFileLoader] change error message of a non existing file
[Security] Added option to return true in the method isRememberMeRequested
This PR was merged into the 2.7 branch.
Discussion
----------
fix some risky tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
PHPUnit 6 marks tests as risky when they have no assertions (and are not marked as skipped or incomplete). This PR will update our test suite accordingly.
Component that still need to be covered:
- [ ] Config
- [ ] Form
- [ ] HttpFoundation
- [ ] Security
- [ ] Workflow
Commits
-------
abf1787dcc fix some risky tests
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Add logging and better failure recovery to AutowirePass
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
So useful to understand what autowiring is doing.
Commits
-------
3e297ba3e4 [DI] Add logging and better failure recovery to AutowirePass
This PR was merged into the 3.3-dev branch.
Discussion
----------
Fix some invalid phpdoc in the Dotenv class
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
14525b73b8 Fix some invalid phpdoc in the Dotenv class
This PR was merged into the 3.3-dev branch.
Discussion
----------
Release memory for the parsed data after parsing
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
If the Dotenv instance outlives the parsing of the file (which is the case easily in the usage described in the documentation as it is used in the global scope and so the variable does not go out of scope until the end of the process), there is no reason to keep the parsed data in memory after the end of the parsing.
I have not reset the integer properties, as this would not save any memory anyway (integers are inline inside the ZVAL anyway)
Commits
-------
518f618d33 Release memory for the parsed data after parsing
This PR was squashed before being merged into the 2.7 branch (closes#22012).
Discussion
----------
[DI] [YamlFileLoader] change error message of a non existing file
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22007
| License | MIT
| Doc PR | symfony/symfony-docs
This PR replaces the error message when non existing Yaml file is loaded. It gives more sense for the user.
Commits
-------
1c2ea97585 [DI] [YamlFileLoader] change error message of a non existing file
* 3.2:
[Yaml] CS
[DI] Fix PhpDumper generated doc block
#20411 fix Yaml parsing for very long quoted strings
[Workflow] add Phpdoc for better IDE support
fix package name in conflict rule
improve message when workflows are missing
[Doctrine Bridge] fix priority for doctrine event listeners
Use PHP functions as array_map callbacks when possible
[Validator] revert wrong Phpdoc change
Use proper line endings
* 2.8:
[DI] Fix PhpDumper generated doc block
#20411 fix Yaml parsing for very long quoted strings
[Doctrine Bridge] fix priority for doctrine event listeners
Use PHP functions as array_map callbacks when possible
[Validator] revert wrong Phpdoc change
Use proper line endings
* 2.7:
#20411 fix Yaml parsing for very long quoted strings
[Doctrine Bridge] fix priority for doctrine event listeners
Use PHP functions as array_map callbacks when possible
[Validator] revert wrong Phpdoc change
Use proper line endings
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Remove skipping magic for autowired methods
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (master only)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Wildcard based autowiring made it required to auto-skip methods that were not wireable.
Now that things need to be explicit (ie via the `@required` annotation, or via configuration), this "automagic" behavior is not required anymore.
Since it can lead to wtf moments ("*I* did *put that `@required` annotation, why is it ignored by autowiring?*"), I think we should remove it.
This also fixes another issue where configured method calls had their optional arguments wired, while we want only the constructor's to behave as such.
Commits
-------
a6bfe1c [DI] Remove skipping magic for autowired methods
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Introduce "container.service_locator" tag, replaces ServiceLocatorArgument
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (master only)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I first started working on adding this new "container.service_locator" tag, so here it is.
It allows defining and dumping service-locator services properly, where it wasn't possible previously (you had to create a DI extension to do so.)
Then I realized that this allowed us to entirely drop `ServiceLocatorArgument` and replace it with the more flexible `ServiceClosureArgument`.
This makes things simpler overall, see diff stat.
Commits
-------
5d230b5871 [DI] Introduce "container.service_locator" tag, replaces ServiceLocatorArgument
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Remove useless state from ServiceLocator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no (master only)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
One less state to manage for the engine, and allows to deal with non-shared services.
Commits
-------
e0a5eecf2a [DI] Remove useless state from ServiceLocator
This PR was squashed before being merged into the 2.7 branch (closes#21523).
Discussion
----------
#20411 fix Yaml parsing for very long quoted strings
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20411
| License | MIT
| Doc PR | no
This is a second fix for the issue discussed in #20411. My first PR (#21279) didn't fix the bug in all cases, sorry.
If a YAML string has too many spaces in the value, it can trigger a `PREG_BACKTRACK_LIMIT_ERROR` error in the Yaml parser.
There should be no behavioural change other than the bug fix
I have included a test which fails before this fix and passes after this fix.
I have also added checks that detect other PCRE internal errors and throw a more descriptive exception. Before this patch, the YAML engine would often give incorrect results, rather than throwing, on a PCRE `PREG_BACKTRACK_LIMIT_ERROR` error.
Commits
-------
c9a1c09182#20411 fix Yaml parsing for very long quoted strings
This PR was merged into the 3.2 branch.
Discussion
----------
[Workflow] add Phpdoc for better IDE support
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Allow IDEs to provide more precise auto-completion support.
Commits
-------
916a97c834 [Workflow] add Phpdoc for better IDE support
* 3.2:
[Cache] cache/integration-tests is now compatible with phpunit namespaces
[FrameworkBundle] Fix translation dep constraint
[Workflow] Added more tests
[Cache] Enhance error reporting for FilesystemAdapter
This PR was merged into the 3.2 branch.
