This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] fix dumping service-closure-arguments
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39259
| License | MIT
| Doc PR | -
5.3 uses service closures a bit more, so that this is required to make the `lint:container` command work.
Commits
-------
1aa9a249fc [DependencyInjection] fix dumping service-closure-arguments
This PR was submitted for the 5.x branch but it was merged into the 5.2 branch instead.
Discussion
----------
[Console] Fix Windows code page support
My previous PR #41113 was corrected by `@nicolas`-grekas on 3bac7fe. He introduced logical changes in the code which resulted in incorrect behaviour.
The basic idea was to restore the I/O codepage as soon as you get console input. And you have to do this even if `fgets()` returns **false**, because otherwise you'll leave the changed codepage for the rest of the script execution - and that's bad!
Commits
-------
044b585f69 [Console] Fix Windows code page support
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] Make Login Rate Limiter also case insensitive for non-ascii user identifiers
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As per discussion in https://github.com/symfony/symfony/pull/41156
Commits
-------
3b7e7fbc7f [Security] Make Login Rate Limiter also case insensitive for non-ascii user identifiers
This PR was merged into the 4.4 branch.
Discussion
----------
WDT: Only load "Sfjs" if it is not present already
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | none
| License | MIT
| Doc PR | not needed
Hi!
Playing with Turbo, I noticed two small issues with the WDT:
1) When you click a link (which Turbo loads via AJAX), the new toolbar would correctly load, but its "AJAX tab" would be missing/empty. At first, that seems.. at least... "correct enough". After all, we *did* just load a new web debug toolbar. However, this can be avoided by simply *not* redefining the `Sfjs` variable: if it already exists, just use it. And this is the intention of that object, I believe: for it to be loaded *once*, and then reused over and over again via its `loadToolbar()` method.
2) Additionally, I was experimenting with some crazy prefetch + Turbo functionality. It works, but caused one minor issue with the web debug toolbar. The flow is this:
A) A prefetch request is made to pre-cache a URL in Turbo.
B) When that links is actually clicked, the cached version from (A) is used as the "Preview". It's HTML calls `Sfjs.loadToolbar()`.
C) At the same moment as (B), another AJAX request is made to the same URL from (A) to get the full, fresh page (in case it's out of date).
D) When (C) finishes, it will have its own `Sfjs.loadToolbar()` call.
The problem is that the AJAX request for the first web debug toolbar (from B) sometimes finishes *after* the AJAX call made by Turbo for (C). The result is that the first web debug toolbar tries to activate itself... but it's already gone from the page.
I realize this is a... kind of crazy scenario, but I think the fix is legit: if, for any reason, the web debug toolbar element is not on the page, we should not try to initialize it. It results in:
<img width="431" alt="Screen Shot 2021-05-10 at 3 49 06 PM" src="https://user-images.githubusercontent.com/121003/117716165-429a5f00-b1a7-11eb-9b99-bf08591d2ff4.png">
## To Test
JUST to be on the safe side, I prepared a symfony-demo app with Turbo installed, and using these changes. You can try it here - https://github.com/weaverryan/symfony-demo/tree/turbo - the README is updated to quickly get it running (no need to even run yarn, the JavaScript files are committed).
Thanks!
Commits
-------
47ef65f336 only load Sfjs if it is not present
* 4.4:
[Inflector][String] wrong plural form of words ending by "pectus"
[HttpClient] Don't prepare the request in ScopingHttpClient
[Console] Fixes for PHP 8.1 deprecations
Fix/Rewrite .gitignore regex builder
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Inflector][String] wrong plural form of words ending by "pectus"
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#41124
| License | MIT
| Doc PR | N/A
Commits
-------
0dc8893caa [Inflector][String] wrong plural form of words ending by "pectus"
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] Don't prepare the request in ScopingHttpClient
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted while working on #41159 (needed by it.)
Commits
-------
a53db83823 [HttpClient] Don't prepare the request in ScopingHttpClient
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] Make Login Rate Limiter case insensitive
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Login RateLimiter is case sensitive, while most login forms aren't case sensitive.
This PR makes `DefaultLoginRateLimiter` case insensitive.
Commits
-------
c333f3d547 Make LoginRateLimiter case insentive
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] Translation count argument for TooManyLoginAttemptsAuthenticationException
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
Added `%count%` argument to leverage translator's pluralization functionality as discussed in https://github.com/symfony/symfony/pull/41097
Commits
-------
2bf0b485f9 Provide count argument for TooManyLoginAttemptsAuthenticationException to be able to translate in plural way
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] NullToken signature
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The signature of `TokenInterface::getUser` does not allow returning null. But `NullToken` returns `null`.
0f96ac7484/src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php (L49-L56)
This PR update `NullToken::getUser` to return an empty string instead of null.
I wonder if the fix shouldn't be to change the return type in the interface, but that would be a BC break, right?
Commits
-------
9ad3720efc [security] NullToken signature
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Fix/Rewrite .gitignore regex builder
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fix#39257
| License | MIT
| Doc PR | no
This PR fixes `.gitignore` with exclude wildcard ignore rules like `!a/*/b` were failing with `preg_match(): Compilation failed: lookbehind assertion is not fixed length at offset` PHP error.