Discussion
----------
[Cache] Enhance error reporting for FilesystemAdapter
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | -
| License | MIT
| Doc PR | -
So that we can provide feedback for cases like #21995
Commits
-------
ebb316d [Cache] Enhance error reporting for FilesystemAdapter
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DependencyInjection] Remove the "id" attribute of "callable"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | ?
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
It seems like this attribute was added by mistake as it's used nowhere.
It should be removed but I don't think it's worth adding a bc layer.
Commits
-------
19547a2639 [DependencyInjection] Remove the "id" attribute of "callable"
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DependencyInjection] Support anonymous services in Yaml
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/16328
| License | MIT
| Doc PR |
This PR allows creating anonymous services in yaml using the `!service` tag as proposed by @nicolas-grekas:
```yml
services:
_instanceof:
FooInterface:
arguments:
- !service
class: Bar
autowire: true
Foo:
factory: [ !service { class: Quz }, 'constructFoo' ]
```
Anonymous services are forbidden in parameters as in xml.
Defaults and instanceof conditionals aren't applied on anonymous services, as in xml too.
Commits
-------
9b7138545e [DependencyInjection] Support anonymous services in Yaml
This PR was merged into the 3.3-dev branch.
Discussion
----------
301 status code must drop request method to GET.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| BC breaks? | yes
| Tests pass? | yes
| Fixed tickets | #20924
| License | MIT
[RFC 7231 §6.4.2](https://tools.ietf.org/html/rfc7231#section-6.4.2) states that 301 HTTP Code should forward POST requests to the Location URI.
But, it also states that:
> For historical reasons, a user agent MAY change the request method from POST to GET for the subsequent request.
This is the behavior implemented in almost all user agents.
However the `BrowserKit` did forward the method to the subsequent request.
This PR make the `BrowserKit` change the request method from POST to GET when the response status code is 301.
Commits
-------
abda966d75 301 status code must drop request method to GET.
This PR was merged into the 2.7 branch.
Discussion
----------
Use PHP functions as array_map callbacks when possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We already do that in 99% of the cases ... but there were 3 occurrences where we didn't do it.
Commits
-------
405bd4cc81 Use PHP functions as array_map callbacks when possible
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle][Workflow] Add a way to register a guard expression in the configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
---
Many people already asked for this feature so ... here we go 🎉
---
Usage:
```yml
transitions:
journalist_approval:
guard: "is_fully_authenticated() and has_role('ROLE_JOURNALIST') or is_granted('POST_EDIT', subject)"
from: wait_for_journalist
to: approved_by_journalist
publish:
guard: "subject.isPublic()"
from: approved_by_journalist
to: published
```
Commits
-------
ab3b12d6dc [FrameworkBundle][Workflow] Add a way to register a guard expression in the configuration
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Use proper line endings in BufferedOutput
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
`BufferOutput` should be consistent with `StreamOutput` when writing newlines.
I faced an issue using this class in tests where the expected output was platform dependent (using `PHP_EOL` too).
Commits
-------
33946e69c0 Use proper line endings
* 3.2:
[VarDumper] Add missing isset() checks in some casters
[VarDumper] Add missing isset() checks in some casters
[Form] Choice type int values (BC Fix)
bumped Symfony version to 3.2.7
updated VERSION for 3.2.6
updated CHANGELOG for 3.2.6
Use PHPUnit 5.4 instead of 5.3
[PropertyAccess] Use ArrayAdapter in debug mode
bumped Symfony version to 3.2.6
updated VERSION for 3.2.5
updated CHANGELOG for 3.2.5
cached files rely on umask
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DependencyInjection Remove duplicated code
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Arrays are already supported by `YamlFileLoader::resolveServices()` so there's no need to duplicate code.
Commits
-------
1bac3d722d [DependencyInjection Remove duplicated code
This PR was merged into the 3.3-dev branch.
Discussion
----------
[PropertyInfo] Move CHANGELOG.md to the root
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Moves the CHANGELOG of the PropertyInfo Component from the DependencyInjection subdirectory to the component's root.
Commits
-------
d5d3f4285b [PropertyInfo] Move CHANGELOG.md to the root
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Workflow] Added fluent interface to the DefinitionBuilder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
---
It seems more logic to me to have this fluent interface.
Commits
-------
4c8963c6ff [Workflow] Added fluent interface to the DefinitionBuilder
This PR was squashed before being merged into the 3.3-dev branch (closes#21933).
Discussion
----------
[FrameworkBundle][Workflow] Add a way to enable the AuditTrail Logger
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
---
This will increase the visibility of the Listener. We could encourage people to use at least `%kernel.debug%` value.
---
Note for the merge: There are two commits, this is done on purpose (2 different things, but easier to do only one PR)
Commits
-------
633c0393b3 [Workflow] Added the workflow name in log generated by AuditTrailListener
b786bccb3a [FrameworkBundle][Workflow] Add a way to enable the AuditTrail Logger
This PR was squashed before being merged into the 3.3-dev branch (closes#21937).
Discussion
----------
[DependencyInjection] Handle void return types in closure-proxy
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
I recently got an error when registering an event listener that specifies a `void` return type. Dumping the container generates a closure proxy that always returns a value, which then conflicts with the return type hint.
E.G the following code is generated (some class names removed for readability)
```
$instance->addListener('kernel.view', /** @closure-proxy ... */ function (...\GetResponseForControllerResultEvent $event): void {
return ${($_ = isset($this->services[listener']) ? $this->services['listener'] : $this->get('listener')) && false ?: '_'}->onKernelView($event);
}, 128);
```
This then causes the error `A void function must not return a value in ...`
So void return types should be handled by removing the `return` inside the closure
Commits
-------
a5c5ad1 [DependencyInjection] Handle void return types in closure-proxy