Functionality/performance was verified against large `.gitignore` files:
- https://github.com/PrestaShop/PrestaShop/blob/1.7.7.3/.gitignore
- https://github.com/dotnet/installer/blob/v5.0.202/.gitignore
- https://github.com/dotnet/runtime/blob/v5.0.5/.gitignore
This PR also improves the testing cases.
Commits
-------
83f9fd3adf Fix/Rewrite .gitignore regex builder
This PR was submitted for the 5.x branch but it was squashed and merged into the 5.2 branch instead.
Discussion
----------
[Console] Fix Windows code page support
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37385, Fix#35842, Fix#36324, Fix#37495, Fix#37278
| License | MIT
Corrects previous fixes that dealt with the mojibake problem on Windows where an OEM code page was applied to an input string and then messed with PHP.internal_encoding setting used by the script. This caused strings with different encodings to be displayed on the console output.
Commits
-------
be68682fd1 [Console] Fix Windows code page support
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] Allow ips parameter in access_control to accept comma-separated string
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #40881, #40864, #40865
| License | MIT
PR #38149 introduced a new feature to accept a comma-separated string in ip adresses setting in `access_control` configuration section of security bundle.
However the feature works in inconsistent manner: comma-separated string can be successfully passed via environment variable, but can not be passed as plain string. This PR changes this inconsistent behavior by allowing validation pass if comma-separated list of ip addresses is given in plain string.
More detailed explanation about the inconsistent behavior can be found [here](https://github.com/symfony/symfony/issues/40881#issuecomment-823906622)
Commits
-------
8947482342 [SecurityBundle] Allow ips parameter in access_control accept comma-separated string
This PR was merged into the 5.2 branch.
Discussion
----------
[TwigBridge] Fix HTML for translatable custom-file label in Bootstrap 4 theme
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Bootstrap allows to translate/change the label of the upload button of a `custom-file` input via SCSS, see [Bootstrap docs](https://getbootstrap.com/docs/4.6/components/forms/#translating-or-customizing-the-strings-with-scss):
~~~scss
$custom-file-text: (
en: "Browse",
es: "Elegir"
);
~~~
This works by generating the following CSS which depends on the `lang` attribute of the input:
~~~css
.custom-file-input:lang(es) ~ .custom-file-label::after {
content: "Elegir";
}
~~~
This however currently does not work with the HTML generated by the theme since the resulting HTML is of the form (redacted here to the relevant parts):
~~~html
<div class="custom-file">
<input type="file" id="..." class="custom-file-input">
<label for="..." lang="es" class="custom-file-label"></label>
</div>
~~~
while it should be of the form
~~~html
<div class="custom-file">
<input type="file" id="..." lang="es" class="custom-file-input">
<label for="..." class="custom-file-label"></label>
</div>
~~~
i.e. the `lang` was placed on the `label` instead of the `input`.
This PR fixes this to be compatible with Bootstrap 4.
Commits
-------
a95bbaaaef [TwigBridge] Fix HTML for translatable custom-file label in Bootstrap 4 theme
This PR was merged into the 5.2 branch.
Discussion
----------
[Notifier] [Bridge] Fix missed messageId for SendMessage object in slack notifier
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | -
| Tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
There are missed messageId property for SendMessage object in slack notifier.
Regarding slack's documentation: https://api.slack.com/messaging/sending#publishing
> One very important piece of information in this response is the `ts` value, which is essentially the ID of the message,
Commits
-------
838f36b09f [Notifier] [Bridge] Store message id for slack transport's SendMessage
This PR was merged into the 5.2 branch.
Discussion
----------
[Form] Add missing TranslatableMessage support to choice_label option of ChoiceType
It leads to loss of information because it'll use `__toString` to cast, which is incompatible with newly added `TranslatableMessage`, for example.
| Q | A
| ------------- | ---
| Branch? | 5.2 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#40622 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | _none_
So this one's a bit tricky in my mind. I didn't want to check if `$dynamicLabel instanceof TranslatableMessage`, because of course it doesn't belong to the same component.
Aside, it would sound so strange to me to add `|object` to `$label` here: bb1e1e58ae/src/Symfony/Component/Form/ChoiceList/View/ChoiceView.php (L40)
But maybe that's the way to go? Requiring your help here. I'm fully open to your ideas, as we're loosing a big feature here by losing `TranslatableMessage` translation parameters.
If the passed object doesn't implement `__toString`, it'll lead to an exception during template rendering, as expected.
Commits
-------
c2873aaf0e [Form] Add TranslatableMessage support to choice_label option of ChoiceType
This PR was merged into the 5.2 branch.
Discussion
----------
Remove code that deals with legacy behavior of PHP_Incomplete_Class
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
c5a4f7d8f9 Remove code that deals with legacy behavior of PHP_Incomplete_Class
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[PropertyInfo] Make ReflectionExtractor correctly extract nullability
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40659
| License | MIT
| Doc PR | no
When the property had a default value ReflectionExtractor was always returning isNullable: false. After PHP 7.4 we can get isNullable from the typehint.
Commits
-------
d5fce4c779 [PropertyInfo] Make ReflectionExtractor correctly extract nullability
